Commit Graph

48102 Commits

Author SHA1 Message Date
Zixuan James Li 5c49e4ba06 rest: Extract remote_server_path from rest_path.
This allows us to separate the zilencer paths from other JSON paths,
with explicit type annotation expecting `RemoteZulipServer` as the
second parameter of the handler using
authenticated_remote_server_view.

The test case is also updated to remove a test for a situation that no
longer occurs anymore, since we don't perform subdomain checks on
remote servers.

Signed-off-by: Zixuan James Li <p359101898@gmail.com>
2022-08-13 14:53:52 -07:00
Zixuan James Li dd2fd8edda rest: Implement get_target_view_function_or_response.
As noted in the docstring, this is a temporary helper function that
separates routing for paths that support multiple HTTP methods from
`rest_dispatch` itself. We will need to replace this helper with
class-based views in the future. The helper will also be handy to
reduce duplication when splitting up `rest_dispatch` by authentication
methods.

Signed-off-by: Zixuan James Li <p359101898@gmail.com>
2022-08-13 14:53:51 -07:00
Zixuan James Li af88417847 decorator: Extract validate_remote_server.
Signed-off-by: Zixuan James Li <p359101898@gmail.com>
2022-08-13 14:33:59 -07:00
Zixuan James Li ac2185a2e8 decorator: Extract get_basic_credentials.
Signed-off-by: Zixuan James Li <p359101898@gmail.com>
2022-08-13 14:33:59 -07:00
Sahil Batra d3468e3f78 streams: Extract code for sending events in bulk_remove_subscriptions.
This is a prep commit such that we can avoid duplicate code when we
unsubscribe bots for inaccessible private streams when changing owner
or reactivating them.
2022-08-13 14:28:30 -07:00
Sahil Batra 44266987ec settings: Disable the save button if custom time limit input is invalid.
We disable the "Save changes" button if the custom time input for
edit and delete time limit is 0, -ve values or empty.
2022-08-12 18:09:53 -07:00
Sahil Batra b5ff903ddc settings: Make custom input empty for "Anytime" case.
We set the custom input box empty for "Anytime" case for
message edit and delete limit settings. We also keep the
"Save changes" button disabled when changing from "Anytime"
to "Custom" since the input box is still empty.
2022-08-12 18:09:53 -07:00
Sahil Batra 3c1fbeb3c7 settings: Enable or disable delete limit setting before saving.
We enable or disable the delete limit setting immediately on
changing the "Who can delete their own message" dropdown
before saving the changes.
2022-08-12 18:09:53 -07:00
Sahil Batra f52e4ee602 settings_config: Use time_limit_dropdown_value for delete limit values.
Since, we removed the "never" option for edit-limit setting in
previous commits, we can now use same list for both edit-limit
and delete-limit setting values.
2022-08-12 18:09:53 -07:00
Sahil Batra 577abbd434 node_tests: Remove duplicated code in settings_org tests. 2022-08-12 18:09:53 -07:00
Sahil Batra 0c67c7d269 settings: Add checkbox for whether message editing is allowed or not.
This commit adds a checkbox for allow_message_editing setting and
thus we also remove the "Never" option from the time limit dropdown
as unchecking the newly added checkbox will mean the same.

We also disable the time limit input if message editing is not
allowed.

This commit also changes the label for time limit dropdown.

Fixes part of #21739.
2022-08-12 18:09:53 -07:00
Sahil Batra a1f40ccda5 message_edit: Make zero invalid value for message_content_edit_time_limit_seconds.
This commit changes the code to consider zero as an invalid value for
message_content_edit_time_limit_seconds. Now to represent the setting that
user can edit the message anytime, the setting value will be "None" in
database and "unlimited" will be passed to API from clients.
2022-08-12 18:09:53 -07:00
Sahil Batra 1747ab8482 realm: Set setting value only if value has changed.
We sent the "message_content_delete_limit_seconds"
value to API when we change any setting in that
subsection and thus "do_set_realm_property" is
called even when we do not change that setting
since we handle it separately from most of the
other settings for which we use loop to call
"do_set_realm_property".

