Commit Graph

21640 Commits

Author SHA1 Message Date
derAnfaenger 61aebd036f tools: Remove `.py` extensions from user scripts. 2017-10-11 12:52:36 -07:00
derAnfaenger df948c7ea5 Remove useless shebang lines. 2017-10-11 12:52:36 -07:00
Brock Whittaker 1096bd11c9 streams: Rename settings hide/show functions.
The stream settings hide/show functions were "collapse" and
"show_sub", and this changes them to be "hide_sub_settings" and
"show_sub_settings".
2017-10-11 12:44:10 -07:00
Brock Whittaker 20af49b2bb streams: Call `actually_filter_streams` on stream events update.
Previously it was called before the event was processed by the server
and the subscription was updated to have the user subscribed to a
stream, so there was a race condition that would make it iso that
sometimes the stream line would disappear on the next render pass due
to the event not having completed yet.

This makes it so that the re-render happens after the event is
processed in `stream_events.js`.

Fixes: #6797.
2017-10-11 12:44:10 -07:00
Brock Whittaker 2ae2727c8b streams: Refactor `actually_filter_streams` to be public.
This refactors the function to be publicly accessible so we can call
the filter streams function from other modules.
2017-10-11 12:44:10 -07:00
Brock Whittaker 59cfed16ed streams: Hide and show settings properly for subscribed streams.
This now will show the settings properly when one unsubscribes and
resubscribes to a particular stream.

Fixes: #6798.
2017-10-11 12:44:10 -07:00
Brock Whittaker 9e9927d1d0 streams: Refactor `setup_subscriptions_stream_hash` arguments.
This refactors the arguments in the `setup_subscriptions_stream_hash`
method to remove the `stream_id` param and just take it from the `sub`
argument it is passed (which is an object that contains the property,
`stream_id`.
2017-10-11 12:44:10 -07:00
Brock Whittaker 7b8f2f8828 emoji-popover: Change :focus state from outline to darken.
This changes the :focus state of reactions that have been reacted
by yourself to darken on :focus rather than have the default
browser outline.
2017-10-11 12:31:49 -07:00
Brock Whittaker 897b33e79d components: De-duplicate `.no-underline` class.
This de-duplicates occurances of the `.no-underline` class by
removing it from "portico.css" and ensuring compaitbility by adding
support for the standard and :hover cases.
2017-10-11 12:24:44 -07:00
Brock Whittaker 968a8a0b6c /create_realm/: Change TOS checkbox to feature new styling.
This changes the TOS checkbox to use the internal checkbox styling
rather than the unstyled default appearance.
2017-10-11 12:24:44 -07:00
Brock Whittaker df9092cf42 components: Split out "app_components.css" for shared components.
This new “app_components.css” is for shared components between the
internal app and the portico pages.
2017-10-11 12:24:44 -07:00
neiljp (Neil Pilgrim) c04ff1cc79 mypy: Any->Call in create_single_page() in create-test-api-docs. 2017-10-11 12:16:50 -07:00
neiljp (Neil Pilgrim) fc947d92e2 mypy: Improve return type in bitbucket2 webhook function. 2017-10-11 12:16:50 -07:00
Steve Howell 7c726a5e77 Remove sender names from the message cache.
This removes sender names from the message cache, since
they aren't guaranteed to be valid, and they're inexpensive
to add.

This commit will make the message cache entries smaller
by removing sender___full_name and sender__short_name
fields.

Then we add in the sender fields to the message payloads
by doing a query against the unique sender ids of the
messages we are processing.

This change leads to 2 extra database hops for most of
our message-related codepaths.  The reason there are 2 hops
instead of 1 is that we basically re-calculate way too
much data to get a no-markdown dictionary.
2017-10-11 11:37:16 -07:00
Steve Howell 3910448b1d Extract MessageDict.post_process_dicts().
Introduce MessageDict.post_process_dicts() will allow us
the ability to do the following:

    * use less memory in the cache for repeated data
    * prevent cache invalidation
    * format data according to different client needs

The first use of this function is pretty inconsequential, but
it sets us up for more consequential changes.

In this commit we defer the MessageDict.hydrate_recipient_info
step until after we pull data out of the cache.  This impacts
cache size as follows:

    * streams - negligibly bigger
    * PMs/huddles - slimmer due to not needing to repeat
                    sender data like email/full_name

Again, the main point of this change is to start setting up
the infrastructure to do post-processing.
2017-10-11 11:37:16 -07:00
Steve Howell 6bf43e6332 refactor: Extract MessageDict.hydrate_recipient_info().
This is a first step to eventually slimming the message cache,
but there are still some moving parts there to be worked through.

