We set settings_object variable to user_settings object and then
use settings_object everywhere. This change will help us in using
the same code for realm-level settings also by setting the
appropriate value for settings_object.
We refactor the change_notification_setting function to have a url
parameter instead of directly using "/json/settings" directly.
This change will help us in using the same code for realm-level
settings also.
We add code for live updating notification batching period
setting. This commit also adds 'continue' statement in the
else-if condition of update_page function such that we do
not execute the code of checkbox settings for notification
sound and email batching period settings.
We also update the other_notification_settings list in
settings_config.ts to remove email_notifications_batching_period
and instead have email_notifications_batching_period_seconds
which is the correct name of setting used in backend and in
the events sent to the clients such that the live-update is
done correctly.
This commit removes the id from email notification batching period
setting dropdown and adds class such that we can use same template
for the realm-level settings as well. We also add 'setting_'
prefix as we do for other settings and modify the JS code accordingly.
The previous heading was one size too small, and thus was easily
missed when visually skimming for the information.
Additionally, give it a more natural label.
Fixes#17456.
The main tricky part has to do with what values the attribute should
have. LDAP defines a Boolean as
Boolean = "TRUE" / "FALSE"
so ideally we'd always see exactly those values. However,
although the issue is now marked as resolved, the discussion in
https://pagure.io/freeipa/issue/1259 shows how this may not always be
respected - meaning it makes sense for us to be more liberal in
interpreting these values.
In some non-English languages, including Russian, the translation of
EDITED does not properly fit. The best solution is probably something
bigger or having translators abbreviate this string, but it's worth at
least this minimal change to fix extremely ugly overlap behavior for
this widget.
Actual CSS written by Greg Price.
We do not have any system user groups as of
now, but this commit is just a prep commit
to prevent any change in user-facing pages
to avoid confusion till this feature is
completed.
This change was initially made in 6117c38,
but it was reverted in 1543775a due to merge
conflicts with the typescript migration of
user_groups.js.
This change was inspired by the problem of translators needing to
translate "Subscribe" to languages that use different forms depending
on the identity of the noun being subscribed. In most places in the
app, a button with that as the entire label should be translated in
the "subscribe myself" form; but in this one it should be "subscribe
someone else".
Thinking about this, the current label is a bit misleading in English
for someone who ignores the error message text and just reads the
button, so the best fix is to just change the string, which of course
also makes things unambiguous for translators as well.
The test now uses submit_reg_form_for_user, meaning a blank
full_name is posted to /accounts/register/ rather than the
parameter being excluded.
Fixes part of #7564
I had to pass stop_after_reg_form=True, as the call to get_user in
verify_signup fails. I am not sure whether this is the expected
behavior. Also this causes the test to use submit_reg_form_for_user,
meaning a blank password is posted to /accounts/register/ rather than
no password.
Fixes part of #7564
get_user_by_delivery_email should be used, given that the email variable
is the realm email address that the account is being created with, not
the .email field which can be a dummy address based on org settings.
Currently we used to redirect to /new when the user click on buy
standard from the root domain. Instead we redirect to /upgrade page.
The /upgrade page redirect would ask user to enter the subdomain
of their organization and would then redirect them to /upgrade
page of their organization.
Fixes#19641. There was no whitespace between the 'checked' and 'disabled'
attribute, leading to muted checked checkboxes being neither checked nor
disabled (since `checkeddisabled='disabled'` didn't do anything).
This bug was introduced in 747e797.
This change adds a new line before the disabled template code, so that both
the checked and disabled attributes are added properly.
Tested manually to ensure the following cases didn't change when reopening
the stream settings view:
* unchecked disabled checkboxes
* checked enabled checkboxes
* checked disabled checkboxes
This commit adds code for live-updating the realm-level default
settings page which contains only display settings as of now.
This commit also adds realm_user_settings_defaults object to
zpage_params so that we can write the tests.
This commit adds a new module settings_defaults.js which calls
the functions in settings_display passing appropriate container
element and settings object as parameters.
We also add one more parameter for_realm_settings to some of the
functions in settings_dislay to differentiate between the user
and realm-level settings.
This commit refactors the code in settings_display.js
by modifying the functions to receive the container
element and settings object as parameter such that
we can use the same functions for realm-level
settings by passing appropriate container element
and settings object.
This change is needed as settings_display will be
used as a common module for user settings and realm
level settings.
We also rename the default_language_name variable in
settings_display to user_default_language_name as we
would add a separate variable for realm-level setting
in future.
This better matches the title of the page and more generally our
conventions around naming /help/ articles. We include a redirect
because this is referenced from Welcome Bot messages, and we
definitely don't want those links to break.
We want the saving indicator to be sticky in the cases
where we ask user to reload after changing settings.
This used to work correctly before 9e08c6db93, as
'if(remove_after)' returned false if remove_after was
null, but the condition was changed in 9e08c6db93
to 'if(remove_after !== undefined)' and thus the
condition returned true when remove_after was null.
This commit change the remove_after value to undefined
for sticky cases.
This parallels fe25517295, but for mobile notifications. It also
adds a test, which verifies that such content does not crash either
mobile or email notifications.
fe25517295 adjusted the email_notifications codepath to use
`lxml.html.fragment_fromstring` method when parsing
`rendered_content`, but left the tests using a helper which called
`fromstring`.
Switching the tests to match the code as run reveals a bug -- using
`drop_tree` on all `message_inline_image` classes now _does_ remove
all of a top-level image-URL-only message. Previously, such messages
were "safe" from the block that calls `drop_tree` only by dint of
`drop_tree` being a silent no-op for the root element. When parsed
using `fragment_fromstring`, they are no longer the root, and as such
an empty message results.
Reorder relative_to_full_url to check for only one `message_inline_image`
within the top `<div>`, and only run the `drop_tree` path in the
alternate case. Tests must be adjusted for their output now including
one more layer of `<div>`.
AuthnContextClassRef tells the IdP what forms of authentication the user
should use on the IdP's server for us to be okay with it. I don't think
there's a reason for us to enforce anything here and it should be up to
the IdP's configuration to handle authentication how it wants.
The default AuthnContextClassRef only allows PasswordProtectedTransport,
causing the IdP to e.g. reject authentication with Yubikey in AzureAD
SAML - which can be confusing for folks setting up SAML and is just not
necessary.
The previous commit introduced logging of attempts for username+password
backends. For completeness, we should log, in the same format,
successful attempts via social auth backends.
These details are useful to log. This only makes sense for some auth
backends, namely email and ldap backends, because other backends are
"external" in the sense that they happen at some external provider's
server (Google, SAML IdP etc.) so the failure also happens there and we
don't get useful information about what happened.
Our convention is to always have authenticate() called with a request
object. We need to be consistent with that in tests too, to avoid test
failures resulting from breaking that assumption.
We modify assert_login_failure to call client.login() in the same way as
the other similar helpers - with a properly initialized HttpRequest
instance.
The previous phrasing used incorrect terminology (E.g. "stream
members", not "stream subscribers", which is really confusing given
that we have a "member" role which is also relevant in this text).