Commit Graph

61241 Commits

Author SHA1 Message Date
Tim Abbott 4451db08c3 api docs: Clean up some details around group settings. 2024-10-08 12:18:13 -07:00
Sahil Batra 7a1277ea95 user_groups: Allow setting and changing can_join_group setting.
Fixes part of #25938.
2024-10-08 12:18:13 -07:00
Sahil Batra 701e391def user_groups: Use can_join_group setting to check permisison.
This commit adds code to use can_join_group setting when
checking permission to join group in webapp.

Fixes part of #25938.
2024-10-08 12:18:13 -07:00
Sahil Batra 6d0d1a0700 user_groups: Check can_join_group setting when user tries to join.
Fixes part of #25938.
2024-10-08 12:18:13 -07:00
Sahil Batra 1033230b52 user_groups: Include "can_join_group" field in user group objects.
Fixes part of #25938.
2024-10-08 12:18:13 -07:00
Sahil Batra e1d7f57da7 user_groups: Add can_join_group setting for user group.
This field will be used to control permission for who can
join a user group.

Fixes part of #25938.
2024-10-08 12:18:13 -07:00
Karl Stolley a073eaa534 left_sidebar: Use unfilled star icon in sidebar navigation. 2024-10-08 10:43:28 -07:00
Tim Abbott c39e86504a groups: Rework documentation of permitted values.
Ths hardcoded documentation of which values are possible was destined
to end up inaccurate and out-of-date; and meanwhile, we do have a part
of the API that already has these data in machine-readable format.
2024-10-07 17:20:04 -07:00
Aman Agrawal 777f6be88f puppeteer: Fix incorrectly passed `false` value to check narrow change.
This caused another CI flake.

Also, added a comment to the only other place where we pass false
explicitly explaining why.
2024-10-07 16:07:08 -07:00
Alex Vandiver 1bd0ab506c nginx: Make uwsgi timeout shorter than nginx-to-uwsgi timeout.
The nginx-to-uwsig-timeout defaults to 60s, which is exactly the same
as the current "harakiri" timeout configured in uwsgi (which limits
the length a request can run before the worker is terminated).  This
causes a race, where if nginx hits its 60s before uwsgi, then we
return a 504; otherwise, we get a 502.

Make the nginx-to-uwsgi timeout explicit, and shorten the "harakiri"
timeout to be explicitly less than that.  Document the 60s timeout,
which all outer reverse proxies must be set to _longer than_ in order
to have proper "onion" timeouts.
2024-10-07 15:41:08 -07:00
Karl Stolley 3209086370 widgets: Assign zulip-button colors to edit buttons. 2024-10-07 13:57:20 -07:00
Prakhar Pratyush 5c23a3f186 reaction: Use the generic 'event_recipient_ids_for_action_on_messages'.
This commit updates the 'notify_reaction_update' function to use
the generic 'event_recipient_ids_for_action_on_messages' function.

It helps to add hardening such that if the invariant "no usermessage
row corresponding to a message exists if the user loses access to the
message" is violated due to some bug, it has minimal user impact.
2024-10-07 11:35:06 -07:00
Prakhar Pratyush c3f2615e20 submessage: Fix recipients of "submessage" event.
Earlier, submessage was not live-updated for users who joined
the stream after the message was sent.

This commit fixes that bug.

Also, now we use 'event_recipient_ids_for_action_on_messages'.
It helps to add hardening such that if the invariant "no usermessage
row corresponding to a message exists if the user loses access to the
message" is violated due to some bug, it has minimal user impact.
2024-10-07 11:35:06 -07:00
Prakhar Pratyush d6c48b7185 delete_message: Fix recipients of "delete_message" event.
Earlier, we were sending 'delete_message' event to all active
subscribers of the stream.

We shouldn't send event to those users who don't have access
to the deleted message in a private stream with protected history.

This commit fixes that bug.

Also, now we use 'event_recipient_ids_for_action_on_messages'.
It helps to add hardening such that if the invariant "no usermessage
row corresponding to a message exists if the user loses access to the
message" is violated due to some bug, it has minimal user impact.
2024-10-07 11:35:06 -07:00
Prakhar Pratyush 388464fcf4 submessage: Add 'durable=True' to the outermost transaction. 2024-10-07 11:35:06 -07:00
Aman Agrawal d5b8193a0a hashchanged: Fix near links being ignored if already in that view.
Fixes #31701.

This fixes a bug where when the user clicks on a near link, the
pointer doesn't shift to the `near` linked message. This can
be a confusing experience for the user.
2024-10-07 11:06:58 -07:00
Aman Agrawal 787a37176d message_view: Update date on sticky header after rendering narrow.
On a fresh render of a narrow if the view doesn't scroll,
`update_sticky_recipient_headers` is not called. So, we need call
it after we have scrolled to the message we want to select.
2024-10-07 11:02:13 -07:00
Aman Agrawal 69c1b7c64e message_events: Use the new message_ids param of /messages.
This helps us better update the views where we don't have the
messages that were updated cached or the filter cannot be
applied locally.

