This would have made reactivations hard, and doesn't really buy us much
additional security.
During deactivation, all a user's current sessions are deactivated and
they are marked as not active. This prevents them from logging in via
the web UI, and makes their API key unusable.
Randomizing their password is probably gratuitious, especially as we
start to allow authorized end-users to deactivate others.
(imported from commit c63d23816da0452a1df821f2fa6c1db2761733da)
Prior to this commit, populate_db would crash if you had ever deactivated
a user in your development instance's message log.
(imported from commit 227b2c0226a46ef5680443d3dbf62a13ce961e64)
This reduces roundtrips hopefully and will provide a friendlier error
message than what would otherwise be produced by Django.
(imported from commit 034aeef00043e3bf059583770f6c08c4f73ceeb5)
Previously we rested on the safety of randomised API keys to ensure that
deactivated users could not use the product. Here, we add an explicit check
to prevent that.
(imported from commit e32f355fb35b898d43503b96efb291f795aac881)
Deleted in 064c159, but it's still used. For some reason, nginx still
serves it on staging and prod despite it being deleted from git.
(imported from commit 11d6d29f974caca6c75d36f273674d3084ad9182)
Fixes the JS traceback "'null' is not an object" introduced in b67e52d.
Testing: Receive a message when narrowed to a different subject, with
the window focused.
(imported from commit 54b9e7924a2bf66ba5cc9799fc3687a084496465)
Fixes the JS traceback "Selected message id not in MessageList"
introduced by b67e52d
Testing:
* Narrow to a subject and send a PM
* Narrow to a PM recipient and send a stream message
* Narrow to a subject and send a stream message to a different subject
(imported from commit 1171c3f97813dc7db891042906762be8afb2a1b5)
This reverts commit f8fbf70c8502370a78159e24f3cf9589fb9d384f, since
we're waiting on some Firefox and no-hover fixes.
(imported from commit 6b13f5bb9d907303ab311afd7da584bc06538c91)
(The dead code made sense in the very early phases of sketching out
the feature, but it's no longer executed.)
(imported from commit 464145f227ddb25f0554bbbade0b0e3e0e399bc3)
This is slightly inconsistent, but keeps the unread count from decreasing
when narrowing and un-narrowing.
(imported from commit 185e8653c31a312c166e784b335ae7ae7e9b78e9)
Previously we added code which prevented us from serving custom fonts to
Humbug Desktop user agents due to concerns QtWebKit bugs with
@font-face.
On OS X, we use the system WebKit so we don't have this bug. In fact,
the aformentioned change caused us to have no custom fonts at all on Mac
systems!
Here we fix this by resuming the serving of such fonts to Macs.
(imported from commit b222e9dd721914d17aed8341244cfb5c71149a12)
I tried 30px at first, but I think a slightly bigger avatar helps
fill out the table a bit. It should be easier to tweek these in
CSS now, although Allen agrees with me that the tabular display
may be short lived when we add edit/delete features.
(imported from commit b4d69cddf63fa122374e20731a5755e7dec86304)
The JS tests would fail on the second run due to memcache having
dirty data. This change sets a new KEY_PREFIX whenever you launch
a server in test mode.
(imported from commit 4d41e6b79ab3bb7cb4c96b37050f0b1c9abc6b5e)
We did this as a hack to prevent traffic while you were in the
tutorial. In the revised tutorial, we want you to see your actual
streams while you go through it, and we'll instead store the events
client-side for processing after you finish.
(imported from commit 75af93d0661c9d14b2c85624aef3f71a78053980)
We did this to check if you sent a message that would progress the
tutorial. Since the tutorial is getting overhauled we don't need this
anymore.
(imported from commit 25ee55ab034fff42a220ddd7b222b3f7459af3a1)
* This makes bugdown.convert take a `message` parameter. Properties
for parsed mentions are added to the message object by the `Pattern`
for use in do_send_messages.
* Refactor repeated markdown rendering code into `Message` model methods.
(imported from commit 4f0ed5570104c0210f984b6de21e9048e2b53fa0)
We use get_user_profile_by_email() in all our tests now, as it
gives us code coverage on the function itself, and it should be
faster for tests that call it multiple times.
