Commit Graph

55829 Commits

Author SHA1 Message Date
Mateusz Mandera 7cca077fe6 templates: Move remote_realm_server_mismatch_error.html to zerver.
This is rendered by regular self-hosted servers, so doesn't belong in
zilencer.
2024-01-15 21:32:00 -08:00
Mateusz Mandera ba50faced4 remote_billing: Fix /self-hosted-billing/ handling for desktop app.
When you click "Plan management", the desktop app opens
/self-hosted-billing/ in your browser immediately. So that works badly
if you're already logged into another account in the browser, since that
session will be used and it may be for a different user account than in
the desktop app, causing unintended behavior.

The solution is to replace the on click behavior for "Plan management"
in the desktop app case, to instead make a request to a new endpoint
/json/self-hosted-billing, which provides the billing access url in a
json response. The desktop app takes that URL and window.open()s it (in
the browser). And so a remote billing session for the intended user will
be obtained.
2024-01-15 21:32:00 -08:00
Mateusz Mandera aea290a278 remote_billing: Improve nocoverage tagging on self_hosting_auth_redirect. 2024-01-15 21:32:00 -08:00
Anders Kaseorg 49d2727e6e test_remote_billing: Use unordered comparison for deactivation test.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2024-01-15 16:51:09 -08:00
Mateusz Mandera 0cbbb98cc2 zilencer: Have server send realm_uuid to remaining bouncer endpoints.
Requests to these endpoint are about a specified user, and therefore
also have a notion of the RemoteRealm for these requests. Until now
these endpoints weren't getting the realm_uuid value, because it wasn't
used - but now it is needed for updating .last_request_datetime on the
RemoteRealm.

(cherry picked from commit e2291b7656)
2024-01-15 16:51:09 -08:00
Mateusz Mandera 3a4d45022f zilencer: Add last_request_datetime to RemoteRealm + RemoteZulipServer.
For the RemoteRealm case, we can only set this in endpoints where the
remote server sends us the realm_uuid. So we're missing that for the
endpoints:

- remotes/push/unregister and remotes/push/unregister/all
- remotes/push/test_notification

This should be added in a follow-up commit.

(cherry picked from commit 3dca333b8d)
2024-01-15 16:51:09 -08:00
Tim Abbott 81b42e3c41 zilencer: Fix community plan push notifications.
(cherry picked from commit 5dc1d36f73)
2024-01-15 16:51:09 -08:00
Mateusz Mandera 6478cb53f4 test_push_notifications: Use self.server instead of .get expression.
It makes no sense to do RemoteZulipServer.objects.get with
self.server_uuid, when there simply is self.server.

(cherry picked from commit d3e8ddd6ce)
2024-01-15 16:51:09 -08:00
Mateusz Mandera 7a4a8f55c0 zilencer: Set .remote_realm for existing RemotePushDeviceToken.
Old RemotePushDeviceTokens were created without this attribute. But when
processing a notification, if we have remote_realm, we can take the
opportunity to to set this for all the registrations for this user.

(cherry picked from commit 82ee93d967)
2024-01-15 16:51:09 -08:00
afeefuddin 5841813ac4 portico-header: Dropped find accounts link for smaller windows.
Fixes #27477

(cherry picked from commit 76d79701a2)
2024-01-15 12:02:53 -08:00
Alex Vandiver 495312b86a logrotate: smokescreen has its own config file.
149bea8309 added a separate config file
for smokescreen (which is necessary because it can be installed
separately) but failed ot notice that `zulip.template.erb` already had
a config line for it.  This leads to failures starting the logrotate
service:

```
logrotate[4158688]: error: zulip:1 duplicate log entry for /var/log/zulip/smokescreen.log
logrotate[4158688]: error: found error in file zulip, skipping
```

Remove the duplicate line.

(cherry picked from commit 725affcb5a)
2024-01-15 12:02:53 -08:00
Anders Kaseorg ea862aa29f notification_settings: Open push notification docs link in new tab.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
(cherry picked from commit f93fbd34c7)
2024-01-15 12:02:53 -08:00
Vector73 e2cb2da864 settings: Fix setting label click functionality.
This commit fixes "Automatically follow topics where I'm mentioned"
setting label click functionality so that the setting is toggled
on clicking the label .

(cherry picked from commit 1c286a6835)
2024-01-15 12:02:53 -08:00
Sahil Batra 363d98a203 message: Allow system bots to mention group if everyone else can.
We now allow system bots to mention a group if can_mention_group
setting is set to "role:everyone" group and not when it is set
to some other group.

(cherry picked from commit 76b2e6de0b)
2024-01-15 12:02:53 -08:00
Anders Kaseorg bb7b9af676 user_status: Fix parsing of partial user_status events.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
(cherry picked from commit dd3a8ce3b5)
2024-01-15 12:02:53 -08:00
Alex Vandiver 87d6ef4df7 docs: Fix selfhoster URL to be the canonical one.
We redirect from `/serverlogin` to `/serverlogin/`, so save a 301.

