Commit Graph

45028 Commits

Author SHA1 Message Date
Mateusz Mandera 7df5f8e6f5 docs: Update the /help/ instructions for setting up OneLogin SAML.
OneLogin has removed the old app. The new app is nearly identical, just
with some additional configurable settings, that we don't want to touch
anyway as the default are fine - and changing the default Parameters
that are set up, so we also update the screenshot to match how it looks
with the new app.
2021-11-16 14:58:17 -08:00
Tim Abbott 618d0788f0 api docs: Delete docs for nonexistent icon_file_size property.
This appears to have been confused with max_icon_file_size.
2021-11-16 14:57:50 -08:00
Tim Abbott cac8bcbc89 api docs: Fix incorrect realm_ prefixes in update_dict field names.
Neither of these fields use the `realm/update_dict` event type; they
use `realm/update`; we've attempted to clarify that in the previous
commit.

That reality means we don't have automated testing for these values,
and that meant that typos like these could slip through.
2021-11-16 14:57:50 -08:00
Tim Abbott e36f549ec6 api docs: Add more details around realm event types. 2021-11-16 14:57:50 -08:00
Mateusz Mandera 0abbb87155 auth: Include user_id in the params returned at the end of mobile flow.
The user id is a very useful piece of information that the mobile
client should have access to - instead of only getting the email. This
makes it much simpler to impleent clients that might be robust to
changes in email address.
2021-11-16 12:12:59 -08:00
Sahil Batra 9e979e9e66 models: Sort UserBaseSettings.property_types dict by key. 2021-11-16 12:01:04 -08:00
Sahil Batra 375b48f013 models: Sort UserBaseSettings.notification_settings_legacy dict by key. 2021-11-16 12:01:04 -08:00
Sahil Batra cae547cfd0 models: Sort Realm.property_types dict by key. 2021-11-16 12:01:04 -08:00
Alex Vandiver faeffa2466 queue_processors: Set a bounded prefetch size on rabbitmq queues.
RabbitMQ clients have a setting called prefetch[1], which controls how
many un-acknowledged events the server forwards to the local queue in
the client.  The default is 0; this means that when clients first
connect, the server must send them every message in the queue.

This itself may cause unbounded memory usage in the client, but also
has other detrimental effects.  While the client is attempting to
process the head of the queue, it may be unable to read from the TCP
socket at the rate that the server is sending to it -- filling the TCP
buffers, and causing the server's writes to block.  If the server
blocks for more than 30 seconds, it times out the send, and closes the
connection with:

```
closing AMQP connection <0.30902.126> (127.0.0.1:53870 -> 127.0.0.1:5672):
{writer,send_failed,{error,timeout}}
```

This is https://github.com/pika/pika/issues/753#issuecomment-318119222.

Set a prefetch limit of 100 messages, or the batch size, to better
handle queues which start with large numbers of outstanding events.

Setting prefetch=1 causes significant performance degradation in the
no-op queue worker, to 30% of the prefetch=0 performance.  Setting
prefetch=100 achieves 90% of the prefetch=0 performance, and higher
values offer only minor gains above that.  For batch workers, their
performance is not notably degraded by prefetch equal to their batch
size, and they cannot function on smaller prefetches than their batch
size.

We also set a 100-count prefetch on Tornado workers, as they are
potentially susceptible to the same effect.

[1] https://www.rabbitmq.com/confirms.html#channel-qos-prefetch
2021-11-16 11:48:50 -08:00
Alex Vandiver 7c3507feef queue: Allow passing down a prefetch count to pika. 2021-11-16 11:48:50 -08:00
Alex Vandiver 8d239f4984 tests: Move lambda in simulated_queue_client to help typing. 2021-11-16 11:48:50 -08:00
Alex Vandiver d1822b5630 tests: Move simulated_queue_client to the only test it is used in. 2021-11-16 11:48:50 -08:00
Alex Vandiver 64268f47e8 queue_processors: Drop unused current_queue_size, which was local size.
The `current_queue_size` key in the queue monitoring stats file was
the local queue size, not the global queue size -- d5a6b0f99a
renamed the function, but did not adjust the queue monitoring JSON,
despite the last use of it having been removed in cd9b194d88.

The function is still used to mark "we emptied our queue," and it
remains a reasonable metric for that.
2021-11-16 11:48:50 -08:00
Alex Vandiver 800e38016a queue_rate: Output to CSV, and run multiple prefetch values. 2021-11-16 11:48:50 -08:00
Alex Vandiver 49ad188449 rate_limit: Add a flag to lump all TOR exit node IPs together.
TOR users are legitimate users of the system; however, that system can
also be used for abuse -- specifically, by evading IP-based
rate-limiting.

