Commit Graph

35633 Commits

Author SHA1 Message Date
Steve Howell 22c8a7ccef invite settings: Fix sorting with multi-user links.
Before this fix, we'd get a traceback if you looked
at invites in the settings (and if one of them was
a multi-user invite link).  This commit fixes
that problem by adding a custom sort.

We also rename the "Email" column to "Invitee",
since it's often the case the invitee isn't an
actually an email, but it's instead a multi-use
link.

Note that the invites UI only works the first time you
enter settings.  Many of the controls break the second
time you enter it.  You can't sort by column header
or use the text filter.

I'll fix that in a subsequent commit.
2020-04-12 14:59:32 -07:00
Steve Howell a06d455228 settings: Extract sort helpers for various lists.
Giving these functions a name and moving them to
the top-level scope has a couple tactical advantages:

    - names show in tracebacks
    - code is less indented
    - setup code is less cluttered
    - will be easier to add unit tests
    - will make some upcoming diffs nicer

These are technically more `compare_foo` than `sort_foo`,
but we already had a naming convention that was sort of
in place.
2020-04-12 14:59:32 -07:00
Tim Abbott 4f23f13c55 fetch-contributor-data: Fix running in production.
The previous logic attempted to check for a venv, rather than putting
itself into the virtualenv automatically.
2020-04-12 12:14:07 -07:00
Anders Kaseorg b1e7d8b51d settings: Harden session and CSRF cookies with __Host- prefix.
This defends against cross-origin session fixation attacks.  Renaming
the cookies means this one-time upgrade will have the unfortunate side
effect of logging everyone out, but they’ll get more secure sessions
in return.

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-04-12 11:55:55 -07:00
Anders Kaseorg f47a9408cd settings: Use existing Django setting to mark CSRF cookie HttpOnly.
Instead of sneakily injecting HttpOnly into the cookie via the path
setting, use the setting that was designed for this purpose.

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-04-12 11:55:55 -07:00
Anders Kaseorg dce6b4a40f middleware: Remove unused cookie_domain setting.
Since commit 1d72629dc4, we have been
maintaining a patched copy of Django’s
SessionMiddleware.process_response in order to unconditionally ignore
our own optional cookie_domain setting that we don’t set.

Instead, let’s not do that.

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-04-12 11:55:55 -07:00
Abhishek-Balaji 68257e28ce emoji_name: Raise correct exception if emoji_name is missing.
Right now, the message is "Invalid characters in emoji name" when
the emoji_name is empty. Changing check_valid_emoji_name() in
zerver/lib/emoji.py which validates the name to accomodate the case
of missing name. The new message is "Emoji name is missing".
2020-04-12 11:52:45 -07:00
arpit551 d60efa1478 thumbor: Fix __file__ typo.
Replaced '__file__' typo with __file__ which used to add
wrong path to sys.path.
2020-04-12 11:23:03 -07:00
Puneeth Chaganti 504216c04e webhooks: Remove deprecated Stash webhooks' fixture. 2020-04-12 11:04:30 -07:00
Puneeth Chaganti 67822a0544 messages: Fix 500 on queries with empty string as search operand.
The error is PGroonga specific since `pgroonga_query_extract_keywords` does
not handle empty string inputs correctly. This commit prevents search
narrows from having empty operands.

Closes #14405
2020-04-12 11:04:09 -07:00
Aman Agrawal c792abebc0 docs: Fix broken link to WSL 2 doc. 2020-04-12 11:03:27 -07:00
Aman Agrawal ca0154c425 dev-docs-setup: Add installation instructions for WSL 2.
Instructions were added by doing the setup on Ubuntu 18.04 WSL 2.

While the setup should be similar for other distributions supported by
our `./tools/provision` script inside WSL, it has not been tested.

Polished by tabbott.
2020-04-11 12:16:29 -07:00
Aman Agrawal cf4349d1c1 tools: Add script to start database services for WSL.
It needs to be run everytime WSL is restarted.
2020-04-11 12:05:33 -07:00
Steve Howell 888214196c unread: Handle message edits that affect mentions.
We had a bug where if your peer mentioned you in
message, but then edited the message not to mention
you, the latter wouldn't reset your unread counts
for "Mentions".  And the same problem would happen
vice versa.

