Commit Graph

1459 Commits

Author SHA1 Message Date
Steve Howell 6e2189f134 bugdown: Disable link previews when bots send messages.
We do not use `get_link_embed_data` for messsages sent by
bots, as bots often repeat the same URL over and over again
and are generally either text-focused or have their own
mechanisms to provide preview content.

Fixes #2968.
2017-02-03 17:08:23 -08:00
Steve Howell 709493cd75 Pass in sent_by_bot flag to bugdown parser.
We will use this flag to suppress certain url previews
for bots.
2017-02-03 17:07:38 -08:00
Tim Abbott a889346c9f Remove zh_CN old Django name for Chinese. 2017-02-03 14:29:03 -08:00
Steve Howell 5b8cc03c61 bugdown: Restore data-user-email to user mention spans.
(The commit q7ef4e40258280e202325c9295579c93fb948b replaced
data-user-email with data-user-id, but we still need to
support data-user-email for old clients like non-updated
androids and we still want to start the migration forward
to data-user-id.)
2017-02-02 12:32:18 -08:00
Tim Abbott 1bbf0f9a98 streams: Consider stream name validation logic. 2017-01-29 22:07:14 -08:00
Tim Abbott 884aa2b184 streams: Eliminate last use of get_stream in views. 2017-01-29 22:07:14 -08:00
Tim Abbott 4d3e97f304 actions: Remove unnecessary do_create_stream function. 2017-01-29 22:07:14 -08:00
Tim Abbott 01daa3e91a test_helpers: Move get_subscription out of actions.py.
It's no longer used by anything other than test code.
2017-01-29 20:27:00 -08:00
Tim Abbott 035e442b63 actions: Remove unused set_stream_color method. 2017-01-29 20:27:00 -08:00
Tim Abbott a3f3f5b7bc remove_default_stream: use access_stream_by_name. 2017-01-29 20:27:00 -08:00
Tim Abbott 19eaa92059 add_default_stream: use access_stream_by_name. 2017-01-29 20:27:00 -08:00
Tim Abbott de3f539f58 do_change_stream_description: Accept a stream as argument. 2017-01-29 20:27:00 -08:00
Tim Abbott 2dc90e8ebd rename_stream: Pass a stream object to do_rename_stream. 2017-01-29 20:27:00 -08:00
Tim Abbott 7be34357b2 rename_stream: Move stream name taken check to view. 2017-01-29 20:27:00 -08:00
Tim Abbott ccdf17f47e rename_stream: Move stream already has name check to view. 2017-01-29 20:27:00 -08:00
Tim Abbott d059a0a90a rename_stream: Move check_stream_name into view. 2017-01-29 20:26:59 -08:00
Tim Abbott ab1e9f2b97 rename_stream: Move stripping of whitespace to view. 2017-01-29 20:26:59 -08:00
Tim Abbott 4ad1fadab0 streams: Create and use do_change_stream_invite_only. 2017-01-29 20:26:59 -08:00
Tim Abbott c74ddb74e9 do_make_stream_private: Accept a stream object, not a name. 2017-01-29 20:26:59 -08:00
Tim Abbott 0a75480444 do_make_stream_public: Accept a stream object, not a name. 2017-01-29 20:26:59 -08:00
Tim Abbott 54bcc675f7 subscribe_to_stream: Return the stream object.
This simplifies some code paths a bit.
2017-01-29 20:26:59 -08:00
Tim Abbott bc2f23383e streams: Move list_to_streams to lib. 2017-01-29 20:26:59 -08:00
Tim Abbott 02f5ef1d23 streams: Move filter_stream_authorization to lib. 2017-01-29 20:26:59 -08:00
Tim Abbott 0af34ee710 streams: Add zerver/lib/streams.py library for security checks.
The goal of this library is to make it a lot easier to prevent bugs
like CVE-2017-0881 by having all of our views logic for fetching a
stream go through a couple carefully tested code paths.
2017-01-29 20:26:58 -08:00
Tim Abbott dea281557d events: Handle reactions events in apply_events.
Previously, this race condition just threw an exception.
2017-01-29 14:18:16 -08:00
Tim Abbott 153418de38 subs: Send create event to new subscribers of invite-only streams.
This fixes a regression introduced by our migration to track
subscribers for all public streams, where now users who are added to
an invite-only stream were receiving a mark_subscribed event
for a stream their browser didn't know existed, causing an exception.

