This commit separates the `waiting_period_threshold` setting from
the `create_stream_policy` setting, adding a new setting that the user
can use to select a waiting period threshold.
Both the invite to stream policy and create stream policy now have
three options: admins only, members and admins, or members after
waiting period/admins.
`realm_invite_to_stream_by_admins_only` doesn't appear elsewhere in our
codebase. Introduced in 272ed90, so I'm guessing this is the intended
value.
Co-Authored-By: Rishi Gupta <rishig@zulipchat.com>
The value in the handlebars template for `invite_to_stream_policy`
is inconsistent with the value in the js file. Changing all three
occurances to a third value, since that's the one we'll want moving
forward.
Co-Authored-By: Rishi Gupta <rishig@zulipchat.com>
Mostly rewritten by Tim Abbott to ensure it correctly implements the
desired security model.
Administrators should have access to users' real email address so that
they can contact users out-of-band.
In email hidden case (that is when `email_address_visibilty` is set to
everyone), for "non admins", this commit hides emails from:
- compose box user typeahead.
- PM user typeahead
In email hidden case, for admins, email is shown in user typeaheads.
In email hidden case (that is when `email_address_visibilty` is set to
everyone), for "non admins", this commit hides emails from:
- user popover
- custom profile popover
In email hidden case, for admins, email is shown in both user popovers and
custom profile popovers.
Along with this, we refactored settings_org.populate_auth_methods to use
HTML function after rendering all auth methods rows rather than appending
each row individually, which actually is a good practice.
Also in this commit, to compare `current_val` and `changed_val` in
`check_property_changed` function of the property
`realm_authentication_methods`, which are objects, and we found here
https://stackoverflow.com/a/1144249 that there is no easy way to do so. So
I followed this approach,
```js
JSON.stringify(obj1) === JSON.stringify(obj2)
```
but before converting them to string we want the same order of keys, so we
used `sort_object_by_key` to sort `current_val` by keys and
`get_auth_method_table_data` always return `changed_val` having keys
sorted.
Since these refactor were closely related we kept them as a single commit
here.
Fixes: #11954.
Actually, this is a preliminary commit which adds a general
`sort_obj_by_key` function to sort objects according to keys.
In this commit, we have refactored `populate_auth_methods` function by
extracting the logic for the desired `sort_obj_by_key` and used that to
sort `auth_methods`, but the main motive of this function is to sort
`realm_authentication_methods` in `check_property_changed` to sort
`current_val` in the upcoming commit.
This commit also adds a small functionality change where the results of
each webhook fixture message sent is now displayed to the user.
With a small tweak by tabbott to fix a styling bug.
Fixes#12122.
Note: If you're going to send fixtures which are not JSON or of the
text/plain content type, make sure you set the correct content type
in the custom headers.
E.g. For the wordpress fixtures the "Content-Type" should be set to
"application/x-www-form-urlencoded".
With perfectScrollbar, we needed to call a function from JavaScript to
enable a scrollbar on a new element, but simplebar has a much simpler
default API one can do by using data-simplebar attributes in the HTML.
So we can delete all the scrollbar creation/deletion code.
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
Instead of deleting and rebuilding #private-container every time its
contents need to be updated, just replace its contents. This
eliminates some scrollbar flashing.
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
perfect-scrollbar replaces both the appearance and the behavior of the
scrollbar, and its emulated behavior will never feel native on most
platforms. SimpleBar customizes the appearance while preserving the
native behavior.
Signed-off-by: Anders Kaseorg <andersk@mit.edu>
This commit introduces a simple field where the user can now specify custom
HTTP headers. This commit does not introduce an improved system for storing
HTTP headers as fixtures - such a change would modify both the existing unit
tests as well as this devtool.
Send at most 1k message ids in a single read flag request to avoid locking
large number of rows in server database in a single request and avoid long
processing time.
Fixes#11956.
This commit adds a new developer tool: The "integrations dev panel"
which will serve as a replacement for the send_webhook_fixture_message
management command as a way to test integrations with much greater ease.
When guest user is subscribed to public stream, it throws json
error. Because when guest user is subscribed to public stream,
the `stream-sub-count` element is not initialized.
This commit fix this error, by editing the function
`rerender_subscribers_count` to intialize the element
first, when guest user is subscribed.
This commit add code to redirect guest users to
subscribed-stream-tab and removes the recently-unsubscribed
stream from settings tab on unsubscription.
Apparently, while b38ae6e0ed was correct
for the default Zulip UI, it was not correct for the fluid width case,
where we did actually want to override the 1400px width rule for the
non-fixed `.app-main` element.
The right fix here is to add an additional CSS rule tweak to our
scrollbar logic. This has been carefully tested with both initial
setting states as well as toggling the state.
In a838de63d8, we incorrectly changed
the selector for accessing .fixed-app .app-main to just be .app-main,
which resulted in it affecting parts of the site it should not have.
The end result was a significant layout regression of the floating
recipient bar at some widths.
This commit migrates the Subscription's notification fields from a
BooleanField to a NullBooleanField where a value of None means to
inherit the value from user's profile.
Also includes a migrations to set the corresponding settings to None
if they match the user profile's values. This migration helps us in
getting rid of the weird "Apply to all" widget that we offered on
subscription settings page.
