Commit Graph

1510 Commits

Author SHA1 Message Date
Tim Abbott f3af0fe635 reactions: Fix reacting to messages on streams you're not subscribed to.
We use the same strategy Zulip already uses for starred messages,
namely, creating a new UserMessage row with the "historical" flag set
(which basically means Zulip can ignore this row for most purposes
that use UserMessage rows).  The historical flag is ignored, however,
in determining which users' browsers to notify about new reactions,
and thus the user will get to see the reaction appear when they click
a message (and any reactions other users later add, as well!).

There's still something of a race here, in that if some users react to
a message while the user is looking at the unsubscribed stream but
before the user reacts to that message, those reactions will not be
displayed to that user (so counts will be a bit lower, or something).
This race feels small enough to ignore for now.

Fixes #3345.
2017-03-22 20:22:13 -07:00
Ayush Jain bddcfb1c96 Add realm-level settings to control inline image and url preview.
This gives users more control in case they don't want previews,
especially for the "previews of linked websites" feature.

Fixes: #2640.
2017-03-21 15:46:17 -07:00
Tim Abbott aa7e4fec35 messages: Require join with zerver_message if use_first_unread_anchor.
This fixes a 500 bug where the RN mobile app would simply fail to load
old messages if use_first_unread_anchor was not set.
2017-03-21 00:02:46 -07:00
Tim Abbott 5b0ff2a69a mypy: Fix some strict-optional related issues. 2017-03-19 22:26:25 -07:00
Sarah Stringer aa880b0419 Add organization description field to realm settings.
This adds an organization description field to the Realm model, as well as
an input field to the organization settings template. Added three tests.
Set the max length of the field to 100 characters.

Fixes #3962.
2017-03-19 14:05:01 -07:00
Jacob Hurwitz 0a76a609ec Fix bugs with handling of the empty narrow.
An empty narrow (ie, the home view) can be represented in code as either
`None` or `[]` but we had incorrect handling that failed to fully
properly deal with either case.

(1) In `get_stream_name_from_narrow`, we failed to deal with `None` by
trying to always iterate over `narrow`.
(2) In several other places, we failed to deal with `[]` by explicitly
checking `if narrow is None` or `if narrow is not None`. Changing these
to truthiness checks should work for both the `None` and `[]` cases.
2017-03-19 11:47:03 -07:00
Elliott Jin 25d9aac016 registration.py: Don't catch exception that can't be thrown.
A previous commit changed a `get` (which can throw `DoesNotExist`) to use an
existing object, but kept the `try` / `except` block:

4bf3ace444

Removing this unused code path allows us to achieve 100% test coverage.
2017-03-18 18:11:59 -07:00
Jacob Hurwitz 8ab88f5aad Remove hack for old mobile clients
This FIXME was added in 50d229fe11.
Considering it's been more than 4 years, we can probably safely remove
it now.
2017-03-18 18:11:17 -07:00
Umair Khan 4442703011 jinja2: No need for custom render_to_response.
Django 1.10 has changed the implementation of this function to
match our custom implementation; in addition to this, we prefer
render().

Fixes #1914 via #4093.
2017-03-17 13:57:34 -07:00
Umair Khan d4ee102a95 users: Change render_to_response to render.
Related to #4093
2017-03-17 13:52:59 -07:00
Umair Khan 62a580a37f unsubscribe: Change render_to_response to render.
Related to #4093
2017-03-17 13:52:59 -07:00
Umair Khan 446c06bbf4 registration: Change render_to_response to render.
Related to #4093
2017-03-17 13:52:59 -07:00
Umair Khan 58b407e2ff integrations: Change render_to_response to render.
Related to #4093
2017-03-17 13:52:59 -07:00
Umair Khan 097b0e3979 home: Change render_to_response to render.
Related to #4093
2017-03-17 13:52:59 -07:00
Umair Khan 4e2311544f auth: Change render_to_response to render.
Related to #4093
2017-03-17 13:52:59 -07:00
Umair Khan 14c2b40acc unsubscribe.py: Pass request to process_subscribe.
We are changing render_to_respone to render; render takes
request as an argument.
2017-03-17 13:52:59 -07:00
kunall17 a908bb1898 Implemented API routes for muting/unmuting a topic 2017-03-15 16:19:00 -07:00
Umair Khan 242d3ffaf4 Add timezone field in UserProfile.
Implements backend of #1506.
2017-03-15 11:18:24 -07:00
Raghav Jajodia ef7e15ee00 admin: Add realm option to prevent users from changing their name.
A realm option to prevent users from changing their name is added.
Fixes #3950.
2017-03-14 14:10:08 -07:00
Raghav Jajodia dc48b87765 home.py: Fix bug associated with email_changes_disabled.
On reloading the page after disabling email changes does not check
the "Prevent users from changing their email address".
Adding realm_email_changes_disabled to page_params_core_fields fixes the problem.
2017-03-14 14:10:08 -07:00
Rishi Gupta 098797cd36 Remove page_params.domain. 2017-03-13 14:42:55 -07:00
Rishi Gupta 3aae6cd421 Change if(realm.domain == zulip.com) checks to use Realm.string_id. 2017-03-13 14:17:14 -07:00
Rishi Gupta 727fac75c7 signups: Use topic string_id for internal messages from new user signups.
Previously we used the topic "Realm.domain" for new user signups, but topic
"Realm.string_id" for the realm creation. This changes the user signup
messages to be on the same topic thread as the realm creation.
2017-03-13 10:00:41 -07:00
Rishi Gupta ef532bbbb1 statsd: Change keys to use Realm.string_id instead of domain. 2017-03-13 09:51:02 -07:00
Rishi Gupta 00f49d4121 views/users.py: Change error message to use Realm.string_id instead of domain. 2017-03-13 09:37:06 -07:00
Raghav Jajodia c17e574211 Remove product_name setting and return to harcoding 'Zulip'.
This removes some confusion in grep for frontend strings with Zulip in
them and also cleans up the code in some places.

Fixes #1602.
2017-03-09 21:48:15 -08:00
Tim Abbott c2bee5a89b auth: Fix fetch_auth_backends to properly report supported methods.
This fixes 2 related issues:
* We incorrectly would report authentication methods that are
  supported by a server (but have been disabled for a given
  realm/subdomain) as supported.
* We did not return an error with an invalid subdomain on a valid
  Zulip server.
* We did not return an error when requesting auth backends for the
  homepage if SUBDOMAINS_HOMEPAGE is set.

Comes with complete tests.
2017-03-09 21:37:00 -08:00
Amy Liu e5ab3123af Migrate json/set_muted_topics to muting/topics. 2017-03-09 20:52:29 -08:00
Amy Liu 9500c88e32 Migrate legacy url json/bulk_invite_users to invite/bulk_invite. 2017-03-09 20:51:03 -08:00
Tim Abbott 3b59e6c3cc subs: Rename /#subscriptions to /#streams.
Fixes #3653.
2017-03-08 16:57:58 -08:00
Rishi Gupta 3797fa657e Change bot domains to string_id.EXTERNAL_HOST.
Change applies to both subdomains and non-subdomains case, though we use
just the EXTERNAL_HOST in the non-subdomains case if there is only 1 realm.

Fixes #3903.
2017-03-08 16:26:13 -08:00
K.Kanakhin 1cb0f8dc41 Add size limit for uploading user avatars and realm icons.
- Add settings parameter for max realm icon size.
- Add settings parameter for max user avatar size.
- Add checking file size to avatar and icon
  uploading views.
- Transfer file size limit parameter to frontend.
- Add tests.
2017-03-07 22:13:01 -08:00
Tim Abbott 01129c1ab9 home: Simplify logic for realm_icon_source/url. 2017-03-07 22:09:58 -08:00
K.Kanakhin 72424f3a9f realm-icon: Fix variable name for realm icon source. 2017-03-07 22:09:58 -08:00
K.Kanakhin 173f34b7aa user-presence: Add `offline` status to aggregated info.
- Add `OFFLINE_THRESHOLD_SECS` settings parameter
  to handle offline period.
- Set aggregated status to offline if user's status
  haven't changed for `OFFLINE_THRESHOLD_SECS` period.
- Add test for offline aggregated status.
2017-03-07 20:09:53 -08:00
K.Kanakhin 2f251dedaf user-presence: Add aggregated status to user presence info.
- Add aggregated status to user presence status dict.
- Add tests for aggregated presence status.
- Fix removing unused keys from status dict
  with aggregated data for user.

Fixes #3692
2017-03-07 20:09:53 -08:00
Tim Abbott 89eb7636ba remove_push_device_token: Remove unused request argument. 2017-03-05 22:01:28 -08:00
Tim Abbott 657dfcbddc push: Move remove_push_device_token to library. 2017-03-05 19:15:17 -08:00
Tim Abbott c0ad9c02fd push: Extract validate_token helper function. 2017-03-05 19:15:17 -08:00
Tim Abbott 271bd5a282 push: Move add_push_device_token to library. 2017-03-05 19:15:16 -08:00
Tim Abbott 08e1759ad0 bots: Replace bare excepts with targeted exceptions. 2017-03-05 16:17:04 -08:00
Steve Howell 0bb1af0fd9 Send stream_id in subscription updates. 2017-03-05 15:26:00 -08:00
Philip Skomorokhov 866a7b06b2 upload: Limit total size of files uploaded by a user to 1GB.
Fixes #3884.
2017-03-04 18:08:30 -08:00
Tim Abbott 80232425f4 user_settings: Clean up error messages and tests for email change. 2017-03-04 17:32:48 -08:00
Raghav Jajodia cd2d798498 admin: Added realm option to prevent users from changing their email.
A realm option to prevent users from changing their email address is added.
Fixes #3777.
2017-03-04 17:32:48 -08:00
Raghav Jajodia ec77aa0dfb user_settings: Add auth check before confirm_email_change.
This isn't strictly necessary, but adds a little bit of extra security
to the overall email change flow.
2017-03-04 17:05:25 -08:00
Raghav Jajodia a3a03bd6a5 mypy: Added Dict, List and Set imports.
Fixed mypy errors associated with the upgrade.
2017-03-04 14:33:44 -08:00
adnrs96 9eb47f108c Refactor: Change upload_avatar_image to accept two user profiles.
In this commit we just change the upload_avatar_image function to accept
two user_profiles acting_user_profile and target_user_profile. Basically
email param is dropped for a target_user_profile so that avatar's could
be moved lateron to user id based storage.
2017-03-03 18:15:15 -08:00
Sourav Badami 4616ee7762 Enable display of emoji as their alt codes in reactions.
This currently only supports this in emoji reactions, not in actual
emoji in message bodies, but it's a great start for people who want a
text-only view.

Tweaked to update the text by tabbott.

