Commit Graph

55131 Commits

Author SHA1 Message Date
Aman Agrawal 9889dc38fe event_status: Pass billing_base_url to calculate realm specific URLs. 2023-12-01 08:55:58 -08:00
Aman Agrawal bb7b0b6731 upgrade: Provide billing_base_url in page_params.
This makes it cleaner to calculate URLs for the current session type.
2023-12-01 08:55:58 -08:00
Aman Agrawal 222077804b upgrade: Simplify getting session data for card update. 2023-12-01 08:55:58 -08:00
Aman Agrawal 0286f10816 stripe: Move non class specific function outside.
Doesn't seem to benefit from being defined inside the class.
2023-12-01 08:55:58 -08:00
Aman Agrawal 25cf0f71a3 event_status: Remove unused variables in context. 2023-12-01 08:55:58 -08:00
Aman Agrawal 953f0f436e stripe_event_handler: Rename get_billing_session. 2023-12-01 08:55:58 -08:00
Prakhar Pratyush b32950d790 notifications: Revert API changes for push_notifications_enabled.
This commit reverts the API changes in 56ec1c2.
2023-12-01 08:14:14 -08:00
Alex Vandiver 569c364392 users: Fetch and lock the user row before updating its role.
We want to both (a) take a lock on the UserProfile row, and (b)
modify the passed-in UserProfile object, so that callers see the
changes in the object they hold.  Unfortunately,
`select_for_update` cannot be combined with `refresh_from_db`
(https://code.djangoproject.com/ticket/28344).  Call
`select_for_update` and throw away the result, so that we know we have
the lock on the row, then re-fill the `user_profile` object with the
values now that the lock exists.
2023-11-30 16:15:23 -08:00
Alex Vandiver 9b1bdfefcd nagios: Use a better index on UserActivity for zephyr alerting.
Limiting only by client_name and query leads to a very poorly-indexed
lookup on `query` which throws out nearly all of its rows:

```
Nested Loop  (cost=50885.64..60522.96 rows=821 width=8)
  ->  Index Scan using zerver_client_name_key on zerver_client  (cost=0.28..2.49 rows=1 width=4)
        Index Cond: ((name)::text = 'zephyr_mirror'::text)
  ->  Bitmap Heap Scan on zerver_useractivity  (cost=50885.37..60429.95 rows=9052 width=12)
        Recheck Cond: ((client_id = zerver_client.id) AND ((query)::text = ANY ('{get_events,/api/v1/events}'::text[])))
        ->  BitmapAnd  (cost=50885.37..50885.37 rows=9052 width=0)
              ->  Bitmap Index Scan on zerver_useractivity_2bfe9d72  (cost=0.00..16631.82 rows=..large.. width=0)
                    Index Cond: (client_id = zerver_client.id)
              ->  Bitmap Index Scan on zerver_useractivity_1b1cc7f0  (cost=0.00..34103.95 rows=..large.. width=0)
                    Index Cond: ((query)::text = ANY ('{get_events,/api/v1/events}'::text[]))
```

A partial index on the client and query list is extremely effective
here in reducing PostgreSQL's workload; however, we cannot easily
write it as a migration, since it depends on the value of the ID of
the `zephyr_mirror` client.

Since this is only relevant for Zulip Cloud, we manually create the
index:

```sql
CREATE INDEX CONCURRENTLY zerver_useractivity_zehpyr_liveness
    ON zerver_useractivity(last_visit)
 WHERE client_id = 1005
   AND query IN ('get_events', '/api/v1/events');
```

We rewrite the query to do the time limit, distinct, and count in SQL,
instead of Python, and make use of this index.  This turns a 20-second
query into two 10ms queries.
2023-11-30 16:01:55 -08:00
Anders Kaseorg 3b9bb7b2d2 zulip-icons: Use WOFF2 format for icon font.
We’re currently generating the icon font in five formats: Embedded
OpenType, WOFF, WOFF2, TrueType, and SVG.  But they’re misordered by
webfonts-loader such that modern browsers always select the WOFF
version.  WOFF2 is supported by all modern browsers, so just use that
exclusively.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-11-30 16:00:53 -08:00
Mateusz Mandera 7fad8f1f54 remote_billing: Implement session expiry mechanism.
We still need to add better UX than these JSON errors. We'll want to
utilize the next parameter and redirect the user back to login.
2023-11-30 15:51:10 -08:00
Mateusz Mandera ea9e2ece49 remote_billing: Extract RemoteBillingUserDict sub-dict. 2023-11-30 15:51:10 -08:00
Mateusz Mandera 5a198c639e remote_billing: Sort out remote_billing_identities typing.
This does two important things:
1. Fix return type of get_identity_dict_from_session to correctly be
   Optional[Union[RemoteBillingIdentityDict, LegacyServerIdentityDict]].
   RemoteBillingIdentityDict is the type in the 8.0+ auth flow,
   LegacyServerIdentityDict is the type in old servers flow, where only
   the server uuid info is available.
2. The uuid key used in request.session["remote_billing_identities"]
   should be explicitly namespaced depending on which flow and type
   we're
   dealing with - to avoid confusion in case of collisions between a
   realm and server that have the same UUID. Such a situation should not
   occur naturally and I haven't come up with any actual exploitation
   ideas that could utilize this by manipulating your server/realm
   uuids, but it's much easier to just not think about such collision
   security implications by making them impossible.
2023-11-30 15:51:10 -08:00
Sayam Samal 8370268f89 upload: Prevent drag-and-drop of an image onto itself.
Previously, dragging an image and dropping it in on itself led to the
image being re-uploaded, which is probably not the intent of a user.