To fix this, we now send a stream create event to the browser just
before the user receives the notification that it was added to the
invite-only stream.
2017-01-28 17:12:16 -08:00
Harshit Bansal b4186fdfdd views/realm_aliases.py: Use domain instead of id as handle for RealmAlias.
We need to make the change for the API, and the next commit introduces a
unique_together constraint on (realm, domain) anyway.
2017-01-26 17:24:25 -08:00
Harshit Bansal 06cc306d00 Add stricter domain validation and improve error messages. 2017-01-26 17:24:25 -08:00
Harshit Bansal 5b01694e00 actions.py: Rename do_get_realm_aliases to get_realm_aliases. 2017-01-26 17:24:25 -08:00
Tomasz Kolek 6e6cbeb89d Split webhooks doc and move to particular directories. 2017-01-26 11:56:45 -08:00
Tomasz Kolek 7de45951e2 Make webhooks as separate modules with view and tests.
Create python packege for every webhook with view.py and tests.py
2017-01-25 23:14:19 -08:00
Tim Abbott dd9e0b8463 errors: Move do_report_error into zerver/lib/. 2017-01-23 23:18:28 -08:00
Tim Abbott e6fc4ae27d errors: Move zilencer/error_notify.py to zerver/lib/. 2017-01-23 23:17:09 -08:00
Tim Abbott 4e171ce787 lint: Clean up E126 PEP-8 rule. 2017-01-23 22:06:13 -08:00
Tim Abbott 376aa3e404 lint: Clean up E702 PEP-8 rule. 2017-01-23 21:37:27 -08:00
Tim Abbott de99f48ce7 lint: Clean up E401 PEP-8 rule. 2017-01-23 21:36:39 -08:00
Tim Abbott d6e38e2a5c lint: Clean up E123 PEP-8 rule. 2017-01-23 21:34:26 -08:00
Tim Abbott 9cc83f87fc lint: Clean up E241 PEP-8 rule. 2017-01-23 21:21:14 -08:00
Tim Abbott fe4f7b1170 lint: Clean up E711 PEP-8 rule. 2017-01-23 21:11:49 -08:00
Tim Abbott d96f392147 lint: Clean up E741 PEP-8 rule. 2017-01-23 21:07:04 -08:00
Tim Abbott e9158dd520 lint: Clean up E121 PEP-8 rule. 2017-01-23 21:02:39 -08:00
Tim Abbott 6f0d2a9445 lint: Clean up E115 PEP-8 rule. 2017-01-23 20:55:37 -08:00
Tim Abbott 22d1aa396b lint: Clean up W503 PEP-8 warning. 2017-01-23 20:50:04 -08:00
Tim Abbott bde2da7dfd lint: clean up PEP-8 W391 rule. 2017-01-23 20:39:02 -08:00
Tim Abbott 0f7f9dc0fb update_message_backend: Log number of changed messages.
This will be helpful for debugging potential performance problems.
2017-01-23 17:22:40 -08:00
Rohith Asrk 9088c46e4c templates: Fix filename ending with .html.txt.
Fixes a part of #3136.
2017-01-21 22:44:13 -08:00
Tim Abbott 00d48bff7d Digest: Fix URIs for emoji and friends in email links.
It turns out we were using malformed URLs in the image tags
(containing just a hostname, but no http(s)!) in what we were passing
to the Django templates for our digest/, which resulted in the Django
templates treating these URLs as http.  Gmail recently cracked down on
loading images in HTTP, causing the emoji links to appear broken in
emails Zulip sends.

Fixes #3258.
2017-01-21 22:25:51 -08:00
Tim Abbott c0c9dfb66d populate_db: Fix crash by removing do_send_message.
This old helper has for years been used only by populate_db, and got
buggy (as of a recent refactoring).  So we just call do_send_messages
directly instead.

Fixes the provisioning error we currently get in Travis CI.
2017-01-21 22:07:36 -08:00
Steve Howell 4ea7e80be1 Change our_person() in apply_events() to use user_id.
This is a pretty minor change, but it makes it clear that we
have user_id in all the relevant states/events, so we might as
well use that for the check, since email is mutable and
slightly more difficult to reason about.
2017-01-21 21:45:12 -08:00
Steve Howell e2afab142a Add user_id to payload for is_admin updates. 2017-01-21 21:45:12 -08:00