Commit Graph

372 Commits

Author SHA1 Message Date
Umair Khan 035fceb814 Add dynamically loaded language dropdown. 2016-07-04 11:56:02 -07:00
Eklavya Sharma 95b6e668a7 zerver/lib/actions.py: Fix annotations.
Change queue_ids from text_type to str.
2016-07-04 03:01:32 +05:30
Kartik Maji f8bb7503e6 Add ability to pin streams to top of the streams sidebar list.
Based on work by Lauren Long, with some tweaks by tabbott.
2016-06-30 22:26:09 -07:00
Eklavya Sharma 97760702a8 zerver/lib/actions.py: Use Sequence as parameter type. 2016-06-29 01:11:41 +05:30
Eklavya Sharma 9aa6fd988a zerver/lib/actions.py: Type annotate variables. 2016-06-27 17:52:07 +05:30
Tomasz Kolek e6861636c8 Fix editing messages by adding or removing leading /me.
Previously, this did not correctly rerender the message to be (or not
to be) rendered as a /me style message.

Fixes: #835.
2016-06-24 11:18:29 -07:00
rahuldeve 8cecb37743 Modify Attachment model to track file access permissions. 2016-06-23 17:46:16 -07:00
krtkmj 9dadab6eac Replace placeholder variables x with more meaningful ones. 2016-06-20 19:36:07 -07:00
Eklavya Sharma 71e613424b Fix annotations clashing with UserProfile's model fields. 2016-06-13 20:01:01 +05:30
Eklavya Sharma 56d5785c2e zerver/models.py: Change some constants to unicode literals.
Change choices of UserProfile.avatar_sources and UserProfile.tutorial_status
from str literals to unicode literals.  This is done because these fields
are CharFields, which are of type `six.text_type`.  So the set of values
which they can take should also be of the type `six.text_type`.
Also fix clashing annotations.
2016-06-12 09:30:53 -07:00
Tim Abbott f44b227b85 Refactor getting cross-realm users into a function. 2016-06-11 11:22:22 -07:00
Eklavya Sharma 6d29da8cee Add zerver/lib/str_utils.py.
str_utils.py has functions for converting strings from one type to
another.  It also has a TypeVar called NonBinaryStr, which is like AnyStr
except that it doesn't allow bytes.
2016-06-11 16:17:47 +05:30
Vishnu Ks f9f31b79d0 Make default_streams web controllable.
Fixes: #665
2016-06-09 15:24:32 -07:00
Vishnu Ks f3a8962612 Replace make_dict() with stream.to_dict(). 2016-06-06 14:46:12 -07:00
Daw-Ran Liou 70f44c00b0 check_send_message: Replace args/kwargs with explicit args.
This lets us actually type-checks the various views that are using
check_send_message.
2016-06-05 14:30:38 -07:00
Deborah Hanus a261a6bbac Annotate zerver/views/__init__.py.
Also fix typing errors in a few related files.

[with tweaks from tabbott]
2016-06-05 11:34:19 -07:00
Ashish Kumar 31bf6b8259 Type annotation of zerver/models.py
[Substantially revised by tabbott]

This probably still has some bugs in it, but having mostly complete
annotations for models.py will help a lot for the annotations folks
are adding to other files.
2016-06-02 23:28:34 -07:00
Umair Khan 08fbd57245 [i18n] Make error messages translatable.
Make all strings passing through `json_error` and `JsonableError`
translatable.

Fixes #727
2016-05-31 07:40:42 -07:00
Tim Abbott 572c69f3c2 Move REQ and friends to their own module. 2016-05-30 11:24:17 -07:00
Eklavya Sharma 48e7e1a2a1 zerver/lib/actions.py: Rename stream_name to stream.
In function bulk_add_subscriptions, some variables were named
`stream_name` but their type is Stream, not a string.  Rename
those variables to `stream`.
2016-05-30 09:52:59 -07:00
Eklavya Sharma 1bb6a0db4c Annotate zerver/lib/actions.py. 2016-05-29 04:26:17 -07:00
Eklavya Sharma 2308107805 zerver/lib/actions.py: Use unicode literals.
Convert some strings literals to unicode strings by prefixing with `u`.
2016-05-29 04:26:17 -07:00
Eklavya Sharma b74f603682 zerver/lib/actions.py: Rename variables and add/edit comments. 2016-05-29 04:26:17 -07:00
Eklavya Sharma efab224bd1 zerver/lib/actions.py: Remove unneeded `return {}` statements. 2016-05-29 04:26:17 -07:00
Eklavya Sharma a2b48f05e5 zerver/lib/actions.py: Fix return values. 2016-05-29 04:26:17 -07:00
Eklavya Sharma 1c04560def Re-enable pyflakes in linter and remove python 3 pyflakes errors. 2016-05-25 19:25:13 +05:30
Eklavya Sharma 95d059bfb3 Fix typo in zerver/lib/actions.py. 2016-05-24 14:12:11 -07:00
Eklavya Sharma 508a080e08 do_change_bot_type: Add update_fields to user_profile.save(). 2016-05-24 13:21:44 -07:00
Tomasz Kolek 8c18b8947f Add bot_type field to UserProfile.
This is intended to support creating different types of bots with
potentially limited permissions.
2016-05-19 22:37:37 -07:00
Aristeidis Fkiaras 3ee210d9e8 Add setting to only allow admins create new streams.
Fixes: #691.