Tested using browser breakpoints for search `zulip` in starred narrow
for `!filter.can_apply_locally()` and setting message_fetch
constants to single digit for `messages_to_fetch.length > 0`.
2024-10-07 11:00:40 -07:00
Aman Agrawal 3f726e25e4 message_fetch: Add message_ids parameter to /messages request.
This allows us to fetch messages for a list of message ids in a
single request.
2024-10-07 11:00:40 -07:00
Aman Agrawal c16459ca3c test_openapi: Remove use_first_unread_anchor from curl examples. 2024-10-07 11:00:40 -07:00
Aman Agrawal 57589bcffa message_fetch: Rename message_ids variable for clarity.
Added `result_` prefix to differentiate it from upcoming `message_ids`
parameter to the API request. Also, this is final `message_ids` that
we will fetch the messages for. So, a `result` prefix makes sense here.
2024-10-07 11:00:40 -07:00
Aman Agrawal 334a195627 message_events: Fix property_value not being passed.
This was not passed by mistake.
2024-10-07 11:00:40 -07:00
Aman Agrawal dae2a68ad9 puppeteer: Fix flaky wait for narrow change after sending a message.
This flake was happening since `wait_for_fully_processed_message`
only checks if the `star` icon is displayed on the message but
doesn't check for current narrow or waits for the narrow to
change.

Since narrow is changed to the message narrow after sending a
message. If we don't wait for narrow to change, this narrow change
can make the `get_current_msg_list_id` call return true for the
wrong narrow change. Which causes message list id of the wrong
message list to be returned and hence we cannot locate this
message list id.

To fix it, we check if sending this message will cause a narrow
change and if true, we wait for the narrow to change before
checking if the message is visible.
2024-10-07 14:17:02 +05:30
Aman Agrawal 882e4f56c1 copy-and-paste: Remove not required click on all messages narrow.
This change might also fix the flaky nature of this test but needs
to be tested by running online on CI.
2024-10-07 08:27:10 +05:30
Alex Vandiver 4b4b6c5ebe scheduled_messages: Remove separate logfile.
This is all captured in `events_deliver_scheduled_messages.log` (note
the leading `events_`) via supervisor.
2024-10-04 14:22:37 -07:00
Alex Vandiver 7ddcf3774b puppet: Add tusd daily logrotation. 2024-10-04 14:22:37 -07:00
Alex Vandiver 2571196899 puppet: Remove unnecessary "create" directive.
It is irrelevant, since copytruncate is used.
2024-10-04 14:22:37 -07:00
Alex Vandiver e6c64e78e6 puppet: Switch logrotate to be in charge of tornado logs. 2024-10-04 14:22:37 -07:00
Aditya Kumar Kasaudhan 8994266137 left-sidebar: Use -, _, :, and / as additional topic word separators.
Previously, only spaces were used as word separators when searching
for topics. This meant that searching for "support" would not find a
topic named "topic_support" or "topic/support," which could lead to
unexpected results.

To address this, hyphen (-), underscore (_), colon (:), and slash (/)
have been added as additional word separators for topic filtering in
the left sidebar, as these characters are commonly used as separators
in topic names.

Fixes: #31844
2024-10-04 14:18:43 -07:00
Prakhar Pratyush cf879a5f48 realm_export: Add a RealmAuditLog entry for delete operation.
This commit adds a RealmAuditLog entry for when someone deletes
an export.

This helps to track the acting_user.
2024-10-04 14:17:20 -07:00
Prakhar Pratyush 07dcee36b2 export_realm: Add RealmExport model.
Earlier, we used to store the key data related to realm exports
in RealmAuditLog. This commit adds a separate table to store
those data.

It includes the code to migrate the concerned existing data in
RealmAuditLog to RealmExport.

Fixes part of #31201.
2024-10-04 12:06:35 -07:00
Prakhar Pratyush 5d9eb4e358 realm_export: Save stats in '.json' format instead of '.txt'.
This commit updates code to store the realm export stats in
json format instead of plain text.

This will help in storing the stats as JsonField in RealmExport table.
2024-10-04 12:06:35 -07:00
Shubham Padia 6968d7374a compose: Change cursor to default instead of not-allowed.
Fixes #31214.
2024-10-04 11:40:15 -07:00
Shubham Padia 0634f75582 settings: Rearrange group settings in alphabetical order. 2024-10-04 11:15:01 -07:00
Shubham Padia 72de37e737 settings_data: Move spectator check to a single function.
Move spectator check to user_has_permission_for_group_setting.
2024-10-04 11:15:01 -07:00
Sayam Samal b09dfb782d reactions: Optimize DOM cost of message reactions via dynamic rendering.
Before, the message reactions section along with the add reaction button
was being rendered for every message even when there were no reactions
present - this led to additional DOM cost.

This commit adds the message reactions section only when there is
at least a single reaction on the message, and follows up with a cleanup
of the message reactions section when there are no reactions.

Fixes #31137.

Co-authored-by: Anmol-dev45 <basnetanmol2020@gmail.com>
2024-10-04 11:09:43 -07:00
Anders Kaseorg 1b4e02c5d0 thumbnail: Remove type: ignore.
(An alternate solution is message_classes: list[type[Message |
ArchivedMessage]].)