(cherry picked from commit a787062633)
2024-01-15 12:02:53 -08:00
Alex Vandiver 5f5ad2f0b1 queue_processors: Defer initial email connection creation.
We previously created the connection to the outgoing email server when
the EmailSendingWorker was first created.  Since creating the
connection can fail (e.g. because of firewalls or typos in the
hostname), this can cause the `QueueProcessingWorker` creation to
raise an exception.  In multi-threaded mode, exceptions in the worker
threads which are _not_ during the handling of a specific event
percolate out to `log_and_exit_if_exception` and trigger the
termination of the entire process -- stopping all worker threads from
making forward progress.

Contain the blast radius of misconfigured email servers by deferring
the opening of the connection until it is first needed.  This will not
cause any overall performance change, since it only affects the
latency of the very first email after startup.

(cherry picked from commit c618c42729)
2024-01-15 12:02:53 -08:00
Alex Vandiver f298889cbf process_queue: For threaded workers, create them when they start.
Creating the QueueProcessingWorker objects when the ThreadedWorker is
created can lead to a race which caused confusing error messages:

1. A thread tries to call `self.worker = get_worker()`
2. This call raises an exception, which is caught by
   `log_and_exit_if_exception`
3. `log_and_exit_if_exception` sends our process a SIGUSR1, _but
    otherwise swallows the error_.
4. The thread's `.run()` is called, which tries to access
   `self.worker`, which was never set, and throws another exception.
5. The process handles the SIGUSR1, restarting.

Move the creation of the worker to when it is started, so the worker
object does not need to be stored, and possibly have a decoupled
failure.

(cherry picked from commit 8dfa6fa735)
2024-01-15 12:02:53 -08:00
Akash Kumar Singh 7add9f6d56 docs: Update PostgreSQL support table for Zulip Server 8.x.
Co-authored-by: Alex Vandiver <alexmv@zulip.com>
(cherry picked from commit d2c60a1ddc)
2024-01-15 12:02:53 -08:00
Alex Vandiver 443a2afa5d documentation: Support having no sidebar for policies docs.
We document the sidebar as being optional, so make it so.

(cherry picked from commit 1455690486)
2024-01-15 12:02:53 -08:00
Alex Vandiver 042a4ab858 management: Provide a way to deactivate the push registration.
(cherry picked from commit 57c083a4e9)
2024-01-15 12:02:53 -08:00
Alex Vandiver da49f1bac1 s3: Add a setting for S3 addressing style.
This controls if boto3 attempts to use
`https://bucketname.endpointname/` or `https://endpointname/bucket/`
as its prefix.  See
https://botocore.amazonaws.com/v1/documentation/api/latest/reference/config.html

Fixes: #28424.
(cherry picked from commit c1a26380a9)
2024-01-15 12:02:53 -08:00
Alex Vandiver 5192ae0fd2 s3: Only use get_bucket to get to boto3 clients and resources.
boto3 has two different modalities of making API calls -- through
resources, and through clients.  Resources are a higher-level
abstraction, and thus more generally useful, but some APIs are only
accessible through clients.  It is possible to get to a client object
from a resource, but not vice versa.

Use `get_bucket(...).meta.client` when we need direct access to the
client object for more complex API calls; this lets all of the
configuration for how to access S3 to sit within `get_bucket`.  Client
objects are not bound to only one bucket, but we get to them based on
the bucket we will be interacting with, for clarity.

We removed the cached session object, as it serves no real purpose.

(cherry picked from commit 617c35398a)
2024-01-15 12:02:53 -08:00
Alex Vandiver c5394d9ca0 s3: Stop caching get_boto_client, which is only ever called once.
e883ab057f started caching the boto client, which we had identified
as slow call.  e883ab057f went further, calling
`get_boto_client().generate_presigned_url()` once and caching that
result.

This makes the inner cache on the client useless.  Remove it.

(cherry picked from commit f8c432bd53)
2024-01-15 12:02:53 -08:00
Alex Vandiver 51ee0d8896 send_password_reset_email: Add a flag to only email users who need it.
Emailing the password reset email to users who have already logged in
is not as useful.

(cherry picked from commit b6d3193abf)
2024-01-15 12:02:53 -08:00
Alex Vandiver 1a230d9d45 send_password_reset_email: Narrow type of users.
5a32ea52ae changed the return type of `get_users`, enabling this.

(cherry picked from commit c4b4a8de5b)
2024-01-15 12:02:53 -08:00
Alex Vandiver 21cff09737 ci: Switch 6.0 production to be on Ubuntu 22.04.
This causes us to cover all of our supported operating systems, and
Ubuntu 22.04 support was originally added in Zulip Server 6.0.

(cherry picked from commit 545e1f9487)
2024-01-15 12:02:53 -08:00
Alex Vandiver fd2b8c5d8f ci: Test upgrades from Zulip Server 8.0.
(cherry picked from commit 8615be8981)
2024-01-15 12:02:53 -08:00
Lauryn Menard 8c2e5a3cc1 integrations: Simplify instruction for generating incoming webhook URL.
As the help center article now has detailed instructions to generate
an incoming webhook URL, the integration documentation only needs to
link to that information.