This commit prevents this reuploading of the same image by explicitly
checking if the image is being dragged onto itself, and then rejecting
this action.
2023-11-30 15:39:26 -08:00
Anders Kaseorg 04a6696e33 timerender: Add fallbacks for browser time zone detection.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-11-30 12:44:31 -08:00
Anders Kaseorg 9c7453c11e people: Downgrade get_user_time error to warning.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-11-30 12:36:06 -08:00
Sahil Batra bc2f1ab68c settings: Fix user-access setting dropdown in dark mode.
This commit fixes the design of user access setting
dropdown in dark mode including the case when the
dropdown is disabled.
2023-11-30 12:33:44 -08:00
Sahil Batra 728737ef0e user-groups: Remove banner shown on successful group creation.
There is no need to show the banner on successful group creation
as we anyways open the settings page of newly created group.
2023-11-30 12:33:44 -08:00
Sahil Batra f84857959c user-groups: Hide "+" button if user is not allowed to create groups. 2023-11-30 12:33:44 -08:00
Sahil Batra d8b3c5581c settings: Fix "Actions" column width for subscribers and members list.
We reduced the width of "Actions" column too much in stream subscribers
and group members list when there were no users matching the text in
search input and it did not look good because of "Actions" heading
being shifted to extreme right.

This commit fixes it by removing the "actions" class on the heading,
which was used to set the width to "1%" which is needed for tables
with only icons in buttons to avoid unused space but not here.

As a result of removing this class, the CSS of "min-width: 100px"
is being applied to the column, but that's fine atleast for stream
subscribers list as it did not look good before due to scrollbar
overlapping the buttons and it looks better now.

For the group members list, we set min-width to 80px, as we do
not require 100px width and it is enough to avoid overlapping
scrollbars to an extent.

The overlapping scrollbars problem is still not fixed completely
but that will handled in a separate commit. This commit was
just to make the heading row look better when there are no users
in the list.
2023-11-30 12:33:44 -08:00
Alex Vandiver 7f96bed17b stream_traffic: Use the realm_id to get a much better-indexed query.
This reduces the query time by an order of magnitude, since it is able
to switch from a raw `stream_id` index to an index over all of
`realm_id, property, end_time`.
2023-11-30 12:32:30 -08:00
Aman Agrawal 867ca61e86 upgrade: Remove impossible case.
/billing/upgrade no longer returns stripe_session_url after
splitting up the add card and purchase part.
2023-11-30 11:22:19 -08:00
Aman Agrawal 8d485726e4 upgrade: Make add card workflow functional.
Add / update card for remote realms on /upgrade page works now.
2023-11-30 11:22:19 -08:00
Aman Agrawal a39cb2bda3 session: Migrate to typed endpoint. 2023-11-30 11:22:19 -08:00
Aman Agrawal d05315b051 event_status: Migrate to typed_endpoint. 2023-11-30 11:22:19 -08:00
Aman Agrawal e493d998ff event_status: Remove unused retry payment message.
Non-success payments already return an error in backend, so
we will never get here for card payments.
2023-11-30 11:22:19 -08:00
Aman Agrawal 05f2ad5299 event_status: Migrate to typed_endpoint. 2023-11-30 11:22:19 -08:00
Aman Agrawal 4d60c3a96c models: Allow realm_id to be blank.
We cannot provide realm_id for some remote session logs.
2023-11-30 11:22:19 -08:00
Aman Agrawal 5c9a10da31 stripe: Call log create method once.
Makes it easier to look at.
2023-11-30 11:22:19 -08:00
Tim Abbott cab0215f3f decorator: Pass RemoteServerBillingSession to views. 2023-11-30 11:22:19 -08:00
Aman Agrawal 7540e70cc8 decorator: Pass remote billing session instead of remote realm.
Since endpoints using the
`authenticated_remote_realm_management_endpoint` decorator
want to initialize a billing session and if need be remote_realm
is accessible to via the session variable.
2023-11-30 11:22:19 -08:00
Aman Agrawal 1df8e00d7c remote_billing: Redirect to upgrade/sponsorship page based on next.
We pass `next` parameter with /self-hosted-billing to redirect
users to the intended page after login.