Fixes #3169.
2017-03-03 15:19:34 -08:00
Tim Abbott d90f7c72a3 zephyr: Fix broken postgres regular expression logic and add tests.
Like many rare-case code with new tests, it turns out that the logic
for handling null characters in our Zephyr postgres query escaping
never worked, in multiple ways.  First, it always changed the second
character in s, not the current one being inspected, and second, the
value it replaced it with was no the correct postgres escape of the
null byte.  We fix this and add tests.

This completes the effort to get zerver/views/messages.py to 100%
test coverage.

Fixes #1006.
2017-03-01 10:38:48 -08:00
Tim Abbott bc38870136 preview: Fix adding links in message editing.
When you edit a message to contain links, and URL previews are
enabled, previously we'd throw an exception, because the realm ID
wasn't included in the event.

Also adds a test so that we can have effective test coverage on this
codepath, though this history is actually that I found the bug through
writing this test :).
2017-03-01 10:38:47 -08:00
hackerkid b7a6826fda Add support for getting medium size profile images. 2017-03-01 09:57:30 -08:00
Igor Tokarev 31dff09efa Support email changes for !avatar syntax.
Significantly modified by tabbott to avoid calling
get_user_profile_by_email in bugdown, and have 100% test coverage of
the views code.

Fixes #2041.
2017-02-28 21:56:04 -08:00
Tim Abbott a1d296b802 report: Use DEVELOPMENT instead of DEBUG setting.
This fixes a weird issue where the following sequences of tests would fail:

test-backend
 zerver.tests.test_messages.PersonalMessagesTest.test_personal_to_self
 zerver.tests.test_report.TestReport.test_report_error
 zerver.tests.test_templates.TemplateTestCase.test_custom_tos_template

It appears that all 3 tests are required for the failure.

While it's not entirely clear what the cause is, a very likely factor
is that settings.DEBUG is special, and so changing it at runtime is
likely to cause weird problems like this.

We fix this by replacing it with settings.DEVELOPMENT, which has the
same value in all environments, but doesn't have this problem of being
a special Django thing.
2017-02-28 21:44:41 -08:00
Elliott Jin 7ed10da4ad test-backend: Raise zerver/views/report.py test coverage to 100%. 2017-02-28 20:06:00 -08:00
Rishi Gupta 15d60fa7ed Change now() to timezone.now() throughout codebase.
Change `from django.utils.timezone import now` to
`from django.utils import timezone`.

This is both because now() is ambiguous (could be datetime.datetime.now),
and more importantly to make it easier to write a lint rule against
datetime.datetime.now().
2017-02-28 16:03:37 -08:00
Tim Abbott de604d7759 page_params: Reorganize page_params dict with plans.
page_params is kinda a monster object.  Ideally, we'd make it be
constructed in a much less haphazard fashion, and make sure that all
the useful data in it is available via the `/register` endpoint for
mobile/API.  This change reorganizes page_params to be sorted by data
source, which is an important prerequisite for doing that.
2017-02-28 14:58:54 -08:00
Tim Abbott e86ed89986 page_params: scope presence_disabled in realm. 2017-02-28 14:58:53 -08:00
Tim Abbott dfb7a57bec home: Refactor register_ret->page_params logic. 2017-02-28 14:45:03 -08:00
K.Kanakhin d9b10727fa server-version: Add server version to api endpoints.
- Add server version to `fetch_initial_state_data`.
- Add server version to register event queue api endpoint.
- Add server version to `get_auth_backends` api endpoint.
- Change source for server version in `home` endpoint.
- Fix tests.

Fixes #3663
2017-02-28 14:22:01 -08:00
Vivek Anand 620d75afc5 alert_words: Avoid redundant .lstrip().
We are applying .strip() on a string and thus we don't
need .lstrip() since .strip() already strips the left
side of the string.
2017-02-28 10:13:03 -08:00
K.Kanakhin 23706a3c9e Add server error response for failed handlebars template compilation.
- Add stamp file creation for the failed templates compilation.
- Add error response to `home` route if stamp file exists. It appears
  just for the development environment.
- Add jinja2 template for failed handlebars templates compilation error.

Fixes #3650.
2017-02-28 09:44:08 -08:00
Elliott Jin 11ba94f11a test-backend: Raise zerver/views/integrations.py test coverage to 100%. 2017-02-28 09:31:06 -08:00
Harshit Bansal 8b11deedb3 views/users.py: Allow changing bot's owner.
Modify the `patch_bot_backend()` route to support
changing the bot owner.
2017-02-26 21:39:22 -08:00
Elliott Jin 6bdefb92e9 test-backend: Raise zerver/views/zephyr.py test coverage to 100%. 2017-02-26 20:54:25 -08:00
Tim Abbott 4ea997493b events: Normalize realm_icon events to be standard.
This lets us save on semi-duplicate code, both in server_events.js and
in zerver/lib/events.py, and makes our event structure a bit more
predictable.
2017-02-26 12:16:07 -08:00
K.Kanakhin 257bb40698 realm-icon: Add realm icon feature.
- Add realm icon fields to realm model.
- Add migration for new realm model's field.
- Add views for icon uploading and deleting.
- Add routes for realm icons views.
- Add JS widget for realm icon upload setting.
- Add realm icon upload to administration
  organization setting.
- Add tests for realm icons.

Fixes #3660.
2017-02-26 12:16:07 -08:00
Umair Khan 5bf83f9e0a change-email: Implement confirmation flow.
This adds to Zulip support for a user changing their own email
address.

It's backed by a huge amount of work by Steve Howell on making email
changes actually work from a UI perspective.

Fixes #734.
2017-02-23 03:15:17 -08:00
Tim Abbott 8dba310bee messages: Remove some unnecessary zephyr code paths.
The comments explain why this change is correct.  This change is
useful because it's better to not have dead code paths, both because
it makes our life easier for coverage analysis, and because the else
statement provided the illusion that it could actually happen.

If the analysis in that comment is wrong, we'd rather have a 500 error
so we fix the bug than things silently sorta working.
2017-02-22 20:51:25 -08:00
Tim Abbott 948e1bbd0a update_message_backend: Use access_message.
This continues our campaign of removing direct queries on the Message
and UserMessage tables that could not follow our security policy.
2017-02-22 20:51:25 -08:00
Tim Abbott 442066da12 messages: Remove unused json_update_message. 2017-02-22 20:51:25 -08:00
Tim Abbott 64434e04a1 messages: Fix empty condition for muted streams.
This fixes a sqlalchemy warning (that caused unnecessary complexity in
this query).
2017-02-22 20:51:23 -08:00
Tim Abbott a079bcdce1 get_old_messages: Add LARGER_THAN_MAX_MESSAGE_ID constant. 2017-02-22 20:50:15 -08:00
Tim Abbott ff65b6b842 get_old_messages: Remove unnecessary >= max_message_id query. 2017-02-22 20:47:48 -08:00
Tim Abbott 6f0410774c sqlalchemy: Fix most sqlalchemy deprecation warnings.
Fixes #2732.
2017-02-22 20:47:48 -08:00
Tim Abbott 66f016edbb zephyr: Fix zerver_message tables scans due to regex in queries.
This arguably regresses the Zephyr experience, in that we no longer
consider 'foo.d.d.d.d.d' to be something that gets narrowed in with
the rest, but that's a pretty rare use case anyway.

In practice, using that many '.d's anyway only happens a few times a
year.
2017-02-22 20:47:46 -08:00
Ayush Jain 455c1919fc Add customizable invite-new-user text.
This makes life a lot easier for people inviting users to a new Zulip
organization, since they can give some form of context now.

Modified by tabbott to clean up CSS, backend code flow, and improve
the formatting of the emails.

Fixes: #1409.
2017-02-21 22:35:01 -08:00
Tim Abbott 20f9c04ab5 decorator: Add logging data to zulip_login_required.
This fixes an issue that many logged=in pages such as /stats did not
correctly report either the connecting client or the user in server
logs.
2017-02-20 21:15:44 -08:00
Tim Abbott 7a930afa07 events_register: Don't include subscribers in API data by default.
There's a new option, `include_subscribers`, that controls whether the
API sends down subscriber data for the various streams you are
subscribed to.

This has significant performance savings for large realms with naive
clients, and saves a bunch of bandwidth as well.
2017-02-20 11:07:09 -08:00
Tim Abbott 1cbc86499e events_register: Eliminate unnecessary api_events_register wrapper. 2017-02-20 11:07:09 -08:00
Tim Abbott 98894eb759 edit_history: Reverse the order of edit history list. 2017-02-19 16:47:07 -08:00
Tim Abbott eadd6fb3c6 message_edit: Include an initial entry in view output.
This makes it super easy for frontend code using this view code to
produce a nice display of the history.

This also fixes an off-by-one error with the timestamps.
2017-02-19 16:46:47 -08:00
Tim Abbott 515340ed00 Add message edit history backend with tests.
Based on work by Kartik Maji in #1204.

This has a few significant changes from the original version:
* We correctly handle filling in data for topic edits
* Has a complete test suite verifying correctness of the logic
* Currently, it doesn't include a special "start" entry

Things we may want to further change include:
* Adding a special "start" entry.
* Reversing the order of the history data returned for clarity.
2017-02-19 16:13:35 -08:00
Tim Abbott 32bfebeb7a mypy: Fix inconsistencies in use of *args/**kwargs. 2017-02-18 18:39:44 -08:00
Tim Abbott 473c0ee1fe mypy: Remove now-unused type: ignores. 2017-02-18 17:01:01 -08:00
Tim Abbott b63a8a7880 integrations: Fix mypy error. 2017-02-18 15:29:43 -08:00
Tim Abbott bbecd41376 help: Fix link to index page being present on index page.
Fixes #3613.
2017-02-18 14:59:43 -08:00
Tim Abbott c61d0a78f4 home: Remove unused get_client import. 2017-02-17 15:35:38 -08:00
Tim Abbott 7a5065da62 views: Stop hardcoding the 'website' client for the / endpoint.
We were apparently incorrectly harcdoding the client for the main
logged-in site loading to website, rather than using the existing
logic that could sort out the desktop apps.
2017-02-17 15:20:42 -08:00
Steve Howell ad24133b94 Have functions in lib/avatar.py use avatar versions.
In some cases here we simplify things by calling avatar_url()
instead of get_avatar_url(), when we have a user_profile record
handy.  For other cases we pass in an extra avatar_version
parameter to get_avatar_url(), including from avatar_url().
2017-02-17 10:19:56 -08:00
Adarsh S 3c2c0c67b9 Bump user_profile.avatar_version when we change avatars.
We have a field called user_profile.avatar_version that will
track avatar versions and be used tactically in avatar urls
to get browsers to refresh their caches (in future commits).

This commit bumps the avatar version when we update avatars.

We do this in do_change_avatar_fields(), which was
do_change_avatar_source() before this change.