The fix basically extracts `update_message_for_mention`
and makes sure it handles all combinations of
unread/mentioned flags, instead of assuming
any invariants about which directions of change
are possible.

And then we call that new function from
`message_events.js` whenever we get message
edit events.

Fixes #14544
2020-04-11 12:00:46 -07:00
Steve Howell 32157ed6fd node test: Add message for unread/mentions test.
Add the "control" case here of a message that is
already read.
2020-04-11 12:00:46 -07:00
Steve Howell 253a740307 node tests: Use stream message in message_events.
We use a somewhat more realistic message, mostly
to prep for testing some mention/unread stuff in
a subsequent commit.

We also set message booleans.

Unfortunately, `recent_senders` is kind of awkward
for checking a single message, since its only
public API is for sorting.  I don't bother with it.

But I do check the `topic_data` interaction.
2020-04-11 12:00:46 -07:00
Mateusz Mandera 770086f983 url_preview: Discard url in oembed if server returns invalid json.
This fixes the scenario where we'd get errors in the
FetchLinksEmbedData queue processor if oembed got invalid json from the
URL.
2020-04-11 11:54:54 -07:00
Steve Howell b8552e9524 test-js-with-node: Show correct coverage link in color.
We figure out the dev host using the same logic as
dev_settings.py, so that we don't use wrong things
like 127.0.0.1 for droplet users.

And we display the link in cyan.
2020-04-11 07:05:04 -04:00
Steve Howell f28a1a4c6c test-js-with-node: Remove stray comments.
When I introduced EXEMPT_FILES, I forgot
to delete these comments, and they became
totally nonsensical after sorting the list
of files.
2020-04-11 07:05:04 -04:00
wowol 71dfb85607 emails: Allow usage of word subject in send_email.py. 2020-04-10 15:53:35 -07:00
wowol a91ffa7f5f emails: Compile only one template in custom emails. 2020-04-10 15:53:35 -07:00
Tim Abbott 6543788225 inline_email_css: Simplify parsing of template names.
Removing the extensions within the Set construction object was a
confusing way to do things.
2020-04-10 15:52:52 -07:00
Tim Abbott b2cf0aaa38 inline_email_css: Configure cssutils on import.
This is necessary for when we later want to call inline_template from
elsewhere.
2020-04-10 15:51:54 -07:00
wowol 78f3125f0a inline_email_css: Extract inline_template function. 2020-04-10 15:49:10 -07:00
wowol f42adba071 inline_email_css: Extract get_all_templates_from_directory. 2020-04-10 15:44:25 -07:00
wowol b3cc93f961 inline_email_css: Move constants to top, remove chdir. 2020-04-10 15:44:24 -07:00
wowol 0b5a87f98f inline_email_css: Extract strip_unnecesary_tags. 2020-04-10 15:34:17 -07:00
wowol 240d8d565c inline_email_css: Extract escape_jinja2_characters. 2020-04-10 15:29:47 -07:00
Tim Abbott 26c65a5f78 inline_email_css: Extract configure_cssutils. 2020-04-10 15:29:47 -07:00
Tim Abbott 59937ec9fa scripts: Rename inline-email-css to inline_email_css.py.
This is a preparatory step for making it a module that we can import
and call from other code.
2020-04-10 15:29:47 -07:00
Anders Kaseorg d8fce9417b run-dev: Automatically set EXTERNAL_HOST for droplet dev servers.
As of commit 99242138a7 (#14530), this
is required when visiting a droplet dev server remotely.

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-04-10 16:50:13 -04:00
Mateusz Mandera fe8f57b8b7 queue_processors: Write a newline char at the end of stats files. 2020-04-10 13:48:16 -07:00
Mateusz Mandera f5a12e4094 nagios: Fix use of wrong variable in check_rabbitmq_queue.
That was supposed to be queue_name, not queue - the latter leads to
nonsensical results.
2020-04-10 13:48:16 -07:00
Tim Abbott c20b0bd992 check_rabbitmq_queue: Adjust threshholds for some queues. 2020-04-10 13:14:43 -07:00
Steve Howell 1f43b36b06 casper: Extract 17-realm-linkifier. 2020-04-10 08:39:34 -04:00
Steve Howell 629f87b071 casper: Use wait_for_text in custom profile test.
This should avoid some test flakes.
2020-04-10 07:51:25 -04:00
Steve Howell c2cf55ce1b casper: Extract 12-custom-profile.
Breaking the Casper tests into smaller tests
will make it a lot easier in the future to
hone in on test flakes.