Thanks to Preston Hansen for work on this feature!
2016-05-18 18:53:13 -07:00
Eklavya Sharma 46757f07bf Make zerver/lib/actions.py pass mypy check. 2016-05-18 17:10:17 +05:30
Tim Abbott 92bec8cfea Merge Zulip 1.3.12 security release. 2016-05-10 11:32:26 -07:00
Tim Abbott 9b65464b6b logout_all_users: Add option to logout deactivated users. 2016-05-10 09:50:57 -07:00
Tim Abbott 07fc47f953 CVE-2016-4426: Fix non-admin users having access to all bot API keys.
Long ago, there was work on an experimental integration model where
every user in a realm would have administrative control over all bots,
with the goal of simplifying the process of setting up communally
administered bots for smaller teams.  While that new model was never
fully implemented (and thus never setup as an option), an error in
that original implementation meant that the data on all bots in a
realm, including their API keys, was sent to the browsers of users via
the `realm_bots` variable in `page_params`.  The data wasn't displayed
in the UI for non-admin users, but was available via e.g. the
javascript console.

This commit updates this behavior to only send sensitive bot data like
API keys to the owner of the bot (and realm admins).

We may in the future implement a model simplifying communally
administered integrations, but if we do that, those bots should be
limited in their capabilities (e.g. only able to send webhook
messages).

This bug has been present since Zulip was released as open source.
2016-05-10 09:50:02 -07:00
Tim Abbott 0161d2fddd Cleanup guardian-based complexity in get_realm_user_dicts.
The old code for this lookup was unnecessarily complicated because we
were working around Guardian, where the `is_realm_admin` check was
extremely expensive.
2016-05-09 10:12:35 -07:00
Preston Hansen 635828069f Add feature to mark all in stream/topic as read with mouse.
Fixes #736.
2016-05-08 09:02:46 -07:00
rahuldeve dde832b158 Add Attachment model to keep track of uploads.
This commit adds the capability to keep track and remove uploaded
files.  Unclaimed attachments are files that have been uploaded to the
server but are not referred in any messages.  A management command to
remove old unclaimed files after a week is also included.

Tests for getting the file referred in messages are also included.
2016-05-02 22:14:47 -07:00
Tim Abbott 762a3188ee Fix missing whitespace after # in comments. 2016-05-02 22:10:47 -07:00
Tim Abbott af4203b41b Stop using initial password for newly activated users.
Previously we needed to use a specified password when activating a
formerly mirror dummy user, in order for that user to be able to
(re)set their password and login.  Now that we have our own password
reset form, this is no longer required.
2016-04-28 14:28:09 -07:00
Vladislav Manchev f5e6176aea Add custom realm emoji UI to administration page. 2016-04-26 13:15:54 -07:00
Tim Abbott d890011442 Add a script to reactivated deactivated realms. 2016-04-21 09:02:00 -07:00
Tim Abbott 49799440a4 Replace use of django-guardian with fields on UserProfile.
As documented in https://github.com/zulip/zulip/issues/441, Guardian
has quite poor performance, and in fact almost 50% of the time spent
running the Zulip backend test suite on my laptop was inside Guardian.

As part of this migration, we also clean up the old API_SUPER_USERS
variable used to mark EMAIL_GATEWAY_BOT as an API super user; now that
permission is managed entirely via the database.

When rebasing past this commit, developers will need to do a
`manage.py migrate` in order to apply the migration changes before the
server will run again.

We can't yet remove Guardian from INSTALLED_APPS, requirements.txt,
etc. in this release, because otherwise the reverse migration won't
work.

Fixes #441.
2016-04-20 21:51:52 -07:00
Ashish 41993ef2f5 Replace /json/update_message_flags with REST style route. 2016-04-11 21:38:22 -07:00
Varshit 4e1060076d Purge 'from typing import *' from zerver/.
This is a partial implementation of #636.
2016-04-07 14:07:07 -07:00
Tim Abbott 2059f650ab Add PEP-484 type annotations to zerver/lib/. 2016-04-03 15:40:23 -07:00
Ryan Moore 2fe0700f55 Update memcache -> remote cache in inline documentation. 2016-03-31 12:56:42 -07:00
Ryan Moore 9f29b80f8a s/items_for_memcached/items_for_remote_cache/g 2016-03-31 12:54:28 -07:00
Eklavya Sharma 9e3c3e14f5 Partially apply Python 3 libmodernize.fixes.fix_dict_six.
Refer to #256
2016-03-19 15:52:58 -07:00
Eklavya Sharma 176c507b0a Removed calls to ifilterfalse.
Replaced calls to ifilterfalse by list comprehensions because
ifilterfalse is not part of python 3.  Also changed some lists to sets
for faster lookup.

Refer to #256.
2016-03-19 15:46:31 -07:00
Tim Abbott a46647a87a python3: Mark certain strings as unicode strings.
This is required in Python 3 since these strings are combined with
other unicode strings.
2016-03-08 09:14:11 -08:00