Adarsh did the initial work here, and Steve Howell (showell) also
made changes.
2017-02-17 10:19:56 -08:00
paxapy 9a5179c460 Add support for managing and deleting attachments.
Modified substantially by tabbott to fix tons of issues.

Fixes #454.
2017-02-16 23:44:44 -08:00
Tim Abbott d564a76f8e alert_words: Consistently clean whitespace for alert words.
This fixes some gaps in handling of whitespace in alert words.
2017-02-16 21:06:18 -08:00
Raghav Jajodia c1dfa348a1 alert_words: Trim whitespace around alert words.
"Add a new alert word" box now displays an alert when filled with only spaces.
Fixes #3369
2017-02-16 21:06:18 -08:00
Steve Howell d406d34fe0 Use user_id in admin_user_list.handlebars.
For our user administration, we now primarily work with user ids
that get put into data-user-id attributes.  We still put emails in the
tags to make our Casper tests easy to maintain.

This requires a minor change to the back end to pass down user ids
for the /users endpoint (in get_members_backend).
2017-02-14 23:07:44 -08:00
Tim Abbott 46226bad21 presence: Fix mypy errors in new feature. 2017-02-10 23:57:28 -08:00
Tim Abbott eeca69cb4b mypy: Clean up more optional types. 2017-02-10 23:53:44 -08:00
Tim Abbott aee81b702c add_subscriptions_backend: Cleanup type of principals. 2017-02-10 23:53:44 -08:00
Tim Abbott c9a782ff75 Simplify zerver/views/users.py:get_stream_name. 2017-02-10 23:53:44 -08:00
Tim Abbott b81fd407e8 mypy: Fix several Optional typing errors. 2017-02-10 23:53:44 -08:00
Tim Abbott 71af0f7e2e Add endpoint to fetch presence data for a single user.
This is an experimental API subject to its data format being changed.

Fixes #3638.
2017-02-10 23:52:56 -08:00
saisrivathsa b867ac3496 Extract zerver/lib/events.py from actions.py with event registration.
This moves do_events_register, fetch_initial_state_data and friends to
a new file.

Modified significantly by tabbott for correctness and to remove unused
imports.

Fixes #3635.
2017-02-10 16:50:43 -08:00
Harshit Bansal 7d10cbc32b Add RealmAlias.allow_subdomains to model, frontend, and API.
Includes a database migration.

Fixes #1868.
2017-02-08 22:03:27 -08:00
Rishi Gupta a16c48f0c4 actions.py: Change do_remove_realm_alias to take a RealmAlias.
Ensures that this function doesn't throw an error / prevents putting in an
incorrect realm or domain argument.
2017-02-08 21:15:28 -08:00
Tim Abbott 56cecc4891 users: Verify full names explicitly in user creation.
This fixes an issue where users could be created with an invalid name
(introduced only a couple commits ago when we added character set
restrictions).
2017-02-07 19:54:30 -08:00
Tim Abbott 2283b5fc91 users: Consolidate name change enforcement logic.
This has the side effect of fixing an issue where one could edit a
bot to have an invalid name.
2017-02-07 19:45:21 -08:00
Ritwik Srinivas 74b68f6bbc Adds banned characters in name function
Disallows you from putting the characters @, *, `, and > and " in
your name. Added test cases similar to the MAX_NAME_LENGTH check

Copied initial code from:
https://github.com/zulip/zulip/pull/2473
2017-02-07 19:31:14 -08:00
Harshit Bansal 9f67f1ada7 DevAuthBackend: Improve the query for dev users.
This changes the query for DevAuthBackend so that the shakespearian
users are not omitted while limiting the number of extra users to be
rendered to something reasonable.

Fixes: #3578.
2017-02-06 21:59:31 -08:00
Tim Abbott fa02dfdff4 mobile: Add an endpoint for checking compatibility. 2017-02-03 09:55:34 -08:00
Rishi Gupta 92e8cad42a dev login page: Add all non-zulip users as community users.
We create a new realm and user when running populate_analytics_db.py, in a
realm that is neither 'zulip' nor 'simple'.
2017-02-01 16:10:11 -08:00
Steve Howell 5ec4ed0d5c bug fix: Allow renaming streams to different cases.
Before this change, you could not rename a stream
from "denmark" to "Denmark".
2017-02-01 14:20:46 -08:00
Harshit Bansal 59d22e7cb8 realm_emoji: Cleanup an unreachable try/except block.
Fixes: #3515.
2017-01-30 16:43:02 -08:00
Tim Abbott 1bbf0f9a98 streams: Consider stream name validation logic. 2017-01-29 22:07:14 -08:00
Tim Abbott 884aa2b184 streams: Eliminate last use of get_stream in views. 2017-01-29 22:07:14 -08:00
Tim Abbott 32f778636b streams: Add tests for do_rename_stream error paths. 2017-01-29 20:27:00 -08:00
Tim Abbott a3f3f5b7bc remove_default_stream: use access_stream_by_name. 2017-01-29 20:27:00 -08:00
Tim Abbott 19eaa92059 add_default_stream: use access_stream_by_name. 2017-01-29 20:27:00 -08:00
Tim Abbott de3f539f58 do_change_stream_description: Accept a stream as argument. 2017-01-29 20:27:00 -08:00
Tim Abbott 2dc90e8ebd rename_stream: Pass a stream object to do_rename_stream. 2017-01-29 20:27:00 -08:00
Tim Abbott 7be34357b2 rename_stream: Move stream name taken check to view. 2017-01-29 20:27:00 -08:00
Tim Abbott ccdf17f47e rename_stream: Move stream already has name check to view. 2017-01-29 20:27:00 -08:00
Tim Abbott d059a0a90a rename_stream: Move check_stream_name into view. 2017-01-29 20:26:59 -08:00
Tim Abbott ab1e9f2b97 rename_stream: Move stripping of whitespace to view. 2017-01-29 20:26:59 -08:00
Tim Abbott 4ad1fadab0 streams: Create and use do_change_stream_invite_only. 2017-01-29 20:26:59 -08:00
Tim Abbott c74ddb74e9 do_make_stream_private: Accept a stream object, not a name. 2017-01-29 20:26:59 -08:00
Tim Abbott 0a75480444 do_make_stream_public: Accept a stream object, not a name. 2017-01-29 20:26:59 -08:00
Tim Abbott e137787d1a users: Use access_stream_by_name to access streams.
This simplifies the code somewhat and adds greater consistency of
error messages.
2017-01-29 20:26:59 -08:00
Tim Abbott ea72b97cd9 home: Cleanup narrow_topic logic. 2017-01-29 20:26:59 -08:00
Tim Abbott a7cb7dd695 home: Use access_stream_by_name to access streams. 2017-01-29 20:26:59 -08:00
Tim Abbott 6c512bdfd3 json_invite_users: Use access_stream_by_name. 2017-01-29 20:26:59 -08:00
Tim Abbott bc2f23383e streams: Move list_to_streams to lib. 2017-01-29 20:26:59 -08:00
Tim Abbott 02f5ef1d23 streams: Move filter_stream_authorization to lib. 2017-01-29 20:26:59 -08:00
Tim Abbott bb86bba20d stream_exists_backend: Use access_stream_by_name. 2017-01-29 20:26:59 -08:00
Tim Abbott 46e5b8a9cc streams: Remove unused json_remove_subscriptions. 2017-01-29 20:26:59 -08:00
Tim Abbott e57e2ee9f1 get_subscribers_backend: Use access_stream_by_id. 2017-01-29 20:26:59 -08:00
Tim Abbott 0d980b7cef json_get_stream_id: Use access_stream_by_name. 2017-01-29 20:26:59 -08:00
Tim Abbott 1ced8d3eb6 get_topics_backend: Use access_stream_by_id. 2017-01-29 20:26:58 -08:00
Tim Abbott 6685885741 deactivate_stream_backend: Use access_stream_by_id. 2017-01-29 20:26:58 -08:00
Tim Abbott 826cc80c9e update_stream_backend: Use access_stream_by_id. 2017-01-29 20:26:58 -08:00
Tim Abbott de38f3eb94 update_stream_backend: Clean up unnecessary stream_name variable. 2017-01-29 20:26:58 -08:00
Tim Abbott 2cf223470d streams: Eliminate get_subscription_or_die helper function. 2017-01-29 20:26:58 -08:00
Tim Abbott 7ecda1ac8e streams: Fix autosubscribe security bug (CVE-2017-0881).
A bug in Zulip's implementation of the "stream exists" endpoint meant
that any user of a Zulip server could subscribe to an invite-only
stream without needing to be invited by using the "autosubscribe"
argument.

Thanks to Rafid Aslam for discovering this issue.
2017-01-29 15:30:59 -08:00
Yago González 7fe090f902 translations: Improve some poorly-worded strings. 2017-01-28 18:04:17 -08:00
avisrivastava254084 762b84710e auth: Redirect users to home from /login if already logged in.
This makes various links in Zulip work a bit more reasonably for
already-logged-in users.

