Commit Graph

9626 Commits

Author SHA1 Message Date
Rishi Gupta e71a1a2b4e onboarding: Remove initial streams other than general and core team.
The hope is that by having a shorter list of initial streams, it'll
avoid some potential confusion confusion about the value of topics.
At the very least, having 5 streams each with 1 topic was not a good
way to introduce Zulip.

This commit minimizes changes to the message content in
`send_initial_realm_messages` to keep the diff readable. Future commits will
reshape the content.
2019-03-21 12:30:14 -07:00
Rishi Gupta d46b125bf2 onboarding: Change default notifications stream to #general. 2019-03-21 12:29:51 -07:00
Raymond Akornor d8a2bb2b7c deliver_email: Refactor to extract email delivery.
This is a follow up on #11181. We extract email delivery into
`zerver/lib/send-email.py` to make it cleaner and easy to test.
2019-03-20 14:52:05 -07:00
Tim Abbott 8e92b36cf3 models: Add more documentation for PreregistrationUser. 2019-03-20 14:23:36 -07:00
Tim Abbott e7cc246d27 actions: Add docstring for do_update_message.
This should help with its readability.
2019-03-20 12:48:47 -07:00
neiljp (Neil Pilgrim) 7b3a9f34b7 mypy: Assert if we do_update_message then we have rendered_content. 2019-03-20 12:48:47 -07:00
neiljp (Neil Pilgrim) a80617bc70 mypy: Fix color_map default parameter for Optional. 2019-03-20 12:48:43 -07:00
neiljp (Neil Pilgrim) a40a0312f1 mypy: Correct default=None parameter typing in actions.py. 2019-03-20 12:41:34 -07:00
neiljp (Neil Pilgrim) 3d9c4494f5 mypy: Extract addressee.stream_name() check to satisfy mypy. 2019-03-20 12:41:34 -07:00
Vishnu Ks d921fd25e4 import: Move SubscriberHandler to import_util. 2019-03-20 11:29:51 -07:00
Vishnu Ks 6e3720e0b7 gitter: Fix minor comment typo in build_userprofile. 2019-03-20 10:12:18 -07:00
Tim Abbott 4f2c9f46bd actions: Improve format for delete events.
There were several problems with the old format:

* The sender was not necessarily the sender; it was the person who did
  the deletion (which could be an organization administrator)
* It didn't include the ID of the sender, just the email address.
* It didn't include the recipient ID, instead having a semi-malformed
  recipient_type_id under the weird name recipient_user_ids.

Since nothing was relying on the old behavior, we can just fix the
event structure.
2019-03-19 23:16:03 -07:00
Hemanth V. Alluri 261166f96d context_processors: Cache the realm description in default context. 2019-03-18 22:19:18 -07:00
Tim Abbott 58ca1ba5a4 models: Disable caching of supported_auth_backends for now.
This seems to be causing hard-to-debug test failures.
2019-03-18 11:29:05 -07:00
Mateusz Mandera 5f88406133 rate_limit tests: Cover RateLimiterLockingException case in rate_limit_user. 2019-03-18 11:16:58 -07:00
Mateusz Mandera 1a3297d122 email_mirror: Make send_to_email_mirror.py use mirror_email_message.
We change the send_to_email_mirror management command, to send messages
to the email mirror through the mirror_email_message function instead of
process_message - this makes the message follow a similar codepath as
emails sent into the mirror with the postfix configuration, which means
going through the MirrorWorker queue. The reason for this is to make
this command useful for testing the new email mirror rate limiter.
2019-03-18 11:16:58 -07:00
Mateusz Mandera 1901775383 email_mirror: Add realm-based rate limiting.
Closes #2420

We add rate limiting (max X emails withing Y seconds per realm) to the
email mirror. By creating RateLimitedRealmMirror class, inheriting from
RateLimitedObject, and rate_limit_mirror_by_realm function, following a
mechanism used by rate_limit_user, we're able to have this
implementation mostly rely on the already existing, and proven over
time, rate_limiter.py code. The rules are configurable in settings.py in
RATE_LIMITING_MIRROR_REALM_RULES, analogically to RATE_LIMITING_RULES.

Rate limit verification happens in the MirrorWorker in
queue_processors.py. We don't rate limit missed message emails, as due
to using one time addresses, they're not a spam threat.

test_mirror_worker is adapted to the altered MirrorWorker code and a new
test - test_mirror_worker_rate_limiting is added in test_queue_worker.py
to provide coverage for these changes.
2019-03-18 11:16:58 -07:00
Mateusz Mandera 386813f42b test_queue_worker: Clean up test_mirror_worker.
We clean up test_mirror_worker for more readability, as well as make it
verify that mirror_email gets called the correct amount of times and use
a correct rcpt_to address, so that the test doesn't fail when some
verification of the address is added in the following commits
implementing rate limiting in the email mirror.
2019-03-18 11:16:58 -07:00
Mateusz Mandera 5b86734178 email_mirror: Change stream name encoding in mirror addresses.
Fixes #9840.