(imported from commit 51ebffb193980fd6f81b0ef5574d96cd92e87364)
This uses a new configuration that enables memcache, but we have
to be careful to bounce KEY_PREFIX on every new test, since data
gets rolled back in the databases between tests, but not in
memcached. We had to break up one test to work around UserProfile
objects actually being cached.
(imported from commit f201cf9cd9e0e4c61d3c384fa8d2bbd5134161e8)
The goal here is to make it easier to do ad hoc profiling on
our codebase, particularly by running tests.
(imported from commit 71da06feb3a369dec8dc4d8391f7f40e4c2d02ff)
After fixing the high numbers of database queries earlier in this
branch, I found that sending 500 RabbitMQ messages for a bulk change
in subscriptions was consuming more than half the time for these (and
then we'd end up with 500 events in a queue). To handle this, we
create a "user X subscribed to these N streams" event, rather than
sending one event for each individual subscription.
(imported from commit 44a34a9fab9b67e9f0da6fee53335d8c5030392b)
This improves the performance of unsubscribing to N streams by more
than a factor of 10 for large N.
(imported from commit a529e6d3ac4452f49c2294908d275280019bbd05)
Otherwise we could in theory make dozens or hundreds of
memcached/database queries to handle a narrow.
(imported from commit 232f38d8c005b9aef6f12f2f9a4d68a19134d038)
Previously we only used bulk queries when adding many users to a
single stream, resulting in very slow performance when subscribing
users to large numbers of streams (as happens when setting up a new
MIT realm user).
(imported from commit 849fa7b2a1a146c0a9adc1c727c20c9fbfb7b425)
This comment was only ever accurate for prototype versions of
bulk_add_subscriptions prior to it being committed to master.
(imported from commit 89b9dc49423c45553cb6c810d97eea4583ff0f69)
The message_stream_count() function uses Django's count() method,
which is more efficient than doing len() on array of full objects.
(imported from commit 9c20a89a2cd02d9d39341132330d03a7f6c8be25)
This change removes an "if True:" that was
introduced to make the prior commit a bit more readable.
It also combines two loops, since the second loop is no
longer conditional.
(imported from commit df58f1e5de72d5669f6468fbff54fb62cd22cedb)
The tests in GetUpdatesTest had some callback logic that has
been dead code for at least three months. We now fully exercise
the callback codepath and make sure that the callbacks do happen.
(imported from commit f5d8fbab28ecc34dc81d3d0c29058b66c10f378f)
These contain timerender spans with unique IDs. If this string is cached
and re-used in a narrowed view, there are elements with duplicate IDs,
and only one of them is updated at midnight.
(imported from commit 29469fb5f0d8a9b7fe7988849d2936c49d4a038d)
As of f69d01b and e4a9f80, timerender only deals with the date part.
Since the time does not change when the friendly dates are updated,
just append the time outside of the span.timerender.
(imported from commit 18ec93550782c6fa8447ebc608f95da79d28dc8d)
QTBUG-3467 prevents non-normal-face @font-face fonts from being used when
defined as such in CSS. To work around this, the desktop applications now
ship the Humbug font themselves, and this commit causes the server to no
longer send the problematic CSS rules to those clients.
We have some duplication insofar as we now have two minified CSS files, but
this is better than conditionally applying the CSS at page runtime.
(imported from commit 9a887f9fb8002d44171d366d1249ebbf21cc9c77)
Trac #1403.
This shows the 5 most recent subjects, as well as any others with unread messages. This
requires tracking all subjects and filtering at display time, rather than filtering when
building the subject list.
(imported from commit 8bda7d50e6785a6e70abea4b3af4d03a16d076d3)
(The file-input widgets that come with browsers are ugly and
nonstandard across browsers, so it is a common technique to
have your own button that controls the file upload, and it
delegates to a hidden copy of the browser file-input widget.
We also allow you to clear the file.)
(imported from commit b55ef655e75746330dc3cc396cb908670e5019cc)
The add-bots form used to have a landscape alignment, as it was
integrated into the same HTML table that showed your existing bots.
This became unwieldy once we allowed users to upload avatars.
(imported from commit 246a35be77ce1679d595271e6911dc339a6813ab)
Caveats:
- Since Chrome has trouble using W3C Notification when it's not
initiated by a user gesture, we try to use webkitNotification first.
