Commit Graph

1396 Commits

Author SHA1 Message Date
Tim Abbott 8003428845 api: Document remaining legacy endpoints. 2017-07-31 13:08:06 -07:00
Tim Abbott ed10ce70d4 invites: Migrate to non-legacy API format.
This has the side effect of making it possible for a bot user to
invite users with its API key, which seems useful.
2017-07-31 13:08:06 -07:00
Tim Abbott 6a50e13156 uploads: Remove legacy /json/upload_file endpoint.
This migrates Zulip to use the equivalent API endpoint that has been
present for a while.
2017-07-31 13:08:06 -07:00
Tim Abbott 1e5aee054b settings: Migrate main settings-change code to API.
This was one of the few major remaining endpoints that were still on
the old-style legacy API.
2017-07-31 13:08:06 -07:00
Jack Zhang c242df042f hotspots: Style hotspots. 2017-07-28 16:34:15 -07:00
vbNETonIce ea72432dca rename in comment: scripts/restart-zulip to scripts/restart-server
found this when trying to follow this comment and the script didn't exist anymore
2017-07-28 10:29:17 -07:00
Vaida Plankyte 26f5f77524 prod_settings_template.py: Update GitHub/Google auth setup docs. 2017-07-27 17:35:14 -07:00
Tim Abbott 53e4d8562b lint: Add a lint check for bare `type: ignore`s. 2017-07-27 16:31:55 -07:00
Steve Howell bc0761b22b Extract topic_data.js.
This new module tracks the recent topic names for any given
stream.

The code was pulled over almost verbatim from stream_data.js,
with minor renames to the function names.

We introduced a minor one-line function called stream_has_topics.
2017-07-27 14:26:22 -07:00
Rishi Gupta 6439603974 prod_settings_template: Add quotes around push notification url. 2017-07-25 17:42:33 -07:00
Greg Price e18baff32c JsonableError: Rename message from `error` to `msg`.
The whole thing is an error, so "message" is a more apt word for the
error message specifically.  We abbreviate that as `msg` in the actual
HTTP responses and in the signatures of `json_error` and friends, so
do the same here.
2017-07-24 16:41:22 -07:00
Rishi Gupta 9782911aca portico: Add initial why zulip page. 2017-07-19 11:53:06 -07:00
Pweaver (Paul Weaver) 01b0ec69d6 Move the webpack stats files to var/ and deploy root.
static/ serves static files which get copied around per deploy. Since
the webpack stats files need a consistent name and change per deploy,
they can't live in static/.

This fixes a bug that preventing downgrading a Zulip server to an old
version.
2017-07-18 15:02:58 -07:00
Rishi Gupta a249822ff5 confirmation: Add validity_in_days to _properties.
Also renames settings.EMAIL_CONFIRMATION_DAYS to
CONFIRMATION_LINK_DEFAULT_VALIDITY_DAYS, and adds a new setting for
invitation links.
2017-07-17 23:18:47 -07:00
Steve Howell 475eb21a5e Revert commits related to client_message_id.
I pushed a bunch of commits that attempted to introduce
the concept of `client_message_id` into our server, as
part of cleaning up our codepaths related to messages you
sent (both for the locally echoed case and for the host
case).

When we deployed this, we had some strange failures involving
double-echoed messages and issues advancing the pointer that appeared
related to #5779.  We didn't get to the bottom of exactly why the PR
caused havoc, but I decided there was a cleaner approach, anyway.
2017-07-14 12:13:35 -07:00
Steve Howell f6d670ae3d Extract sent_messages.js.
This is mostly straightforward moving of code out of compose.js.

The code that was moved currently supports sending time
reports for sent messages, but we intend to grow out the new
module to track more state about sent messages.

The following function names in this commit are new, but their
code was basically pulled over verbatim:

    process_success (was process_send_time)
    set_timer_for_restarting_event_loop
    clear
    initialize

All the code in the new module is covered by previous tests that
had been written for compose.js.  This commit only modifies
a few things to keep those tests.

The new module has 100% node coverage, so we updated `enforce_fully_covered`.
2017-07-13 23:42:27 -04:00
Jack Zhang 6e2f90c8c9 Improve /integrations page load time.
Prior to this commit, 7 megabytes of images (through 253 individual requests)
were heavily slowing down the initial load. With this commit, we load only the
logos (60 or so images).

Documentation and images for the individual integration sub-pages is requested
separately using the /integrations/doc/ endpoint, which returns HTML.
2017-07-13 20:37:09 -07:00
Brock Whittaker 1cf7ee966b help: Redesign /help/ pages to be a single page app.
This redesigns the /help/ page sets to be a single page app that uses
history.pushState to work the same as the old app.

The big new feature is that now we have the index in a nicely designed
left sidebar.
2017-07-13 15:43:44 -07:00
Umair Khan f94e8530ee Django 1.11: Remove jinja2 backend.
Django 1.11 adds the ability to pass context processors in Jinja2
backend. Django also sends template_rendered signal in tests.
These two issues were the reason why we added Jinja2 backend, but
after upgrading to Django 1.11 we can remove it.

We still need jinja2/__init__.py, which modifies the environment,
and jinja2/compressors.py, which adds minify_js compressor.
2017-07-12 17:53:25 -07:00
Aditya Bansal b9bffaa446 pep8: Add compliance with rule E261 to prod_settings_template.py. 2017-07-11 11:55:01 -07:00
Aditya Bansal 5f87a0f8f8 pep8: Add compliance with rule E261 zproject/settings.py. 2017-07-11 11:53:33 -07:00
Aditya Bansal 7c6ad4a770 pep8: Add compliance with rule E261 zproject/dev_settings.py. 2017-07-11 11:53:33 -07:00
Umair Khan 816ead737c jinja2: Support only Django version >= 1.11.
Django started supporting context processors from version 1.11; as
a result of this, we can get rid of some of the code which is now
being taken care of by Django.
2017-07-10 11:32:10 -07:00
Rishi Gupta 0f46fd86dd urls: Rename arguments to accounts/unsubscribe.
type -> email_type to match future work on ScheduledJob.

token -> confirmation_key to match what the other confirmation views urls
call this argument.
2017-07-07 18:56:14 -07:00
Vaida d5517bae36 Delete the old zulip.com "referrals" system.
This system hasn't been in active use for several years, and had some 
problems with it's design.  So it makes sense to just remove it to declutter
the codebase.

Fixes #5655.
2017-07-07 14:59:18 -07:00
Vishnu Ks 9067890120 urls: Use POST for zerver.views.user_settings.set_avatar_backend.
The set_avatar_backend is changed from PUT to POST becuase this
is not idempotent.
2017-07-07 10:31:43 -07:00
Vishnu Ks df5df76961 urls: Use POST for zerver.views.realm_emoji.upload_emoji.
The upload_emoji endpoint is changed from PUT to POST because
this endpoint is not idempotent.
2017-07-07 10:31:43 -07:00
Vishnu Ks cf2dec539f urls: Use POST for zerver.views.realm_icon.upload_icon.
This upload_icon endpoint is changed from PUT to POST becuase
this endpoint is not idempotent.
2017-07-07 10:31:43 -07:00
Rishi Gupta 07a3bb4d35 confirmation: Remove get_link_validity_in_days.
This commit removes the ability to configure different validity durations
for different types of confirmation links. I don't think the extra
configurability was worth the extra complexity, either for the user trying
to understand the settings, or for the developer trying to understand the
code.

The commit replaces all confirmation validity duration settings with a
single setting, settings.EMAIL_CONFIRMATION_DAYS.

The only setting it removes is settings.EMAIL_CHANGE_CONFIRMATION_DAYS,
which was introduced in 5bf83f9 and never advertised in prod_settings.py.
2017-07-07 07:46:31 -04:00
James Rowan 368bd66d8b emails: Refactor send_email functions to take both a sender name and address.
This will allow for customized senders for emails, e.g. 'Zulip Digest' for
digest emails and 'Zulip Missed Messages' for missed message emails.

Also:
* Converts the sender name to always be "Zulip", if the from_email used to
  be settings.NOREPLY_EMAIL_ADDRESS or settings.ZULIP_ADMINISTRATOR.

* Changes the default value of settings.NOREPLY_EMAIL_ADDRESS in the
  prod_setting_template to no longer have a display name. The only use of
  that display name was in the email pathway.
2017-07-04 14:25:01 -07:00
Rishi Gupta dd3dd26f15 prod_settings_template: Update description for FEEDBACK_EMAIL. 2017-07-04 14:25:01 -07:00
Cory Lynch 802ea9abf5 Refactor to delete mousewheel.js.
This old third party library added support
for a "mousewheel" event to detect scrolling.
However, it is not compatible with jQuery 3
and is obsolete now that there is a standard
"wheel" event that accomplishes the same thing.
2017-07-03 11:04:20 -04:00
Pweaver (Paul Weaver) 2c10e7c0db Change from and noreply emails to use EXTERNAL_HOST domain.
This eliminates another mandatory setting from what one needs to
configure to setup a Zulip server.
2017-07-01 08:09:25 -07:00
Rishi Gupta 2012913cc1 prod_settings_template: Update description of NOREPLY_EMAIL_ADDRESS. 2017-06-29 17:54:33 -07:00
Rishi Gupta 85d38bd17b emails: Remove DEFAULT_FROM_EMAIL from prod_settings_template. 2017-06-29 17:54:33 -07:00
Rishi Gupta 577e201df0 emails: Replace DEFAULT_FROM_EMAIL with ZULIP_ADMINISTRATOR.
We're getting rid of DEFAULT_FROM_EMAIL from prod_settings_template, since
we only really need one of {DEFAULT_FROM_EMAIL, ZULIP_ADMINISTRATOR}.
2017-06-29 17:54:33 -07:00
Vishnu Ks 9b7585a436 bots: Make welcome-bot cross realm. 2017-06-25 11:23:45 -04:00
Umair Khan a66b7b7083 Remove Django Guardian dependency.
Guardian adds functionality on top of Django auth system to set
per object permissions. Its problem is that it is has poor performance.
So we decided to remove it in release 1.4.0, but we still kept the
option to revert back to an older version which used Guardian.
See commit 49799440a4 for more details.

This commit is the final piece in the string of commits which move
us towards completely removing guardian from our codebase. The way
we do it as follows:

If you are upgrading from a version <= 1.3.10, you first need to
upgrade to 1.4.x (we recommend 1.4.2). The reason is that we
deprecated Guardian in this version. Once you have upgraded to
1.4.x we can be sure that your Zulip installation doesn't depend
on Guardian and all the data has been successfully migrated away from
Guardian. The second step is to upgrade to latest release which will
not include any reference to Guardian in the codebase. After this
commit migrating directly to the latest release will not work because
in that case Guardian data will not migrate.

The backward incompatible change that this introduces is that
we have squashed all the migrations till version 1.4.0. This was
necessary to remove Guardian because it was needed by the reverse
migration. These migrations were from 0001 to 0028.

Fixes #5420
2017-06-23 08:40:57 -04:00
Greg Price c9e35c459a landing: Write up why open source projects should use Zulip
This isn't very slick, but it should get the main points down,
and it's past time we got something like this up.  Definitely
needs in the future another pass at the text, and also some images
(screenshots, etc.) and styling.
2017-06-22 16:26:50 -07:00
Harshit Bansal c0e4f24a25 webpack: Migrate `common.js` bundle to webpack. 2017-06-22 19:06:32 -04:00
Vaida Plankyte 7577a80fd9 settings.py: Change jinja2 blocks to be stripped of whitespace. 2017-06-22 14:19:33 -04:00
Umair Khan a4afca7b73 ldap: Don't authenticate if realm is None.
Fixes #5431
2017-06-21 10:14:34 -04:00
Harshit Bansal c50b3672c2 webpack: Migrate `signup.js` bundle to webpack static asset pipeline. 2017-06-20 09:45:26 -04:00
Harshit Bansal 3953734a1c webpack: Migrate `stats.js` bundle to webpack static asset pipeline. 2017-06-20 09:45:26 -04:00
Cory Lynch 78de70688e dev: Add URL to preview error 404/5xx pages. 2017-06-14 21:18:45 -07:00
Cory Lynch cb4dadfdcd tools: Create /devtools page for useful dev URLs.
Fixes #5179.
2017-06-14 20:17:56 -07:00
Umair Khan 95fc16d90d Django 1.11: MIDDLEWARE_CLASSES setting is deprecated.
Django provides MiddlewareMixin to upgrade old-style middlewares. See
https://docs.djangoproject.com/en/1.11/topics/http/middleware/#upgrading-middleware
2017-06-13 15:04:04 -07:00
Umair Khan c25e9ad193 Django 1.11: Template now accepts backend in __init__.
This makes our `zproject.jinja2.backend.Template` compatible with
Jinja2. After this change we don't need to override __init__ function
in Template class.