Old addresses caused bugs in some cases with non-latin characters in
stream names (see issue number above). We switch to using django's
slugify helper function to convert stream names to full ascii, while
also getting rid of problematic non-alphanumeric characters, in a
reasonable way. See Django's documentation for slugify to see more about
how this function works.

Tests extended by tabbott to cover cases where we do end up with ascii.
2019-03-18 11:14:22 -07:00
Mateusz Mandera a64a075ff1 email_mirror: Ignore stream_name part of receiving address.
To prepare for changing how the stream name gets encoded into mirror
email addresses while making sure old addresses keep working, we ignore
the stream_name part when receiving emails into the mirror and we only
look at the email_token to identify into which stream to mirror the
email.
2019-03-18 11:06:51 -07:00
Tim Abbott 898798a352 email_log: Fix buggy use of get_realm_stream.
I'm surprised that this wasn't a mypy error; we were passing a Realm
object as an integer, and predictably, this resulted in us
constructing a cache key that looked like this:

stream_by_realm_and_name:<Realm: zulip 1>:dd5...
2019-03-18 10:59:30 -07:00
Tim Abbott 51eeb0a3ee cache: Add missing : in test-backend key prefixes.
Previously, these cache keys looked like:
:1:9c26164d3a393e316e0f8210efe270e08710d45astream_by_realm_and_name:...

Now, they look like this:
:1:9c26164d3a393e316e0f8210efe270e08710d45a:stream_by_realm_and_name:...
2019-03-18 10:56:50 -07:00
Tim Abbott 5d20138d72 context_processors: Optimize calculation of social_backends.
This avoids a bunch of duplicated calls to auth_enabled_helper for our
social auth backends, which added up because auth_enabled_helper can
take 100us to run.
2019-03-17 15:20:36 -07:00
Tim Abbott a9350caee2 context_processors: Optimize calculation of no_auth_enabled.
This saves an unnecessary call to auth_enabled_helper.
2019-03-17 15:19:06 -07:00
Tim Abbott cb78ddc491 models: Fix performance of supported_auth_backends with caching.
See the comment, but this is a significant performance optimization
for all of our pages using common_context, because this code path is
called more than a dozen times (recursively) by common_context.
2019-03-17 15:14:05 -07:00
Tim Abbott 79ae9175bb context_processors: Avoid useless duplicate queries for realm object.
We have a few code paths that call get_realm_from_request multiple
times on the same request (e.g. the login page), once inside the view
function and once inside the common context processor code.  This
change saves a useless duplicate database query in those code paths.
2019-03-17 14:08:53 -07:00
Tim Abbott f270e354b1 login: Fix unnecessary queries on /login/ in development.
This block of code with 2 database queries is solely for the /devlogin
endpoint.  Removing that block from the /login code path makes it
easier to test /login perf in development.
2019-03-17 14:03:57 -07:00
Tim Abbott 0a7b6909b9 login: Fix a useless query with DevAuthBackend.
This block was setting `realm` to a value that it already was if you
read a bit further up in the function.
2019-03-17 14:03:27 -07:00
Hemanth V. Alluri 1269b72f47 context_processors: Do not render inline previews for realm description.
We never intended to render them for this use case as the result would
not look good, and now we have a convenient bugdown option for
controlling this behavior.

Since we're not storing the markdown rendering anywhere, there's
conveniently no data migration required.

Fixes #11889.
2019-03-17 13:55:10 -07:00
Mateusz Mandera a269c4bdd4 email_mirror: Make email_token a unique column of Stream. 2019-03-17 12:55:35 -07:00
Eeshan Garg 623ee15bee webhooks/bitbucket: Account for missing user info.
According to our logs, some BitBucket enterprise payloads may
not contain the name of the user who pushed all the commits.
2019-03-16 15:09:03 -02:30
sameerchoubey a47edd4fc8 webhooks/jira: Use dictionary to map events to functions. 2019-03-16 14:27:00 -02:30
Ben Muschol d526ff00f2 settings: Rename "user avatar" to "profile picture"
This renames references to user avatars, bot avatars, or organization
icons to profile pictures. The string in the UI are updated,
in addition to the help files, comments, and documentation. Actual
variable/function names, changelog entries, routes, and s3 buckets are
left as-is in order to avoid introducing bugs.

Fixes #11824.
2019-03-15 13:29:56 -07:00
Tim Abbott 0a145f2203 test_email_notifications: Fix a potentially flaky test.
The previous code assumed the `zulip` realm had ID 1.
2019-03-15 11:02:17 -07:00
Tim Abbott c7ebfdc978 notifications: Rename test_notifications to test_email_notifications.
Similar to the last commit, this makes the scope of this test suite
clearer.
2019-03-15 11:02:17 -07:00
Tim Abbott 50dc317466 notifications: Rename notifications.py to email_notifications.py.
This library is entirely about email notifications specifically, and
this rename should help make the codebase more readable.
2019-03-15 11:02:17 -07:00
Tim Abbott 28a4c143c8 emails: Move clear_scheduled_*emails to send_email.py.
It more properly belongs as part of our outgoing email library, not
notifications.py (which is really about email notifications).
2019-03-15 11:02:17 -07:00
Raymond Akornor 89351cdd19 send_email: Add ScheduledEmail support for multiple recipients.
Follow up on 92dc363. This modifies the ScheduledEmail model
and send_future_email to properly support multiple recipients.