The more immediate benefit of extracting this function is that
we can put tests on it.  Also, it isolates some functionality
that may go away as our clients gets smarter.
2017-10-11 11:37:16 -07:00
Tim Abbott baee129eda lint: Exclude style= rules for email log.
This is temporary, because this PR was written before these rules were
put in place.
2017-10-11 10:41:40 -07:00
Vishnu Ks 63ed4110fe auth: Submit dev login form to the correct subdomain. 2017-10-11 10:16:55 -07:00
Aastha Gupta 2337ed65c5 /emails: Add option to toggle between HTML and text.
This makes the developer experience of the /emails pages significantly
cleaner, since you don't have to look at both the HTML and the text
for each message at the same time.

Fixes #6844.
2017-10-11 10:08:42 -07:00
Garvit 5f8fbc5d35 message view: Decode HTML in Stream subscription messages.
Previously, we would display effectively double-HTML-escaped content
here.

Fixes #6652.
2017-10-11 09:59:48 -07:00
rht 34bafa654c mypy: Fix future syntax errors and other minor mistakes.
When we move to the Python 3 mypy syntax, we can't reference a class
before its definition.
2017-10-10 22:27:16 -07:00
Greg Price 0b6bcc9c33 docs/dev-env: Explicitly recommend VirtualBox 5.1.8 exactly. 2017-10-09 20:43:12 -07:00
Alena Volkova 79560e21bf urls: Move the json/tutorial_status endpoint to be an API-style route. 2017-10-09 15:13:33 -07:00
Alena Volkova 0e653d198d test_decorators: Replace the json/tutorial_status endpoint in tests.
This endpoint is about to become an API-style route and have the legacy
decorator removed from its view. The json/fetch_api_key endpoint will be
used in tests instead of it.
2017-10-09 15:13:33 -07:00
Tim Abbott 93e666c4bf compose: Restore shift-enter to always inserting a newline.
This was a not-well-thought-through behavior change done in #6489; the
part that was actually a problem was ctrl-enter not producing spaces
anyway.

So we fix this, and also add a comment explaining why.

Fixes #6908.
2017-10-09 15:10:54 -07:00
Steve Howell 75db4f5187 Avoid O(N) query pitfall for /users endpoint.
We now use a `.values` query to get just the fields we need
in order to fulfill '/json/users' requests.

The main benefit is that we don't do O(N) queries for bot
owners, but we also have less data on UserProfile to process.
2017-10-09 14:08:07 -07:00
Steve Howell f87159ad98 Flush standard output in match_states(). 2017-10-09 12:23:49 -07:00
Eeshan Garg 0ca1224b3e integrations: Render xkcd bot's documentation. 2017-10-09 11:40:44 -07:00
Eeshan Garg 1153288681 markdown: Add macro linking to our Bots Guide tutorials.
This macro is for when we want to describe how to run a bot on
a running Zulip server in our bots' docs.
2017-10-09 11:40:44 -07:00
Eeshan Garg 48be9e3e44 packages: Upgrade Zulip API packages (0.3.4 -> 0.3.5). 2017-10-09 11:40:36 -07:00
Harshit Bansal 6f4d24d851 reactions.js: Fix the conditional check for sending reaction request.
Request for adding an reaction only if there is a default emoji or
an active realm emoji with that name while request for removing a
reaction should be sent only if there is a default emoji or a realm
emoji(may be active or deactivated) with that name. Earlier we were
not including deactivated realm emojis while deciding whether a
request for removing a reaction should be sent or not which was
causing requests for the removal of reactions with deactivated realm
emojis not to be sent to the backend.