The only reason we now need to create our own Template class is that
we need to send template_rendered signals.

We need our own Jinja2 class because we need to maintain backward
compatibility with Django 1.10 and we need inject `debug` parameter.
2017-06-13 15:04:04 -07:00
Pweaver (Paul Weaver) 28874cf26f webpack: Add --minify option to run-dev.py for to test minification. 2017-06-13 12:45:40 -07:00
Mehanig 1e5ce918e3 webpack: Move app_debug.js to webpack bundle. 2017-06-13 12:45:40 -07:00
Mehanig 04626acd5a webpack: Move zxcvbn.js to webpack bundle. 2017-06-13 12:45:39 -07:00
Mehanig ae29d4b8d2 webpack: Move landing-page.js to webpack bundle. 2017-06-13 12:36:55 -07:00
Mehanig 2c6f2fb93a webpack: Move activity js to webpack. 2017-06-13 12:36:51 -07:00
Pweaver (Paul Weaver) 5c07125994 Enable EmailAuthBackend by default to simplify a production install.
This should save a step from the installation process in the common
case.
2017-06-12 21:53:35 -07:00
Rafid Aslam 4f482834b4 deps: Upgrade and move `perfect-scrollbar` from `static/third` to `npm`.
- Remove `perfect-scrollbar` from `static/third` and fetch it from npm.
- Upgrade `perfect-scrollbar` to 0.7.1.
- Bump up the `PROVISION_VERSION` to 5.6.

Changed `wheelSpeed` in "static/js/scroll_bar.js" to 0.5, because when it
20, the scrollbar scrolls very fast.

Changed 'wheelSpeed' in "static/js/emoji_picker.js" from 25 to 0.68
(based on tabbott's testing of scrolling through the emoji list).

Part of #1709.
2017-06-11 10:15:48 -07:00
Cory Lynch 6219128d87 dev: Add /emails/ URL for testing email templates.
Fixes #5270.
2017-06-09 16:21:49 -07:00
Cory Lynch 6653e19e3a Add URL for viewing node coverage data on dev server.
Running test-js-with-node --coverage now provides a URL
to view the output data on the web.

Fixes #5177.
2017-06-09 16:17:30 -07:00
Mehanig 8c0e500d6b webpack: Migrate api and katex js files to Webpack bundler.
This also injects the dev webpack sockets to katex, since that's part
of the main web app bundle.
2017-06-09 12:33:52 -07:00
Rishi Gupta 769c5ab105 emails: Send password reset emails through zerver.lib.send_email.
Previously, the password reset email behaved differently from all the other
email Zulip sends.
2017-06-06 23:22:22 -07:00
Rishi Gupta 15e5814c27 emails: Prevent subject lines and plaintext emails from being HTML-escaped.
Adds a new template engine with autoescape=False, and uses the new engine to
render subject lines and plaintext emails.
2017-06-06 23:22:22 -07:00
Rishi Gupta 4d67ce8051 settings.py: Make template engine settings easier to duplicate.
No functional changes.
2017-06-06 23:22:22 -07:00
Greg Price 04b363f3a2 apps: Redirect /apps -> zulipchat.com/apps, except on upstream itself.
This page describes software the user will get from upstream for
their own devices, independent of what's on the server they're
using.  So it should live in a place maintained together with
that other software, rather than be distributed and versioned
with the server.

The use of ZILENCER_ENABLED to tell the difference is rather a hack
but is currently how we do this in the small handful of similar
spots; see #5245.

Fixes #5234.
2017-06-06 11:21:20 -07:00
Aditya Bansal feb663ffb6 pep8: Add compliance with rule E261 backends.py. 2017-06-04 09:18:22 -07:00
Cory Lynch 5d7828096e Split out server_events_dispatch.js from server_events.js. 2017-06-02 16:49:18 -07:00
Tim Abbott 4da9383f2d dev_urls: Add comments documenting sections. 2017-06-02 12:44:32 -07:00
Akhil 64f2b51496 typeahead: Add pm_conversations module.
In pm_conversations.js, added function to make a user a PM partner and
another function to check if a user is a PM partner. A PM partner is
someone with whom the user has been in a PM with.
2017-06-01 08:05:37 +00:00
Akhil f04da3d52e typeahead: Add recent_senders module.
In recent_senders module, added a data structure to hold timestamps of
users' latest message in a topic. Also added a function to compare 2
users based on above timestamp. Added a function to process messages for
the data structure and a call in add_message_metadata. Also added node
tests for insertion of data into recent_senders.senders.
2017-06-01 08:05:37 +00:00
K.Kanakhin 2434f2d96c messages: Add support for admins deleting messages.
This makes it possible for Zulip administrators to delete messages.
This is primarily intended for use in deleting early test messages,
but it can solve other problems as well.

Later we'll want to play with the permissions model for this, but for
now, the goal is just to integrate the feature.

Note that it saves the deleted messages for some time using the same
approach as Zulip's message retention policy feature.

Fixes #135.
2017-05-29 21:59:38 -07:00
Rohitt Vashishtha 2d73e03e37 ui-refactor: Rename modals.js to overlays.js.
Fixed #4702.
2017-05-29 11:24:46 -07:00
Pweaver (Paul Weaver) cb311e99d8 Change backend tests to use a webpack stats stub file. 2017-05-25 16:15:32 -07:00
Mehanig 3f5d0e69fb Build and handle jsfiles using webpack instead of django-pipeline.
Also renames bundle.js to translations.js.
2017-05-24 18:38:03 -07:00
umkay ccc70445d6 mypy: Fix strict-optional errors for test files.
Fix mypy --strict-optional errors in zerver/tests
2017-05-24 12:43:28 -07:00
Umair Khan 603b60940d github: Access private emails.
Previously our scope setting only allowed us access to
publicly listed email addresss. This commit changes that
to get access to private email addresses as well.

Fixes: #4937.
2017-05-24 08:24:26 -07:00
Eklavya Sharma 13ee26019f zproject/backends.py: Check for None before use.
Check if the dict 'return_data' is None before setting attributes
on it.
2017-05-23 21:56:50 -07:00
Eklavya Sharma cc1937c8d5 mypy: Use Optional with strings where required. 2017-05-23 21:56:50 -07:00
Eeshan Garg baff121115 app_filters: Render HTML to render Jinja2 syntax within Markdown macros.
If a Markdown macro contains Jinja2 template code, it isn't rendered
because render_markdown_path calls template.render on the including
.md file before the macro has been included. And then the including
.md file is converted to HTML. Therefore, the template code within
a Markdown macro (if any) never gets rendered and is returned as it is.

Now, after the source .md file is converted to HTML,
render_markdown_path renders the resulting HTML so that any template
code within included macros (if any) is finally rendered.
2017-05-22 18:19:14 -07:00
Tim Abbott a2f5d133e8 docs: Document the push notification forwarding service. 2017-05-18 13:39:58 -07:00
Tim Abbott 040067b2a2 invite: Remove obsolete bulk_invite_users endpoint. 2017-05-17 17:30:15 -07:00
Tim Abbott 9d63a5ab3a push_notification: Delete obsolete DBX_IOS_APP_ID code.
I'm not sure that this was ever actually used, but it's definitely
just clutter for Zulip today.
2017-05-16 12:26:55 -07:00
Eeshan Garg 10dcc99983 zerver/decorators: Log all exceptions raised in api_key_only_webhook_view.
Fixes #4742.
2017-05-13 14:53:47 -07:00
Tim Abbott ab3f55408d settings: Document how to set EXTERNAL_HOST to include a port number.
Also, make sure that ALLOWED_HOSTS is correct in the case that a port
number is included.
2017-05-12 14:27:29 -07:00
Brock Whittaker 6e7305f784 js: Implement DynamicText class.
This implements the DynamicText class for resizing of text to fit the
parent node.
2017-05-11 17:23:53 -07:00
Umair Khan dc2a9a4c5b github: Add sign up button on registration page. 2017-05-10 17:49:08 -07:00
Tim Abbott 5019b53492 auth: Pass is_signup option around. 2017-05-10 17:20:34 -07:00
Tim Abbott c21d336bfe css: Use the Zulip static asset pipeline for emoji sprite sheet CSS.
This should be a nonfunctional change in most cases; the main benefit
should be preventing caching issues if/when our sprite sheets change.
2017-05-09 19:45:57 -07:00
Tim Abbott 2d97db3518 streams: Add endpoint for modifying properties of a single stream.
This is likely to be the more common endpoint for API clients like the
mobile apps to interact with when modifying streams.
2017-05-09 13:42:34 -07:00
kunall17 e087bc24f8 streams: Migrate stream property changes to new REST endpoint.
This is one of the last major endpoints that were still done in the
pre-REST style.

While we're at it, we change the endpoint to expect a stream ID, not a
stream name.
2017-05-09 13:39:23 -07:00
Steve Howell 0a0f567aeb Split out markdown.js from echo.js.
The new module handles markdown rendering.

The code left behind in echo.js does local-echo kind of things
like reifying message ids.
2017-05-09 11:06:10 -07:00
Steve Howell 70d4ac93ce Add modals.info_overlay_open().
This also removes ui_state.js, since its last function
is now replaced by modals.info_overlay_open().
2017-05-09 09:19:27 -07:00
Mahim Goyal 6464514ca9 Break compose.js and drafts.js dependency. 2017-05-08 14:43:49 -07:00
Aditya Bansal 2820eb5a54 pep8: Add compliance with rule E261 to wsgi.py. 2017-05-07 23:21:50 -07:00
Aditya Bansal 462786e8b0 pep8: Add compliance with rule E261 to local_settings.py. 2017-05-07 23:21:50 -07:00
Rishi Gupta 962b56efbd settings: Change example NOREPLY_EMAIL_ADDRESS to have a display name.
We used to use constructions like
from_email = "Zulip <%s>" % (settings.NOREPLY_EMAIL_ADDRESS,)
but no longer do. All references to settings.NOREPLY_EMAIL_ADDRESS in the
codebase now do not append a display name.
2017-05-05 14:38:25 -07:00
Rishi Gupta e46cbaffa2 email: Remove Mandrill pathways and dependency.
Everything it was doing (send_future_email) can now be done using
ScheduledJob.
2017-05-05 14:38:23 -07:00
Rishi Gupta 92dd76822f email: Move and rename password reset templates. 2017-05-03 23:26:14 -07:00
Tim Abbott 51260b7536 auth: Add new route to get server settings.
Specifically, this makes easily available to the desktop and mobile
apps data on the server's configuration, including important details
like the realm icon, name, and description.

It deprecates /api/v1/get_auth_backends.
2017-05-03 16:40:14 -07:00
Tim Abbott 84008b9c37 context_processors: Rename confusingly named add_settings context.
Also document this.
2017-05-01 15:47:58 -07:00
K.Kanakhin f13d6a18eb realm-emoji: Add realm emoji uploading instead url providing.
- Add file_name field to `RealmEmoji` model and migration.
- Add emoji upload supporting to Upload backends.
- Add uploaded file processing to emoji views.
- Use emoji source url as based for display url.
- Change emoji form for image uploading.
- Fix back-end tests.
- Fix front-end tests.
- Add tests for emoji uploading.