Tweaked by tabbott to add some useful explanatory comments and fix
issues with the migration.
2019-03-15 11:02:12 -07:00
Tim Abbott 4f02795830 home: Fix parsing bug for initial narrows.
There's more we'll want to do here, but this at least avoids error
emails when users attempt to misuse this interface.
2019-03-14 14:53:03 -07:00
Tim Abbott 983e24a7f5 auth: Use HTTP status 404 for invalid realms.
Apparently, our invalid realm error page had HTTP status 200, which
could be confusing and in particular broken our mobile app's error
handling for this case.
2019-03-14 13:50:09 -07:00
Puneeth Chaganti d75d2c9974 soft-deactivation: Run catch-up when "auto" deactivate is run.
When soft deactivation is run for in "auto" mode (no emails are
specified and all users inactive for specified number of days are
deactivated), catch-up is also run in the "auto" mode if
AUTO_CATCH_UP_SOFT_DEACTIVATED_USERS is True.

Automatically catching up soft-deactivated users periodically would
ensure a good user experience for returning users, but on some servers
we may want to turn off this option to save on some disk space.

Fixes #8858, at least for the default configuration, by eliminating
the situation where there are a very large number of messages to recover.
2019-03-14 11:53:15 -07:00
Puneeth Chaganti c61d3420e8 soft-deactivation: Extract getting users from emails to a function. 2019-03-14 20:57:00 +05:30
Puneeth Chaganti f5c61e7d31 soft-deactivation: Patch logging.info to clean up test output. 2019-03-14 09:26:25 +05:30
Puneeth Chaganti ff07ca7417 soft-deactivation: Slightly improve the test for catching up users. 2019-03-14 09:26:06 +05:30
Puneeth Chaganti cf65136002 soft-deactivation: Add code to catch up soft deactivated users. 2019-03-13 17:23:14 -07:00
Puneeth Chaganti 52afbe5e8d soft-deactivation: Rename maybe_catch_up_soft_deactivated_user.
Rename `maybe_catch_up_soft_deactivated_user` to
`reactivate_user_if_soft_deactivated`.
2019-03-13 17:16:22 -07:00
Puneeth Chaganti 7f06f6bd73 soft-deactivation: Raise exception with all missing emails at once. 2019-03-13 17:16:22 -07:00
Puneeth Chaganti 82d9789d93 soft-deactivation: Paginate bulk creation of UserMessage rows.
A user who has been soft deactivated for a long time might have 10Ks of message
history that was "soft deactivated". It might take a minute or more to add
UserMessage rows for all of these messages, causing timeouts. So, we paginate
the creation of these UserMessage rows.
2019-03-13 17:16:22 -07:00
Puneeth Chaganti 8c5a0f585b soft-deactivation: Clarify that value being fetched is recipient_id. 2019-03-13 17:16:22 -07:00
Puneeth Chaganti 4d77ffe2cb soft-deactivation: Refactor fetching list of existing UserMessages. 2019-03-13 17:16:22 -07:00
Puneeth Chaganti 8c5425e33a soft-deactivation: Remove unnecessary select_related calls.
It will become more clear in the upcoming commits, but these calls
aren't actually useful as we're only extracting a few IDs.
2019-03-13 17:15:50 -07:00
Harshit Bansal 262eb42b77 auth: Reverse the `sort_order` parameter's semantics.
This will make sure that if a backend doesn't specify a values for
`sort_order` parameter then it will sorted to the bottom not at the
top.
2019-03-13 14:44:57 -07:00
Tim Abbott 412d35900f slack import: Fix handling of tombstone files.
Apparently, the mode attribute is not always present.
2019-03-13 14:39:20 -07:00
Tim Abbott 76a06c8e54 send_test_email: Clean up output and provide advice.
Previously, while we sent emails using both noreply addresses, we
didn't make clear what was going on, leading to some potential
confusion.
2019-03-13 14:27:52 -07:00
Tim Abbott 662fa037f2 events: Don't assume that streams/subscriptions were requested.
This fixes a bug in our race condition handling in the case that
streams and/or subscriptions register content was not requested by the
client.
2019-03-13 14:12:59 -07:00
Tim Abbott 4694de31c5 tests: Fix linter error in test_management_commands. 2019-03-13 14:06:46 -07:00
Tim Abbott 49680a4503 slack import: Skip processing tombstone files.
The tombstone files undocumented feature of Slack's export format
appears sometimes and has no real data, so we just need to skip these.

Fixes #11619.
2019-03-13 12:43:11 -07:00
Hemanth V. Alluri 99c3e2ecdc management: Support sending custom headers when testing a webhook.
this commit adds an option to specify custom headers when using the
`./manage.py send_webhook_fixture_message` tool.
2019-03-13 12:40:47 -07:00
vsvipul e859ab7545 portico: Fix broken electron check condition for password reset.
This logic for passing through whether the user was logged in never
worked, because we were trying to read the client.

Fix this, and add tests to ensure it never breaks again.