Fixes: #6007.
2017-10-09 11:31:21 -07:00
Harshit Bansal 3acaa79336 reactions.py: Don't check for valid emoji name while removing reaction.
On receiving a request for deleting a reaction, just check if such
a reaction exists or not. If it exists then just delete the reaction
otherwise send an error message that such a reaction doesn't exist.
It doesn't make sense to check whether an emoji name is valid or not.
2017-10-09 17:54:37 +00:00
Eeshan Garg 71eee35bce webhooks: Add a Google Code-in integration. 2017-10-09 09:04:39 -07:00
Tim Abbott 9cf26db6db test_management_commands: Fix send_webhook_fixture_message test.
I unfortunately didn't remember this could have a test.
2017-10-08 21:20:35 -07:00
Steve Howell a67b07bfc4 Avoid shadowing stream variables.
This helps with mypy typings in an upcoming commit.
2017-10-08 20:18:34 -07:00
Steve Howell 2e43562832 Extract Stream.num_subscribers_for_stream_id.
This allows us to count subscribers without a Stream object.
2017-10-08 20:18:34 -07:00
Steve Howell 12e65eb21c Use stream ids in various tests.
This commit prepares us to introduce a StreamLite class. For
these tests, we don't care about the actual contents of the
Stream, just the right stream is there.
2017-10-08 20:18:34 -07:00
Steve Howell c1d7fc6e80 Only require stream_id in private_stream_user_ids(). 2017-10-08 20:18:34 -07:00
Steve Howell 7dbea8a2bf Only require stream_id in subscribed_to_stream().
Since subscribed_to_stream is only doing an id lookup
on the Stream model to find out if a user is subscribed to
a stream, there's no reason to require a full Stream object.

It's currently the case that all callers do have full Stream
objects handy to pass in to this function, but it's still a
good practice to have functions only ask for objects that they
need.
2017-10-08 20:18:34 -07:00
Tim Abbott 49274a060c send_webhook_fixture_message: Fix to work with subdomains.
We apparently failued to update this tool when we switched the
development environment to require a subdomain.
2017-10-08 20:14:14 -07:00
Tim Abbott 416f34c80e setup-production: Try to fix Travis failures by blocking mongodb repo.
It appears the mongodb repo is not accessible by Travis CI right now.
This is sadly our problem, because Travis puts a bunch of crap in
their apt `sources.list` file, so `apt-get update` starts failing.
2017-10-08 20:06:42 -07:00
Tim Abbott 88bb6c6cad uploads: Set a BOTO_CONFIG path to override broken GCE configuration.
The comment is pretty self-explanatory.  The fact that Google Compute
Engine has this problem does not impress confidence about their
product, but hopefully this is the only really dumb thing they do.

Fixes #4839.
2017-10-08 19:46:57 -07:00
Greg Price 0691724836 passwords: Set default zxcvbn threshold to 10k guesses.
See the discussion in the revised docs for background and motivation,
and an explanation of why this value.
2017-10-08 15:48:44 -07:00
Greg Price a116303604 passwords: Express the quality threshold as guesses required.
The original "quality score" was invented purely for populating
our password-strength progress bar, and isn't expressed in terms
that are particularly meaningful.  For configuration and the core
accept/reject logic, it's better to use units that are readily
understood.  Switch to those.

I considered using "bits of entropy", defined loosely as the log
of this number, but both the zxcvbn paper and the linked CACM
article (which I recommend!) are written in terms of the number
of guesses.  And reading (most of) those two papers made me
less happy about referring to "entropy" in our terminology.
I already knew that notion was a little fuzzy if looked at
too closely, and I gained a better appreciation of how it's
contributed to confusion in discussing password policies and
to adoption of perverse policies that favor "Password1!" over
"derived unusual ravioli raft".  So, "guesses" it is.

And although the log is handy for some analysis purposes
(certainly for a graph like those in the zxcvbn paper), it adds
a layer of abstraction, and I think makes it harder to think
clearly about attacks, especially in the online setting.  So
just use the actual number, and if someone wants to set a
gigantic value, they will have the pleasure of seeing just
how many digits are involved.

(Thanks to @YJDave for a prototype that the code changes in this
 commit are based on.)
2017-10-08 15:48:44 -07:00
Greg Price 11e767f5b1 passwords: Revise our password-quality logic for clarity.
This should be a pure refactor: we're just removing or tightening
some obsolete comments, and rearranging some logic to make it
easier to follow.
2017-10-08 15:48:44 -07:00
Tim Abbott 1ceaedb2c5 docs: Remove html_unescape.py.
This was just for 1-time use exported the original Zulip documentation.
2017-10-08 15:41:41 -07:00
rht fbd24669a4 Cleanup: Remove shebang and executable flag from these files. 2017-10-08 15:38:15 -07:00
rht de30400fc5 pg_backup_and_purge.py: Remove .py extension. 2017-10-08 15:32:43 -07:00
Tim Abbott ec080aed6b mypy: Workaround lxml annotations being busted. 2017-10-08 12:38:20 -07:00
Tim Abbott d215ea1e37 actions: Rename all_subs_by_stream to all_subscribers_by_stream.
The previous name sounded a bit too much like they were subcription
objects.
2017-10-08 12:33:53 -07:00