Fixes #1134
2017-05-01 14:50:20 -07:00
Jack Zhang f8b3ce7d15 emoji: Move all emoji picker logic/events into emoji_picker module.
Added emoji_picker.js to static asset pipeline.
2017-04-30 14:13:36 -07:00
Cory Lynch 0965c43238 Add typeahead for syntax highlighting languages.
Modified composebox_typeahead.js to recognize the triple backtick
and tilde for code blocks, and added appropriate typeahead functions
in that file and in typeahead_helper.js.

Additionally, a new file pygments_data.js contains a dictionary of
the supported languages, mapping to relative popularity
rankings. These rankings determine the order of sort of the
languages in the typeahead.

This JavaScript file is actually in static/generated/pygments_data.js, as it
is generated by a Python script, tools/build_pymgents_data.py. This is
so that if Pygments adds support for new languages, the JavaScript file
will be updated appropriately. This python script uses a set of popularity
rankings defined in lang.json.

Corresponding unit tests were also added.

Fixes #4111.
2017-04-28 17:22:59 -07:00
Brock Whittaker 7afbc9ddd6 Redesign login and registration pages.
This completes a major redesign of the Zulip login and registration
pages, making them look much more slick and modern.

Major features include:
* Display of the realm name, description and icon on the login page
  and registration pages in the subdomains case.
* Much slicker looking buttons and input fields.
* A new overall style for the exterior of these portico pages.
2017-04-26 18:04:05 -07:00
Steve Howell 8eb86335b9 Extract narrow_state.js.
Despite the length of this commit, it is a very straightforward
moving of code from narrow.js -> narrow_state.js, and then
everything else is just s/narrow.foo()/narrow_state.foo()/
(with a few tiny cleanups to remove some code duplication
in certain callers).

The only new functions are simple setter/getters that
encapsulate the current_filter variable:

    narrow_state.reset_current_filter()
    narrow_state.set_current_filter()
    narrow_state.get_current_filter()

We removed narrow.predicate() as part of this, since it was dead
code.

Also, we removed the shim for narrow_state.set_compose_defaults(),
and since that was the last shim, we removed shim.js from the app.
2017-04-25 09:57:32 -07:00
Steve Howell 7326971380 Extract stream_edit.js.
This code makes the right pane work in "Manage Streams" when
you are editing a stream subscription.  It handles basic
functionality (submitting forms, etc.), live updates, and
showing the pane as needed.

Most of the code here was simply moved from subs.js, but some
functions were pulled out of larger functions:

    live update:
        add_me_to_member_list
        update_stream_name
        update_stream_description

    collapse/show:
        collapse
        show_sub

We also now export subs.show_subs_pane.

We eventually want stream_edit not to call into subs.js, and
this should be fairly easy--we just need to move some shared
methods to a new module.
2017-04-25 09:57:32 -07:00
Steve Howell ca2aea8d01 Extract stream_create.js.
This new modules handles the UI to create streams.  It mostly moves
code from subs.js.

It introduces an API around what used to be called meta.stream_created:

    reset_created_stream()
    set_name()
    get_name()

It only partially moves new_stream_clicked().
2017-04-25 09:57:32 -07:00
K.Kanakhin e3e52e7284 email-mirror: Move postfix email mirror integration to separate script.
This fixes a performance problem where we were previously starting up
a full Django process (~0.7s even on a fast machine) every time a new
email came in, potentially allowing users to accidentally DoS a Zulip
server.  Now, we just post over HTTPS, allowing the existing thread
pool support to do its job.

- Add script wrapper to communicate postfix pipe with django web server
  over HTTP(S). It uses shared_secret authentication mode.
- Add django view to process messages from email mirror server.
- Clean management command `email-mirror`. Left just functional
  for cron email processing.
- Add routes for new tornado view.
- Change pipe script in master process postfix config template
  based on updated script.
- Add tests.

Tweaked by tabbott to adjust the directory and set better defaults.

Fixes #2421.
2017-04-24 21:24:23 -07:00
Steve Howell 5ae284dcb1 Add topic_generator.js to the app. 2017-04-22 11:46:47 -07:00
Shayan Toqraee 534c951ec4 Add rtl.js library for detecting direction of text.
This comes complete with some documentation and node tests, and is a
key step towards implementing RTL support in Zulip.
2017-04-22 11:25:54 -07:00
Tim Abbott 55bea73035 Revert "github: Call the appropriate authenticate."
This reverts commit ab260731a9.

The overridden authenticate method was buggy.
2017-04-19 10:06:00 -07:00
Steve Howell 9591b3a95b Extract stream_sort.js. 2017-04-19 09:16:37 -07:00
Tim Abbott cddee49e75 Add support infrastructure for push notification bouncer service.
This is an incomplete cleaned-up continuation of Lisa Neigut's push
notification bouncer work.  It supports registration and
deregistration of individual push tokens with a central push
notification bouncer server.

It still is missing a few things before we can complete this effort:
* A registration form for server admins to configure their server for
  this service, with tests.
* Code (and tests) for actually bouncing the notifications.
2017-04-18 23:03:06 -07:00
Tim Abbott 55a9101573 settings: Add support for ZULIP_ORG secrets.
These can be used to authenticate the current Zulip server to
zulip.org.
2017-04-18 23:00:10 -07:00
Umair Khan cf3b6c6ca9 profile: Support custom profile data.
Implements backend for #1760.
2017-04-18 15:20:59 -07:00
Steve Howell 70b7d4c00b Extract compose_state.js.
This is mostly just moving methods out of compose.js.

The variable `is_composing_message`, which isn't a boolean, has
been renamed to `message_type`, and there are new functions
set_message_type() and get_message_type() that wrap it.

This commit removes some shims related to the global variable
`compose_state`; now, `compose_state` is a typical global
variable with a 1:1 relationship with the module by the same
name.

The new module has 100% line coverage, most of it coming
via the tests on compose_actions.js.  (The methods here are
super simple, so it's a good thing that the tests are somewhat
integrated with a higher layer.)
2017-04-18 12:26:58 -07:00
Umair Khan ab260731a9 github: Call the appropriate authenticate.
This commit makes sure that GitHubAuthBackend will only authenticate
using its own authenticate method. This is done by adding a new
Python Social Auth strategy which instead of calling authenticate
method of Django, calls the authenticate of the backend directly.

The problem this commit solves is that while authenticating through
GitHub backend, we were ending up getting authenticated through
ZulipDummyBackend. This might happen because the default strategy used
by Python Social Auth calls the authenticate method of Django which
iterates over all the backends and tries the authenticate methods
which match with the function arguments. The new strategy this commit
adds calls the authenticate method of GitHub backend directly which
makes sense because we already know that we want to authenticate with
GithHub.

The actual problem of why we are ending up on ZulipDummyBackend is
still a mystery because the function arguments passed to its
authenticate method are different. It shouldn't be called.
2017-04-17 21:03:08 -07:00
Steve Howell 22e21cddcb admin/settings: Lazy-load Organization sections.
We now wait to load Organization sections until you
click on the section (or virtually click by using arrow
keys).

Some of the sections are coupled in terms of their setup,
so some sections will already be loaded if you had clicked
on a related section.
2017-04-17 20:55:42 -07:00
Brock Whittaker 9576d5caef frontend: Implement list_render class.
This implements a list_render closure class that allows for
progressive, responsive rendering of long, scrollable lists, with
filtering support.

It isn't used, at present.
2017-04-14 14:52:50 -07:00
Steve Howell dd0c50f0df Extract compose_actions.js.
This module extracts these two functions that get called by
several other modules:

    start()
    cancel()

It is a little bit arbitrary which functions got pulled over
with them, but it's generally functions that would have only
been called via start/cancel.

There are two goals for splitting out this code.  The first
goal is simply to make `compose.js` have fewer responsibilities.
The second goal is to help break up circular dependencies.
The extraction of this module does more to clarify
dependencies than actually break them.  The methods start()
and cancel() had actually been shimmed in an earlier commit,
and now they no longer have a shim.

Besides start/cancel, most of the functions here are only
exported to facilitate test stubbing.  An exception is
decorate_stream_bar(), which is currently called from
ui_init.js.  We probably should move the "blur" handler out
of there, but cleaning up ui_init.js is a project for another
day.

It may seem slightly odd that this commit doesn't pull over
finish() into this module, but finish() would bring in the
whole send-message codepath.  You can think of it like this:

* compose_actions basically just populates the compose box
* compose.finish() makes the compose box do its real job,
  which is to send a message
2017-04-14 13:09:19 -07:00
hackerkid 2a0a84b229 Add moment.js third-party module via npm.
This is needed for timezone manipulations.  We may be able to replace
XDate with it in the future as well.
2017-04-14 10:22:06 -07:00
Umair Khan a507a47778 testing: Use zulip_test_template for backend.
Instead of zulip_test, use zulip_test_template for backend DB. This
makes sure that the DB used by backend tests is different from the
DB, which will be zulip_test, used by Casper tests.
2017-04-14 10:23:31 +05:00
Steve Howell 6b549248e8 Extract settings_filters.js. 2017-04-13 10:39:39 -07:00
Steve Howell 3e37f64f71 Extract settings_streams.js. 2017-04-13 10:39:39 -07:00
Steve Howell 70afb59cff Extract settings_users.js.
This affects three admin sections:

    * Users
    * Deactivated users
    * Bots
2017-04-13 10:39:39 -07:00
Steve Howell 0fc7b9907f Extract settings_org.js (and fix live updates).
This is mostly moving code, but we do add short-circuit logic
for some live-updating methods here.

Note that this affects two different sections of the admin app:

    * Organization settings
    * Authentication methods

We really want to move to one module per section, but there is some
legacy coupling that makes this difficult for now.
2017-04-13 10:39:39 -07:00
Steve Howell a3b44148af Extract settings_emoji.js. 2017-04-13 10:39:39 -07:00
K.Kanakhin 4891a8d850 Add default response for `terms` and `privacy` endpoints.
- Add setting for `privacy policy` template defining.
- Configure default templates for `privacy policy` and
  `terms of service` pages.
- Add route for privacy page.
- Remove condition for showing `privacy` and `terms` pages.
- Add `privacy_policy` setting to context processor.
- Add documentaion part for `privacy` and `terms` templates
  configuration.
- Add tests.

Fixes #3686.
2017-04-12 14:09:14 -07:00
Tim Abbott 79ad174ad3 settings: logging configuration to consistently email errors.
This fixes 2 issues:
* Some exceptions were not being properly emailed to admins.

* A bug in the parens placement in the default Zulip handlers list
  resulted in the console/file handlers being accidentally excluded if
  !ERROR_REPORTING.

Fixes #4127.
2017-04-12 11:17:57 -07:00
Steve Howell 06f9c28fd2 settings: Lazy-load settings sections.
For the settings UI, we now wait until a user goes to a particular
settings section before calling the appropriate function to set
up the section (which usually involves setting up click handlers
and populating initial data).
2017-04-07 15:20:12 -07:00
Steve Howell 7f17fc020f Extract settings_bots.js. 2017-04-07 15:20:12 -07:00
Steve Howell f37ce1eeb1 Extract settings_lab.js. 2017-04-06 11:28:36 -07:00
Steve Howell 89128a2272 Extract settings_muting.js. 2017-04-06 11:28:36 -07:00
Steve Howell 1f38884b27 Extract settings_notifications.js. 2017-04-06 11:28:36 -07:00
Steve Howell fa143d4582 Extract settings_display.js 2017-04-06 11:28:36 -07:00
Steve Howell 47bdecdc4f Extract settings_account.js.
This code handles the settings pane for "Your account," which
has email/name/password/avatar/etc.
2017-04-06 11:28:36 -07:00
Steve Howell 4bbd73a9a2 Extract list_util.js for navigating lists.
The code here used to live in hotkey.js.  Its complicated calling
protocol made it difficult to unit test.  We are also trying to
slim down hotkey.js.