Restructured by tabbott to have completely different code with the
same intent.

Fixes #11802.
2019-03-12 11:25:29 -07:00
Harshit Bansal a6e523f9e4 ldap: Ensure email is valid for realm before registering.
Previously, the LDAP authentication model ignored the realm-level
settings for who can join a realm.  This was sort of reasonable at the
time, because the original LDAP auth was an SSO solution that didn't
allow multiple realms, and so one could fully configure authentication
settings on the LDAP side.  But now that we allow multiple realms with
the LDAP backend, one could easily imagine wanting different
restrictions on them, and so it makes sense to add this enforcement.
2019-03-12 11:09:18 -07:00
Challa Venkata Raghava Reddy b69aec2dbc streams: Add first_message_id tracking first message in stream.
This field is primarily intended to support avoiding displaying the
"more topics" feature in new organizations and streams, where we might
know that all messages in the stream are already available in the
browser.

Based on original work by Roman Godov, and significantly modified by
tabbott.

The second migration involved here could be expensive on Zulip Cloud,
but is unlikely to be an issue on other servers.
2019-03-11 13:30:49 -07:00
Vishnu Ks 9671ed7bab subdomains: Extract get_subdomain_from_hostname function. 2019-03-11 12:01:11 -07:00
Rohitt Vashishtha 51986c27a5 markdown: Use common testcases for realmfilters in topics and messages.
The actual bug in #11791 was caused by code reverted in
3ed85f4cd7, so technically #11791 is
already fixed.  However, it makes sense to add tests to ensure that it
doesn't regress in the future as part of closing out the issue.

Fixes #11791.
2019-03-11 11:48:47 -07:00
Tim Abbott c05fb01cbf stream: Fix validator for stream colors.
Apparently, our new validator for stream color having a valid format
incorrectly handled colors that had duplicate characters in them.

(This is caused in part by the spectrum.js logic automatically
converting #ffff00 to #ff0, which our validator rejected).  Given that
we had old stream colors in the #ff0 format in our database anyway for
legacy, there's no benefit to banning these colors.

In the future, we could imagine standardizing the format, but doing so
will require also changing the frontend to submit colors only in the
6-character format.

Fixes an issue reported in
https://github.com/zulip/zulip/issues/11845#issuecomment-471417073
2019-03-11 11:43:39 -07:00
Eeshan Garg 222966b6ba webhooks/zapier: Support authentication for the Zapier Zulip app.
If the user sets up a Zap using an incoming webhook bot's API
key, the authentication goes through our webhook.
2019-03-11 10:54:55 -07:00
Eeshan Garg 7b6a37780a webhooks/github: Ignore organization and milestone events.
These events are not super useful and were cluttering up our
webhook logs.
2019-03-10 14:13:17 -07:00
Eeshan Garg 6afd02bef5 webhooks/github: Restrict membership event scope to teams.
According to GitHub's webhook docs, the scope of a membership
event can only be limited to 'teams', which holds true when a
new member is added to a team. However, we just found a payload
in our logs that indicates that when a user is removed from a
team, the scope of the membership is erroneously set to
'organization', not 'team'. This is most likely a bug on
GitHub's end because such behaviour is a direct violation of
their webhook API event specifications. We account for this
by restricting membership events to teams explicitly, at least
till GitHub's docs suggest otherwise.
2019-03-10 14:13:17 -07:00
Puneeth Chaganti abc9a7a4f9 digest: Use a list of Message objects to gather_hot_conversations.
Instead of a queryset of UserMessage objects, `gather_hot_conversations` now
accepts a list of Message objects.
2019-03-09 23:25:26 -08:00
Puneeth Chaganti cb5e9107f4 digest: Directly fetch recipient ids from the DB.
Instead of iterating over Subscriptions and creating the list of home view
recipients, the query now only fetches recipient IDs from the DB.
2019-03-09 23:25:26 -08:00
Harshit Bansal 94649f58f2 tests: Refactor `query_ldap()` and add complete test coverage. 2019-03-09 22:12:51 -08:00
Harshit Bansal b519e6594e management: Move `query_ldap` function to `zproject/backends.py`.
This will make it simpler to organize and unit-test all of our
authentication backend code.
2019-03-09 22:12:36 -08:00
Tim Abbott 873aca4a82 auth: Add detailed comments for auth subsystem.
Now that we've more or less stabilized our authentication/registration
subsystem how we want it, it seems worth adding proper documentation
for this.