For the purposes of IP-based rate-limiting, add a
RATE_LIMIT_TOR_TOGETHER flag, defaulting to false, which lumps all
requests from TOR exit nodes into the same bucket.  This may allow a
TOR user to deny other TOR users access to the find-my-account and
new-realm endpoints, but this is a low cost for cutting off a
significant potential abuse vector.

If enabled, the list of TOR exit nodes is fetched from their public
endpoint once per hour, via a cron job, and cached on disk.  Django
processes load this data from disk, and cache it in memcached.
Requests are spared from the burden of checking disk on failure via a
circuitbreaker, which trips of there are two failures in a row, and
only begins trying again after 10 minutes.
2021-11-16 11:42:00 -08:00
Mateusz Mandera 2d3d0f862a process_queue: Rename Threaded_worker to ThreadedWorker.
Threaded_worker doesn't fit the python naming convention we rely on.
2021-11-16 11:21:05 -08:00
Mateusz Mandera 3688ff38bd custom_check: Improve check for exit(...) call in management commands.
It's better for this to catch all exit(...) calls with non-zero exit
code, given the purpose is to catch all exits with failure, as opposed
to only exit(1).
2021-11-16 11:21:05 -08:00
Mateusz Mandera 7cc345d7b1 process_queue: Improve handling of exceptions in process_queue.
Unhandled exceptions propagating to process_queue were not caught there,
causing improper logging - errors didn't land in errors.log as expected.
Exceptions should be caught and explicitly logged by the process_queue
logger. Exceptions occurring during consuming events are caught and
handled inside the worker's logic - however those that happen while
setting up the worker were not addressed at all, and that's the core bug
we mean to address here.

Furthermore, in multi-threaded mode we want the autoreload mechanism to
be working - which it doesn't without catching the exceptions. The
correct approach is to - again - catch the exception, log it and then
send SIGUSR1 signal to trigger exit and autoreload.
2021-11-16 11:21:05 -08:00
Tim Abbott 3531afd754 migrations: Disable atomic flag on migration 0354.
I believe that this migration with the default of atomic=True will
fail when trying to convert the field to PositiveIntegerField if there
were any 0 values present in the database when the migration began.
The fix is to have each of the steps be their own transaction.
2021-11-15 17:24:49 -08:00
Alya Abbott fb94e959c8 portico: Update jobs page.
Note from tabbott: It's not clear we want fundamentally dynamic
corporate website elements like this jobs page to be in zulip/zulip,
but there's even less reason for there to be an out-of-date copy there.
2021-11-15 17:19:05 -08:00
Tim Abbott 3e9c2dc03d models: Add comment documenting how email uniqueness is enforced. 2021-11-15 13:46:28 -08:00
Aman Agrawal fc42568248 docs: Separate recommend and vagrant setup sections for dev setup.
This will possibly direct more users towards WSL setup on Windows.
2021-11-15 10:58:08 -08:00
Manan Rathi 230607853d loading_page: Fix the color of the App-loading text.
Fixes #20172
2021-11-15 10:57:30 -08:00
Ganesh Pawar 6262c88e00 modal: Grey out the submit button when disabled. 2021-11-15 10:38:57 -08:00
Ganesh Pawar ca4d9b0fd6 modal: Mark submit button CSS `color` property as important.
This is necessary to override the global `color` property defined
for disabled buttons in night mode.
2021-11-15 10:38:57 -08:00
Aman Agrawal 5f4595d7b6 landing_page: Avoid gradient overflowing under content.
Gradient under content makes links which are of similar color
hard to see.
2021-11-14 18:56:34 -08:00
Alex Vandiver a2f89f21e3 email_change: Show deactivated page if realm is now deactivated.
We also catch if the user is now deactivated.
2021-11-14 18:55:40 -08:00
Alex Dehnert dfaeb10087
settings: Link to help on restrict wildcard mentions.
This is necessary to indicate the definition for "large streams" used.
2021-11-12 11:33:35 -08:00
Alex Vandiver bc5539d871 tornado: Move SIGTERM shutdown handler into a callback.
A SIGTERM can show up at any point in the ioloop, even in places which
are not prepared to handle it.  This results in the process ignoring
the `sys.exit` which the SIGTERM handler calls, with an uncaught
SystemExit exception:

```
2021-11-09 15:37:49.368 ERR  [tornado.application:9803] Uncaught exception
Traceback (most recent call last):
  File "/home/zulip/deployments/2021-11-08-05-10-23/zulip-py3-venv/lib/python3.6/site-packages/tornado/http1connection.py", line 238, in _read_message
    delegate.finish()
  File "/home/zulip/deployments/2021-11-08-05-10-23/zulip-py3-venv/lib/python3.6/site-packages/tornado/httpserver.py", line 314, in finish
    self.delegate.finish()
  File "/home/zulip/deployments/2021-11-08-05-10-23/zulip-py3-venv/lib/python3.6/site-packages/tornado/routing.py", line 251, in finish
    self.delegate.finish()
  File "/home/zulip/deployments/2021-11-08-05-10-23/zulip-py3-venv/lib/python3.6/site-packages/tornado/web.py", line 2097, in finish
    self.execute()
  File "/home/zulip/deployments/2021-11-08-05-10-23/zulip-py3-venv/lib/python3.6/site-packages/tornado/web.py", line 2130, in execute
    **self.path_kwargs)
  File "/home/zulip/deployments/2021-11-08-05-10-23/zulip-py3-venv/lib/python3.6/site-packages/tornado/gen.py", line 307, in wrapper
    yielded = next(result)
  File "/home/zulip/deployments/2021-11-08-05-10-23/zulip-py3-venv/lib/python3.6/site-packages/tornado/web.py", line 1510, in _execute
    result = method(*self.path_args, **self.path_kwargs)
  File "/home/zulip/deployments/2021-11-08-05-10-23/zerver/tornado/handlers.py", line 150, in get
    request = self.convert_tornado_request_to_django_request()
  File "/home/zulip/deployments/2021-11-08-05-10-23/zerver/tornado/handlers.py", line 113, in convert_tornado_request_to_django_request
    request = WSGIRequest(environ)
  File "/home/zulip/deployments/2021-11-08-05-10-23/zulip-py3-venv/lib/python3.6/site-packages/django/core/handlers/wsgi.py", line 66, in __init__
    script_name = get_script_name(environ)
  File "/home/zulip/deployments/2021-11-08-05-10-23/zerver/tornado/event_queue.py", line 611, in <lambda>
    signal.signal(signal.SIGTERM, lambda signum, stack: sys.exit(1))
SystemExit: 1
```

