Also remove unused fields.
The registration tests should be revamped for our new multi-stage
signup, but for now just get the test suite passing completely.
(imported from commit 481f420cf99341e44e71942ae563e3f9a1270d3e)
This makes the Home link modal (when on the Home pane, it unnarrows
you; when on a different pane, it returns you to your feed in whatever
state you left it).
Fixes Trac #5.
(imported from commit 3181f17035d78a9916ab7a3ad336f34cb66d3cdf)
You're not necessariy getting the last email, you're getting
the last recipient the user typed in.
(imported from commit f7ab4153a5b2497bc31a42d3ac5aea0636daaf60)
This attempts to tackle the issue where Cordelia always gets
accidentally CCd, with the following as a reproducer:
wda [tab] [backspace] [tab or enter] sends a message to wdaher and cordelia
(imported from commit fbbd722173584e50c34878b7d6249b09564fb172)
The fact that we're inconsistent about this in our functions
is definitely going to lead to more bugs of this form
down the road.
(imported from commit 907badcb28c0834729e21436c621255fa6584d44)
These get automatically re-numbered, which will do the wrong thing when people
split their lists across multiple messages.
Fixes#241.
(imported from commit 7f6f2c36a6ab27cef0a34008f304fc0fe25c8bd0)
We currently disable hotkeys if the focus is on a textbox or
button. Hidden buttons can still be in focus, so blur the search
buttons before hiding them.
(imported from commit 5fdab34ad9931ea5ea2ad1827b36dfe4c02d8797)
Whenever we use a typeahead, we should use the escaping highlighter
unless we're explicitly going to put sanitized content in it.
(imported from commit 33086327fe56a7bcbbbf8a08fe3f39800b195e75)
This also cleans up the autocomplete source specifications,
making the three typeaheads all look fairly consistent.
(imported from commit e72655d715db74cfc9ab45b51e7e2ff9e8ea84c5)
This makes the diff a bit cleaner.
Revert "Interim measure: Escape fullnames as well."
This reverts commit a634e6ac39ea337be499889b3ff64b3c4f4fcccb.
Revert "Interim measure: Escape subject names before they go into the typeahead."
This reverts commit 806bc719ab296ec0fe299b33c7aa6767a0c71b9d.
(imported from commit 5a579e3535846b2bc612cf03e43c562c83119812)
While we're at it, fix the fact that we're currently not adding
entries to the subscriptions_table at all when we do
subscribe-and-send.
(imported from commit 99bf574a4a296463e562a44186e2282654464542)
So that the 500 error view will render properly, even though no variables are
set. We keep the variable static_hidden, which by design is not used on the
500 page.
Fixes#240.
(imported from commit 3c7534f896479b7d7edbe5ef13958481e169a13c)
I'm sure this problem exists in a latent way with stream names and
email addresses as well. Once I figure out a general way to fix this,
I'd like to go back and handle these three cases in a cleaner,
symmetric way, but this'll do for now.
(imported from commit a634e6ac39ea337be499889b3ff64b3c4f4fcccb)
This is problematic because if your subject name is <b>hi</b>,
selecting it from the typeahead comes back with:
<b>hi</b>
which obviously isn't really OK.
(imported from commit 806bc719ab296ec0fe299b33c7aa6767a0c71b9d)
This is what caused our server to hang when receiving certain messages
over the last couple days. It was introduced by me making in the
assumption that doing the same thing we did after validate_notify
failed was a correct way to immediately return from
notify_new_message, which it was not. The code of validate_notify
actually finished the handler in the event that validation failed,
which isn't "correct", but did not manifest in a visible problem.
The correct way to trigger an immediate response from a tornado view
is to just return the value, not call handler.finish() and then return
None.
Similarly, the correct way to trigger longpolling from a tornado view
is to either return None (or equivalently, / drop off the end of the
function) or return a generator.
(imported from commit 5b931248b4650fc88d5d68f5936a95f19e097af9)
Validation was happening, but was not preventing sending. We now
just manually call the validation function in compose.finish()
instead of relying on jquery.form's beforeSubmit option.
(imported from commit e094832bf8948f4c6f58cc0d0923bf0fd09db4b1)
Here we introduce a new manage.py command, activate_mit, which takes a
number of usernames and sends out emails to the users with instructions on
how to activate their accounts.
(imported from commit f14401b55f915698e83ff27b86434f53e64685f3)
It's possible that the three places we can kill a popover
(body click, Esc, clicking on a new one) should be
refactored to use the same code.
(imported from commit ba7eab480fd2258abfb469c8f1155f29bc63f7f6)
If we have other pages that require login, we might want them to redirect to
the login form. But the root of the site should take you to /accounts/home --
but only after we launch the product.
(imported from commit b5d10e1c908f1ffe1ee68c2689691ca66c896786)
We weren't listing to compose finish events during reload previously,
which meant that finishing a message was not handled in the same way
as canceling a message.
(imported from commit 4f2576121a8b5354c94348bc2896a2db8c4be000)
This would only happen when you hit enter directly, instead of using
the search up / down buttons.
(imported from commit 90301f64b3f24e91c103342bd6a7f1b3e61f8928)
This is the behavior specified by Django. Since this was broken before,
our CSRF protection had no effect on Tornado views other than printing
a warning message :(
(imported from commit 7975d3c9b6c18915f917ac2da4592a55f6b6a658)
Per the docs, these are only meant to be used on arrays of DOM elements.
jQuery might one day assign a different meaning to arrays of strings,
and then we could have some security issues or weird breakage.
(imported from commit 545eee1e9c6955556d5c4bda30cd6db0dce19c60)
Instead we infer this from narrow.active(), with the ability to override during
the narrowing procedure.
(imported from commit fab9c6861f19aedf0ee8af094c1ef4e8a0a73d80)
Keegan McAllister
Jessica McKellar
Zev Benjamin
Waseem Daher
Tim Abbott
Luke Faraone