Our arrow navigation for things like `#stream_filters` has always
been kind of awkward, since it's difficult to get the focus to
their list items.  This commit does nothing to fix that yet.
2017-04-05 11:53:52 -07:00
Umair Khan 8e87ba439d github: Go to registration if email is invalid. 2017-04-04 18:03:33 -07:00
Umair Khan c5218fb584 github: Pass proper parameters to authenticate.
Django tries to authenticate against all backends one by one.
The authenticate() function of GitHub backend used to take
*args and **kwargs arguments due to which it could be called
against any set of arguments. Django uses arguments to
differentiate authenticate() methods.
2017-04-04 18:03:33 -07:00
Steve Howell 2718bd0b5d Extract presence.js to track presence info.
Most of this code was simply moved from activity.js with some
minor renaming of functions like set_presence_info -> set_info.

Some functions were slightly nontrivial extractions:

    is_not_offline:
        came from activity.huddle_fraction_present

    get_status/get_mobile:
        simple getters

    set_user_status:
        partial extraction from activity.set_user_status

    last_active_date:
        pulled out of admin.js code

We also fixed activity.filter_and_sort to take user_ids.
2017-04-04 15:57:10 -07:00
Harshit Bansal b40a8ea20b views/realm_aliases.py: `realm_alias` migration.
* Rename `views/realm_aliases.py` to `views/realm_domains.py`.

* Remove any occurrences of `alias`.
2017-04-04 15:48:03 -07:00
Brock Whittaker 34f9ccb87c alerts: Change sidebar alerts to be at top of the screen.
This changes the alerts to be individual boxes that slide down from
the top of the screen for a better UI experience.
2017-04-03 16:22:05 -07:00
Steve Howell 2d52463b61 Extract ui_report.js.
This moves the implementations of error/report/message from
ui.js to ui_report.js.  They had been shimmed before, so calling
modules still use the same names to call the functions, but we
no longer need the shims.
2017-04-03 07:13:25 -07:00
Rohitt Vashishtha c7b40e76ac css: Make thirdparty-fonts.css load before Zulip stylesheets. 2017-03-29 21:18:43 -07:00
Amy Liu 6f061beb46 hotspots: Add backend support for tutorial hotspots.
This commit adds the backend support for a new style of tutorial which
allows for highlighting of multiple areas of the page with hotspots that
disappear when clicked by the user.
2017-03-29 11:34:32 -07:00
Tim Abbott 1a17b11788 logging_handlers: Add tests for main error reporting code path. 2017-03-26 13:10:43 -07:00
Tim Abbott 5672618b82 css: Extract popovers.css. 2017-03-25 20:14:17 -07:00
hollywoodno 75d9630258 Add notifications on new logins to Zulip.
This adds helpful email notifications for users who just logged into a
Zulip server, as a security protection against accounts being hacked.

Text tweaked by tabbott.

Fixes #2182.
2017-03-25 16:50:52 -07:00
Umair Khan f7860bca48 backends.py: Don't pass mutable default arguments.
Values of mutable default arguments are shared across all function
invocations. See
https://pythonconquerstheuniverse.wordpress.com/2012/02/15/mutable-default-arguments/
for further details.
2017-03-24 10:59:32 -07:00
Tim Abbott 3617ebfd41 api: Rename get_old_messages to get_messages in the backend.
Fixes #1315.
2017-03-23 23:52:44 -07:00
Umair Khan 2dc2a6b705 github: Redirect to login page if invalid email. 2017-03-23 17:12:58 -07:00
Umair Khan 30c1e2245e github: Add docstrings to functions.
Docstring added to:
* auth_complete
* do_auth
2017-03-23 17:12:58 -07:00
Umair Khan 029a4e5696 backends.py: Update comment in process_do_auth. 2017-03-23 17:12:58 -07:00
Tim Abbott 06492738b5 dev: Expose coverage and built documentation to web.
This makes it much more convenient for developers to access coverage
and built developer documentation.
2017-03-23 13:10:06 -07:00
Tim Abbott d39b2e116b settings: Disable password strength checking in development. 2017-03-22 13:14:20 -07:00
sinwar 397e9c109e auth: Separate development login from main login page.
This allows us to enable EmailAuthBackend by default in development
without cluttering the development login experience.

Fixes #3652.
2017-03-22 12:54:30 -07:00
Raghav Jajodia 9707c74f33 message_edit: Added copy to clipboard button.
A copy-to-clipboard button is added over message-edit textarea.
Closes #3239.
2017-03-22 11:00:18 -07:00
Steve Howell 4fb8339954 Extract typing_events.js. 2017-03-22 07:29:42 -07:00
Steve Howell 642be6ad18 Revamp state tracking for outbound typing indicators.
This change moves most of the logic related to starting and
stopping outbound typing indicators to a new module called
typing_status.js that is heavily unit tested.

While this was in some sense a rewrite, the logic was mostly
inspired by the existing code.

This change does fix one known bug, which is that when we
were changing recipients before (while typing was active), we
were not stopping and starting typing indicators.  This was
a fairly minor bug, since usually users leave the compose
box to change recipients, and we would do stop/start under
that scenario.  Now we also handle the case where the user
does not leave the compose box to change recipients.
2017-03-22 07:01:20 -07:00
Steve Howell 67a2094ed1 Add typing_data.js, which can track users who are typing.
(A subsequent commit will actually integrate this into the app.)
2017-03-21 17:24:40 -07:00
Yago González 34a9e1ae11 markdown: Add TeX typesetting support.
Co-authored-by: Reid Barton <rwbarton@gmail.com>

Fixes #2056.
2017-03-21 16:40:00 -07:00
adnrs96 a91012bd70 Move thirdparty-fonts.css from static/styles to static/third. 2017-03-21 13:40:05 -07:00
Tim Abbott 5b0ff2a69a mypy: Fix some strict-optional related issues. 2017-03-19 22:26:25 -07:00
Steve Howell fd856d728c Extract message_util.js 2017-03-19 21:03:45 -07:00
Steve Howell 8d3d70984d Extract message_events.js. 2017-03-19 21:03:45 -07:00
Steve Howell 1114c8bf62 Extract message_fetch.js. 2017-03-19 21:03:45 -07:00
wangjames 12eeb27442 js dependencies: Extract ui_state.js.
The function home_tab_obscured used to be in the ui_state
namespace via a shim, but now we have an actual module for
it.
2017-03-19 14:11:50 -07:00
Steve Howell d026344b37 Extract js/ui_util.js. 2017-03-19 11:05:45 -07:00
Steve Howell 1d7d6869c9 Extract stream_events.js 2017-03-19 10:56:09 -07:00
Steve Howell cfd1e8cbc3 Extract stream_muting.js. 2017-03-19 10:56:09 -07:00
Steve Howell ab34b5ee9f Extract ui_init.js. 2017-03-19 10:56:09 -07:00
Rishi Gupta 19d8d16126 js dependencies: Split hash_util.js from hashchange.js. 2017-03-18 20:40:34 -07:00
Steve Howell 35d38d62f3 Add shim.js w/narrow_state global. 2017-03-18 15:52:50 -07:00
Tim Abbott f67e9a7e5e CSS: Rename #overlay to #lightbox_overlay. 2017-03-18 13:54:11 -07:00
Tim Abbott ed90879602 js: Extract lightbox.js from ui.js. 2017-03-18 13:54:11 -07:00
Steve Howell a51caceea5 refactor: Extract unread_ops.js
This module mostly contains the mark_* functions that
update the server with info about unread counts.
2017-03-18 10:35:52 -07:00
Arpith Siromoney e073220e21 Add typing notifications front end.
Send typing notification events when user types in the compose box.
Listen for these events and display a notification.

Sending notifications: Notifications are throttled, so that start
notifications are sent every 10 seconds of active typing, and stop
notifications are sent 5 seconds after active typing stops or when the
compose box is closed.

Displaying notifications:
When a typing notification is received, if the current narrow is private
messages or is: pm-with and the user is not the sender,
"Othello is typing..." is displayed underneath the last message. This notification is
removed after 15 seconds. If another notification is received during this period, the
expiration is extended. When a stop notification is received the notification is removed.

Internally, a list of users currently typing is maintained for each
conversation (in a dict). When an event is received the list (for the appropriate
conversation) is updated and the notifications template is re-rendered
based on the narrow information. This template is also re-rendered when
the narrow changes.

Significantly modified by tabbott for clarity.

Fixes #150.
2017-03-17 20:45:07 -07:00
Tim Abbott 25488b550f casper: Fix issues with server autoreloading on save.
This fixes an issue where if you saved a Python file (even just
changing whitespace) while casper tests were running, the Tornado
server being used would restart, triggering a confusing error like
this:

ReferenceError: Can't find variable: $
Traceback:
  undefined:2
  :4
Suite explicitly interrupted without any message given.
2017-03-17 20:45:07 -07:00
Umair Khan 4442703011 jinja2: No need for custom render_to_response.
Django 1.10 has changed the implementation of this function to
match our custom implementation; in addition to this, we prefer
render().

Fixes #1914 via #4093.
2017-03-17 13:57:34 -07:00
kunall17 a908bb1898 Implemented API routes for muting/unmuting a topic 2017-03-15 16:19:00 -07:00
Brock Whittaker b0e5aeb313 Consolidate JavaScript modal closing in modals.js.
This consolidates all actions to close modals into modals.js and
triggers the correct cleaning/collapsing function dependent on what the
data-overlay attribute is labeled as.

It also ensures these all have an e.stopPropagation().

Fixes #4029.
2017-03-15 12:27:44 -07:00
K.Kanakhin f77c5fc086 settings: Extend `DATA_UPLOAD_MAX_MEMORY_SIZE` from default value.
- In django 1.10 was added `DATA_UPLOAD_MAX_MEMORY_SIZE` parameter,
  which controls max size of uploading files. By default it is 2.5MB.
2017-03-15 12:15:27 -07:00
Umair Khan 0d296afa54 github: Return '' when name is None. 2017-03-15 11:11:09 -07:00
Umair Khan e44e58f6d5 logging: Skip log records originated in site packages.
This fixes the huge exception we get in our logs from django.template
logger. This exception is a known bug in Django, see
https://code.djangoproject.com/ticket/26886

Fixes #3974
2017-03-15 11:07:31 -07:00
Rishi Gupta 4627ff1b4b zproject: Change comments to refer to Realm.string_id instead of domain. 2017-03-14 17:17:42 -07:00
Tim Abbott 5e39ccd642 js: Rename viewport.js to message_viewport.js.
This fixes the mobile web experience for Chrome on iOS.

Apparently, Chrome-on-iOS silently has a `viewport` module that
overrides and user-defined module by that name, causing all of our
code that accesses the viewport module to not work on that platform.
We fix this by renaming it.
2017-03-10 14:59:59 -08:00
Amy Liu e5ab3123af Migrate json/set_muted_topics to muting/topics. 2017-03-09 20:52:29 -08:00
Amy Liu 9500c88e32 Migrate legacy url json/bulk_invite_users to invite/bulk_invite. 2017-03-09 20:51:03 -08:00
Tim Abbott 84eb427c63 lint: Fix settings.py linewrapping. 2017-03-08 01:15:24 -08:00
Brock Whittaker 3b55519b11 Redesign "/features/" page in portico.
This redesigns the features page to incorporate the new landing nav,
CSS animations, and general styling of the product page set.
2017-03-07 23:25:39 -08:00
K.Kanakhin 1cb0f8dc41 Add size limit for uploading user avatars and realm icons.
- Add settings parameter for max realm icon size.
- Add settings parameter for max user avatar size.
- Add checking file size to avatar and icon
  uploading views.
- Transfer file size limit parameter to frontend.
- Add tests.
2017-03-07 22:13:01 -08:00
K.Kanakhin 173f34b7aa user-presence: Add `offline` status to aggregated info.
- Add `OFFLINE_THRESHOLD_SECS` settings parameter
  to handle offline period.
- Set aggregated status to offline if user's status
  haven't changed for `OFFLINE_THRESHOLD_SECS` period.
- Add test for offline aggregated status.
2017-03-07 20:09:53 -08:00
Umair Khan 1f60baba6b Handle social auth exception in auth_complete.
In case of an exception, we log it and return None which results in a
redirect to the login page.
2017-03-07 19:46:40 -08:00
Raghav Jajodia d52e08a25c analytics: Add a "Last updated" to the bottom of the stats page.
Fixes #3857.
2017-03-07 16:02:27 -08:00
Tim Abbott dcb14ec58e jinja2: Fix mypy confusion caused by weird six import. 2017-03-06 22:24:07 -08:00
Tim Abbott e1c1f96f9e zilencer: Eliminate submit_feedback indirection. 2017-03-06 00:01:57 -08:00
Tim Abbott 9a08ef5545 zilencer: Remove FEEDBACK_TARGET forwarding logic.
This feature hardcoded zulip.com, and never really made much sense
("feedback" should generally go to the local server administrator, not
to the Zulip development community).
2017-03-06 00:01:57 -08:00
Steve Howell 8e2e406404 refactor: Extract stream_popover.js.
This module handles the popovers in the stream list--one for
stream actions and another for topic-specific actions.