Fixes #3316.
2017-01-28 16:10:19 -08:00
Tim Abbott e69c4458c6 errors: Use hostname to report deployment. 2017-01-28 13:07:09 -08:00
Tim Abbott 0dd5d6cea0 errors: Separate browser error reporting from backend. 2017-01-27 10:27:41 -08:00
Steve Howell 4be2d6577d Add a new community realm to our test databases.
The realm with string_id of "simple" just has three users
named alice, bob, and cindy for now.  It is useful for testing
scenarios where realms don't have special zulip.com exception
handling.
2017-01-26 19:25:34 -08:00
Harshit Bansal b4186fdfdd views/realm_aliases.py: Use domain instead of id as handle for RealmAlias.
We need to make the change for the API, and the next commit introduces a
unique_together constraint on (realm, domain) anyway.
2017-01-26 17:24:25 -08:00
Harshit Bansal 06cc306d00 Add stricter domain validation and improve error messages. 2017-01-26 17:24:25 -08:00
Harshit Bansal 5b01694e00 actions.py: Rename do_get_realm_aliases to get_realm_aliases. 2017-01-26 17:24:25 -08:00
Tomasz Kolek 7de45951e2 Make webhooks as separate modules with view and tests.
Create python packege for every webhook with view.py and tests.py
2017-01-25 23:14:19 -08:00
Tim Abbott dd9e0b8463 errors: Move do_report_error into zerver/lib/. 2017-01-23 23:18:28 -08:00
Tim Abbott 4e171ce787 lint: Clean up E126 PEP-8 rule. 2017-01-23 22:06:13 -08:00
Tim Abbott d6e38e2a5c lint: Clean up E123 PEP-8 rule. 2017-01-23 21:34:26 -08:00
Tim Abbott 9640a9e864 lint: Clean up E712 PEP-8 rule. 2017-01-23 21:11:18 -08:00
Tim Abbott a088cdaa04 lint: Clean up E714 PEP-8 rule. 2017-01-23 21:07:45 -08:00
Tim Abbott e9158dd520 lint: Clean up E121 PEP-8 rule. 2017-01-23 21:02:39 -08:00
Tim Abbott df3d6aee5d lint: Clean up E114 PEP-8 lint rule. 2017-01-23 20:52:58 -08:00
Tim Abbott 22d1aa396b lint: Clean up W503 PEP-8 warning. 2017-01-23 20:50:04 -08:00
Tim Abbott bde2da7dfd lint: clean up PEP-8 W391 rule. 2017-01-23 20:39:02 -08:00
Tim Abbott 46ab7762e7 edit: Eliminate unnecessary json_update_message wrapper. 2017-01-23 17:22:42 -08:00
Tim Abbott 33b02a02dd update_message_backend: Fix memcached queries in loop.
This fixes a bug where update_message_backend would do one memcached
query per user receiving a given message.  Right now we just do a
single bulk database query, but in principle we could use
generic_bulk_cached_fetch to use the cache as well.
2017-01-23 17:22:42 -08:00
Tim Abbott 0f7f9dc0fb update_message_backend: Log number of changed messages.
This will be helpful for debugging potential performance problems.
2017-01-23 17:22:40 -08:00
Tim Abbott e7c9a5087c auth methods: Fix buggy check for changes.
Apparently, we were comparing the full list of enabled authentication
methods (whether or not supported by the server) against the user's
selections among those supported by the server, which resulted in
authentication methods being always reported as different.
2017-01-22 17:12:58 -08:00
Tim Abbott 5d52f1ec17 bugdown: Move realm_filters_key logic out of callers.
This gets rid of the confusing duplicate realm_filters_key and
message_realm arguments that previously were passed to bugdown.
2017-01-21 21:37:57 -08:00
Sampriti Panda 34a4a1378d bugdown: Use specified realm, not sender realm, for rendering.
This changes bugdown to use the realm passed in by the caller (if any)
for rendering, fixing a problem where bots such as the notification
bot would have their messages rendering using the admin realm's
settings, not the settings of the realm their messages are being sent
into.

Also adds a test for the notification bot case.

Fixes #3215.
2017-01-21 21:37:57 -08:00
Tim Abbott 01e0acb282 render_incoming_message: Require a realm object. 2017-01-21 21:37:57 -08:00
Tim Abbott 99c5563bc6 internal_send_message: Make realm argument mandatory.
A lot of care has been taken to ensure we're using the realm that the
message is being sent into, not the realm of the sender, to correctly
handle the logic for cross-realm bot users such as the notifications
bot.
2017-01-21 21:37:30 -08:00
Tim Abbott 8ba7d2080c internal_prep_message: Make realm argument mandatory.
In order to correctly handle messages sent by cross-realm bots, we
need to specify the realm that the messages are being sent into in the
send message code path.  The commit and its successors convert that
code path to include the realm the message is being sent to explicitly.
2017-01-21 21:16:18 -08:00
Tomasz Kolek cc13104780 Add Zapier integration. 2017-01-20 10:43:18 -08:00
Rohith Asrk a1b0e35792 Remove use of mailer.send_mail from all files.
This was just copied from some third-party projects.

Fixes #3153.
2017-01-19 16:28:29 -08:00
Umair Khan 9fecbcecf5 subdomains: Don't show login page on root aliases. 2017-01-17 15:29:24 -08:00
Tommy Ip c407919db3 Add /authors page.
Contributor visualization showing the avatar, user name and number
of commits for each contributors. The JSON data would be updated
upon deployment, triggered by the `update-prod-static` script.
2017-01-17 13:35:55 -08:00
Tim Abbott 121b926962 emoji: Fix 500 trying to remove nonexisting realm emoji. 2017-01-16 23:48:07 -08:00
Tim Abbott 19cb5013d3 emoji: Extract zerver.lib.emoji. 2017-01-16 23:45:28 -08:00
Tim Abbott f3b9abee14 Convert realm emoji upload to use PUT properly. 2017-01-16 23:45:12 -08:00
Tim Abbott 19b89eb050 bugdown: Rename realm_id to realm_filters_key.
This should substantially improve the clarity of the code, since
inside bugdown, this is only being used as a hash key that happens to
usually be a realm ID, not used as a Realm ID.
2017-01-16 21:48:55 -08:00
Bojidar Marinov df00ad3e84 search: Prevent crashes with multiple search operators.
Fixes #3071.
2017-01-16 19:42:49 -08:00
Rafid Aslam d3ee53bdef Move endpoints to use stream_id instead of stream_name in their URLs
- Change `stream_name` into `stream_id` on some API endpoints that use
`stream_name` in their URLs to prevent confusion of `views` selection.

For example:
If the stream name is "foo/members", the URL would be trigger
"^streams/(?P<stream_name>.*)/members$" and it would be confusing because
we intend to use the endpoint with "^streams/(?P<stream_name>.*)$" regex.

All stream-related endpoints now use stream id instead of stream name,
except for a single endpoint that lets you convert stream names to stream ids.

See https://github.com/zulip/zulip/issues/2930#issuecomment-269576231

- Add `get_stream_id()` method to Zulip API client, and change
`get_subscribers()` method to comply with the new stream API
(replace `stream_name` with `stream_id`).

Fixes #2930.
2017-01-12 15:23:31 -08:00
Rafid Aslam 156eefacc2 API: Add `json/get_stream_id` endpoint
Add `json/get_stream_id` endpoint, used to convert `stream_name`
into `stream_id`.
2017-01-12 15:23:31 -08:00
Tomasz Kolek 053feb947c Change way of handling comments event in jira integration. 2017-01-12 14:54:32 -08:00
Tomasz Kolek 9a60220c37 Refactor jira integration.
Remove events that don't exist.
Move handling issue events to separate function.
Make formatting strings using format function.
Change camelCase variable name convetion to using underscores.
Make unknown events error more clear.
Add issue_event_type_name param to all fixtures.
2017-01-12 14:54:32 -08:00
Tomasz Kolek e6ab93a4c4 Fix Bitbucket2 integration fulfilled event type.
The "merged" event type was apparently renamed to "fulfilled".
2017-01-11 14:18:07 -08:00
Tomasz Kolek f0cc6d8029 Adjust Taiga integration to new payloads format.
Update all payloads.
Remove move task between User stories events.
Update code to handle new payload format.

Fixes: #2318.
2017-01-11 14:17:44 -08:00
Tim Abbott 3f8d4193da lint: Fix % comprehensions being used without a tuple. 2017-01-09 11:45:11 -08:00
Tim Abbott f3b5683e77 views: Rename __init__.py to zerver.views.registration.
This completes the cleanup process of eliminating functions in the
root zerver/views/__init__.py module.
2017-01-08 16:21:15 -08:00
Tim Abbott 48f1b4e1ab views: Extract zerver.views.muting. 2017-01-08 16:21:15 -08:00
Tim Abbott 7beff88f5f views: Extract zerver/views/home.py.
This is a significant piece of the remaining effort required to
eliminate the catch-all zerver/views/__init__.py.
2017-01-08 16:21:15 -08:00
Harshit Bansal ceb636dbd9 Manage allowed domains from admin settings.
Fixes: #1867.
2017-01-06 12:03:31 -08:00
Rishi Gupta fdb47fc5ee find my team: Canonicalize URL route.
Change URL endpoint to use underscores, not dashes, and change name to use
the full path to the view function. See e.g. /create_realm.
2017-01-06 10:42:28 -08:00
Rishi Gupta 757297b72f Move find_my_team functions out of views/auth.py
The general __init__ file is a more natural home, and where other endpoints
(e.g. create_realm, etc) live.

Also changes forms.ValidationError to django.core.exceptions.ValidationError
to match the rest of the file/codebase.
2017-01-06 10:42:28 -08:00
Rishi Gupta e481fef9e1 Move find_team_email subject to a templates/ file. 2017-01-06 10:42:28 -08:00
Rishi Gupta 7cb5d26999 Rename find_team_email_html.txt to find_team_email.html. 2017-01-06 10:42:28 -08:00
Jackson 032b5e9db9 integrations: Add webhook code, API endpoint, and tests for Delighted. 2017-01-05 10:47:30 -08:00
Vamshi Balanaga 1b2472b5cb integrations: Modify solano labs integration.
This adds support for the "running" status and adds a test fixture.
2017-01-05 10:19:32 -08:00
Tomasz Kolek 6d1cb44bd4 bitbucket2: Add additional debugging info about unsupported keys. 2017-01-04 17:29:49 -08:00
Rishi Gupta 2b0a7fd0ba Rename models.get_realm_by_string_id to get_realm.
Finishes the refactoring started in c1bbd8d. The goal of the refactoring is
to change the argument to get_realm from a Realm.domain to a
Realm.string_id. The steps were

* Add a new function, get_realm_by_string_id.

* Change all calls to get_realm to use get_realm_by_string_id instead.

* Remove get_realm.

* (This commit) Rename get_realm_by_string_id to get_realm.

Part of a larger migration to remove the Realm.domain field entirely.
2017-01-04 17:12:23 -08:00
Umair Khan f208813ea3 Add Find My Team feature. 2017-01-03 21:33:42 -08:00
Vamshi Balanaga 234310bfd1 integrations: Add webhook code, API endpoint, and tests for solano labs. 2017-01-03 20:18:34 -08:00
Rishi Gupta cf762eaf84 Change X.realm.id to X.realm_id across codebase.
This makes it more clearly the pattern in the Zulip codebase, and thus
decreases the risk of accidentally doing database queries.
2017-01-03 16:46:26 -08:00
Rishi Gupta 130f981901 messages.send_message_backend: Take a realm_str instead of a domain. 2017-01-03 16:46:15 -08:00
Rishi Gupta b206d6f251 message.py: Change domain to realm_id in render_markdown args. 2017-01-03 16:46:14 -08:00
Rishi Gupta c6e12e74be Change domain to realm_id in bugdown and realm filter dicts and caches. 2017-01-03 16:25:20 -08:00
Tim Abbott a61386cbbc github: Fix GitHub integration CSRF issue.
The new GitHub dispatcher integration was apparently totally broken,
because we hadn't tagged the new dispatcher endpoint as exempt from
CSRF checking.  I'm not sure why the test suite didn't catch this.
2016-12-30 20:31:08 -08:00
Tim Abbott 5c0730d7ca reactions: Fix check for valid emoji.
The previous logic did not correctly handle the case where there were
realm emoji (non-realm emoji would be inaccessible).
2016-12-30 17:51:31 -08:00
Tim Abbott 0ddaa13eeb lint: Fix indentation error in user_settings.py. 2016-12-30 14:31:04 -08:00
Jackson aeac3848c8 integrations: Add webhook code, API endpoint, and tests for HelloSign. 2016-12-30 14:19:31 -08:00
Prabod Rathnayaka 6f087e468e Add setting hiding private message content in desktop notifications.
Tweaked by tabbott to fix a refactoring bug, set the default to True,
fix the real-time sync, and add tests for this.

