Tim Abbott
7d35c3135b
Puppet: Update default classes for building new server.
...
(imported from commit 7283498779108992456c98d3d18b01751ccbb5b6)
2012-11-02 10:50:59 -04:00
Waseem Daher
a6dbb88d0a
Three autocompletes for subject, for consistency with stream.
...
(imported from commit 08e12fa2cfbe37b53a06888b879babbcf12733bf)
2012-11-01 21:56:37 -04:00
Waseem Daher
41290f3e23
Fix XSS issue in composebox typeahead.
...
Whenever we use a typeahead, we should use the escaping highlighter
unless we're explicitly going to put sanitized content in it.
(imported from commit 33086327fe56a7bcbbbf8a08fe3f39800b195e75)
2012-11-01 21:56:37 -04:00
Waseem Daher
69b534c0ba
Move composebox typeahead code into its own module.
...
This also cleans up the autocomplete source specifications,
making the three typeaheads all look fairly consistent.
(imported from commit e72655d715db74cfc9ab45b51e7e2ff9e8ea84c5)
2012-11-01 21:56:33 -04:00
Waseem Daher
e72279d6a8
Reintroduce XSS issues in composebox typeahead.
...
This makes the diff a bit cleaner.
Revert "Interim measure: Escape fullnames as well."
This reverts commit a634e6ac39ea337be499889b3ff64b3c4f4fcccb.
Revert "Interim measure: Escape subject names before they go into the typeahead."
This reverts commit 806bc719ab296ec0fe299b33c7aa6767a0c71b9d.
(imported from commit 5a579e3535846b2bc612cf03e43c562c83119812)
2012-11-01 17:16:27 -04:00
Zev Benjamin
6178cd830a
Return the error if return_messages_immediately returns an error response
...
We previously started long-polling.
(imported from commit 5860e484c63088ed34226f39f5aeb74e3ed43f91)
2012-11-01 16:02:28 -04:00
Tim Abbott
08b76126b4
Make the mouseover date string always include a timezone.
...
(imported from commit 5b4a98c6e0cdfc87ba57f6d6454488fff2810603)
2012-11-01 14:07:10 -04:00
Tim Abbott
7c3a189c03
Combine api_subscribe and json_add_subscriptions.
...
(imported from commit 1a5df7c88beb2c27a048b1880136b9c7cb4451b2)
2012-11-01 13:05:52 -04:00
Tim Abbott
7e0cbd1c8b
Change json_add_subscription to use the same interface as api_subscribe.
...
(imported from commit 9b9eb0284ad262ce9701ef81162d954544435d52)
2012-11-01 13:05:52 -04:00
Tim Abbott
27867b0022
Rename add_for_send to subscribe_for_send.
...
(imported from commit 19f6a0710a84bf8204b81957ca49b09ec9174188)
2012-11-01 13:05:52 -04:00
Tim Abbott
aca815d727
Don't add duplicate entries to subscriptions_table.
...
While we're at it, fix the fact that we're currently not adding
entries to the subscriptions_table at all when we do
subscribe-and-send.
(imported from commit 99bf574a4a296463e562a44186e2282654464542)
2012-11-01 13:05:52 -04:00
Tim Abbott
01bf0868a9
Rename new_subscription argument to streams.
...
(imported from commit 8024f47564fe580734d5e452f5092520870003a7)
2012-11-01 13:05:52 -04:00
Tim Abbott
0120b2b239
Don't show a user-facing error when subscribe-and-sending and already subscribed.
...
(imported from commit 7262740e8d967bf69a61fb9fddd74270a3211f5f)
2012-11-01 13:05:52 -04:00
Keegan McAllister
cb9cdf22c3
tests: Correct documentation on test_message_to_nonexistent_stream
...
(imported from commit 76176083c1a0494856a3507214e2cfc3844d1fc1)
2012-11-01 12:08:38 -04:00
Jessica McKellar
c0b75ed93a
Add Nagios config files to git.
...
(imported from commit 5d6ba166cf35afdd76ca4f2cfc8a13988cfdeaea)
2012-11-01 10:47:50 -04:00
Keegan McAllister
b81ef9cca7
Replace template variables static_{third,public} with hardcoded paths
...
So that the 500 error view will render properly, even though no variables are
set. We keep the variable static_hidden, which by design is not used on the
500 page.
Fixes #240 .