Having small tests adds little overhead--most
of the slowness comes from starting the server.
The only extra steps here are logging in and
entering "Manage Organization", which is two
lines of code.

We split out the custom profile test first,
since the code for custom profiles has the
annoying property that it can only run once
before failing, as it has the side effect
of creating a field name that can't be reused.
We only need to run loops to test flakes, so
this isn't an immediate blocker.
2020-04-10 07:51:25 -04:00
Steve Howell 19ca41c5e1 casper: Extract manage_organization helper. 2020-04-10 07:51:25 -04:00
Anders Kaseorg 99242138a7 static: Serve webpack bundles from the root domain.
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-04-10 00:48:02 -07:00
Anders Kaseorg 038b315d8e python: Further pyupgrade changes following merge conflict.
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-04-09 16:59:47 -07:00
Anders Kaseorg 145910bdd5 test_events: Fix incorrect merge conflict resolution.
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-04-09 16:59:47 -07:00
Vaibhav Raj Singh ca5ea44123 design: Make non-editable text-box more distinguishable.
Earlier, the non-editable text-boxes(on clicking view source/edit
topic) were not so apparent due to absence of `disabled` attribute.
Adding the `disabled` attribute makes them consistent with the approach
for non-editable text-boxes and text-areas in organization settings
(for non-admins).

Fixes: #14375
2020-04-09 16:45:17 -07:00
Anders Kaseorg c734bbd95d python: Modernize legacy Python 2 syntax with pyupgrade.
Generated by `pyupgrade --py3-plus --keep-percent-format` on all our
Python code except `zthumbor` and `zulip-ec2-configure-interfaces`,
followed by manual indentation fixes.

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-04-09 16:43:22 -07:00
Anders Kaseorg fff2d3958a timeout: Use Python 3 raise syntax.
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-04-09 16:42:13 -07:00
Steve Howell 4eb1987c39 transmit: Inline send_message_ajax.
The `send_message_ajax` function was a relic
of us having an alternative way to send messages
(web sockets) to the server, but now the indirection
is more confusing than helpful.
2020-04-09 16:11:57 -07:00
Steve Howell 80489843ee message store: Report type confusion errors.
We also complain if the caller sends us
`undefined`.
2020-04-09 16:11:57 -07:00
Steve Howell 5d58590f14 local echo: Fix resending of local messages.
This also fixes trying to cancel a resend of a
local message.

The problem were was type confusion between
strings and ints.

The function in `rows.js` may feel like overkill,
but I really want to enforce type safety here,
as we usually treat message ids as floats, but
for the local-echo case we're gonna get
strings.  I put it in `rows` because we mostly
do a good job of encapsulating the "zid" role
in the DOM there.

By going directly to the DOM here, we avoid
parsing a string to a float and then converting
it right back to a string, which always make
me queasy about float rounding, so one less
moving part.
2020-04-09 16:11:57 -07:00
Steve Howell 082a2f9c2e local echo: Avoid waiting_for_ack leak.
Due to type confusion, we were silently failing
to delete local_id values for messages that were
being acked by the server.

This used to work when we kept values in our
old Dict data structure, since client_message.id
and message.local_id are really the same value,
just the former is a float and the latter's a
string, and Dict never cared.

We can avoid all this confusion, though, by just
consistently using `local_id`, which I extract
to a local var.
2020-04-09 16:11:57 -07:00
Steve Howell 9fa4ec56bb local echo: Fix type errors for message_send_error.
The function message_send_error was messing up
on calls to message.get when we were passing in
string versions of `local_id`.  Now we pass in
float ids.

This fixes a traceback where we tried to set
`.failed_request` on to an `undefined` value
that we had instead expected to be a locally
echoed message from our message store.
2020-04-09 16:11:57 -07:00
Steve Howell f4f403decb refactor: Have try_deliver_locally() return a message.
This will allow us access to the float version of the
message's id in an upcoming commit, without us having
to do possibly brittle string-to-float translations.
2020-04-09 16:11:57 -07:00