The extraction was mostly straightforward, but I did move some
of the code related to the color picker to be more consistent
with how I organized the other click handlers.
2017-03-05 15:44:43 -08:00
Rafid Aslam 33129059f4 deps: Upgrade and move `handlebars` from `static/third` to `npm`.
- Remove `handlebars.runtime.js` from static/third and fetch it from npm
- Upgrade `handlebars` to 3.0.3.

I change the test since there is a patch about line, written in
handlebars'
v2.0.0-beta.1 release note:
"Lines containing only block statements and whitespace are now removed."

Fixes part of #1709.
2017-03-04 21:49:02 -08:00
Tim Abbott bd0d6bb9d2 docs: Add discussion of VFL to front-end-build-process.md.
Also, link to this from various Python files where relevant.
2017-03-04 21:14:17 -08:00
Tim Abbott 899b59e9d6 dev_settings: Fix linter error in recent mypy work. 2017-03-04 15:34:09 -08:00
Tim Abbott 75e81253f2 mypy: Work around several new mypy bugs in 0.501. 2017-03-04 15:33:39 -08:00
Raghav Jajodia a3a03bd6a5 mypy: Added Dict, List and Set imports.
Fixed mypy errors associated with the upgrade.
2017-03-04 14:33:44 -08:00
Rishi Gupta 66371009e2 Set settings.TIME_ZONE to UTC.
If there are weird time-based regressions in the next couple of days, it's
probably due to this.
2017-03-03 19:00:02 -08:00
Rishi Gupta 28d3af0965 Fix several new errors caught by mypy 0.501.
Clear out a bunch of easy to review errors, so we can focus on the more
complicated ones.
2017-03-03 14:12:52 -08:00
hackerkid b7a6826fda Add support for getting medium size profile images. 2017-03-01 09:57:30 -08:00
Igor Tokarev 31dff09efa Support email changes for !avatar syntax.
Significantly modified by tabbott to avoid calling
get_user_profile_by_email in bugdown, and have 100% test coverage of
the views code.

Fixes #2041.
2017-02-28 21:56:04 -08:00
Umair Khan 802de53ede backend: Handle GitHub authentication failure.
In case of AuthFailed exception return None.
2017-02-28 09:55:37 -08:00
K.Kanakhin 257bb40698 realm-icon: Add realm icon feature.
- Add realm icon fields to realm model.
- Add migration for new realm model's field.
- Add views for icon uploading and deleting.
- Add routes for realm icons views.
- Add JS widget for realm icon upload setting.
- Add realm icon upload to administration
  organization setting.
- Add tests for realm icons.

Fixes #3660.
2017-02-26 12:16:07 -08:00
Tim Abbott 20b655016d js: Move admin.js further down the list.
This makes it reasonable for it to depend on libraries like widgets.js.
2017-02-26 12:16:07 -08:00
K.Kanakhin 9ce218154e realm-icon: Move upload widget to separate file.
This makes it possible to use the upload widget in the realm icon
organization settings on frontend.
2017-02-26 12:15:41 -08:00
Umair Khan 5bf83f9e0a change-email: Implement confirmation flow.
This adds to Zulip support for a user changing their own email
address.

It's backed by a huge amount of work by Steve Howell on making email
changes actually work from a UI perspective.

Fixes #734.
2017-02-23 03:15:17 -08:00
Sampriti Panda 1929cc5190 Implement persistent drafts functionality
* Created a drafts modal to display/restore/delete drafts
* Created a Draft model to support storing draft data in localstorage
* Removed existing restore-draft functionality
* Added casper and node tests for drafts functionality

Fixes #1717.
2017-02-23 02:58:23 -08:00
sinwar 483a351d44 Upgrade to argon password hasher.
The Argon2 password hasher is the currently recommended password
hasher for Django.

Fixes #3362.
2017-02-22 23:29:12 -08:00
Tim Abbott cf444203c4 docs: Update email configuration documentation.
Fixes #2958.
2017-02-22 22:26:43 -08:00
Tim Abbott d2f9152c43 settings: Make it possible to override EMAIL_BACKEND.
Fixes #3699.
2017-02-22 22:26:43 -08:00
Tim Abbott 8c1285924e prod_settings_template: Move email configuration up.
This reflects the fact that you definitely need to configure this, but
you don't have to configure any of the auth backends, really.
2017-02-22 22:26:43 -08:00
Tim Abbott 7964408633 prod_settings_template: Move ALLOWED_HOSTS up and clarify. 2017-02-22 22:26:43 -08:00
Tim Abbott 53686fc5ac zproject: Delete config for old Django templates.
This configuration was effectively never used for anything.
2017-02-22 00:01:33 -08:00
Tim Abbott 1cbc86499e events_register: Eliminate unnecessary api_events_register wrapper. 2017-02-20 11:07:09 -08:00
Tim Abbott 515340ed00 Add message edit history backend with tests.
Based on work by Kartik Maji in #1204.

This has a few significant changes from the original version:
* We correctly handle filling in data for topic edits
* Has a complete test suite verifying correctness of the logic
* Currently, it doesn't include a special "start" entry

Things we may want to further change include:
* Adding a special "start" entry.
* Reversing the order of the history data returned for clarity.
2017-02-19 16:13:35 -08:00
Tim Abbott b30fb37037 Fix URL routing for users with email addresses starting with "me".
Our URL routing previously attempting to segment the /users/ endpoint
namespace into /me (affecting yourself) or /username@domain (affecting
other users) by regular expressions incorrectly, specifically in the
case of email addresses starting with `me`.  This prevented various
admin actions like removing a user as an organization administrator.
2017-02-18 15:26:04 -08:00
Tim Abbott 2dc553df0a settings: Fix logging settings for Casper tests.
Previously the casper server.log files basically only had tracebacks;
this should help a lot with debuggability of Casper issues.
2017-02-17 15:18:45 -08:00
Umair Khan 555d5b4dc6 database: Use new name of PostGresql backend. 2017-02-17 12:18:43 -08:00
Feorlen 61d4dbddb8 Set a default value of None for EMAIL_HOST in DEFAULT_SETTINGS.
Fixes #3669
2017-02-17 08:02:03 -08:00
Feorlen 1973360d17 Update comment to suggest Mailgun for EmailAuthBackend SMTP. 2017-02-17 08:02:03 -08:00
paxapy 9a5179c460 Add support for managing and deleting attachments.
Modified substantially by tabbott to fix tons of issues.

Fixes #454.
2017-02-16 23:44:44 -08:00
Umair Khan c49789778c testing: Use LocMemCache for backend testing.
LocMemCache is not compatible with frontend tests so we only use it
for backend tests. To do that we change the cache backend within
`not CASPER_TESTS` if block.
2017-02-14 21:32:13 -08:00
Umair Khan 5440bc81b2 logging: Add django.template logger. 2017-02-14 21:20:43 -08:00
Tim Abbott bb5d81281c mypy: Upgrade to new package name and version 0.571.
Fixes #3448.
2017-02-10 23:53:44 -08:00
Tim Abbott 71af0f7e2e Add endpoint to fetch presence data for a single user.
This is an experimental API subject to its data format being changed.

Fixes #3638.
2017-02-10 23:52:56 -08:00
Umair Khan ef0d2a4bb5 logging: Use django.server to filter 200 and 304.
Previously, we were monkey patching the runserver command
in zerver/management/commands/rundjango.py for this.
2017-02-10 15:55:17 -08:00
brockwhittaker 47a3ce2d35 Seperate information overlay CSS into own file.
This takes the information overlay CSS and moves it from zulip.css to
informational-overlays.css to help separate out isolated components.
2017-02-10 15:18:41 -08:00
Harshit Bansal 7d10cbc32b Add RealmAlias.allow_subdomains to model, frontend, and API.
Includes a database migration.

Fixes #1868.
2017-02-08 22:03:27 -08:00
Tim Abbott 84b18f865a users: Verify full names explicitly in account registration.
I believe this completes the project of ensuring that our recent work
on limiting what characters can appears in users' full names covers
the entire codebase.
2017-02-07 20:20:32 -08:00
Rishi Gupta 3c692684a0 analytics: Move stats.js out of portico/.
stats.js is a logged-in view.
2017-02-07 15:35:43 -08:00
Rishi Gupta 27055bdd49 analytics: Use plotly-basic.js instead of plotly.js.
It's 600kb (minified) instead of 1.8mb.
2017-02-06 21:14:24 -08:00
Tim Abbott babb6aaa47 settings: Stop serving zxcvbn from node_modules/.
Now that we have the minified_source_filenames feature, we don't need
to serve zxcvbn from node_modules/ directly to avoid re-minifying it.

Moving this this allows us to stop shipping the (duplicate)
node_modules directory in release tarballs, which will save many
megabytes of unnecessary increase in our release tarball size.
2017-02-06 17:21:34 -08:00
Tim Abbott 12e7be585d i18n: Fix compilemessages processing extra files in production.
In a Zulip production environment, STATIC_ROOT points to the shared
directory that static assets are served from, and so the
compilemessages management command was trying to process every
historical version in there.
2017-02-03 17:17:23 -08:00
Tim Abbott 21f09dcab7 docs: Make it harder to screw up our manage.py commands. 2017-02-03 12:57:50 -08:00
Tim Abbott fa02dfdff4 mobile: Add an endpoint for checking compatibility. 2017-02-03 09:55:34 -08:00
Tim Abbott 70e75508ba settings: Include analytics in default distribution.
This moves the analytics module from being a default-off module that
is somewhat difficult to install to being a default part of the
Zulip distribution (both tarballs and what is enabled by default).
2017-02-02 16:23:24 -08:00
umkay 76f3d02590 analytics: Add cron job to run analytics jobs.
This adds a cron job to update the Zulip analytics counts, complete
with locking etc.

Substantially tweaked by tabbott.
2017-02-01 17:02:46 -08:00
Amy Liu 0a39e354dc analytics: Add graphs of usage statistics on /stats.
This adds a frontend for the analytics system we've had for a few
months, showing several graphs of the data in Zulip.

There's a ton more that we can do with this tooling, but this initial
version is enough to provide users with a pretty good experience.