The mobile apps can't handle None appearing as the stream-level
notification settings, so for backwards-compatibility we arrange to
only send True/False to the mobile apps by applying those defaults
server-side. We introduce a notification_settings_null value within a
client_capabilities structure that newer versions of the mobile apps
can use to request the new model.
This mobile compatibility code is pretty effectively tested by the
existing test_events tests for the subscriptions subsystem.
If MAX_FILE_UPLOAD_SIZE is set to 0, then UI elements like the upload
icon in the compose and message edit UI and "Attachments" menu in
"/#settings" are not displayed.
A different error message is also displayed if a user tries to drag and
drop or paste a file into the compose message box.
Fixes#12152.
This adds three bools to message_container object which calculate bools
where the "(EDITED)" label should appear:
* `edited_in_left_col` -- when label appears in left column.
* `edited_alongside_sender` -- when label appears alongside sender info.
* `edited_status_msg` -- when label appears for a "/me" message.
We use the new bools and remove the complicated if else statements
from the templates for the "(EDITED)" label.
This also allows us to add a unit test to verify the logic.
This commit renames the `create_stream_permission` field in the
templates to `create_stream_policy`, matching the field used in the
database model. This matches what `invite_to_stream_policy` does and
will be clearer when the `waiting_period_threshold` is split into its
own field.
This commit replaces the `create_stream_by_admins_only` setting with a
new `create_stream_policy` setting, which mirroring the structure of
the existing `invite_to_stream_policy`.
This is important preparation for migrating the waiting period feature
to be its own independent setting.
Fixes#12236.
The error message, that is displayed when a user tries to upload a file
larger than the allowed size, currently displays a hardcoded max file
size of 25MB.
Changed this to show the correct max_file_upload_size value that has
been set by the server admin.
Fixes#12251.
Previously when disabling name changes in server settings, instead
of realm settings, the name edit button did not get disabled.
Changing name resulted in a message stating `no changes made`.
Fixes#12132.
Realm setting to disable avatar changes is already present.
The `AVATAR_CHANGES_DISABLED` setting now follows the same
2-setting model as `NAME_CHANGES_DISABLED`.
This is useful when syncing avatars from an integrated LDAP/active
directory.
The upload avatar and delete avatar buttons are hidden if avatar
changes are disabled and the user is a non-admin.
If the user has a gravatar set, then the user will not be able to
upload an image as their avatar if avatar changes are disabled.
Part of #12132.
Update stream-subscription-row in stream settings, when
subsctiption add/removal event is received. This is only
to show dynamic effects to user on sub events.
This adds the same "x" button as we have in "stream search" or "people
search" to the user status modal.
The button is shown if someone types something, or if the status
message was already set (meaning there was already a value in the
input field). If the input field is empty, the button is not visible.
This fixes the follow-up comments from #12179.
This commit removes code to update-stream-privacy-btn
in stream settings from update-sub-settings function.
Because stream-privacy-btn is not part of regular
sub-settings, it is admins only settings.
When user unsubscribe from stream by clicking on
subscription-checkmark, the URL changes to unsubscribed
stream but stream settings UI is not updated.
We should change URL and stream settings modal
simultaneously. This PR moves update-hash function
inside open-stream-modal function, which make sure that
URL is getting updated everytime open-stream-modal
function is called and not otherwise.
This commit adds `stream_ui_updates.js` module. This module
will includes functions which will update different ui elements
(i.e. subscription button, subscriber count).
This commit creates a new organization setting that determines whether
a user can invite other users to streams. Previously this was linked
to the waiting period threshold, but this was both not documented and
overly limiting.
With significant tweaks by tabbott to change the database model to not
involve two threshhold fields, edit the tests, etc.
This requires follow-up work to make the create stream policy setting
work how this code implies it should.
Fixes#12042.
This commit adds a `insert_tip_box` function and thus adds a
`organization-settings-tip` handlebars file to add a genaralised tip for
all organization settings pages. This further removes the code for tipbox
which was added in `populate_auth_methods` functions, as it wasn't making
sense there, making it more clear and readable.
This commit adds a class prop-element for all the property elements, so
that later on we can directly use this to access elements.
In `get_subsection_property_elements`, we were finding these elements using
a makeshift method, where we were finding all these elements by mentioning
all input elements, textarea, select elements, which is not a desirable
method.
So now, here in `get_subsection_property_elements` function, we are finding
these properties using the newly added class `prop-element` which makes
code more clear and readable.
In handlebars and settings_org.js, the subsection in which
`realm_message_retention_days` property lies doesn't agree, and this wasn't
observed for a long time as it's disabled, still to make things right, in
this commit we have moved the logic which handles the collection of data
from `other_permission` to `other_settings` as it makes more sense there.
This is a small patch to fix the error message an admin would receive if
they tried to change bot info and owner from the "bots" setting of the
organization settings panel.
Hemanth V. Alluri
David Wood
Kanishk Kakar
Aditya Bansal
Joshua Pan
Pragati Agrawal
Tim Abbott
Rishi Gupta
Anders Kaseorg
Anders Kaseorg
Mohit Gupta
vinitS101
Vaibhav
Yashashvi Dave
Puneeth Chaganti
Harshit Bansal
ruchit2801
Vishnu Ks
Shubham Padia
Alexandra Ciobica