Fixes #7619.
2019-03-09 22:08:13 -08:00
Mateusz Mandera edcb6d57fc email_mirror: Don't remove quotations from forwarded messages.
Addresses point 2 of #10612. We use a regex to detect if a form
of FWD indicator is present at the beginning of the subject, which
means the message has been forwarded.
remove_quotations argument is added to a couple of functions where
it's necessary.
In filter_footer, the criteria for a line to be a possible beginning
of a footer is changed to line.strip() == "--", instead of
line.strip().startswith("--"), because the former would remove
quotations from plaintext emails. This change makes sense, because
RFC 3676 specifies ""-- " as the separator line between the body
and the signature of a message":
https://tools.ietf.org/html/rfc3676
2019-03-09 15:36:17 -08:00
Mateusz Mandera 0633f268fb email_mirror: Move subject processing into process_stream_message.
We remove the 'subject' argument of process_stream_message and make
subject processing happen inside the function, as it's a more
appropriate place than the general process_message function and is
needed to have a good way of disabling removing quotations in forwarded
emails sent into the mirror.
2019-03-09 15:36:17 -08:00
Mateusz Mandera 518ccec235 test_email_mirror: Improve performance of subject stripping tests.
This used to have a single function test_email_subject_stripping which
would run through a sizeable list of example subjects from subjects.json
fixture, form an email with each subject, send it to the email mirror
and check if the resulting stream message has a correctly stripped
topic. That took too much time, because we run through the entire
process_message and most_recent_message codepaths a lot of times.
We change the way of testing to:
1. Ensure process_message applies subject stripping (only need to run
process_message twice here)
2. Test the strip_from_subject function separately, on all the example
from the subjects.json fixtures. This is very fast.
2019-03-09 23:15:41 +01:00
Mateusz Mandera 0d84be8e4b test_email_mirror: Clean up unnecessary use of "type: Any" on MIMEText.
The explanation on those type declarations referenced issue
https://github.com/python/typeshed/issues/275,
which has now been resolved.
2019-03-09 23:15:16 +01:00
YashRE42 a724a38c03 markdown: Improve handling of broken img urls.
Some urls which end with image file extensions (eg .jpg) may link to
html pages. This adds handling for linx.li, wikipedia.org and
pasteboard.co. If it is possible, we redirect to the actual image url
otherwise we do not attempt to render it as an image.

Fixes #10438.
2019-03-08 13:39:34 -08:00
Tim Abbott dbf7f8e193 zephyr: Fix handling of account deactivation.
When a Zephyr user deactivates their account, they should be
automatically turned into a mirror dummy user (so that other users can
continue to interact with them as normal for a Zephyr user who isn't
using Zulip).
2019-03-07 20:41:39 -08:00
Vishnu Ks a288cfc43a uploads: Show used upload space in attachments UI. 2019-03-07 20:18:00 -08:00
Tim Abbott 051bbf9f35 docs: Add some more links to new soft deactivation documentation. 2019-03-07 17:48:54 -08:00
Puneeth Chaganti 8ca4ca1400 digest: Don't update context with data already in common context. 2019-03-07 15:29:51 -08:00
Mateusz Mandera dbff533e09 email_mirror: Add the sender at the start of stream message.
Fixes part 3 of #10612. When sending an email to the email mirror to a
stream address, if "+show-sender" is added in the address, the stream
message will now include "From: <sender>" at the top.
2019-03-07 14:28:33 -08:00
Pragati Agrawal 60c7467464 test_events: Add test for `do_change_logo_source` event.
This adds tests for `do_change_logo_source` event in both day as well as
night mode in `test_event.py`.
2019-03-07 12:32:30 -08:00
Tim Abbott 99a2c21ff3 test_events: Fix incorrect usage of get_realm.
The test_events system was in several tests using get_realm to fetch a
realm object, rather than accessing self.user_profile.realm.  This
created subtle problems where we were neither directly editing nor
refreshing the `realm` object associated with our UserProfile object
from the database after our the `do_*` methods.

The payoff for this is we can update the previously confused
`do_change_icon_source` test to actually change the state and have the
correct result.
2019-03-07 12:29:16 -08:00
Pragati Agrawal 095e24c515 realm_logo: Update `upload_logo` views to return nothing. 2019-03-07 12:12:00 -08:00
Pragati Agrawal 276020445d realm_logo: Make `delete_logo_backend` views return nothing. 2019-03-07 12:12:00 -08:00
Pragati Agrawal 78e9ad3128 test_upload: Use actions.py do-change functions to change property. 2019-03-07 12:12:00 -08:00
Pragati Agrawal 0192f80d2e org_settings: Remove print statements.
This commit deletes the redundant `print` statement from the
`test_upload.py` file.
2019-03-07 12:12:00 -08:00
Rohitt Vashishtha 3ed85f4cd7 Revert "bugdown: Process word boundaries properly in realm_filters."
This reverts commit ff90c0101c but keeps
the test cases added for reference.

This was reverted because it was both not a clean solution and created
other realm filters bugs involving dashes (etc.).
2019-03-07 11:03:35 -08:00
Hemanth V. Alluri ae126c452b stream-descriptions: Create wrapper for rendering stream descriptions.
In commit de65a04 we can see that if the need ever arises to modify
how stream descriptions are rendered, we would need to make changes
at 5 different call points which can be quite cumbersome. So this
functionality has been extracted to a new method called
'render_stream_descriptions'.
2019-03-06 17:16:14 -08:00
Harshit Bansal 4a9bd89f47 ldap: Continue syncing other fields even if a field is missing.
Earlier the behavior was to raise an exception thereby stopping the
whole sync. Now we log an error message and skip the field. Also
fixes the `query_ldap` command to report missing fields without
error.