Fixes #2052.
2017-01-31 22:18:54 -08:00
Tim Abbott eeeffa8704 urls: Review useless stream_exists_backend endpoints.
The actual function was overcomplicated and was designed to check
whether a stream existed by name, not by ID, so there was no value in
having it be used for checking if a stream existed by ID.
2017-01-29 20:26:59 -08:00
Rishi Gupta 6b3abce541 build_emoji: Generate emoji names and codepoints from emoji_map.
Replaces the hardcoded list of emoji_names and unicode_emoji_names in
static/js/emoji.js with a list generated from emoji_map.json, both to get
the list out of version control and so we can start modifying it for our
autocomplete. This does not change the contents of emoji_names. It sorts and
removes duplicates from unicode_emoji_names (causes no change in behavior,
since unicode_emoji_names is only used as if it were a set).
2017-01-28 17:05:32 -08:00
Tim Abbott 0dd5d6cea0 errors: Separate browser error reporting from backend. 2017-01-27 10:27:41 -08:00
Harshit Bansal b4186fdfdd views/realm_aliases.py: Use domain instead of id as handle for RealmAlias.
We need to make the change for the API, and the next commit introduces a
unique_together constraint on (realm, domain) anyway.
2017-01-26 17:24:25 -08:00
Tim Abbott b52f606c3a Revert "deps: Upgrade and move `jquery-mousewheel` from `static/third` to `npm`"
Apparently, the updated version of this has a serious scrolling
performance problem in the left sidebar that basically makes scrolling
in that area unusable.

This reverts commit b683b2d3c3.
2017-01-26 13:42:00 -08:00
Tomasz Kolek 6e6cbeb89d Split webhooks doc and move to particular directories. 2017-01-26 11:56:45 -08:00
Tomasz Kolek 7de45951e2 Make webhooks as separate modules with view and tests.
Create python packege for every webhook with view.py and tests.py
2017-01-25 23:14:19 -08:00
Harshit Bansal 8c428dc130 Fix `ZulipLDAPAuthBackend` not to rely on user's email domain.
In case realms have subdomains and the user hasn't been populated
yet in the Django User model, `ZulipLDAPAuthBackend` should not
rely on user's email domain to determine in which realm it should
be created in.

Fixes: #2227.
2017-01-25 15:24:49 -08:00
Tim Abbott 4e171ce787 lint: Clean up E126 PEP-8 rule. 2017-01-23 22:06:13 -08:00
Tim Abbott d6e38e2a5c lint: Clean up E123 PEP-8 rule. 2017-01-23 21:34:26 -08:00
Tim Abbott 9cc83f87fc lint: Clean up E241 PEP-8 rule. 2017-01-23 21:21:14 -08:00
Tim Abbott e9158dd520 lint: Clean up E121 PEP-8 rule. 2017-01-23 21:02:39 -08:00
Tim Abbott 22d1aa396b lint: Clean up W503 PEP-8 warning. 2017-01-23 20:50:04 -08:00
Tim Abbott b3df1ddeb1 edit: Remove duplicate update_message_backend endpoint. 2017-01-23 17:22:42 -08:00
Tim Abbott 46ab7762e7 edit: Eliminate unnecessary json_update_message wrapper. 2017-01-23 17:22:42 -08:00
Steve Howell 4eb1a8f07d Extract user_events.js.
This moves people.update() to user_events.person().

We now also use user_id as the key for finding person
objects in people.js (instead of email).
2017-01-21 21:45:12 -08:00
sinwar b0efa58eb4 requirements: Upgrade python-social-auth to latest version
Fixes #3403
2017-01-21 21:22:59 +05:30
Rafid Aslam b683b2d3c3 deps: Upgrade and move `jquery-mousewheel` from `static/third` to `npm`
- Remove `jquery-mousewheel` from `static/third` and fetch it from npm.
- Upgrade `jquery-mousewheel` to 3.1.6.
- Bump up the `PROVISION_VERSION` to 4.5.
- Change some js code to comply with this `jquery-mousewheel` version.

Part of #1709.
2017-01-19 17:24:53 -08:00
Rafid Aslam 10a8c3d2ae deps: Move `xdate` from `static/third` to `npm`
- Remove `xdate` from `static/third` and fetch it from `npm`.
- Bump up the `PROVISION_VERSION` to 4.3.

Part of #1709.
2017-01-19 17:07:55 -08:00
Rafid Aslam 84e802422e deps: Upgrade and move `underscore.js` from `static/third` to `npm`
- Remove `underscore.js` from `static/third` and fetch it from `npm`.
- Upgrade `underscore.js` to 1.8.3.
- Bump up the `PROVISION_VERSION` to 4.2.

Part of #1709
2017-01-19 17:07:45 -08:00
Rafid Aslam 911fcd3831 deps: Upgrade and move `codepointat` from `static/third` to `npm`
- Remove `codepointat` from `static/third` and fetch it from `npm`.
- Upgrade `codepointat` to 0.2.0.
- Bump up the `PROVISION_VERSION` to 4.1.

Part of #1709.
2017-01-19 17:07:32 -08:00
Rafid Aslam 8ac81d2722 deps: Upgrade and move `winchan.js` from `static/third` to `npm`
- Remove `winchan.js` from `static/third` and fetch it from `npm`.
- Upgrade `winchan` to 0.2.0.
- Bump up the `PROVISION_VERSION` to 4.0.

Part of #1709.
2017-01-19 17:07:21 -08:00
Tim Abbott 1a536f381c lint: Fix some PEP-8 lint errors. 2017-01-19 16:42:50 -08:00
Tim Abbott 286f640194 minify: Clean up unnecessary tuple/list complexity. 2017-01-19 14:51:16 -08:00
Tommy Ip 23a7685fa5 deps: Add option to skip minifying Javascript files.
Plotly.js take around 20 seconds to minify with the Closure
compiler so it is taken out.

Fixes #3076.
2017-01-19 14:31:38 -08:00
Tim Abbott 287b84d113 auth: Improve configuration/documentation for password strength.
Followup to #3190.
2017-01-17 20:52:52 -08:00
Tommy Ip c407919db3 Add /authors page.
Contributor visualization showing the avatar, user name and number
of commits for each contributors. The JSON data would be updated
upon deployment, triggered by the `update-prod-static` script.
2017-01-17 13:35:55 -08:00
Tim Abbott 89212d9985 emoji: Remove unnecessary duplicate regular expression from urls.py.
Whether the emoji is valid is already being checked elsewhere, and
this duplicate regular expression makes it harder to understand what's
going on with Zulip's validation of emoji.
2017-01-16 23:54:58 -08:00
Tim Abbott f3b9abee14 Convert realm emoji upload to use PUT properly. 2017-01-16 23:45:12 -08:00
Sampriti Panda 196cf4367b urls: Move /messages/render to POST endpoint 2017-01-13 16:11:51 -08:00
Rafid Aslam d3ee53bdef Move endpoints to use stream_id instead of stream_name in their URLs
- Change `stream_name` into `stream_id` on some API endpoints that use
`stream_name` in their URLs to prevent confusion of `views` selection.

For example:
If the stream name is "foo/members", the URL would be trigger
"^streams/(?P<stream_name>.*)/members$" and it would be confusing because
we intend to use the endpoint with "^streams/(?P<stream_name>.*)$" regex.

All stream-related endpoints now use stream id instead of stream name,
except for a single endpoint that lets you convert stream names to stream ids.

See https://github.com/zulip/zulip/issues/2930#issuecomment-269576231

- Add `get_stream_id()` method to Zulip API client, and change
`get_subscribers()` method to comply with the new stream API
(replace `stream_name` with `stream_id`).

Fixes #2930.
2017-01-12 15:23:31 -08:00
Rafid Aslam 156eefacc2 API: Add `json/get_stream_id` endpoint
Add `json/get_stream_id` endpoint, used to convert `stream_name`
into `stream_id`.
2017-01-12 15:23:31 -08:00
Tim Abbott da84ff3746 backends: Fix some slightly confusing error messages. 2017-01-11 18:08:29 -08:00
JefftheBest1 71d34e91bd Fixed typos in backends.py 2017-01-12 13:05:50 +11:00
Tim Abbott 007d4becfd Revert "update-sockjs: Update sockjs from version 0.3.4 to 1.1.1."
This reverts commit 7bf10ec74f.

Apparently, SockJS 1.1.1 is broken with the browser used in our legacy
desktop app, resulting in messages being silently not sent.
2017-01-10 11:46:15 -08:00
Bojidar Marinov 786dd0fca4 auth: Make min password length and strength configurable.
This adds some configuration options to settings.py, namely
PASSWORD_MIN_LENGTH and PASSWORD_MIN_QUALITY, which control
when the frontend validator invalidates the password.

Closes #2628
2017-01-10 04:55:41 -08:00
Tim Abbott f3b5683e77 views: Rename __init__.py to zerver.views.registration.
This completes the cleanup process of eliminating functions in the
root zerver/views/__init__.py module.
2017-01-08 16:21:15 -08:00
Tim Abbott 48f1b4e1ab views: Extract zerver.views.muting. 2017-01-08 16:21:15 -08:00
Tim Abbott 7beff88f5f views: Extract zerver/views/home.py.
This is a significant piece of the remaining effort required to
eliminate the catch-all zerver/views/__init__.py.
2017-01-08 16:21:15 -08:00
Rishi Gupta 38c2dc8790 Change settings.SYSTEM_ONLY_REALMS to use Realm.string_id. 2017-01-06 19:45:08 -08:00
Tim Abbott c65820618f settings: Set an intelligent default for ALLOWED_HOSTS. 2017-01-06 14:46:47 -08:00
Tim Abbott f3ee0eb67b settings: Improve ALLOWED_HOSTS defaults. 2017-01-06 14:46:47 -08:00
Harshit Bansal ceb636dbd9 Manage allowed domains from admin settings.
Fixes: #1867.
2017-01-06 12:03:31 -08:00
Rishi Gupta fdb47fc5ee find my team: Canonicalize URL route.
Change URL endpoint to use underscores, not dashes, and change name to use
the full path to the view function. See e.g. /create_realm.
2017-01-06 10:42:28 -08:00
Rishi Gupta 757297b72f Move find_my_team functions out of views/auth.py
The general __init__ file is a more natural home, and where other endpoints
(e.g. create_realm, etc) live.

Also changes forms.ValidationError to django.core.exceptions.ValidationError
to match the rest of the file/codebase.
2017-01-06 10:42:28 -08:00
Brock Whittaker 7b00bd6f7e Remove the old spinner, replace with new one.
This removes the old content loading spinner and replaces it with a new
SVG.
2017-01-06 10:37:54 -08:00
Steve Howell 90fa797f9b Use stream id to live-update messages for name changes.
When we change a stream name, we now use the stream id as the
key to find messages we need to live update.  This eliminates
some possible race conditions from two users renaming a stream.

This commit introduces message_live_update.js.

The new call stack is this:

    subs.update_subscription_properties
    subs.update_stream_name
    message_live_update.update_stream_name
    message_list.update_stream_name
2017-01-05 15:32:45 -08:00
Umair Khan f208813ea3 Add Find My Team feature. 2017-01-03 21:33:42 -08:00
Alicja Raszkowska e21fe8b886 css: Create a separate file for right-sidebar CSS.
Create a new file right-sidebar.css.
Move all right-sidebar CSS from zulip.css to right-sidebar.css.
2017-01-03 16:57:51 -08:00
Jackson 29ce856843 Clean PUT /users/me/pointer to POST /users/me/pointer. 2017-01-03 15:43:11 -08:00
Jackson 0a9869868c Clean PUT /users to POST /users 2017-01-03 15:40:00 -08:00
Jackson 6ec8abab86 Clean PUT /default_streams to POST /default_streams. 2017-01-03 15:40:00 -08:00
Arpith Siromoney 9c64a08cad Add frontend support for emoji reactions.
This commit replaces the placeholder "clipboard" button with a reaction button.
This is done on any message that can't be edited. Also, on messages sent by
the user the actions popover (toggled by the down chevron icon) contains
an option to add a reaction.

When clicked, a popover with a search bar and a list of emojis is displayed.
If the right sidebar is collapsed (the viewport is small), the popover is placed
to the left of the button.
Focus is set to the search bar. Typing in the search bar filters emojis.

Emojis with which the user has reacted to this message are highlighted.
Clicking them sends an API request to remove that reaction.
Clicking on non-highlighted emojis sends an API request to add a reaction.
When the popover loses focus it is closed.

The frontend listens for reaction events. When an add-reaction event is
received, the emoji is displayed at the bottom of the message with a
count initialized to 1. If there was an existing reaction to the message with
the same emoji, the count is incremented.