Supervisor then terminates the process with a SIGKILL, which results
in dropping data held in the tornado process, as it does not dump its
queue.

The only command which is safe to run in the signal handler is
`ioloop.add_callback_from_signal`, which schedules the callback to run
during the course of the normal ioloop.  This callbacks does an
orderly shutdown of the server and the ioloop before exiting.
2021-11-12 09:57:23 -08:00
Alya Abbott 847bf8207f portico: Link back to /for/X pages from Lean case study. 2021-11-11 06:24:58 -08:00
Alex Vandiver 6c14978cd1 zilencer: Truncate "remove" notifications from remote servers.
This is 4d055a6695, but for notifications which are received from
remote hosts.
2021-11-10 13:39:35 -08:00
Lauryn Menard 6046f94521 settings: Fix live `update_page` behavior for user settings.
Changes `update_page` to only update the modified user setting instead
of updating all of the user settings on the page. This is modeled on
the behavior for updates to the realm user default settings.

This is a follow up on feedback in #20070.
2021-11-10 13:03:20 -08:00
akshatdalton e9a2183fda drafts: Fix tooltip css in draft controls.
Tooltip popover in draft controls was too narrow.
Now its width is set to max-content width.
This looks nice.
2021-11-10 12:54:53 -08:00
akshatdalton 2b1cc006fa drafts: Add hotkey hint to restore draft. 2021-11-10 12:54:53 -08:00
Tim Abbott 12c6ee7962 drafts: Document that drafts are not shared with other devices.
We plan to change this in the future, but we should make sure it's
clear to users what the current model is.
2021-11-10 12:53:44 -08:00
Wesley Aptekar-Cassels 151db3c9ef drafts: Increase the duration of "Saved as draft" tooltip.
Now that it's further away from the composebox, we probably want it to
be visible for longer. Doubling it from 1.5 seconds to 3 seconds seems
reasonable to start with, although we should tune it based on feedback.
2021-11-10 12:53:44 -08:00
Wesley Aptekar-Cassels fe89dee284 compose: Remove "Drafts" button.
Now that this is in the left sidebar, we can remove the now-redundant
compose area button for it.  This also changes where the "Saved as
draft" tooltip appears.
2021-11-10 12:53:44 -08:00
Wesley Aptekar-Cassels df8f0b2afe left_sidebar: Add "Drafts" item.
This currently shows the drafts as a popup. Eventually, we'll want to
migrate it to be a view in the center pane, as we did with Recent
Topics.