(imported from commit 3c7534f896479b7d7edbe5ef13958481e169a13c)
2012-10-31 18:43:44 -04:00
Waseem Daher
f0fd80a294
Interim measure: Escape fullnames as well.
...
I'm sure this problem exists in a latent way with stream names and
email addresses as well. Once I figure out a general way to fix this,
I'd like to go back and handle these three cases in a cleaner,
symmetric way, but this'll do for now.
(imported from commit a634e6ac39ea337be499889b3ff64b3c4f4fcccb)
2012-10-31 17:49:19 -04:00
Waseem Daher
4d83aa96ff
Interim measure: Escape subject names before they go into the typeahead.
...
This is problematic because if your subject name is <b>hi</b>,
selecting it from the typeahead comes back with:
<b>hi</b>
which obviously isn't really OK.
(imported from commit 806bc719ab296ec0fe299b33c7aa6767a0c71b9d)
2012-10-31 17:26:13 -04:00
Zev Benjamin
a11cde077e
Add tool for injecting large numbers of messages into site for testing
...
(imported from commit 44643cc95cd0e66d91fcc1ea576379f5de76ac67)
2012-10-31 17:18:50 -04:00
Waseem Daher
765aa833bc
Clean up jQuery selectors for the composebox send button.
...
(imported from commit 6bf7ee00f23290ae5e254b4964db3ed51527368b)
2012-10-31 16:36:22 -04:00
Waseem Daher
1e34e46a2e
Make Tab-Enter work as a "send message" shortcut in Safari.
...
(imported from commit 2eccaea06594a7c3d3e8c6d3c00a20c4c94116a2)
2012-10-31 16:36:22 -04:00
Tim Abbott
22bb5a5830
Fix longpolling on messages to nobody.
...
This is what caused our server to hang when receiving certain messages
over the last couple days. It was introduced by me making in the
assumption that doing the same thing we did after validate_notify
failed was a correct way to immediately return from
notify_new_message, which it was not. The code of validate_notify
actually finished the handler in the event that validation failed,
which isn't "correct", but did not manifest in a visible problem.
The correct way to trigger an immediate response from a tornado view
is to just return the value, not call handler.finish() and then return
None.
Similarly, the correct way to trigger longpolling from a tornado view
is to either return None (or equivalently, / drop off the end of the
function) or return a generator.
(imported from commit 5b931248b4650fc88d5d68f5936a95f19e097af9)
2012-10-31 16:35:30 -04:00
Keegan McAllister
5a7b307d71
Create the narrowbar using a Handlebars template
...
This fixes an XSS hole (#249 ).
(imported from commit 5f70c0bc23e0d992f2d85889e2ba9157f1b73b3a)
2012-10-31 16:02:17 -04:00
Tim Abbott
5a3d52baa7
Make the narrowing tooltips a bit more verbose.
...
(imported from commit ab2cbaa7bfe4eeb0b1d1dd00b6db6aa76574cbff)
2012-10-31 14:06:35 -04:00
Tim Abbott
b33c0c4eee
Send the stripped stream name to add_subscriptions_backend.
...
(imported from commit c3bbb9bd200629020fe7e60d42644beaab30bff5)
2012-10-31 14:06:35 -04:00
Tim Abbott
f319eef425
humbug_trac: Remove redundant 'Trac ' in subjects.
...
(imported from commit 309b477963cd0d3cca06eef2a685b1143c144455)
2012-10-31 14:06:35 -04:00
Tim Abbott
31666a1f3d
humbug_trac: Try to compress the rest of the changes.
...
(imported from commit a7bdf3cb8243d43837705d4c9eb00d5e6d75d4b5)
2012-10-31 14:06:35 -04:00
Tim Abbott
b9c54ed6f2
Include the trac summary in the Humbug subject.
...
(imported from commit 23298d8455e2b0e8c4947f2d2e76874b66a8e28c)
2012-10-31 14:06:35 -04:00
Tim Abbott
212a4e76d4
zephyr_mirror: Append our elements to the start of sys.path.
...
(imported from commit 674848bcac71d5bd28549f14a5da0f72c6c59d69)
2012-10-31 14:06:35 -04:00
Tim Abbott
426ab9559d
Fix creating new users via zephyr mirroring.
...
(imported from commit 05e01efabdce081fc574486916c7db343f2cdb1d)
2012-10-31 14:06:35 -04:00
Zev Benjamin
564565f627
When narrowing a second time, don't move the pointer and display the persistent pointer
...