Fixes #2355.
2016-12-30 14:10:34 -08:00
Tomasz Kolek 56f530331d Add default topics mechanism to stripe integration.
Fixes: #2586.
2016-12-27 16:27:54 -08:00
Tomasz Kolek 02bf4646fc Refactor transfer part of stripe integration. 2016-12-27 16:27:54 -08:00
Tomasz Kolek 6dca1ecc40 Refactor order part of stripe integration. 2016-12-27 16:27:54 -08:00
Tomasz Kolek a75d94d3cf Refactor invoice part of stripe integration. 2016-12-27 16:27:54 -08:00
Tomasz Kolek e843af5d27 Refactor customer part of stripe integration. 2016-12-27 16:27:54 -08:00
Tomasz Kolek d1c486b8e9 Refactor charge part of stripe integration. 2016-12-27 16:27:54 -08:00
paxapy 8e7fa6b2de emoji: Add add_emoji_by_admins_only realm setting.
This setting controls whether normal users can add realm emoji.

Fixes #978.
2016-12-27 15:46:14 -08:00
Igor Tokarev ffa724f8fc emoji: Add author field to RealmEmoji table and track. 2016-12-27 15:42:04 -08:00
Rishi Gupta 717afcb408 Remove calls to get_realm in preparation for its deprecation.
Also removes two calls to email_to_domain.
2016-12-26 17:53:32 -08:00
Rishi Gupta e9a6bd1986 Change register/<domain>/ URL route to register/<realm_str>/. 2016-12-26 17:51:00 -08:00
Rishi Gupta ea64b18f91 zerver.views: Be confident that request.session['domain'] is valid.
We only write domain to the session variable in one place,
accounts_home_with_domain, where we check that the domain is valid, that the
domain corresponds to an open realm, and that we are in the non-subdomains
case.

Previously, we were confusingly checking only a subset of the conditions
on reading back the domain in create_preregistration_user, and not checking
any of them when reading back the domain in get_realm_from_request.
2016-12-26 17:50:46 -08:00
Rishi Gupta d6e7014f06 Refactor views.create_homepage_form into its callers.
The indirection is no longer that useful, and obscures Django's conventional
style for calling a form.
2016-12-26 17:50:23 -08:00
Rishi Gupta 146f2ca482 Refactor get_realm_from_request out of views.create_homepage_form. 2016-12-26 17:49:58 -08:00
Rishi Gupta 1ce9a8a458 Remove confusing comments in HomepageForm and RealmCreationForm. 2016-12-26 17:49:58 -08:00
Rishi Gupta ddf480136c Remove unused domain argument from RealmCreationForm. 2016-12-26 17:49:58 -08:00
Rishi Gupta ec658d038d Refactor HomepageForm to use a Realm instead of a string_id. 2016-12-26 17:49:58 -08:00
Rishi Gupta a87e653c32 Refactor models.completely_open to take a Realm instead of a domain. 2016-12-26 17:49:58 -08:00
Juan Verhook 535ce90272 mypy: Convert zerver/views to use typing.Text. 2016-12-26 13:43:09 -08:00
Rafid Aslam d0502537ab API: Migrate POST `/ui_settings/change` to PATCH `/settings/ui` 2016-12-24 11:02:02 -08:00
Juanvulcano 2fd1316d70 Removed json/update_message
Update test_alert_words.py

Update test_messages.py

Update messages.py
2016-12-24 10:08:22 -08:00
Jackson 3a109a56df Migrate notify_settings to settings/notifications
Remove notify_settings from legacy_url.py
2016-12-24 09:24:23 -08:00
anirudhjain75 8acdbef8aa Eliminate legacy json/make_stream_public and json/make_stream_private URL
Migrate from POST to PATCH
2016-12-24 08:54:49 -08:00
Sampriti Panda 87e7dc6799 urls: Remove legacy URL for left_side_userlist and move over to REST PATCH endpoint 2016-12-24 08:38:33 -08:00
Jackson 333cf0f015 Migrate legacy /json/time_setting to new REST style endpoint. 2016-12-23 08:08:27 -08:00
Tommy Ip 1e0de94293 API: convert get_subscribers from legacy URL to REST endpoint. 2016-12-22 09:25:12 -08:00
Tim Abbott 7d99380488 update_display_settings: Move validation to beginning.
This makes the function more friendly for adding additional
functionality to.
2016-12-22 06:58:53 -08:00
Tim Abbott 0299f41c80 settings: Extract update_display_settings_backend. 2016-12-22 06:57:06 -08:00
anirudhjain75 c9db6b6658 Clean up legacy language_settings endpoint. 2016-12-22 06:54:04 -08:00
Sampriti Panda 425a55e568 settings: Implement delete avatar functionality 2016-12-21 13:35:22 -08:00
Sampriti Panda e72cd0b1cc urls: convert set_avatar from legacy URL to REST endpoint 2016-12-21 13:35:22 -08:00
Rafid Aslam bfe84a10f0 API: Migrate POST `json/fetch_raw_message` to GET `json/messages/<id>` 2016-12-21 13:08:40 -08:00
Jackson 59eb7a54e2 integrations: Add documentation for GoSquared. 2016-12-20 16:59:36 -08:00
Jackson 4ff4f12aea integrations: Add webhook code, API endpoint, and tests for GoSquared. 2016-12-20 16:59:36 -08:00
Umair Khan 7f3fdb2663 Django 1.10: Immediately save session to mitigate race conditions. 2016-12-16 16:24:12 +05:00
paxapy 18e43895ff streams.py: replace stream_subscribe_button with new #stream syntax.
Previously, we included a special subscribe button in new stream
notifications, but that had 2 problems:

(1) The subscribe button would render badly if the stream was renamed.
(2) There wasn't an easy way to look at the stream when deciding
whether to subscribe.

This fixes the second problem, but not really the first.
2016-12-15 22:43:14 -08:00
Tomasz Kolek bb6d189fa8 Add github dispatcher to have one elegant url for both github integrations.
Dispatcher avoids to create new URL for github_webhook.
2016-12-15 17:42:28 -08:00
vaibhav 75bf501553 Add optional waiting period for users to create streams.
This adds support for only allowing normal users with account age
equal or greater than a "waiting period" threshold to create streams;
this is useful for open organizations that want new members to
understand the community before creating streams.

If create_stream_by_admins_only setting is set to True, only admin users
were able to create streams. Now normal users with account age greater
or equal than waiting period threshold can also create streams.

Account age is defined as number of days passed since the user had
created his account.

Fixes: #2308.

Tweaked by tabbott to clean up the actual can_create_streams logic and
the tests.
2016-12-15 16:54:30 -08:00
Tomasz Kolek 6fdc026f64 Move get_profile_backend to views/users.py.
Fixes: #2710.
2016-12-15 16:04:23 -08:00
Sampriti Panda 91780180f6 integrations: Add webhook code, API endpoint, and tests for AppFollow 2016-12-15 11:13:27 -08:00
Umair Khan 8e30530cc5 subdomains: Make GitHub login work with subdomains.
Fixes #2501.
2016-12-14 11:09:39 -08:00
Rafid Aslam 63c157a22b API: Expose more information in `get_profile_backend()`
Adding more additional information about user profile to
`zerver.views.pointer.get_profile_backend`, like `user_id`,
`full_name`, `email`, `is_bot`, `is_admin`, and `short_name` of the
user.
2016-12-14 10:51:39 -08:00
Umair Khan c7ec5a14ee Create redirect_to_main_site function.
This function is used in OAuth logins so that we can redirect first to
the root domain (e.g. zulipdev.com if subdomains are *.zulipdev.com).
2016-12-13 21:06:52 -08:00
reallyly 94b28e0afb pep8: Fix E128 violations.
With some line-wrapping tweaks by tabbott.
2016-12-13 10:50:14 -08:00
Arpith Siromoney 226e3cbf02 Reactions backend: make endpoints more REST-ful.
Adding a reaction is now a PUT request to
/messages/<message_id>/emoji_reactions/<emoji_name>

Similarly, removing a reaction is now a DELETE request to
/messages/<message_id>/emoji_reactions/<emoji_name>

This commit changes the url and updates the views and tests.

This commit also adds a test for invalid emoji when removing reaction.
2016-12-07 22:28:02 -08:00
Tomonori Murakami a9e409a50f admin: Do not allow removing or deactivating the last org admin.
Modified by tabbott to cover and test some additional cases.

Fixes #2396.
2016-12-07 21:59:33 -08:00
Igor Tokarev c93f1d4eda Add oembed/Open Graph/Meta tags data retrieval from inline links.
This change adds support for displaying inline open graph previews for
links posted into Zulip.

It is designed to interact correctly with message editing.

This adds the new settings.INLINE_URL_EMBED_PREVIEW setting to control
whether this feature is enabled.

By default, this setting is currently disabled, so that we can burn it
in for a bit before it impacts users more broadly.

Eventually, we may want to make this manageable via a (set of?)
per-realm settings.  E.g. I can imagine a realm wanting to be able to
enable/disable it for certain URLs.
2016-12-07 17:40:18 -08:00
Sampriti Panda 7c3aff92d9 integrations: Add webhook payloads, webhook code, API endpoint, and tests for heroku 2016-12-06 11:05:00 -08:00
Zac Pullar-Strecker e6e11aefb3 settings: Add option to disable websockets.
This can be useful in scenarios where the network doesn't support
websockets.  We don't include it in prod_settings_template.py since
it's a very rare setting to need.

Fixes #1528.
2016-12-05 21:55:22 -08:00
Bickio 84765e48a9 integrations: Add webhook code, API endpoint, and tests for papertrail 2016-12-05 21:48:11 -08:00
Vamshi Balanaga f89e732d9e integrations: Add webhook code, API endpoint, and tests for mention. 2016-12-05 16:46:32 -08:00
Noel Tautges 07a74a8d9c mypy: Convert zerver/views/webhooks/ to use typing.Text. 2016-12-04 11:45:46 -06:00
AZtheAsian 441743cb89 integrations: Add webhook code, API endpoint, and tests for stripe.
This integration still needs documentation.
2016-12-03 20:42:43 -08:00
nikolay abc2ff4a06 pep8: Fix many rule E128 violations.
[Tweaked by tabbott to adjust some approaches used in wrapping]
2016-12-03 13:33:31 -08:00
bulat22101 a6f91064a2 pep8: Fix E129 violations 2016-12-03 10:56:36 -08:00
bulat22101 adebc75740 pep8: Fix E502 violations 2016-12-03 10:56:36 -08:00
Arpith Siromoney 4491ea8d6b reactions: Add support for removing emoji reactions.
This commit adds support for removing reactions via DELETE requests to
the /reactions endpoint with parameters emoji_name and message_id.