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2024-10-04 13:54:14 -04:00
Alex Vandiver 912c1b5984 thumbnail: Tighten and clarify the "type: ignore" limitation. 2024-10-04 09:10:14 -07:00
Alex Vandiver 3cbbf2307b thumbnail: Only lock the message row, not the Attachment row.
This prevents a deadlock between the thumbnailing worker and message
sending, as follows:

1. A user uploads an image, making Attachment and ImageAttachment
   rows, as well as enqueuing a job in the thumbnailing queue.

2. Message sending starts a transaction, creates the Message row,
   and calls `do_claim_attachments`, which edits the Attachment row
   of the upload (implicitly locking it).

3. The thumbnailing worker starts a transaction, locks the
   ImageAttachment row for its image, thumbnails it, and then
   attempts to `select_for_update()` the message objects (joined to
   the Attachments table) to find the ones which link to the
   attachment in question. This query blocks, since "a locking
   clause without a table list affects all tables used in the
   statement"[^1] and the message-send request already has a write
   lock on the Attachments row in question.

4. The message-send request attempts to re-fetch the ImageAttachment
   row inside the transaction, which tries to pull a lock on it.

5. Deadlock, because the message-send request has the Attachment
   lock, and waits for the ImageAttachment lock; the thumbnailing
   worker has the ImageAttachment lock, and waits for the Attachment
   lock.

We break this deadlock by limiting the
`update_message_rendered_content` `select_for_update` to only take
the lock on the Message table, and not also the Attachments table --
no changes will be made to the Attachments, so no lock is necessary
there. This allows the thumbnailing worker to successfully pull the
empty list of messages (since the message-send request has not
commits its transaction, and thus the Message row is not visible
yet), and release its ImageAttachment lock so that the message-send
request can proceed.

[^1]: https://www.postgresql.org/docs/current/sql-select.html#SQL-FOR-UPDATE-SHARE
2024-10-04 09:10:14 -07:00
Sahil Batra 74fb851958 settings: Do not store pill widgets for new groups in map.
Instead of storing setting pill widgets for new groups
in group_setting_widget_map, we just use variable in the
user_group_create file to store the widget.

This helps in accessing the widget with the key having
"new_group_" as prefix which we want to avoid as a pattern.

Note that the classes and IDs in templates still use
"new_group_" prefix.
2024-10-04 08:48:03 -07:00
Sahil Batra 698f3cf41b settings: Refactor code to get group setting pill widget value.
This commit refactors get_group_setting_widget_value function
to accept pill widget as parameter instead of setting name.

This is a prep commit for not needing to store the widgets for
group creation form in settings_components.group_setting_widget_map.
2024-10-04 08:48:03 -07:00
Sahil Batra 4b206b7394 settings: Refactor code to set group setting pill widget value.
This commit refactors set_group_setting_widget_value function
to accept pill widget as parameter instead of setting name.

This is a prep commit for not needing to store the widgets for
group creation form in settings_components.group_setting_widget_map.
2024-10-04 08:48:03 -07:00
Anders Kaseorg 7bd5ec28ae dependencies: Upgrade JavaScript dependencies.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2024-10-04 08:47:07 -07:00
Anders Kaseorg 7bd0df408d eslint: Fix unicorn/prefer-math-min-max.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2024-10-04 08:47:07 -07:00
Anders Kaseorg 3b79a534a2 eslint: Fix unicorn/consistent-existence-index-check.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2024-10-04 08:47:07 -07:00
Pierre Carru 5cbe3203f5
slack_incoming: add ok=true to json in case of success.
This better simulates the Slack API, which is important, since some
integrations check this response and decide whether the Slack endpoint
is working based on what they receive.
2024-10-04 08:42:27 -07:00
Anders Kaseorg e7e8062b2e web: Add missing CSS.escape calls.
Any string interpolated into a CSS selector must be CSS escaped.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2024-10-04 08:39:30 -07:00
Greg Price 68e96bc73f contributor docs: Clarify how to claim a mobile issue
The existing text says to post a GitHub comment "saying that you'd
like to work on" the issue.  A lot of new contributors,
understandably, take that literally -- they just say they'd like to
work on the issue, with no further information.

In particular they don't give any evidence that they've taken the
steps we prescribe in the preceding section, of figuring out what code
is involved and how they'll approach the problem before they claim it.
When I reply asking for that information, very often they haven't done
those steps... while sometimes they have, and just hadn't put together
from context that that would be a good thing to communicate.

So spell that out explicitly.  Hopefully this will elicit smoother
communication from the contributors who have done that work; and
for those who haven't, hopefully it'll help redirect them to go back
and do it.

Also expand on the instruction not to spam.
2024-10-03 16:45:50 -07:00
Alex Vandiver ed8058d060 message: Do not differentiate topics by case when aggregating. 2024-10-03 16:35:45 -07:00
Anders Kaseorg a8304fb324 sentry: Address Sentry JavaScript 7.x deprecations.
https://docs.sentry.io/platforms/javascript/migration/v7-to-v8/

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2024-10-03 16:09:48 -07:00