- FF doesn't allow iconUrl to be of a different origin, so it won't display
our gravatars
(imported from commit c4f99ce6927a0d203d9f220d50b06737779bd7f8)
Previously, every function which had the @json_* decorators on it
would independently call get_client when views.py was imported; we
resolve this using a small bit of in-memory caching, which is safe
since Client objects are immutable.
This also more generally cleans up the code path to be more common
between the API and JSON views.
(imported from commit 674ea327fc4cb5fa982a75e388f0b604bae66567)
Previously some database queries that happened prior to the request
could be counted as part of the request's in-database processing time,
resulting in confusing output where get_events spent more time doing
database queries than the total time spent processing the request.
(imported from commit 509247462d276d6020a2970f62edb33a1d633087)
As does the hotkey "i". It's somewhat less appropriate because it's all actions,
but it's where our "info" menu used to be, and we can workshop a better one. "a"
feels weird to me, but maybe it's just me.
You can also hover on the .message_content to see a popover with extra message details
This is for Trac #1334.
(imported from commit f8fbf70c8502370a78159e24f3cf9589fb9d384f)
This mostly applies to the previous two commits. In principle,
this could be teased out and merged into them, but the hassle
here doesn't totally seem to be worth it.
(imported from commit ee2469ca3762c50c6db49b93eec02b32589eafe3)
* Switch to a 2-column layout by removing the old unused message tools
column and the pointer columns.
* Change column spans to 2 instead of 4.
* Change recipient bar to have a colorblock on the left.
* Add a special "last_message" class to messages that appear last
in a message block.
(imported from commit 55036587445c699d5c55d52b0236daf402a80cff)
Previously, we'd highlighted the top of the block. The theory here is
that it will make things less visually cluttered/noisy, which should
improve readability.
(imported from commit f94ec6b8e55aef9c2413718aea23b1124f5308e7)
This allows us to do some nice styling on the final message in a group
(in this commit series, this leads to some gently rounded corners.)
(imported from commit 86e7e8586dd4ee3cd8d4ce3be43fd2abab3f1d16)
Showing a user's bots in alphabetical order leads to a mildly
confusing experience when we append a new bot to the end of the
table, but then you hit refresh, and the new bot goes to a different
position. Since any given user is unlikely to have zillions of
bots, I don't think we need alphabetical order to help them find
old bots.
(imported from commit 4f19dbd7a016e7d867e88248190849dcd52c6d71)
(and remove the colon after the sender name to make them more
consistent with our desktop notifications.)
(imported from commit f2f9e1ecf7766c717fe7afb0559c4771081c255b)
This stop words file is just the default Postgres english stop file
with all the rest of the letters of the alphabet added. Adding the
extra letters ensures that, e.g., "bed" doesn't get transformed into
"bed | b".
(imported from commit 0be3ef9a43eb524ed4f081d5081a786cf602c487)
Compare two user objects by id to prevent false negatives
when the objects are fetched thru different paths.
(imported from commit a41f30d27e2b8021600d89f32d6526f48677fd95)
This also has the property of fixing this for all forms-that-contain-modals
since the selector is more generic.
(imported from commit 18fd26dd94fe4f6f3fe9a01884b867a9d37993d0)
Since in the future we might want requests to add subscriptions to
include things like colors, in_home_view, etc., we're changing the
data format for the add_subscriptions API call to pass each stream as
a dictionary, giving a convenient place to put any added options.
The manual step required here is updating the API version in AFS
available for use with the zephyr_mirror.py system.
(imported from commit 364960cca582a0658f0d334668822045c001b92c)
Previously, it always failed because we had hooked up the API endpoint
to a function that doesn't exist.
(imported from commit b5269f6d8e385facae4362742fe69a422f6315b7)
This way we can return properties of the streams other than just their
names in future versions of the API without breaking old clients.
The manual step required is to deploy the updated version of
sync-public-streams on zmirror.humbughq.com when we deploy this code
to prod.
(imported from commit 42b86d8daa5729f52c9961dd912c5776a25ab0b4)
The previous API was very redundant, which meant that any refactoring
would result in lots of unnecessary changes.
(imported from commit e04f6cbd87c8f65d4eebbe6972d26998faa28a56)
Allen Rabinovich
acrefoot
Luke Faraone
Jessica McKellar
Steve Howell
Leo Franchi
Jeff Arnold
Kevin Mehall
Tim Abbott
Waseem Daher
Scott Feeney
Zev Benjamin