The reaction is deleted from the database and a reaction event is sent
out with 'op' set to 'remove'.

Tests are added to check:
1. Removing a reaction that does not exist fails
2. When removing a reaction, the event payload and users are correct
2016-12-02 16:39:53 -08:00
Sidhant Bhavnani 8c0c12c1d9 pep8: Fix E303 violations. 2016-12-02 15:34:11 -08:00
Alex Huang 007b693cc7 pep8: Fix E131. 2016-12-01 23:16:47 -08:00
Alex Huang c8ddea16c3 pep8: Fix E122. 2016-12-01 23:16:35 -08:00
AZtheAsian 1ba150fa85 pep8: Fix E203 violations 2016-12-01 20:37:57 -08:00
AZtheAsian c23f9e0df7 pep8: Fix E111 violations 2016-12-01 14:18:11 -08:00
AZtheAsian f7582f0050 pep8: Fix E124 violations 2016-12-01 14:18:11 -08:00
Rafid Aslam c5316b4002 lint: Fix E127 pep8 violations.
Fix pep8: E127 continuation line over-indented for visual indent
style issue.
2016-12-01 10:23:55 -08:00
Bickio 6b0df43463 pep8: Fix E125. 2016-11-30 20:03:29 -08:00
Bickio e009383460 pep8: Fix E231. 2016-11-30 19:59:25 -08:00
Tommy Ip e4091c6413 pep8: Fix E222 violations. 2016-11-30 21:49:02 +00:00
Tommy Ip 46b7d54b3e pep8: Fix E701 violations. 2016-11-30 20:45:09 +00:00
Arpith Siromoney 001847ac5b Add backend support for emoji reactions.
This commit adds the following:

1. A reaction model that consists of a user, a message and an emoji that
are unique together (a user cannot react to a particular message more
than once with the same emoji)
2. A reaction event that looks like:
    {
        'type': 'reaction',
	'op': 'add',
	'message_id': 3,
	'emoji_name': 'doge',
	'user': {
	    'user_id': 1,
            'email': 'hamlet@zulip.com',
            'full_name': 'King Hamlet'
	}
    }
3. A new API endpoint, /reactions, that accepts POST requests to add a
reaction to a message
4. A migration to add the new model to the database
5. Tests that check that
   (a) Invalid requests cannot be made
   (b) The reaction event body contains all the info
   (c) The reaction event is sent to the appropriate users
   (d) Reacting more than once fails

It is still missing important features like removing emoji and
fetching them alongside messages.
2016-11-26 18:10:21 -08:00
Calvin Lee b8d7f8008a streams: move the invite_only field into the stream_dict argument.
Refactor list_to_streams and create_streams_if_needed.  The
stream_dict now has a "invite_only" key, which is mapped to
a boolean.
2016-11-26 16:52:40 -08:00
Calvin Lee 8461cc411e streams: refactor stream creation code path.
Refactor list_to_streams and create_streams_if_needed to take a list
of dictionaries, instead of a list of stream names.  This is
preparation for being able to pass additional arguments into the
stream creation process.

An important note: This removes a set of validation code from the
start of add_subscriptions_backend; doing so is correct because
list_to_streams has that same validation code already.

[with some tweaks by tabbott for clarity]
2016-11-26 16:48:59 -08:00
Tomasz Kolek a79acf854f docs: Automate creation of Hubot documentation lozenges.
This removes a bunch of semi-duplicated code.
2016-11-26 15:27:54 -08:00
Umair Khan c8fa25ab88 Django 1.10: Update session hash when password is changed.
Ref: https://docs.djangoproject.com/en/1.10/topics/auth/default/#session-invalidation-on-password-change for details.
2016-11-26 15:04:17 -08:00
Rishi Gupta 17f71befb4 mypy: Change six.text_type to typing.Text for a few files.
Preparation for GCI.
2016-11-25 13:55:38 -08:00
Tomasz Kolek d8dee522b6 Fix trello integration by adding handling HEAD confirmation request.
Previously, we rejected the HEAD requests that the trello integration
uses to check if the server accepts the integration.

Add decorator for returning 200 status code if request is HEAD.

Fixes: #2311.
2016-11-18 16:27:16 -08:00
Vladislav Manchev d7e1e4a2c0 Add initial implementation of custom realm filters.
This PR was abandoned by Vladislav and then substantially modified by
Igor Tokarev and Tim Abbott to complete it and fix a number of bugs.

Fixes #544.
2016-11-17 17:11:25 -08:00
Tim Abbott fa8480bb62 subdomains: Add option to make subdomains homepage not a login form. 2016-11-15 19:05:06 -08:00
Tomasz Kolek 1feedbe346 Add github webhook integration. 2016-11-15 10:48:12 -08:00
Tomasz Kolek f05b71b9ca Add handling multiple push info in one request to Bitbucket2 integration. 2016-11-11 15:36:45 -08:00
Tomasz Kolek 085cdb7028 Fix Bitbucket2 push message by truncated commits list. 2016-11-11 15:36:45 -08:00
Tomasz Kolek 81f18b829d Normalize pushing tags event messages in Bitbucket2 integration. 2016-11-11 15:36:45 -08:00
Tomasz Kolek 5980a75e07 Normalize pushing tags event messages in GitLab integration. 2016-11-11 15:36:45 -08:00
Rishi Gupta 5681ee90fa models.py: Rename split_email_to_domain to email_to_domain.
In order to better match models.email_to_username.
2016-11-11 15:26:51 -08:00
Rishi Gupta c1713c9659 Prevent code from using email domain to determine realm when subdomains.
Also removes the intermediate step of going through Realm.domain in the
non-subdomains case. Part of a larger project to remove Realm.domain
entirely.
2016-11-11 15:26:51 -08:00
Rishi Gupta 91f2582c2b templates: Remove for_you block from jinja templates.
No change in behavior. The for_you block had already been removed in
portico.html long ago in a6889080ce. The
contents of the block are still present in the non-portico 404.html
and 5xx.html error pages.
2016-11-11 15:26:08 -08:00
Tim Abbott 48f671a314 same_realm_jabber_user: Remove old ist.mit.edu hack.
This is no longer in use.
2016-11-10 20:50:40 -08:00
Rishi Gupta 3c75ef2d79 Allow users to submit empty content when editing messages.
The closest we have to deleting a message. Was original behavior, but was
changed in 09754c9.
2016-11-10 16:45:18 -08:00
Umair Khan 1e91b946d9 Django 1.10: Sign google oauth requests using csrf token.
In Django 1.10, the get_token function returns a salted version of
csrf token which changes whenever get_token is called. This gives
us wrong result when we compare the state after returning from
Google authentication servers. The solution is to unsalt the token
and use that token to find the HMAC so that we get the same value
as long as t he token is same.
2016-11-10 16:20:03 +05:00
Tim Abbott cf2007d4e0 docs: Add a simple markdown-based help center.
The plan is to use this for adding user documentation to Zulip.
2016-11-09 21:39:55 -08:00
Rishi Gupta 70ab79d056 accounts_register: Apply email_allowed_for_realm check to all code paths.
Needed in case the user was allowed to join the realm when they got the
confirmation email, but is no longer allowed to do so. Check was previously
applied to invited users (those with a prereg_user.referred_by), and is now
applied regardless of how they get to accounts_register.
2016-11-09 16:31:48 -08:00
Rishi Gupta d5f99c4438 views.accounts_register: Remove almost all dependence on domain. 2016-11-09 16:31:48 -08:00
Rishi Gupta 1e6ae537bd Remove special flow for open realm sign-up when realms have subdomains.
Redirects /register/<domain> to /accounts/register when
REALMS_HAVE_SUBDOMAINS.
2016-11-09 16:31:48 -08:00
Rishi Gupta b114690bd5 forms.HomepageForm: Rename subdomain to string_id.
No change to behavior.
2016-11-09 16:31:48 -08:00
Rishi Gupta 38f1ab325c forms.HomepageForm: No longer take a domain argument.
domain was unused. No change to behavior.
2016-11-09 16:31:48 -08:00
Rishi Gupta 35481014a4 views.create_homepage_form: Ensure domain and subdomain match.
Ensure domain and subdomain correspond to the same realm when being passed
to forms.HomepageForm. Previously this was not the case when e.g. we got
here via the /register/<domain> endpoint.

This also effectively disables the register/<domain> endpoint when
REALMS_HAVE_SUBDOMAINS, or rather, foo.server.org/register/bar.com will try
to register you for the realm with string_id foo rather than realm with
domain bar.com.
2016-11-09 16:31:48 -08:00
paxapy 6d93b3b60c lint: Fix E703 pep8 violations. 2016-11-09 15:18:35 -08:00
Steve Howell b5ef679360 Add get_topic_history_for_stream(). 2016-11-09 13:56:27 -08:00
Steve Howell 89b2e51129 Extract is_active_subscriber() helper for streams views. 2016-11-09 13:56:27 -08:00
Mohsen Ibrahim e0351948ba render_message_backend: Pass realm data into bugdown.
Previously, the way that render_messages was calling bugdown meant
that the preview feature didn't have access to realm data like the
list of users or streams, resulting in previews for those elements
being wrong.

Now render_message_backend uses zerver.lib.render_markdown to render
messages correctly.