Fixes: #11780.
2019-03-05 16:19:27 -08:00
overide 58d28eed5d markdown: Fix emojis not rendering with :bogus: in the line.
This fixes an issue where invalid emoji name prevents following
emojis from rendering.

This reverts the code change in
8842349629, while still passing the
tests added in that commit (it seems the original commit had
misdiagnosed an ordering bug and thus introduced this issue).

Fixes: #11770.
2019-03-05 16:05:25 -08:00
Harshit Bansal 0be410d3fe refactor: De-duplicate code in `accounts_home.html` for social auth. 2019-03-05 14:02:12 -08:00
Harshit Bansal 3610aaece3 refactor: De-duplicate login button code in portico templates. 2019-03-05 14:02:12 -08:00
Vishnu Ks 8356804bf1 api: Add endpoint for fetching used upload space info. 2019-03-04 18:46:13 -08:00
Vishnu Ks ef3fbfeb98 events: Include realm_plan_type in initial state data. 2019-03-04 18:46:13 -08:00
Vishnu Ks 69627c9ee4 attachements: Send delete attachment event after deletion.
Also fix the mypy type of attachment_id.
2019-03-04 18:46:13 -08:00
Vishnu Ks 4eb5b9ad80 realm: Restrict upload quota according to plan. 2019-03-04 18:46:13 -08:00
Vishnu Ks 94ae2dc24e models: Cache currently_used_upload_space_bytes function. 2019-03-04 18:46:13 -08:00
Vishnu Ks cc9f00f53e events: Include realm_upload_quota in initial state data. 2019-03-04 18:46:13 -08:00
Vishnu Ks e522308507 models: Move currently_used_upload_space function to Realm model. 2019-03-04 18:46:13 -08:00
Tim Abbott 73655a6176 test_auth_backends: Disable Internet for httpretty.
This makes debugging issues when using httpretty a lot more
convenient.
2019-03-04 12:13:49 -08:00
Tim Abbott 6b796a1e8c test_auth_backends: Refactor some GitHub tests to be generic social.
This is preparation to being able to run these tests automatically
for the Google auth backend as well.
2019-03-04 12:13:11 -08:00
Harshit Bansal 216b7b0a19 auth: Remove `invalid_subdomain` restriction from LDAP backend.
Fixes: #11692.
2019-03-04 11:53:53 -08:00
Tim Abbott 16123c9a58 realm_logo: Fix synchronization of realm night logo.
The night logo synchronization on the settings page was perfect, but
the actual display logic had a few problems:

* We were including the realm_logo in context_processors, even though
  it is only used in home.py.
* We used different variable names for the templating in navbar.html
  than anywhere else the codebase.

* The behavior that the night logo would default to the day logo if
  only one was uploaded was not correctly implemented for the navbar
  position, either in the synchronization for updates code or the
  logic in the navbar.html templates.
2019-03-02 09:45:50 -08:00
Puneeth Chaganti 8d927eee2f digest: Fix incorrect remaining_unread_pms_count calculation. 2019-03-02 08:48:00 -08:00
Bennet Sunder 7c5f316cb8 alert_words: Performance improvements in looking for alert_words.
This commit leverages the ahocorasick algorithm to build a set of user_ids
that have their alert_words present in the message. It runs in linear time
of the order of length of the input message as opposed to number of
alert_words. This is after building a ahocorasick Automaton which runs
in O(number of alert_words in entire realm) which is usually cached.
2019-03-01 15:36:39 -08:00
overide 0dcfc22406 markdown: Fix numbered list handling of blank lines between blocks.
This fixes an issue where blank lines between blocks were causing
auto-numbering of list to stop before the blank line resulting
in two separate numbered list instead of one.

Edited significantly by tabbott to explain the tricky details in the
comments.

Fixes: #11651.
2019-03-01 15:29:07 -08:00
Rafid Aslam 9038230de8 decorator.py: Add `max_int_size` param to `to_non_negative_int()`.
Add `max_int_size` parameter to `to_non_negative_int()` in
decorator.py so it will be able to validate that the integer doesn't
exceed the integer maximum limit.

Fixes #11451
2019-03-01 11:16:46 -08:00
Tim Abbott 9693d8a651 docs: Extend testing discussion in events system doc.
Importantly, this also makes that section linkable.
2019-03-01 09:23:56 -08:00
Eeshan Garg 9252c43225 api/streams: Support including bot owner's subscriptions.
This is important for situations such as with our Zapier app,
where the requesting user may be a bot that would like to access
its owner's subscriptions.

Tweaked by tabbott to eliminate the 2^N growth of cases in
do_get_streams.
2019-02-28 22:32:05 -08:00
Eeshan Garg 85f453998e webhooks/zapier: Remove code related to our official Zapier app.
Our official Zapier app now uses our JS bindings (zulip-js) to
call the API directly and doesn't need to go through the webhook
anymore for anything.
2019-02-28 22:09:35 -08:00
Raymond Akornor 4603cdba7e tests: Optimize a slow test in tests_bots.py.
tests now ran in 7.649s from 9.297s.  And this test works just as well
with 3 bots, since only 3 database queries with 3 bots confirms we're
not doing linear queries in the number of bots in the organization.
2019-02-28 22:01:55 -08:00
Rishi Gupta 48eb0c2358 help: Update start-a-call to include Hangouts and Zoom. 2019-02-28 17:11:27 -08:00
Tim Abbott de65a04ae0 streams: Disable inline URL preview when rendering stream descriptions.
We want to use the baseline features of bugdown, but not fancy things
like inline URL previews, since the whole structure of stream
descriptions is to have a single-line thing supporting some
formatting.