This commit changes the code to handle only
the case when the setting value is "None"
separately and rest all the values will be
changed from the "do_set_realm_property"
called in the loop as for other settings.
2022-08-12 18:09:53 -07:00
Sahil Batra 864fe7befb settings: Rename "Message editing" to "message and topic editing".
Fixes part of #21739.
2022-08-12 18:09:53 -07:00
Zixuan James Li 92c4e5b75c models: Add type annotation for CTEManager.
mypy_django_plugin cannot resolve the type of the custom manager. We add
a type annotation explicitly to skip the type inferrence.

This fixes the following error:
error: Could not resolve manager type for "zerver.models.UserGroup.objects"  [django-manager-missing]

Signed-off-by: Zixuan James Li <p359101898@gmail.com>
2022-08-12 17:08:04 -07:00
Zixuan James Li 95d12749c0 import_realm: Check for recipient instead of recipient_id.
Technically recipient_id cannot be None when recipient exists. We
actually just want to check if the recipient exists.

Signed-off-by: Zixuan James Li <p359101898@gmail.com>
2022-08-12 17:08:04 -07:00
Zixuan James Li 5bdf49c005 decorator: Add an isinstance check for otp auth test function.
Signed-off-by: Zixuan James Li <p359101898@gmail.com>
2022-08-12 17:08:04 -07:00
Zixuan James Li c1f5609e59 streams: Add None check for stream.recipient_id.
Signed-off-by: Zixuan James Li <p359101898@gmail.com>
2022-08-12 17:08:04 -07:00
Zixuan James Li 5d65ca33a8 types: Make value optional for ProfileData.
`UserProfile.profile_data` allows each element's value to be `None`.

Signed-off-by: Zixuan James Li <p359101898@gmail.com>
2022-08-12 17:08:04 -07:00
Zixuan James Li 2382f1925d export: Add an isinstance check for orig_dt.
Signed-off-by: Zixuan James Li <p359101898@gmail.com>
2022-08-12 17:08:04 -07:00
Zixuan James Li 35e0fe8347 models: Duplicate __str__ in subclasses of AbstractUserMessage.
The `message` attirbute doesn't get defined in the class where it is used.
The cleanest solution will be using the `Self` type introduced in PEP
673 and type it as something like `ForeignKey[Union[Self, Combinable],
Self]`.

Signed-off-by: Zixuan James Li <p359101898@gmail.com>
2022-08-12 17:08:04 -07:00
Zixuan James Li 929311642b legacy_urls: Add type annotation to legacy_urls.
Mypy previously infers this to be `List[URLPattern]` which is
incompatible with other urls lists that we concatenate this with.

Signed-off-by: Zixuan James Li <p359101898@gmail.com>
2022-08-12 17:08:04 -07:00
Zixuan James Li 8fae87e2df zephyr: Check PERSONAL_ZMIRROR_SERVER before updating cache.
Signed-off-by: Zixuan James Li <p359101898@gmail.com>
2022-08-12 17:08:04 -07:00
Zixuan James Li d7746c9e6c logging_util: Ensure that the logged user is authenticated.
Signed-off-by: Zixuan James Li <p359101898@gmail.com>
2022-08-12 17:08:04 -07:00
Zixuan James Li 7acf43f475 bots: Allow changing bot owner without an acting_user.
This applies to the usecase in
zerver.tests.test_bots.BotTest.test_patch_bot_role.

Signed-off-by: Zixuan James Li <p359101898@gmail.com>
2022-08-12 17:08:04 -07:00
Zixuan James Li e382cec015 topic: Add a None check with an assertion.
Signed-off-by: Zixuan James Li <p359101898@gmail.com>
2022-08-12 17:08:04 -07:00
Zixuan James Li 14dd7f1692 auth: Make QueryDict immutable before assignment.
This modifies the QueryDict when it is mutable, and assign it to `.POST`
after it is turned immutable, as required by django-stubs for this
attribute.

