Sahil Batra
94f0837b9c
settings: Restrict length of realm Jitsi url custom input.
...
We have a restriction of 200 characters for jitsi_server_url
realm setting custom input element.
Fixes part of #27355 .
2023-12-14 12:11:59 -08:00
Sahil Batra
633ec698f5
realm: Enfore length restriction on jitsi_server_url at API level.
...
Previously, passing a url longer than 200 characters for
jitsi_server_url caused a low-level failure at DB level. This
commit adds this restriction at API level.
Fixes part of #27355 .
2023-12-14 12:11:59 -08:00
Alex Vandiver
bedb68b2fe
registration: Prevent injecting arbitrary strings via query param.
...
While the query parameter is properly excaped when inlined into the
template (and thus is not an XSS), it can still produce content which
misleads the user via carefully-crafted query parameter.
Validate that the parameter looks like an email address.
Thanks to jinjo2 for reporting this, via HackerOne.
2023-12-14 12:00:16 -08:00
Alex Vandiver
9067220af6
signup: Send status code 400 on invalid emails.
2023-12-14 12:00:16 -08:00
Lauryn Menard
83d6481f6f
support: Add the remote realm's plan type to the support view.
...
The plan type for the remote realm is useful to compare to any
current plan attached to the same remote realm.
2023-12-14 11:38:02 -08:00
Alya Abbott
b8d05aea1b
portico: Update count of Tim's daughters on /team page.
2023-12-14 11:33:57 -08:00
Tim Abbott
1757b88760
billing: Offer release announcement subscriptions.
...
Also avoid prompting for full name time more than once.
Adds TOS version field to Remote server user.
Co-authored-by: Karl Stolley <karl@zulip.com>
Co-authored-by: Aman Agrawal <amanagr@zulip.com>
2023-12-14 10:51:16 -08:00
Alex Vandiver
4ef93de128
zilencer: Set the remote server as the user in Sentry.
2023-12-14 09:46:21 -08:00
Alex Vandiver
863c1c28f7
zilencer: Log why the server got a 401.
2023-12-14 09:46:21 -08:00
Tim Abbott
036b1156f2
zilencer: Avoid using stale last_audit_log_update.
2023-12-14 09:26:45 -08:00
Aman Agrawal
e02e0cd37e
models: Make it easier to debug current plan name and status.
...
`print(plan)` now works to know the plan tier and status.
2023-12-14 08:22:25 -08:00
Aman Agrawal
d795400b21
billing: Allow upgrade scheduled legacy orgs to view billing page.
...
Don't redirect them to sponsorship page.
2023-12-14 08:22:25 -08:00
Aman Agrawal
34a1be80a4
model: Use same name for legacy plan across the app.
2023-12-14 08:22:25 -08:00
Anders Kaseorg
c7245d5f3b
models: Make ScheduledMessage.read_by_sender non-nullable.
...
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-12-14 08:16:31 -08:00
Anders Kaseorg
77a6f44455
message_send: Add read_by_sender API parameter.
...
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-12-14 08:16:31 -08:00
Anders Kaseorg
d7d5b6c73e
models: Move Message.sent_by_human to Client.default_read_by_sender.
...
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-12-14 08:16:31 -08:00
Anders Kaseorg
d893ff5ba8
digest: Exclude bots with sender.is_bot, not sent_by_human.
...
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-12-14 08:16:31 -08:00
Sahil Batra
92c1dfc248
message_send: Optimize checking access to DM recipients.
...
We previously used get_accessible_user_ids to check whether the
sender can access all DM recipients, which was not efficient as
it queries the Message table. This commit updates the code to
make sure we use get_inaccessible_user_ids which is much more
efficient as it limits the queries to only DM recipients and
also queries the Message table only if needed.
This can still be optimized further as mentioned in #27835 but
this commit is a nice first step.
2023-12-14 08:14:09 -08:00
Lauryn Menard
8bce83709f
corporate: Add billing support email constant.
...
Adds BILLING_SUPPORT_EMAIL to `stripe.py` with a value of
"sales@zulip.com" so that it can be consistently used in
billing code.
2023-12-14 08:12:01 -08:00
Mateusz Mandera
651590c49a
remote_billing: Store acting users in remote user audit logs.
2023-12-14 08:11:04 -08:00
Anders Kaseorg
a13e42f18a
docs: Add missing spaces around code spans.
...
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-12-14 00:05:44 -08:00
Aman Agrawal
10ef308848
migrate_server_to_realm: Reset server tier during migration.
2023-12-13 22:29:30 -08:00
Aman Agrawal
a5311c8032
stripe: End legacy plan before approving full sponsorship.
2023-12-13 22:29:30 -08:00
Alex Vandiver
612f2c73d6
send_custom_email: Support JSON extra context with remote servers.
2023-12-13 22:28:20 -08:00
Alex Vandiver
2863b5954e
send_custom_email: Make --json an additional filter, not a target.