The migration part of this change fixes a bug encountered by some
organizations upgrading from older versions of Zulip.
2019-02-28 17:00:40 -08:00
Tim Abbott d6c09eac51 bugdown: Add support for no_previews argument.
This allows us to have some features using bugdown rendering where
inline image previews will not be rendered (which would be problematic
for e.g. stream descriptions).
2019-02-28 16:54:04 -08:00
Tim Abbott 62dc6dda49 guests: Block guest user access to default streams.
Guest users will just get an empty list of default streams; we also
hide the "Default streams" organization view from the guest users UI.

This is for consistency with not providing guest users the full list
of streams in an organization.
2019-02-28 16:36:30 -08:00
Tim Abbott 1ce0e8256b zoom: Avoid sending Zoom API secret to other admin clients.
Fixing this involves fixing the backend to handle unchanged field
submissions of the Zoom credentials without trying to re-validate the
credentials (for performance) as well as to fetch the already-sent
secret.
2019-02-28 15:43:42 -08:00
Rishi Gupta d833c70dc7 org settings: Explain Zoom support is experimental, and fix a few strings.
Visually, #zoom_help_text acts like
.organization-settings-parent div:first-of-type when the Zoom option
is selected, but isn't treated as such.

No visual change with the #google_hangouts_domain change; just there to make
the code more readable/defensible.
2019-02-28 15:09:35 -08:00
Anders Kaseorg 88e90d34b9 try_git_describe: Set cwd, not --git-dir.
git describe --dirty requires a working tree, not just a repository.

Signed-off-by: Anders Kaseorg <andersk@mit.edu>
2019-02-28 14:59:33 -08:00
Anders Kaseorg c6e60ebf0e backup: Set cwd while running pg_dump.
This avoids a spurious permission error inside the Postgres
`resolve_symlinks` function if we don’t have access to the current
working directory (e.g. we’re running with cwd /root inside `su
zulip`).

While we’re here, add a defensive `--` argument.

Signed-off-by: Anders Kaseorg <andersk@mit.edu>
2019-02-28 14:40:28 -08:00
Tim Abbott bc3b864754 export: Add a bunch of comments to our export tool. 2019-02-28 12:20:08 -08:00
Tim Abbott de6f724bc5 middleware: Avoid doing work for statsd when not enabled.
This saves about 8% of the runtime of our total response middleware,
or equivalently close to 2% of the total Tornado response time.  Which
is pretty significant given that we're not sure anyone is using statsd
in production.

It's also useful outside Tornado, but the effect is particularly
significant because of how important Tornado performance is.
2019-02-27 17:53:15 -08:00
Tim Abbott c955b20131 middleware: Don't repreatedly regenerate open graph functions.
This avoids parsing these functions on every request, which was
adding roughly 350us to our per-request response times.

The overall impact was more than 10% of basic Tornado response
runtime.
2019-02-27 17:53:13 -08:00
Tim Abbott cefebd87a4 docs: Mention bug in ALWAYS_SEND_ALL_HOTSPOTS feature.
This should avoid some wasted time.
2019-02-27 10:21:30 -08:00
Rishi Gupta 6d51b25fc6 help: Rework docs for joining and inviting. 2019-02-27 09:33:37 -08:00
Tim Abbott 216d2ec1bf production: Add optional support for submitting usage statistics.
See documentation for details.
2019-02-26 17:35:10 -08:00
Greg Price de2f1ee0c4 push notif: Make O(1) database queries in handle_remove_... 2019-02-26 16:41:55 -08:00
Greg Price b0a84cd7ab message: Add an O(1)-query variant of bulk_access_messages.
We'll use this in the push-notifications code, in a context where
there should definitely already be UserMessage rows if everything's
gone normally... but explicitly checking at the top seems like the
right pattern from a secure-coding perspective.
2019-02-26 16:41:54 -08:00
Greg Price 9869153ae8 push notif: Send a batch of message IDs in one `remove` payload.
When a bunch of messages with active notifications are all read at
once -- e.g. by the user choosing to mark all messages, or all in a
stream, as read, or just scrolling quickly through a PM conversation
-- there can be a large batch of this information to convey.  Doing it
in a single GCM/FCM message is better for server congestion, and for
the device's battery.

The corresponding client-side logic is in zulip/zulip-mobile#3343 .

Existing clients today only understand one message ID at a time; so
accommodate them by sending individual GCM/FCM messages up to an
arbitrary threshold, with the rest only as a batch.