This uses the same style as starred messages in order to show the number
of drafts.

See CZO for more context:
https://chat.zulip.org/#narrow/stream/101-design/topic/drafts.20in.20sidebar
2021-11-10 12:53:44 -08:00
akshatdalton f2c7e8e80f markdown: Ensure all markdown fixtures have unique names.
This commit ensures that all markdown fixtures have unique
test names by rewriting the names of some of them and adding
a test in `test_markdown.py`.

Earlier this was over-writing the value for same keys in
`load_markdown_tests` in `test_markdown.py`.
2021-11-10 12:36:47 -08:00
Aman Agrawal cfbed9a60c recent_topics: Re-select last selected topic.
Since the position of topic in recent topics can change, we
focus the last selected topic using the `topic_key` instead
of relying `row_focus` value which is incorrect.
2021-11-10 12:25:15 -08:00
Aman Agrawal 7f61997d09 recent_topics: Directly pass topic index instead of element.
Since the element may get re-rendered while we extract info from
it, we do it as fast as possible to avoid errors.
2021-11-10 12:25:15 -08:00
Aman Agrawal c6d74c4b67 recent_topics: Separate behaviour for scrolling and hotkeys.
When user is scrolling, we simply keep the center element in
focus.

When user is using hotkeys, we keep the focused element in
center.

When user is using keyboard, we need to always keep the
"focused" topic in visible scrolling area.

We determine if the topic row is above or below the visible
area and scroll half_height_of_visible_area so that the selected
topic is visible.

This gives a nice navigation experience for both the views.

Reduced height of recent topics table to account for
compose box so that focused element is not below compose box.
2021-11-10 12:25:15 -08:00
Alex Vandiver 6b6dcf6ce1 soft_deactivate: Handle multiple SUBSCRIPTION_DEACTIVATEDs.
Race conditions in stream unsubscription may lead to multiple
back-to-back SUBSCRIPTION_DEACTIVATED RealmAuditLog entries for the
same stream.  The current logic constructs duplicate UserMessage
entries for such, which then later fail to insert.

Keep a set of message-ids that have been prep'd to be inserted, so
that we don't duplicate them if there is a duplicated
SUBSCRIPTION_DEACTIVATED row.  This also renames the `message` local
variable, which otherwise overrode the `message` argument of a
different type.
2021-11-10 12:19:25 -08:00
Mateusz Mandera 8f1105eab0 saml: Add some docstrings to SAMLDocument class. 2021-11-10 12:08:56 -08:00
Mateusz Mandera 17485e2f4d saml: Refactor get_issuing_idp to rely on class polymorphism. 2021-11-10 12:08:56 -08:00
Mateusz Mandera 3702b31dd2 saml: Refactor some SAMLRequest/SAMLResponse processing logic.
Using these tuples is clearly uglier than using classes for storing
these encoded stream. This can be built on further to implement the
various fiddly logic around handling these objects inside appropriate
class method.
2021-11-10 12:08:56 -08:00
Mateusz Mandera 64a04d90b2 saml: Pass correct settings object to OneLogin_Saml2_Logout_Request.
config is a dict, but the OneLogin_Saml2_Logout_Request expects to
receive a OneLogin_Saml2_Settings object.
2021-11-10 12:08:56 -08:00
YashRE42 f21cee7caa upload: Return single elem for get_item(drag_drop_container) w/ edit.
Previously, opening multiple message_edits and then drag-dropping a
file into any one of them would cause all of them to upload ie you'd
get one uploaded file in each message_edit.

This bug was caused by returning multiple elements from
upload.get_item("drag_drop_container", config) when config.mode =
"edit".

This commit changes the selector to use the row provided (config.row),
and so ensures that the above bug doesn't happen.
2021-11-10 12:06:15 -08:00
YashRE42 e8eb6724ad message_view_header: Switch selector for hover to ~ instead of +.
This is a prep commit for adding extended descriptions to
message_view_header, it ensures hover effects work even if we add
additional elements to the message_view_header.
2021-11-10 11:05:22 -08:00
Ganesh Pawar 7a505e3857 user_profile_modal: Migrate modal to Micromodal. 2021-11-10 11:04:38 -08:00