Old messages fetched from the server contain reactions.
They are displayed (along with title and count) at the bottom
of each message.

When clicking the emoji reaction at the bottom of the message, if the
user has already reacted with that emoji to this message, the reaction
is removed and the count is decremented. Otherwise, a reaction is added
and the count is incremented.

Hovering over the emoji reaction at the bottom of the message displays
a list of users who have reacted with this emoji along with the
emoji name.

Hovering over the emoji reactions at the bottom of the message displays
a button to add a reaction.

Fixes #541.
2016-12-30 21:42:54 -08:00
Tim Abbott 965a22e2bd reactions: Fix support for "+1" emoji.
Previously, we didn't allow the `+1` character in the URL pattern.
2016-12-30 21:42:24 -08:00
Umair Khan 9834731dfd ldap: Suppress logging output of fakeldap. 2016-12-30 16:55:06 -08:00
Tim Abbott c9a1d4a074 Move portico-only JS to static/js/portico/.
Fixes #3014.
2016-12-30 14:47:49 -08:00
Rishi Gupta 9e5325a164 Add /stats page with basic stats graph.
Adds a new url route and a new json endpoint.
2016-12-29 14:20:13 -08:00
Tim Abbott ea8e34008d lint: Fix pep-8 rules on recently added files. 2016-12-27 20:16:23 -08:00
Rishi Gupta 717afcb408 Remove calls to get_realm in preparation for its deprecation.
Also removes two calls to email_to_domain.
2016-12-26 17:53:32 -08:00
Rishi Gupta e9a6bd1986 Change register/<domain>/ URL route to register/<realm_str>/. 2016-12-26 17:51:00 -08:00
Rafid Aslam d0502537ab API: Migrate POST `/ui_settings/change` to PATCH `/settings/ui` 2016-12-24 11:02:02 -08:00
Juanvulcano 2fd1316d70 Removed json/update_message
Update test_alert_words.py

Update test_messages.py

Update messages.py
2016-12-24 10:08:22 -08:00
JefftheBest1 b8ee0e91d2 Migrated json/subscribtions/remove to REST endpoint 2016-12-24 09:27:25 -08:00
Jackson 3a109a56df Migrate notify_settings to settings/notifications
Remove notify_settings from legacy_url.py
2016-12-24 09:24:23 -08:00
anirudhjain75 8acdbef8aa Eliminate legacy json/make_stream_public and json/make_stream_private URL
Migrate from POST to PATCH
2016-12-24 08:54:49 -08:00
Sampriti Panda 87e7dc6799 urls: Remove legacy URL for left_side_userlist and move over to REST PATCH endpoint 2016-12-24 08:38:33 -08:00
Jackson 333cf0f015 Migrate legacy /json/time_setting to new REST style endpoint. 2016-12-23 08:08:27 -08:00
Tommy Ip 1e0de94293 API: convert get_subscribers from legacy URL to REST endpoint. 2016-12-22 09:25:12 -08:00
Tim Abbott 0299f41c80 settings: Extract update_display_settings_backend. 2016-12-22 06:57:06 -08:00
anirudhjain75 c9db6b6658 Clean up legacy language_settings endpoint. 2016-12-22 06:54:04 -08:00
Sampriti Panda 425a55e568 settings: Implement delete avatar functionality 2016-12-21 13:35:22 -08:00
Sampriti Panda e72cd0b1cc urls: convert set_avatar from legacy URL to REST endpoint 2016-12-21 13:35:22 -08:00
Rafid Aslam 73acebb729 API: Remove `json/fetch_raw_message` from `zproject/legacy_urls.py` 2016-12-21 13:08:40 -08:00
Rafid Aslam bfe84a10f0 API: Migrate POST `json/fetch_raw_message` to GET `json/messages/<id>` 2016-12-21 13:08:40 -08:00
Umair Khan 9069cad79d logging: Set django.request to ERROR in testing.
Fixes #2731
2016-12-19 09:12:11 -08:00
Tomasz Kolek bb6d189fa8 Add github dispatcher to have one elegant url for both github integrations.
Dispatcher avoids to create new URL for github_webhook.
2016-12-15 17:42:28 -08:00
Tomasz Kolek 6fdc026f64 Move get_profile_backend to views/users.py.
Fixes: #2710.
2016-12-15 16:04:23 -08:00
Umair Khan 770a899239 Django 1.10: Use single cache prefix for casper tests.
There is a change in Django 1.10 due to which whenever the password
of the user is changed the session hash changes. This change affects
us because we cache user profile objects and these cached objects need
to be refreshed. However, the signal sent by Django in which objects are
refreshed fails to refresh the cache for Tornado because it uses a
different cache prefix.

Note: Backend tests are not affected because they don't rely on Tornado.
2016-12-14 22:40:33 -08:00
Umair Khan 8e30530cc5 subdomains: Make GitHub login work with subdomains.
Fixes #2501.
2016-12-14 11:09:39 -08:00
Umair Khan 2fc6b9a0e4 backends.py: Return type of do_auth should be HttpResponse. 2016-12-14 11:08:53 -08:00
Umair Khan 336a041ac0 Django 1.10: Use uWSGI.
Fixes: #1121

With some tweaks by tabbott to make the number of processes configurable.
2016-12-13 21:40:43 -08:00
Arpith Siromoney 226e3cbf02 Reactions backend: make endpoints more REST-ful.
Adding a reaction is now a PUT request to
/messages/<message_id>/emoji_reactions/<emoji_name>

Similarly, removing a reaction is now a DELETE request to
/messages/<message_id>/emoji_reactions/<emoji_name>

This commit changes the url and updates the views and tests.

This commit also adds a test for invalid emoji when removing reaction.
2016-12-07 22:28:02 -08:00
Joy Chen bfb6ac5fdb streams: Add default stream description tests and functions.
This includes making the default stream description setting into a
dict.  That is an API change; we'll discuss it in the changelog but it
seems small enough to be OK.

With some small tweaks by tabbott to remove unnecessary backwards
compatibility code for the settings.

Fixes #2427.
2016-12-07 21:12:44 -08:00
anirudhjain75 beaa62cafa mypy: Convert several directories to use typing.Text.
Specifically, these directories are converted: [analytics/, scripts/,
tools/, zerver/management/, zilencer/, zproject/]
2016-12-07 20:51:05 -08:00
Tim Abbott 0855cf29f7 settings: Move INLINE_URL_EMBED_PREVIEW. 2016-12-07 20:48:19 -08:00
Igor Tokarev c93f1d4eda Add oembed/Open Graph/Meta tags data retrieval from inline links.
This change adds support for displaying inline open graph previews for
links posted into Zulip.

It is designed to interact correctly with message editing.

This adds the new settings.INLINE_URL_EMBED_PREVIEW setting to control
whether this feature is enabled.

By default, this setting is currently disabled, so that we can burn it
in for a bit before it impacts users more broadly.

Eventually, we may want to make this manageable via a (set of?)
per-realm settings.  E.g. I can imagine a realm wanting to be able to
enable/disable it for certain URLs.
2016-12-07 17:40:18 -08:00
Zac Pullar-Strecker e6e11aefb3 settings: Add option to disable websockets.
This can be useful in scenarios where the network doesn't support
websockets.  We don't include it in prod_settings_template.py since
it's a very rare setting to need.

Fixes #1528.
2016-12-05 21:55:22 -08:00
K.Kanakhin 7bf10ec74f update-sockjs: Update sockjs from version 0.3.4 to 1.1.1.
- Add browserify to npm dependencies.
- Add SockJS-client to npm dependencies.
- Add npm postinstall script to generate browser version of SockJS-client
  from npm package.
- Change deprecated SockJS object property 'protocol_whitelist' to
  'transports'.
- Fix settings.
2016-12-05 21:36:10 -08:00
nikolay abc2ff4a06 pep8: Fix many rule E128 violations.
[Tweaked by tabbott to adjust some approaches used in wrapping]
2016-12-03 13:33:31 -08:00
Arpith Siromoney 4491ea8d6b reactions: Add support for removing emoji reactions.
This commit adds support for removing reactions via DELETE requests to
the /reactions endpoint with parameters emoji_name and message_id.

The reaction is deleted from the database and a reaction event is sent
out with 'op' set to 'remove'.

Tests are added to check:
1. Removing a reaction that does not exist fails
2. When removing a reaction, the event payload and users are correct
2016-12-02 16:39:53 -08:00
Alex Huang c8ddea16c3 pep8: Fix E122. 2016-12-01 23:16:35 -08:00
AZtheAsian 1ba150fa85 pep8: Fix E203 violations 2016-12-01 20:37:57 -08:00
AZtheAsian f7582f0050 pep8: Fix E124 violations 2016-12-01 14:18:11 -08:00
Rafid Aslam c5316b4002 lint: Fix E127 pep8 violations.
Fix pep8: E127 continuation line over-indented for visual indent
style issue.
2016-12-01 10:23:55 -08:00
Bickio e009383460 pep8: Fix E231. 2016-11-30 19:59:25 -08:00
Rafid Aslam 41bd88d5ed pep8: Fix E301 pep8 violations.
Fix "E301: expected (1 or 2) blank line" pep8 violations.
2016-11-29 08:51:44 -08:00
Rafid Aslam 7a2282986a pep8: Fix E225 pep8 violations. 2016-11-28 15:21:15 -08:00
Tim Abbott 1fcf2ff525 tornado: Move zerver.tornadoviews to zerver.tornado.views.
This furthers the overall goal of moving all the Tornado-specific code
to zerver/tornado/.
2016-11-26 22:29:28 -08:00
Arpith Siromoney 001847ac5b Add backend support for emoji reactions.
This commit adds the following:

1. A reaction model that consists of a user, a message and an emoji that
are unique together (a user cannot react to a particular message more
than once with the same emoji)
2. A reaction event that looks like:
    {
        'type': 'reaction',
	'op': 'add',
	'message_id': 3,
	'emoji_name': 'doge',
	'user': {
	    'user_id': 1,
            'email': 'hamlet@zulip.com',
            'full_name': 'King Hamlet'
	}
    }
3. A new API endpoint, /reactions, that accepts POST requests to add a
reaction to a message
4. A migration to add the new model to the database
5. Tests that check that
   (a) Invalid requests cannot be made
   (b) The reaction event body contains all the info
   (c) The reaction event is sent to the appropriate users
   (d) Reacting more than once fails

It is still missing important features like removing emoji and
fetching them alongside messages.
2016-11-26 18:10:21 -08:00
Tim Abbott ffb3291c82 urls: Clarify comment on v1_api_and_json_patterns. 2016-11-19 19:10:23 -08:00
Vladislav Manchev d7e1e4a2c0 Add initial implementation of custom realm filters.
This PR was abandoned by Vladislav and then substantially modified by
Igor Tokarev and Tim Abbott to complete it and fix a number of bugs.

Fixes #544.
2016-11-17 17:11:25 -08:00
Tim Abbott fa8480bb62 subdomains: Add option to make subdomains homepage not a login form. 2016-11-15 19:05:06 -08:00
Brock Whittaker 75db036733 Add toggle component.
This adds the toggle component which removes the necessity to have HTML.
2016-11-15 10:20:37 -08:00
Steve Howell 59750a1cb9 Move more unread logic out of stream_list.js.
There are two split-outs code of the code here:

    - Animation stuff is in unread_ui.js.
    - PM unread counts get handled by pm_list.js.
2016-11-14 17:50:55 -08:00
Rishi Gupta c1713c9659 Prevent code from using email domain to determine realm when subdomains.
Also removes the intermediate step of going through Realm.domain in the
non-subdomains case. Part of a larger project to remove Realm.domain
entirely.
2016-11-11 15:26:51 -08:00
Steve Howell 7b0c6459b4 Extract static/js/pm_list.js.
This handles most of the details of building the Private Messages
section in the upper left corner of the app.
2016-11-11 12:12:13 -08:00
Umair Khan da78f27934 Django 1.10: Upgrade zproject urls. 2016-11-10 16:20:03 +05:00
Umair Khan fa6b607fc2 Django 1.10: Upgrade legacy urls. 2016-11-10 16:20:02 +05:00
Umair Khan f8e569cb69 Django 1.10: Upgrade urls of dev_urls.py. 2016-11-10 16:20:02 +05:00
Tim Abbott cf2007d4e0 docs: Add a simple markdown-based help center.
The plan is to use this for adding user documentation to Zulip.
2016-11-09 21:39:55 -08:00
Umair Khan eade575267 Django 1.10: Redirect is not permanent by default. 2016-11-09 15:29:58 -08:00
Steve Howell b5ef679360 Add get_topic_history_for_stream(). 2016-11-09 13:56:27 -08:00
Kevin Chen 6107c877e8 bugdown: Add option to support "file:///" as hyperlink.
This contains contributions from Tim Abbott and Igor Tokarev.