Signed-off-by: Zixuan James Li <p359101898@gmail.com>
2022-08-12 17:08:04 -07:00
Zixuan James Li a0ccc7b872 test_signup: Replace MagicMock with HostRequestMock.
Signed-off-by: Zixuan James Li <p359101898@gmail.com>
2022-08-12 17:08:04 -07:00
Zixuan James Li a3ec420074 auth: Add type annotation for contexts.
Signed-off-by: Zixuan James Li <p359101898@gmail.com>
2022-08-12 17:08:04 -07:00
Zixuan James Li 87921315be migrations: Remove noop migration operations.
Since validators do not affect the database, this migration is a noop.
Removing the migration fails check-database-compatibility. We might
eventually delete it when Django supports a cleaner method for deletion.

TODO:
Remove the type annotation when django-stubs is integrated.

Signed-off-by: Zixuan James Li <p359101898@gmail.com>
2022-08-12 16:53:54 -07:00
Tim Abbott 9bf383dcae decorator: Reorder authenticated_json_view.
Checking authentication before rate limiting is easier to reason
about, especially since rate_limit() would check authentication
anyway.
2022-08-12 16:51:55 -07:00
Tim Abbott 60a2de21a9 decorator: Reorder public_json_view.
Doing the dispatch to authenticated_json_view first lets us avoid
messing around with the skip_rate_limiting parameter.

Since rate_limit itself checks user.is_authenticated, there's no
potential downside to doing that check first here.
2022-08-12 16:51:55 -07:00
Zixuan James Li f54ecad6cd decorator: Extract public_json_view.
This refactoring is necessary to separate the expected type annotation
for view functions with different authentication methods. Currently the
signature aren't actually check against view functions because
`rest_path` does not support type checking parameter types, but it will
become useful once we do.

Signed-off-by: Zixuan James Li <p359101898@gmail.com>
2022-08-12 16:51:55 -07:00
Zixuan James Li 299f3442ff decorator: Refactor view decorators with ParamSpec.
`authenticated_rest_api_view` and `authenticated_json_view` essentially
remove `UserProfile` from the decorated function.

Note that `authenticated_log_and_execute_json` is removed to avoid
duplicating `ParamT` unnecessarily in the helper.

Signed-off-by: Zixuan James Li <p359101898@gmail.com>
2022-08-12 16:51:55 -07:00
Zixuan James Li c9f54766c3 rate_limiter: Extract rate limit related functions.
This refactors rate limit related functions from `zerver.decorator` to
zerver.lib.rate_limiter.

We conditionally import `RemoteZulipServer`, `RequestNotes`, and
`RateLimitedRemoteZulipServer` to avoid circular dependency.

Most instances of importing these functions from `zerver.decorator` got
updated, with a few exceptions in `zerver.tests.test_decorators`, where
we do want to mock the rate limiting functions imported in
`zerver.decorator`. The same goes with the mocking example in the
"testing-with-django" documentation.

Signed-off-by: Zixuan James Li <p359101898@gmail.com>
2022-08-12 16:51:55 -07:00
Zixuan James Li 232ba4866a rate_limit: Stop wrapping rate limited functions.
This refactors `rate_limit` so that we no longer use it as a decorator.
This is a workaround to https://github.com/python/mypy/issues/12909 as
`rate_limit` previous expects different parameters than its callers.

Our approach to test logging handlers also needs to be updated because
the view function is not decorated by `rate_limit`.

Signed-off-by: Zixuan James Li <p359101898@gmail.com>
2022-08-12 16:51:55 -07:00
N-Shar-ma cfa4973441 typeahead: Fix thin blue line bug when there is space after `>`.
When the user added space/s right after the topic typehead symbol `>`,
a thin blue line would be selected at the top of the typeahead menu.

To avoid this and to make stream and topic typeaheads' behaviour more
consistent with each other, space/s right after `>` is not allowed,
like it is not allowed right after `#`.

Fixes: #19124.
2022-08-12 16:47:06 -07:00
jai2201 aa700ff59d pm_list: Handle narrow functions separately for pm_section.
This commit is a preparatory commit for #20870, it introduces
`handle_narrow_deactivated` and `handle_narrow_activated`
functions in pm_list.js, separately from top_left_corner.js,
to reduce the complexity of handling private messages section
separately.
2022-08-12 15:26:00 -07:00
Dinesh 48d2783559 read_receipts: Add support for displaying read receipts.
Adds an API endpoint for accessing read receipts for other users, as
well as a modal UI for displaying that information.