[Commit message tweaked and test added by tabbott]
2016-11-08 13:43:03 -08:00
paxapy ff1e97603d context_processors: use a common context for emails.
Fixes #1611.
2016-11-08 11:37:16 -08:00
Rishi Gupta 9e6e1a1e69 Remove several instances of datetime.datetime.utcnow().
Change to the timezone-aware django.utils.timezone.now() where django is
available.
2016-11-07 20:13:53 -08:00
umkay f4c621ffe3 admin: Enable admins to toggle supported auth methods via UI.
Add a table to the administration page that will allow realm admins to
activate and deactivate the supported authentication methods for that
realm.
2016-11-06 16:29:35 -08:00
Steve Howell 38f2789152 Remove page_params.email_dict. 2016-11-04 11:37:14 -07:00
Rishi Gupta 4a74301a62 models.py: Replace resolve_subdomain_to_realm with get_realm_by_string_id.
No change in functionality.
2016-11-03 13:59:11 -07:00
Tim Abbott dd008ae559 realm creation flow: Allow signups from all emails.
This (1) removes the check on whether the domain of the email matches
the Realm.domain of an existing realm and (2) avoids setting `realm =
get_realm(domain)` in the realm creation flow, which would cause the
wrong code path to be followed in the event that the domain in a
user's email address happens to match a deactivated realm.
2016-11-03 13:58:52 -07:00
Rishi Gupta 4b60e06991 realm creation flow: No longer create RealmAlias's during sign-up flow.
There are a number of situations in which we will want to automatically
create one, but we should be a bit thoughtful about when we do so.
2016-11-03 13:53:01 -07:00
Tim Abbott 08ce391611 register: Fix using subdomains logic when subdomains is disabled. 2016-11-03 13:51:50 -07:00
Tomasz Kolek 9026f56713 Improve English grammar in bitbucket integration modify comment message.
Add `a` between verb and comment word i.e. updated a [comment] instead of
updated [comment].
2016-11-03 10:18:46 -07:00
Steve Howell 9b04ec7472 Send dicts for cross realm users to JS.
We now send dictionaries for cross-realm bots.  This led to the
following changes:

* Create get_cross_realm_dicts() in actions.py.
* Rename the page_params field to cross_realm_bots.
* Fix some back end tests.
* Add cross_realm_dict to people.js.
* Call people.add for cross-realm bots (if they are not already part of the realm).
* Remove hack to add in feedback@zulip.com on the client side.
* Add people.is_cross_realm_email() and use it in compose.js.
* Remove util.string_in_list_case_insensitive().
2016-11-03 09:51:23 -07:00
Steve Howell 6324fe9ddf Rename get_cross_realm_users to get_cross_realm_emails. 2016-11-03 09:42:27 -07:00
Rishi Gupta db0e509422 do_create_realm: Replace domain argument with string_id.
Turns string_id into a required argument, and domain into an optional
argument.
2016-11-02 22:46:34 -07:00
Rishi Gupta 9ef8536cc6 models.Realm: Require Realm.string_id to be non-NULL.
Adds a database migration, adds a new string_id argument to the management
realm creation command, and adds a short name field to the web realm
creation form when REALMS_HAVE_SUBDOMAINS is False.
2016-11-02 22:46:34 -07:00
Rishi Gupta 64bcd71d6e models.Realm: Rename subdomain to string_id.
Does a database migration to rename Realm.subdomain to
Realm.string_id, and makes Realm.subdomain a property.  Eventually,
Realm.string_id will replace Realm.domain as the handle by which we
retrieve Realm objects.
2016-11-02 22:46:34 -07:00
Tomasz Kolek 4dd8cd9879 Replace "Commit" to commits sha in commits comment events in git integrations. 2016-11-02 22:19:51 -07:00
Tomasz Kolek ce5bb22ace Normalize comment commit event in github integration. 2016-11-02 22:19:51 -07:00
Tomasz Kolek 6ad4cce35c Add object number/id to mention about Issue, PR, etc. to all git integrations. 2016-11-02 22:19:51 -07:00
Tomasz Kolek 762b6b5817 Add on betwen comment action and noun in comments messages from git integrations.
Improve English grammar in comment messages in git integrations
by adding 'on' between comment action and noun (PR, Issue, Commit).
2016-11-02 22:19:51 -07:00
Tomasz Kolek cbd05eb0b2 Normalize bitbucket commit, PR and issues comment event's subject and content. 2016-11-02 22:19:51 -07:00
Tomasz Kolek ef6a1328ce Normalize gitlab snippet or commit comment event's subject and content. 2016-11-02 22:19:51 -07:00
Tomasz Kolek 4fc1488edc Normalize gitlab issue or MR comment event's subject and content. 2016-11-02 22:19:51 -07:00
Umair Khan 8ff2cd3fd7 Only allow proper url for registration.
This commit fixes a bug which occurs when a user tries to bypass the
correct registration url for the completely open domains.
2016-11-02 17:49:30 -07:00
Umair Khan 4cf7040100 subdomains: Use redirect_and_log_into_subdomain for registration.
This fixes a bug where the user who registered a new organization
wasn't correctly logged into that organization.
2016-10-28 11:04:08 -07:00
Umair Khan 26646abe8c Authenticate subdomains using single Google OAuth entry.
Previously, we used to create one Google OAuth callback url entry
per subdomain. This commit allows us to authenticate subdomain users
against a single Google OAuth callback url entry.
2016-10-28 11:04:08 -07:00
Umair Khan 52acdd28bd Fix JWT code in the auth backend.
For some reason, we use 'load' function but it doesn't exist in the JWT
library code. This commit updates the code to use the correct interface
of the JWT library.

The signature verification is done by the decode function.
2016-10-26 14:40:56 -07:00
Tim Abbott 7b9d1a7824 auth: Simplify REALMS_HAVE_SUBDOMAINS redirect code.
This logic was just a duplicate on realm.uri, except that in the case
that subdomains are disabled, it preserves the host in the request.
2016-10-25 13:55:17 -07:00
hackerkid b5816bf99e Don't use zulipdev.com when subdomain support is disabled. 2016-10-25 13:52:13 -07:00
Tomasz Kolek 4790316b57 Add user setting option to always send push notifications.
Add option in user's settings for getting mobile push notifications
even if a Zulip browser is online.  Default is False.

Fixes: #1596.
2016-10-25 10:52:29 -07:00
Rishi Gupta b6da450b96 admin.js: Use RealmAlias instead of Realm to show the restricted domains.
Passes the allowed domains for a realm to the frontend, via
page_params.domains. Groundwork for allowing users to add and
remove domains via the admin setting page, rather than via the
realm_alias.py management command.
2016-10-25 10:07:20 -07:00
Brock Whittaker fca61b2031 Add medium size avatars for use on the user's own settings page.
This adds a medium (500px) size avatar thumbnail, that can be
referenced as `{name}-medium.png`.  It is intended to be used on the
user's own settings page, though we may come up with other use cases
for high-resolution avatars in the future.

This will automatically generate and upload the medium avatar images
when a new avatar original is uploaded, and contains a migration
(contributed by Kirill Kanakhin) to ensure all pre-existing avatar
images have a medium avatar.

Note that this implementation does not provide an endpoint for
fetching the medium-size avatar for another user.

[substantially modified by tabbott]
2016-10-25 09:42:14 -07:00
Tomasz Kolek 6e1674aca5 Normalize github issue or PR comment event's subject and content. 2016-10-20 23:15:51 -07:00
Tomasz Kolek 56dd1a9b90 Normalize gitlab issue event's subject and content. 2016-10-20 23:15:30 -07:00
Tomasz Kolek a8da46db92 Normalize bitbucket issue event's subject and content. 2016-10-20 23:15:30 -07:00
Tomasz Kolek 171a4861cc Normalize github issue event's subject and content. 2016-10-20 23:15:30 -07:00
Tomasz Kolek 89d53a0640 Change name of PR subject template to be applicable for issues. 2016-10-20 23:15:30 -07:00
Tomasz Kolek 289f400c8c Add git integrations method to build message for issues events. 2016-10-20 23:15:30 -07:00
Arpith Siromoney ee97ba04fe Add an API endpoint to send typing notification events.
POST to /typing creates a typing event
Required parameters are 'op' ('start' or 'stop') and 'to' (recipient
emails). If there are multiple recipients, the 'to' parameter
should be a JSON string of the list of recipient emails.
The event created looks like:
{
  'type': 'typing',
  'op': 'start',
  'sender': 'hamlet@zulip.com',
  'recipients': [{
    'id': 1,
    'email': 'othello@zulip.com'
  }]
}
2016-10-20 23:05:18 -07:00
Tim Abbott f9f8b18e2f lint: Ban use of json_success({}) instead of json_success(). 2016-10-20 22:34:04 -07:00
Amy Liu 3ee777a11a Add UI for deactivating your own Zulip account.
Fixes #1009.
2016-10-20 22:29:30 -07:00
Tomasz Kolek 67adf570e7 Remove @-mentions from jira integration.
Because of a lot of annoying notifcations we decided to remove
all @-mentions in jira. We replaced it by just login (without @).
2016-10-20 11:55:12 -07:00
Tim Abbott 4a4664d268 mypy: Remove a bunch of now-unnecessary type: ignore annotations.
Since mypy and typeshed have advanced a lot over the last several
months, we no longer need these `type: ignore` annotations.
2016-10-17 11:48:34 -07:00
Tomasz Kolek 92bfadcca4 Normalize github pull requests event message.
Add detailed info (description, source and target branch, assignee) to message.
Change subject to 'repo_name / PR #id title'.
Modify some test fixtures for better coverage.
2016-10-14 16:54:13 -07:00
Tomasz Kolek ce9ac30fac Normalize bitbucket pull requests event message.
Add detailed info (description, source and target branch, assignee) to message.
Change subject to 'repo_name / PR #id title'.
Modify some test fixtures for better coverage.
2016-10-14 16:54:13 -07:00
Tomasz Kolek 421c51cc14 Normalize gitlab pull requests event message.
Add detailed info (description, source and target branch, assignee) to message.
Change subject to 'repo_name / MR #id title'.
Modify some test fixtures for better coverage.

Fixes: #1883.
2016-10-14 16:54:13 -07:00
Tim Abbott 8f145e03cf views: split events_register.py from main views file. 2016-10-11 21:27:06 -07:00
Tim Abbott 0c02015541 views: Move one-click unsubscribe to its own file. 2016-10-11 21:27:06 -07:00
Tim Abbott 5b7dfafcac views: Move json_refer_friend to invite.py. 2016-10-11 21:27:06 -07:00
Tim Abbott dd352dd456 views: Move invitation views to their own file. 2016-10-11 21:27:06 -07:00
Tim Abbott 67d9e19ccf views: Split views/auth.py out of core views file. 2016-10-11 21:27:06 -07:00
Tim Abbott f1a399a4e1 message: Create new access_message library function.
With reactions and other upcoming features, we'll be adding several
places where we need to check whether a particular user can access a
particular message.  It's best to just have a single helper function
for this purpose that we can use everywhere.
2016-10-11 17:17:19 -07:00
Tim Abbott d2e41ff48e json_fetch_raw_message: Allow fetching messages you received.
This also modifies the tests to verify that the user in question has
access to the relevant message.
2016-10-11 17:17:19 -07:00
Umair Khan 36c6a5d758 Add support for changing user's name by admin.
Fixes: #1553
2016-10-11 16:36:48 -07:00
Rishi Gupta d75731f988 Realm creation flow: Remove invite page.
Previously, we sent users to an "invite your friends" page after they
created an organization. This commit removes that step in the flow and sends
users directly to the home page. We also remove the now-unused
initial_invite_page.html template, initial_invite.js (which pre-filled the
invite emails with characters from literature), and the /invite URL route.
2016-10-11 15:54:05 -07:00
Tomasz Kolek 6fc1193743 Add to gitlab remove branch message handler. 2016-10-10 17:39:05 -07:00
Tomasz Kolek 89ef6c73d1 Normalize github and beanstalk remove branch event message. 2016-10-10 17:39:05 -07:00
Tomasz Kolek 56208d7ea1 Add bitbucket2 remove branch message handler. 2016-10-10 17:39:05 -07:00
Tomasz Kolek b031d6b029 Add bitbucket2 force push event handler. 2016-10-10 17:39:05 -07:00
Tomasz Kolek f084dd05a8 Normalize github and beanstalk force push event message. 2016-10-10 17:39:05 -07:00
Tomasz Kolek e56e3f4aee Normalize bitbucket2 push event subject. 2016-10-10 17:39:05 -07:00
Tomasz Kolek 741a91d249 Normalize bitbucket push event subject. 2016-10-10 17:39:05 -07:00
Tomasz Kolek 1f0f197479 Normalize github and beanstalk push event subjects. 2016-10-10 17:39:05 -07:00
Tomasz Kolek bc4ce7e781 Normalize gitlab push event message.
Fixes: #1884.
2016-10-10 17:39:05 -07:00
Tomasz Kolek 6a727bc476 Normalize bitbucket2 push event.
Normalize bitbukcet2 push event by creating it by
get_push_commits_event_message common function.
2016-10-10 17:39:05 -07:00
Tomasz Kolek 06ad0102a2 Remove now-unused build_commit_list_content. 2016-10-10 17:38:41 -07:00
Tomasz Kolek 809bc5f29b Normalize bitbucket push event.
Normalize bitbukcet push event by creating it by
get_push_commits_event_message common function.
2016-10-10 17:33:02 -07:00
Tomasz Kolek 1c1a003ba1 Normalize github push event.
Normalize github push event by creating it by
get_push_commits_event_message common function.
2016-10-10 17:33:02 -07:00
Umair Khan eb7ce73628 Move name_changes_disabled to zerver.models 2016-10-10 09:27:52 -07:00
Umair Khan d0acda4635 Google: Show error on login page for wrong subdomain.
Takes care of Google OAuth.