Fixes #380.
2016-11-06 22:30:05 -08:00
umkay 21c024fc29 auth: Make supported authentication backends a bitfield on realm.
This makes it possible to configure only certain authentication
methods to be enabled on a per-realm basis.

Note that the authentication_methods_dict function (which checks what
backends are supported on the realm) requires an in function import
due to a circular dependency.
2016-11-06 16:16:24 -08:00
Tim Abbott b41c15fa05 auth: Reject authentication if auth backends are disabled. 2016-11-06 16:16:22 -08:00
Tim Abbott 30ab27c843 auth: Separate email_auth_enabled from ldap_auth_enabled. 2016-11-06 16:16:16 -08:00
Tim Abbott f8bb55f9c1 auth: Refactor auth backend enabled checking code. 2016-11-06 16:16:12 -08:00
Tim Abbott 3a3cee411d auth: Remove old password_auth_enabled hack.
This was used by an old configuration for zulip.com, which is no
longer in production use.
2016-11-06 14:50:15 -08:00
Umair Khan dd314b3796 Django 1.10: context_processors have been moved to django.template. 2016-11-04 10:20:24 -07:00
Umair Khan d3a4fa3e94 Django 1.10: Add Python Social Auth to Installed Apps. 2016-11-04 10:20:23 -07:00
Umair Khan b140236fcf Django 1.10: Do not use patterns function. 2016-11-04 10:06:00 -07:00
Tim Abbott 2e65dc1206 puppet: make check_send_receive_time target host configurable. 2016-11-02 23:40:53 -07:00
trueskawka 977339954c css: Create a separate file for left-sidebar CSS.
Create a new file left-sidebar.css.
Move all left-sidebar CSS from zulip.css to left-sidebar.css.
2016-11-01 21:32:57 -07:00
Steve Howell a9e851b646 Load people.js earlier during startup.
Lots of things depend on people.js, whereas people.js basically only
depends on page_params and core modules like dict.js.
2016-11-01 13:55:48 -07:00
Brock Whittaker 9ad27b3e69 Reorder CSS Files to fix compose box issues.
The media queries should always be last in the pipeline to be delivered
so that other styles don’t override them.
2016-10-31 17:17:17 -07:00
Steve Howell 7111bb1744 Deprecate /json/streams.
Note that we still need the equivalent function in our
user-facing API, so there is not much code removal yet.
(Also, we will probably always keep this in our API,
as bot authors will usually just want a simple endpoint
here, whereas our client code gets page_params and events.)
2016-10-28 13:44:46 -07:00
Umair Khan 26646abe8c Authenticate subdomains using single Google OAuth entry.
Previously, we used to create one Google OAuth callback url entry
per subdomain. This commit allows us to authenticate subdomain users
against a single Google OAuth callback url entry.
2016-10-28 11:04:08 -07:00
Umair Khan 50422e775b Add LDAP tests. 2016-10-28 09:27:55 -07:00
Umair Khan ccc1f3861f Fix return value logic of ZulipLDAPAuthBackend.get_or_create_user.
The actual logic is that if the user already exists than the
function should return a False and if the user does not exist
the function should first create the user and return True.
2016-10-28 17:47:20 +05:00
K.Kanakhin 78b1b80987 caching: Add configuration class for post-migration cache flushing.
- To avoid redefining migrate manage command is added new application
  configuration class which emit post_migration signal. This signal
  require models module inside application and defined AppConfig
  Instance as signal sender.  Documentation here:
  https://docs.djangoproject.com/en/1.8/ref/signals/#post-migrate.
- Add AppConf subclass to __init__ zerver app file to make apllication
  load it by default.

Fixes #1084.
2016-10-27 23:26:34 -07:00
Tim Abbott 9b7a3f040c Remove now-unused /json/get_events endpoint. 2016-10-27 21:34:58 -07:00
Rishi Gupta dee597cfc5 dev_settings.py: Set EXTERNAL_HOST when REALMS_HAVE_SUBDOMAINS.
Sets EXTERNAL_HOST to zulipdev.com:9991 when REALMS_HAVE_SUBDOMAINS, since
subdomains don't currently work with localhost anyway.
2016-10-27 16:57:06 -07:00
trueskawka df7e430849 css: Create a separate file for compose CSS.
Create a new file compose.css.
Move all compose CSS from zulip.css to compose.css.
2016-10-27 16:45:32 -07:00
Steve Howell 4f38cfdc7f Extract topic_list.update_count_in_dom().
This creates the new topic_list.js module, and the first
function that we extract is topic_list.update_count_in_dom().

This function needed to be decoupled from some non-topic-list
stuff which was overly complicated.
2016-10-27 15:49:25 -07:00
Tim Abbott 88269c7228 settings: Only create staging Nagios bots in production.
In ce528c2b5f, we added these bots,
which were intended as a setup convenience in production, but ended up
breaking the test suite.
2016-10-26 09:23:41 -07:00
Tim Abbott ce528c2b5f settings: Add NAGIOS_STAGING_{SEND,RECEIVE}_BOT bots.
This makes it a bit more convenient to have multiple machines running
the Zulip `check_send_receive_time` Nagios checks, if desired.
2016-10-26 00:11:08 -07:00
trueskawka 0b8a2a6449 css: Create a separate file for subscriptions CSS.
Moves all subscriptions page CSS from zulip.css to a new file,
subscriptions.css.
2016-10-25 22:57:50 -07:00
hackerkid b5816bf99e Don't use zulipdev.com when subdomain support is disabled. 2016-10-25 13:52:13 -07:00
Arpith Siromoney ee97ba04fe Add an API endpoint to send typing notification events.
POST to /typing creates a typing event
Required parameters are 'op' ('start' or 'stop') and 'to' (recipient
emails). If there are multiple recipients, the 'to' parameter
should be a JSON string of the list of recipient emails.
The event created looks like:
{
  'type': 'typing',
  'op': 'start',
  'sender': 'hamlet@zulip.com',
  'recipients': [{
    'id': 1,
    'email': 'othello@zulip.com'
  }]
}
2016-10-20 23:05:18 -07:00
Amy Liu 3ee777a11a Add UI for deactivating your own Zulip account.
Fixes #1009.
2016-10-20 22:29:30 -07:00
Steve Howell ff6404cb3c Add comment about /json/subscriptions/exists endpoint.
We should remove this endpoint.  For now I'm just adding
the comment to the code explaining why we should do that.
2016-10-17 16:11:04 -07:00
umkay 906a4e3b26 analytics: Add performance and transaction logging to counts.py.
For each database query made by an analytics function, log time spent and
the number of rows changed to var/logs/analytics.log.
In the spirit of write ahead logging, for each (stat, end_time)
update, log the start and end of the "transaction", as well as time
spent.
2016-10-17 16:10:03 -07:00
Tim Abbott 4a4664d268 mypy: Remove a bunch of now-unnecessary type: ignore annotations.
Since mypy and typeshed have advanced a lot over the last several
months, we no longer need these `type: ignore` annotations.
2016-10-17 11:48:34 -07:00
Tim Abbott 8f145e03cf views: split events_register.py from main views file. 2016-10-11 21:27:06 -07:00
Tim Abbott 0c02015541 views: Move one-click unsubscribe to its own file. 2016-10-11 21:27:06 -07:00
Tim Abbott 5b7dfafcac views: Move json_refer_friend to invite.py. 2016-10-11 21:27:06 -07:00
Tim Abbott dd352dd456 views: Move invitation views to their own file. 2016-10-11 21:27:06 -07:00
Tim Abbott 67d9e19ccf views: Split views/auth.py out of core views file. 2016-10-11 21:27:06 -07:00
Rishi Gupta d75731f988 Realm creation flow: Remove invite page.
Previously, we sent users to an "invite your friends" page after they
created an organization. This commit removes that step in the flow and sends
users directly to the home page. We also remove the now-unused
initial_invite_page.html template, initial_invite.js (which pre-filled the
invite emails with characters from literature), and the /invite URL route.
2016-10-11 15:54:05 -07:00
Umair Khan c23aaa1785 GitHub: Show error on login page for wrong subdomain.
While logging in through GitHub, if the user tries to login
to the wrong subdomain then show an appropriate message.
2016-10-10 08:42:34 -07:00
Rishi Gupta d387012bc6 Fix EXTERNAL_HOST computations in test_settings.py.
test_settings.py was setting EXTERNAL_HOST after importing settings.py,
which has several variables (like SERVER_URI) that are computed from
EXTERNAL_HOST.

[tweaked by tabbott to add comments explaining the story here].
2016-10-05 19:04:55 -07:00
baali 142dce2cd4 Replace legacy endpoint for renaming a stream and add tests.
This moves the logic for renaming a stream to the REST API
update_stream_backend method, eliminating the legacy API endpoint for
doing so.

It also adds a nice test suite covering international stream names.
2016-10-02 20:33:49 -07:00
Tim Abbott c7b7893254 auth: Give nicer subdomain errors when using ZulipDummyBackend.
This improves Google and JWT auth as well as the registration
codepath to log something if the wrong subdomain is encountered.

Ideally, we'd have tests for these, and code to make the Google and JWT
auth cases show a clear error message.
2016-09-27 23:25:07 -07:00
Tim Abbott a4e5450ace subdomains: Add support for aliases of the root subdomain.
We default to counting "www" as such an alias.
2016-09-27 23:25:07 -07:00
hackerkid ea39fb2556 Add option for hosting each realm on its own subdomain.
This adds support for running a Zulip production server with each
realm on its own unique subdomain, e.g. https://realm_name.example.com.

This patch includes a ton of important features:
* Configuring the Zulip sesion middleware to issue cookier correctly
  for the subdomains case.
* Throwing an error if the user tries to visit an invalid subdomain.
* Runs a portion of the Casper tests with REALMS_HAVE_SUBDOMAINS
  enabled to test the subdomain signup process.
* Updating our integrations documentation to refer to the current subdomain.
* Enforces that users can only login to the subdomain of their realm
  (but does not restrict the API; that will be tightened in a future commit).

Note that toggling settings.REALMS_HAVE_SUBDOMAINS on a live server is
not supported without manual intervention (the main problem will be
adding "subdomain" values for all the existing realms).

[substantially modified by tabbott as part of merging]
2016-09-27 23:24:14 -07:00
Brock Whittaker 87afe61860 Add overlay lightbox for displaying inline image previews.
This adds an event listener (by way of delegation) to the
.message_inline_image elements that pops up the overlay and hides it
when the overlay exit is clicked.

Fixes #654.
2016-09-27 17:50:51 -07:00
Tim Abbott 2ea7d2341e css: Move new-style buttons to new components.css and expand. 2016-09-27 17:48:24 -07:00
Tim Abbott 03bf8893e2 Remove legacy /api/v1/send_message endpoint.
This was the original way to send messages via the Zulip API in the
very early days of Zulip, but was replaced by the REST API back in
2013.

Fixes: #730.
2016-09-27 14:51:54 -07:00
Steve Howell edfa022bac Remove json/get_active_statuses endpoint. 2016-09-27 14:33:56 -07:00