Enables the previously merged privacy settings UI for managing whether
a user makes read receipts data available to other users.

Documentation is pending, and we'll likely want to link to the
documentation with help_settings_link once it is complete.

Fixes #3618.

Co-authored-by: Tim Abbott <tabbott@zulip.com>
2022-08-12 13:16:35 -07:00
Tim Abbott 5bd1a85659 test_fixtures: Rebuild database when create_realm.py changes.
Now that we've split this out from the enormous actions.py, it makes
sense to include this in the set of inputs for generating the
database.
2022-08-12 13:16:35 -07:00
Tim Abbott 828867c733 overlays: Allow calling open_modal with a modal already open.
Previously, our modal system prevented opening a modal when one was
already open. It appears this was implemented to work around the fact
that we're using Micromodal selectors to determine if a modal is open
(and those don't update until after an animation frame).

We'd like to support opening the full user profile and manage user
modals while read receipts is open. While we could work around this in
that place, it feels like one needs a lot of documentation in order to
add a setTimeout in those code paths.

So we instead make open_modal support this, with a guard to prevent
infinite recursion in case of future bugs.

Note that dialog_widget was already closing modals before opening the
next one, so this is a behavior change only for our 3 modals that do
not use dialog_widget.

(I'm not sure why the `dialog_widget` modals did not already require a
delay, but likely there's some CSS difference).

We likely will want to redo this to instead use a better state
tracking system.

See https://chat.zulip.org/#narrow/stream/49-development-help/topic/close.20and.20open.20another.20modal.20immediately
for discussion.
2022-08-12 13:16:35 -07:00
Dinesh 63d71ecb0c popovers: Use e.currentTarget for .view_user_profile event listener.
The previous version with e.target would give the element that was
clicked lying inside an element with '.view_user_profile'.

One would usually expect "data-user-id" to be attached to the
same element with ".view_user_profile" instead of any of its children.
So, to just look for "data-user-id" in the element with that class,
instead of any of its chidren, this commit changes e.target to
e.currentTarget.
2022-08-12 13:16:35 -07:00
Sahil Batra 43fb872f3f settings: Add UI for changing read receipts realm_user_default.
Fixes #22657.
2022-08-12 11:25:35 -07:00
Sahil Batra 894879d1fe settings: Change label of send_read_receipts setting.
The previous label was ambiguous and suggested one needed to have sent
a message in a given conversation to see read receipts.
2022-08-12 11:25:16 -07:00
Sahil Batra 8302337aa9 settings: Add tooltip for user read receipts setting.
We show tooltip for user read receipts setting mentioning
that the organization has disabled read receipts setting
when an organization does so. We hide the tooltip when
organization read receipts setting is enabled.

We also fix the alignment of "i" icons with label and headings
at various places by moving it 1 pixel below. There may be
some places where it is not fixed, but those will be fixed
separately.
2022-08-12 11:21:44 -07:00
Sahil Batra 103115dad6 settings: Add checkbox for enable_read_receipts setting. 2022-08-12 11:21:43 -07:00
Sahil Batra 09b35b09c5 migrations: Add migration to set default value of enable_read_receipts.
This migration set default value of enable_read_receipts to True
for existing realms which require an invitation to join.
2022-08-12 22:26:14 +05:30
Sahil Batra 13e0311ef3 realm: Add support to change enable_read_receipts setting.
This commit adds support to change enable_read_receipts
setting through API and also adds the field to response
of "/register" endpoint so that the setting value
is available to clients.
2022-08-12 17:10:03 +05:30
Sahil Batra 05ce72d0bc models: Add enable_read_receipts organization setting field. 2022-08-12 17:01:52 +05:30
Anders Kaseorg 1f9573d527 Revert "pm_list: Handle narrow functions separately for pm_section."
This reverts commit 46b289cbda.

This commit didn’t pass Node tests independently of the PR #21726 that
it was split from, because pm_list is mocked.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-08-11 18:12:12 -07:00