Fixed realm_uuid incorrectly required in remote_realm_upgrade_page.
2023-11-30 11:22:19 -08:00
Lauryn Menard 2c34dcf7dc corporate: Use enum value for type of plan tier change.
Updates do_change_plan_to_new_tier in BillingSession to use an
enum for the value returned when checking for a valid change
between two plan tier types. This makes it more explicit that
the implementation for a valid upgrade in plan tier will be
different from a valid downgrade in plan tier.
2023-11-30 09:43:55 -08:00
Lauryn Menard 4eea4d4717 corporate: Move invoice_plan to BillingSession abstract class. 2023-11-30 09:43:55 -08:00
Karl Stolley 08eb971523 left_sidebar: Adjust STREAMS header grid for spectators. 2023-11-30 08:38:26 -08:00
Alya Abbott fc83fc8017 help: Document license management and downgrades. 2023-11-30 08:36:15 -08:00
David Rosa 2b0476f5d0 help: Document new polls UI.
Updates article to follow current help center documentation patterns,
and documents the new polls UI.

Fixes #27849.
2023-11-30 08:32:38 -08:00
Prakhar Pratyush 0e575a491f version: Fix incorrect API_FEATURE_LEVEL.
This should have been updated in 56ec1c2.
2023-11-30 08:28:52 -08:00
Alya Abbott 7b71ea3314 help: Add tab for Zulip 8.0+ features. 2023-11-29 23:44:00 -08:00
Tim Abbott ebb02bad8f billing: Add INVOICING_STATUS_ prefix to values. 2023-11-29 23:32:56 -08:00
Tim Abbott 610338d192 billing: Add BILLING_SCHEDULE_ prefix to values. 2023-11-29 23:32:56 -08:00
Tim Abbott 5d6b635efe billing: Use better variable names for plan tiers.
The existing values didn't have our standard type-prefixing naming
scheme.

Add some extra unused placeholder values while we're at it.
2023-11-29 23:32:56 -08:00
Sayam Samal 408a273ba0 message_view_header: Rename variables and function to specify context.
In this commit, we rename the variables `message_view_header` and
`message_view_header_data` with `context`. We also rename function
`make_message_view_header` with `get_message_view_header_context`.

This new naming convention provides better context about the use
cases of the variables and functions.
2023-11-29 22:14:58 -08:00
Sayam Samal 91cf7ca36f message_view_header: Update tooltip when user is not logged in.
In this commit, we hide the subscriber count on the message view
header tooltip for spectators, since this information is not available
to such users.
2023-11-29 22:14:58 -08:00
David Rosa af3956e1a9 help: Document upgrade flow, billing, and sponsorship requests.
Documents how to upgrade to a paid plan, manage billing, and
apply for sponsorship.

Fixes #27946.
2023-11-29 21:50:44 -08:00
Aman Agrawal 7997af675b recent_view: Fix filter dropdown enabled after search for spectators.
This is because we render the filters again after search and
hence any events or classes that were attached to widget were reset.
2023-11-29 21:47:36 -08:00
Aman Agrawal 47cdffb5fb recent_view: Drop unread header for spectators. 2023-11-29 21:47:36 -08:00
Aman Agrawal 7834748dd7 css: Fix modal exit button colors not working on billing pages.
This was due to color variables not being accessible as `zulip.css`
is not a file we import on billing page.
2023-11-29 21:46:13 -08:00
Alex Vandiver c4b619af15 puppet: Change /etc/rabbitmq to be owned by rabbitmq.
The Ubuntu and Debian package installation scripts for
`rabbitmq-server` install `/etc/rabbitmq` (and its contents) owned by
the `rabbitmq` user -- not `root` as Puppet does.  This means that
Puppet and `rabbitmq-server` unnecessarily fight over the ownership.

Create the `rabbitmq` user and group, to the same specifications that
the Debian package install scripts do, so that we can properly declare
the ownership of `/etc/rabbitmq`.
2023-11-29 21:45:35 -08:00
Sayam Samal 329370305f topic_sidebar_actions: Remove extra line in spectators view. 2023-11-29 21:45:21 -08:00