Also add an explicit test for this logic.  The existing tests
that happen to cause this function to run don't exercise the
last condition, so without a new test `--coverage` complains.
2019-02-26 16:41:54 -08:00
Greg Price 28ff9670de push notif: Push `gcm_options` logic inside "payload" helpers.
These are logically closely related.
2019-02-26 16:41:54 -08:00
Greg Price 8f26e12c85 push notif: Clarify get_*_payload, and factor another out.
This is a pure refactor; adding docstrings, making some names more
explicit, and pulling out one small helper.
2019-02-26 16:41:54 -08:00
Greg Price 69ded8b1b4 push notif: Drop irrelevant fields in `remove` payloads.
These fields don't make much sense in this case; and the client
doesn't look at them and never has.  Stop including them.
2019-02-26 16:41:54 -08:00
synicalsyntax 33bd52388a integrations: Rename social media logos to bypass Adblock Plus.
Adblock Plus's "Block social media icons tracking" setting blocked
integration logos for social media platforms from loading, so the logos
are renamed to bypass this.

Fixes #11590.
2019-02-23 10:56:43 -08:00
synicalsyntax d6483a99d0 integrations: Update xkcd logo. 2019-02-22 18:16:29 -08:00
Anders Kaseorg f1ec67c614 python: Mark intentionally unused imports with noop statements.
Signed-off-by: Anders Kaseorg <andersk@mit.edu>
2019-02-22 16:54:47 -08:00
Anders Kaseorg 649235cfec python: Remove unused imports.
Signed-off-by: Anders Kaseorg <andersk@mit.edu>
2019-02-22 16:54:36 -08:00
Eeshan Garg 8821b5a903 webhooks/pagerduty: Account for missing trigger summary data.
Some incoming payloads do not include details such as the trigger's
summary and description.
2019-02-22 15:59:28 -08:00
Eeshan Garg 912931e1bc webhooks/trello: Support updateCheckItemStateOnCard events. 2019-02-22 15:59:28 -08:00
Eeshan Garg 788dd48c93 webhooks/trello: Ignore createCheckItem events.
Notifications for every check item that is added to a card's
check list would be too noisy.
2019-02-22 15:59:28 -08:00
Eeshan Garg 9af2aa5566 webhooks/trello: Recommend wrapping webhook URL in quotes.
The ampersand in the query string of a URL can confuse bash,
leading to situations where anything in the URL beyond the
ampersand isn't parsed.
2019-02-22 15:59:28 -08:00
Challa Venkata Raghava Reddy e7fb19c8b0 invitations: Fix email validation errors for deactivated accounts.
This provides a much clearer error message when trying to invite a
user who has a deactivated account.

Fixes part of #8144.
2019-02-22 14:27:22 -08:00
Eeshan Garg cfe0f6b56d webhooks/clubhouse: Account for bug in GitHub branch payloads.
This change was prompted by a possible bug on Clubhouse's end. In
general, if a branch is added, it also prompts a workflow state
transition in its primary story.

However, our webhook error logs show an erroneous payload where
the same branch is added to another story, but there is no
workflow state transition. Also, both the stories are grouped in
the same payload, which confused/broke our code. Ideally, this
shouldn't happen and is most likely a bug on Clubhouse's end.
In most cases, changes included in Clubhouse payloads never
pertain to more than one parent entity (stories) simultaneously,
and we usually operate under the assumption that the changes
included therein are related to each other in terms of their
parent object (story or epic) and not a child object (the GitHub
branch).
2019-02-20 16:32:42 -08:00
Eeshan Garg 76b1a8379b webhooks/clubhouse: Support epic_archive events. 2019-02-20 16:32:42 -08:00
Eeshan Garg 51a1b76a1f webhooks/clubhouse: Ignore story comment updates.
Comment updates in general aren't very informative.
Plus, errors for this event type were cluttering up our
webhook logs.
2019-02-20 16:32:42 -08:00
Eeshan Garg 76e58d05cb webhooks/jira: Ignore a few noisy events.
UnexpectedWebhookEventType errors for these events were cluttering
up our webhook error logs.
2019-02-20 16:32:42 -08:00
Eeshan Garg fa29006311 webhooks/github: Ignore check_suite events.
A check suite is a collection of check runs. We care a lot more
about the outcomes of check runs in this case because check_run
payloads are a lot more informative than check_suite payloads.

(And in any case, the check_suite events are primarily for notifying
tools like CI to run checks).
2019-02-20 16:32:42 -08:00
Eeshan Garg a0717e4424 webhook/github: Support check_run events.
We only support notifications for events where a check run has
completed. Notifications for when a check run has been queued or
is in progress are not very informative and may be too noisy.
2019-02-20 16:32:39 -08:00
Tim Abbott cbc62b8e07 streams: Prevent creation of multi-line stream descriptions.
We do not anticipate our UI for showing stream descriptions looking
reasonable for multi-line descriptions, so we should just ban creating
them.

Given the frontend changes, multi-line descriptions are only likely to
show up from importing content from other tools, in which case
replacing newlines with spaces is cleaner than the alternative.
2019-02-20 12:28:00 -08:00
Rohitt Vashishtha 44ec83ef28 markdown: Render silent mentions as **name**.
This change should help people discover to distinguish
silent mentions in text as a part of Zulip syntax while
differentiating them from regular mentions.
2019-02-20 10:41:42 -08:00