Fixes: #1871
2016-10-10 08:42:34 -07:00
Umair Khan c23aaa1785 GitHub: Show error on login page for wrong subdomain.
While logging in through GitHub, if the user tries to login
to the wrong subdomain then show an appropriate message.
2016-10-10 08:42:34 -07:00
Rishi Gupta 777fcaa6a0 Add new organization type field to Realm objects.
Adds a new field org_type to Realm.  Defaults for restricted_to_domain
and invite_required are now controlled by org_type at time of realm
creation (see zerver.lib.actions.do_create_realm), rather than at the
database level.  Note that the backend defaults are all
org_type=corporate, since that matches the current assumptions in the
codebase, whereas the frontend default is org_type=community, since if
a user isn't sure they probably want community.

Since we will likely in the future enable/disable various
administrative features based on whether an organization is corporate
or community, we discuss those issues in the realm creation form.
Before we actually implement any such features, we'll want to make
sure users understand what type of organization they are a member of.

Choice of org_type (via radio button) has been added to the realm
creation flow and the realm creation management command, and the
open-realm option removed.

The database defaults have not been changed, which allows our testing code
to work unchanged.

[includes some HTML/CSS work by Brock Whittaker to make it look nice]
2016-10-05 17:01:46 -07:00
Steve Howell 583a6bbadd Extract zerver/lib/message.py.
This pulls message-related code from models.py into a new
module called message.py, and it starts to break some bugdown
dependencies.  All the methods here are basically related to
serializing Message objects as dictionaries for caches and
events.

    extract_message_dict
    stringify_message_dict
    message_to_dict
    message_to_dict_json
    MessageDict.to_dict_uncached
    MessageDict.to_dict_uncached_helper
    MessageDict.build_dict_from_raw_db_row
    MessageDict.build_message_dict

This fix also removes a circular dependency related
to get_avatar_url.

Also, there was kind of a latent bug in Message.need_to_render_content
where it was depending on other calls to Message to import bugdown
and set it globally in the namespace.  We really need to just
eliminate the function, since it's so small and used by code that
may be doing very sketchy things, but for now I just fix it.  (The
bug would possibly be exposed by moving build_message_dict out to the
library.)
2016-10-04 11:31:20 -07:00
Steve Howell ac994fdd51 Move three functions from models.py to lib/cache.py.
I move these three functions to lib/cache.py:

    to_dict_cache_key_id
    to_dict_cache_key
    flush_message

This will prepare us for a more significant refactoring that
eventually breaks down some circular dependencies with
Message and bugdown.
2016-10-04 11:31:20 -07:00
baali 142dce2cd4 Replace legacy endpoint for renaming a stream and add tests.
This moves the logic for renaming a stream to the REST API
update_stream_backend method, eliminating the legacy API endpoint for
doing so.

It also adds a nice test suite covering international stream names.
2016-10-02 20:33:49 -07:00
Tomasz Kolek 464ced2b48 Add Pipeline Hook event handling to gitlab integration. 2016-10-02 09:35:07 -07:00
Tomasz Kolek 36745a68cf Add Build Hook event handling to gitlab integration. 2016-10-02 09:35:07 -07:00
Tim Abbott c7b7893254 auth: Give nicer subdomain errors when using ZulipDummyBackend.
This improves Google and JWT auth as well as the registration
codepath to log something if the wrong subdomain is encountered.

Ideally, we'd have tests for these, and code to make the Google and JWT
auth cases show a clear error message.
2016-09-27 23:25:07 -07:00
hackerkid ea39fb2556 Add option for hosting each realm on its own subdomain.
This adds support for running a Zulip production server with each
realm on its own unique subdomain, e.g. https://realm_name.example.com.

This patch includes a ton of important features:
* Configuring the Zulip sesion middleware to issue cookier correctly
  for the subdomains case.
* Throwing an error if the user tries to visit an invalid subdomain.
* Runs a portion of the Casper tests with REALMS_HAVE_SUBDOMAINS
  enabled to test the subdomain signup process.
* Updating our integrations documentation to refer to the current subdomain.
* Enforces that users can only login to the subdomain of their realm
  (but does not restrict the API; that will be tightened in a future commit).

Note that toggling settings.REALMS_HAVE_SUBDOMAINS on a live server is
not supported without manual intervention (the main problem will be
adding "subdomain" values for all the existing realms).

[substantially modified by tabbott as part of merging]
2016-09-27 23:24:14 -07:00
Tim Abbott 03bf8893e2 Remove legacy /api/v1/send_message endpoint.
This was the original way to send messages via the Zulip API in the
very early days of Zulip, but was replaced by the REST API back in
2013.

Fixes: #730.
2016-09-27 14:51:54 -07:00
Steve Howell edfa022bac Remove json/get_active_statuses endpoint. 2016-09-27 14:33:56 -07:00
Umair Khan fd9dd51d16 Url encoded name of the file should be an ascii.
The url encoded name of the file should not be a unicode. This
results in an error when we later try to unquote it.

Fixes: #1803
2016-09-26 21:13:34 -07:00
Sahil Dua 058587da77 Remove extra new lines at the ends of Zulip authoried files.
Fixes #1627.

[tweaked by tabbott to avoid patching third-party modules, for now]
2016-09-26 21:05:24 -07:00
Tim Abbott 49faad7bb1 GitLab: Fix minor bytes/text types issue. 2016-09-25 23:29:36 -07:00
Tim Abbott a3eb0be52a GitLab: simplify topics in GitLab integration. 2016-09-25 23:12:24 -07:00
Rishi Gupta 4b62ee8f38 initial invite page: Fix email validation when not restricted_to_domain.
We currently do
  var invite_suffix = "{{invite_suffix}}";
in javascript in the initial_invite_page.html template.
This sets invite_suffix to "{{invite_suffix}}" when the template is rendered
without invite_suffix in the params, rather than to "" as intended. This
later causes problems in the invite_email validator in initial_invite.js.
2016-09-23 15:44:28 -07:00
Steve Howell a04a095738 Speed up alert word detection during message sends.
We no longer use all the alert words for all the users in the
entire realm when we look for alert words in a newly sent/edited
message.  Now we limit the search to only all the alert words
for all the users who will get UserMessage records.  This will
hopefully make a big difference for big realms where most messages
are only sent to a small subset of users.
2016-09-23 15:24:55 -07:00
Steve Howell cb0d75b23b rendering: Consolidate code to render new messages.
We now use render_incoming_message() to render all incoming
new messages (sends/edits), so that they will get the same treatment.

This change also establishes do_send_messages() as the code
path to get new messages rendered.  It removes some
logic from check_message() that only happened on certain code paths
for sending messages, and which would only detect failures by
expensively rendering messages, so it wasn't much of a guard.

This change also helps to phase out maybe_render_content(), which
deepens the call stack without providing much clarity to the reader,
since it's behavior is so variable.

Finally, this sets up to fix a flaw in the way we compute which
users have alert words in their messages (in a subsequent commit).
2016-09-23 15:21:17 -07:00
Tomasz Kolek 95825973c7 Add branch name to topic in Gitlab integration.
Fixes: #1831.
2016-09-23 10:04:01 -07:00
Tomasz Kolek 8cdc5b7a02 Fix bug with wrong branch name in Gitlab integration.
Need to change lstrip to replace particular string with empty string.

Fixes: #1830.
2016-09-23 10:03:09 -07:00
Tim Abbott 939528303d upload: Add type: ignore for mimetypes.guess_type stubs issue. 2016-09-19 21:40:08 -07:00
Steve Howell 1c37c0e93f uploads: Remove redir=False codepath for serving S3 files.
It does not seem that we need to support this any more.  Eliminating
the code gets us to 100% line coverage with our tests on view/uploads.py.
2016-09-17 12:13:07 -07:00
Steve Howell a630bbf8b8 uploads: Remove dead code in serve_local(). 2016-09-17 12:13:07 -07:00
Steve Howell 6ecee2ac4f streams: Simplify list_to_streams().
The list_to_streams() method now uses create_streams_if_needed() to
do its heavy lifting during the autocreate=True case.

This commit gets us to 100% coverage on the streams view.  (The
recently created action.create_streams_if_needed() was easy
to test in isolation, and it has 100% coverage as well, so we are
not cheating here.)

Fixes: #1005.
2016-09-15 10:18:10 -07:00
Steve Howell a9e2ceb4e9 push notifications: Fix very minor quirk when adding tokens.
When we push a device token, we want to clean out any other user's
tokens on the device, but not the current user's.  We were wiping
away our own token, if it existed, before creating it again.  This
was probably never a user-facing problem; it just made for dead code
and a little unnecessary DB churn.  By excluding the current user
from the delete() call, we exercise the update path in our tests now,
so we have 100% coverage.
2016-09-15 06:40:18 -07:00
Rishi Gupta de11e7c1b3 Add support for subdomain URIs to /api and /api/endpoints.
To the extent possible, we share code with the already-existing
IntegrationView code path.
2016-09-13 22:31:56 -07:00