2023-12-13 22:28:20 -08:00
Alex Vandiver
2de1a23721
send_custom_email: Provide an unsubscribe link for remote servers.
2023-12-13 22:28:20 -08:00
Alex Vandiver
791d66fe28
send_custom_email: Split out the sending to remote servers.
2023-12-13 22:28:20 -08:00
Alex Vandiver
62e6b10ecd
send_email: Pull admins_only back into send_custom_email filtering.
...
There is no reason for this to be an explicit argument to
send_custom_email, when the rest of the filtering already happens
upstream.
2023-12-13 22:28:20 -08:00
Alex Vandiver
1229e38a0d
send_custom_email: Stop lying about the type of options.
...
Saying `**options: str` is a lie, since it contains bools. We pluck
out the two bools that we need properly typed because we will be
pushing them into function calls, and type them explicitly as bools.
2023-12-13 22:28:20 -08:00
Tim Abbott
bfa3d144eb
zilencer: Don't try to migrate ended plans.
2023-12-13 17:55:00 -08:00
Tim Abbott
b8deb44a05
zilencer: Fix mismigrated plan type assertion.
2023-12-13 17:55:00 -08:00
Tim Abbott
d040664952
billing: Set the legacy plan type when migrating.
2023-12-13 16:40:44 -08:00
Tim Abbott
6308e07e53
billing: Standardize remote server plan type IDs.
...
This will likely save us at least one headache.
2023-12-13 16:40:44 -08:00
Lauryn Menard
89545891f6
support: Filter remote realm data query for customer realm None.
2023-12-13 14:36:23 -08:00
Lauryn Menard
a897d68d93
support: Add active plan information to remote server activity.
...
Adds three columns to the remote server activity chart and updates
the chart key for the third of those columns.
The first is the plan name. If there are multiple plans with a
status under the live threshhold, then we send "See support view".
The second is the plan status. If there are multiple plans, then
we send "Multiple plans".
The third is the estimated annual revenue for the plan. Note that
for free trials, this will be calculated as if the plan was paid
for 12 months (so a full year).
If there is no plan for the server under the live threshold or at
all then "---" is inserted into the table row. Note that 100%
sponsored servers/realms would fall into this category.
2023-12-13 13:43:00 -08:00
Lauryn Menard
484c0df076
corporate: Move renewal_amount to BillingSession framework.
2023-12-13 13:43:00 -08:00
Tim Abbott
1abe22b0a1
mailmap: Add entry for Rohan Gudimetla.
2023-12-13 13:28:19 -08:00
Sahil Batra
f0d429d0f9
remote_server: Handle data of non existent realms.
...
This commit adds code to make sure that the push
notification does not crash on receiving data for
a non-existent realm.
2023-12-13 13:13:12 -08:00
Tim Abbott
c43eb10224
mailmap: Add entry for Viktor Illmer.
2023-12-13 12:54:54 -08:00
Karl Stolley
09c32cbe30
Revert "portico: Disable self-hosted tab for logged-in cloud users."
...
This reverts commit 857630707a
.
2023-12-13 12:23:02 -08:00
Lauryn Menard
68d117e60a
support: Add sponsorship request information to remote support view.
2023-12-13 10:28:11 -08:00
Lauryn Menard
e8500fbdb0
support: Include sponsorship request for remote server support view.
...
Preparation for updating the sponsorship forms template to include
information about the latest sponsorship request if sponsorship is
pending.
2023-12-13 10:28:11 -08:00
Aman Agrawal
35b644c564
populate_billing_realms: Don't create plan for sponsored remote realm.
2023-12-13 08:13:33 -08:00
Aman Agrawal
9efb236c35
remote_billing_page: Fix redirects for self hosted login.
2023-12-13 08:13:33 -08:00
Aman Agrawal
081d94c4e8
stripe: Add user and org metadata to stripe payments.
2023-12-13 08:13:33 -08:00
Aman Agrawal
039f6af79e
billing: Link plan name to /plans page.
2023-12-13 08:13:33 -08:00
Aman Agrawal
998685f2e7
sponsorship: Show sponsored plan name for sponsored orgs.
...
The `plan_name` is incorrect here since the customer will not
have an active plan for approved sponsorship.
2023-12-13 08:13:33 -08:00
Aman Agrawal
0c99420ceb
stripe: Don't approve sponsorship for customers on paid plan.
...
This would avoid us accidentally approving sponsorship for customers
on paid plan.
2023-12-13 08:13:33 -08:00
Sayam Samal
c61b353b4b
gear_menu_popover: Update the rocket icon used for plan and pricing.
...
Fixes #28163 .
2023-12-13 07:59:13 -08:00
Sahil Batra
27d236fb52
popover: Fix user popover and profile for bot with inaccessible users.
...
We incorrectly passed bot owner ID to get_bot_owner_user instead of
the bot object.
2023-12-13 00:45:20 -08:00