(imported from commit f49222f3a5df636517cadcafbc3d278f4f0ced00)
2012-10-31 12:03:00 -04:00
Keegan McAllister
eac48d9b04
Clear password boxes on settings change submission
...
(imported from commit 523df7ee039db7be30e66608c491cc441f14fd70)
2012-10-30 17:05:10 -04:00
Tim Abbott
30aab26ccd
Fix test_missing_last_received to match current behavior.
...
(imported from commit 101b08d740ddf46d100c9763f2b78b86e2b07a00)
2012-10-30 16:59:25 -04:00
Tim Abbott
70f21f9d8e
Fix 'Stream does not exist' test.
...
(imported from commit d4f0f3deaa3cc4b9cab67c90b87aa8bff2e72653)
2012-10-30 16:59:25 -04:00
Tim Abbott
013a2381b2
zephyr_mirror: More reliable killing of other zephyr_mirror processes.
...
(imported from commit ae00299114a74ebd582aec835ffd5f8127d8f55f)
2012-10-30 16:59:25 -04:00
Tim Abbott
73f6c614b8
Move trac bot to the trac stream.
...
(imported from commit 7c05062d73d6bd4de4b9329f1f2b7baa705c9d2b)
2012-10-30 16:59:25 -04:00
Tim Abbott
e48bdfe847
Use json_success for api_fetch_api_key.
...
(imported from commit 395d992fa634f5304f8a44f38f0251109c1a0810)
2012-10-30 16:59:18 -04:00
Tim Abbott
c00e37c106
Use json_error rather than HttpResponseBadRequest and friends.
...
(imported from commit a9f6df2e561218db46f4ade86bac1ecd87b6ca78)
2012-10-30 16:59:18 -04:00
Tim Abbott
9fa2f0d4f8
Use @require_post for login_required_json_view.
...
(imported from commit e7efea5f016b1b44a0a3deba024e3df828006cfa)
2012-10-30 16:59:18 -04:00
Waseem Daher
e7e05d8617
Fix up some overzealous "instance->subject" renames.
...
(imported from commit f4ddcfd3749d374cc6abee3b1e7a5aacc3b83e16)
2012-10-30 16:48:00 -04:00
Keegan McAllister
1b316023af
Add example msmtprc
...
(imported from commit 8fd934f6439b92c0b86e9db3bb56fdbab3e60a14)
2012-10-30 15:40:10 -04:00
Keegan McAllister
8c238f252c
review: Send mail using msmtp
...
(imported from commit 7cf60baeb846df9a8c15500a6d14713aec45fc8c)
2012-10-30 15:40:10 -04:00
Keegan McAllister
5788c4c280
review: Update for python-git 0.3 instead of 0.1 (?)
...
(imported from commit 3e90459bfcf5dbd2f209836bff1a2ad9038f50bb)
2012-10-30 15:40:10 -04:00
Keegan McAllister
d8b8e396a6
review: Customize for humbughq.com
...
(imported from commit f757954077f287a9d3092a7a5a475fd5c0c12a2f)
2012-10-30 15:40:10 -04:00
Keegan McAllister
26115c8232
review: Fix trailing whitespace
...
(imported from commit 6161f378913d3a939655dd903f7fe634e2b170f5)
2012-10-30 15:40:10 -04:00
Keegan McAllister
a7fbb1c15f
Import Ksplice code review script
...
From https://github.com/ksplice/code-review
(imported from commit ff6ca29832749ab8f2f6434eb64395a239031f1c)
2012-10-30 15:40:10 -04:00
Luke Faraone
75c6fa7202
When doing a deployment, set the site name to app.humbughq.com.
...
(imported from commit b89f72f0cb94fae7678db570a1e9774dbe471ba9)
2012-10-30 15:13:12 -04:00
Tim Abbott
4e9df28c12
send_message: Don't create streams automatically on send.
...
(imported from commit 7be1b72c5fdf9a21167d2be3948cf1febf8da8ed)
2012-10-30 15:02:45 -04:00
Tim Abbott
2c577d70b3
Restart apache2, ssh, and nginx after running puppet.
...
(imported from commit 0e0b7fd10d1742efe86ff6bdab8d3ac4e4d291a9)
2012-10-30 14:21:31 -04:00
Luke Faraone
1d6a5741e0
Previously conditionals used the wrong case to reference request.POST.
...
(imported from commit 2624def3745c3b26114ee1a1a9a20288e078b243)
2012-10-30 13:29:40 -04:00