(cherry picked from commit 67e77ad370)
2024-01-05 10:32:54 -05:00
Sahil Batra e67c0d19c5 user_pill: Add support to not allow adding inaccessible users manually.
We previously allowed adding pills for inaccessible user by typing
the email manually. This commit updates it to handle inaccessible
users like we handle invalid emails.

(cherry picked from commit 9197a2c3e2)
2024-01-05 10:32:54 -05:00
Sahil Batra f9eea995fd input_pill: Define a type for pill_config object.
(cherry picked from commit ede88191a8)
2024-01-05 10:32:54 -05:00
Alya Abbott 3decf380d7 settings: Update description text in Settings > Topics panel.
(cherry picked from commit 2732da2bb2)
2024-01-05 10:32:54 -05:00
Prakhar Pratyush 3f875be21b user_topics: Validate 'topic' parameter length <= max_topic_length.
Earlier, 'topic' parameter length for
'/users/me/subscriptions/muted_topics' and '/user_topics' endpoints
were not validated before DB operations which resulted in exception:
'DataError: value too long for type character varying(60)'.

This commit adds validation for the topic name length to be
capped at 'max_topic_length' characters.

The doc is updated to suggest clients that the topic name should
have a maximum length of 'max_topic_length'.

Fixes #27796.

(cherry picked from commit c4330be2b1)
2024-01-05 10:32:54 -05:00
Mateusz Mandera 8332486848 docs: Add tiny note about Keycloak URL format in SAML doc.
That specific piece of the instructions makes it sound like /auth/ is
surely supposed to be there in the URL. But newer versions of Keycloak
don't have it - so mention that explicitly, not to create a wrong
expectation.

(cherry picked from commit 75212e7ded)
2024-01-05 10:32:54 -05:00
N-Shar-ma 6b0ad1a7f5 compose: Clear stream id when prompting user for stream selection.
Now we clear the stream id from the compose state on opening the stream
selection dropdown when no stream is specified.

This fixes the bug where the compose box placeholder text would refer to
the previously selected stream, even when the open stream dropdown had
no stream selected.

(cherry picked from commit 48d0d49fde)
2024-01-05 10:32:54 -05:00
Joydeep Bhattacharjee ba39529100 css: Fix the color of alert word in dark theme.
This was incorrectly not declared as a theme-dependant color.

Fixes #28407.

(cherry picked from commit e3744627ac)
2024-01-05 10:32:54 -05:00
Sahil Batra 4c01110c88 settings: Fix discard button in groups UI in dark theme.
(cherry picked from commit 8f795e22e8)
2024-01-05 10:32:54 -05:00
Anders Kaseorg 3bc37819a9 docs: Correct certutil invocation for importing self-signed certificate.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
(cherry picked from commit 711f6433cb)
2024-01-05 10:32:54 -05:00
Sahil Batra 660edba4dd user_groups: Do not remove the user group row if user can join again.
We now do not remove the user group row immediately from "Your groups"
panel when user is removed from the group, if the user can join that
group again by themselves. This makes the behavior similar to what
we have for streams.

(cherry picked from commit 377df9e4db)
2024-01-05 10:32:54 -05:00
Alex Vandiver e311b372cb install: Support PostgreSQL 16.
(cherry picked from commit 1ba2f39854)
2024-01-05 10:32:54 -05:00
Sahil Batra f799190bea settings: Show push notifications tooltip on stream specific row.
This commit fixes the bug about not showing the tooltip about push
notifications not being enabled on the server on checkbox in stream
specific notification row.

(cherry picked from commit 415fb2014b)
2024-01-05 10:32:54 -05:00
Sahil Batra 4e549e684f settings: Do not show tooltip if push notifications are enabled.
We previously showed tooltips about push notifictions not being
enabled on server on the checkboxes in "Notification triggers"
section incorrectly when server had push notifications enabled.

This bug was present as realm_push_notifications_enabled was
not passed to the template correctly. This commit fixes it by
instead using "is_disabled" in the "if" condition as we only
expect it to be true when push notifications are not enabled
on server.

(cherry picked from commit 99f29983a1)
2024-01-05 10:32:54 -05:00
Anders Kaseorg 17631304c2 models: Extract zerver.models.lookups.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2024-01-05 10:32:54 -05:00
Anders Kaseorg cf14f27602 models: Move query_for_ids to zerver.lib.query_helpers.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2024-01-05 10:32:54 -05:00
Anders Kaseorg 25592eba22 models: Extract zerver.models.alert_words.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2024-01-05 10:32:54 -05:00
Anders Kaseorg 7781591131 models: Extract zerver.models.bots.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2024-01-05 10:32:54 -05:00
Anders Kaseorg df111bc35a models: Extract zerver.models.custom_profile_fields.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2024-01-05 10:32:54 -05:00
Anders Kaseorg 4621ca76fc models: Extract zerver.models.onboarding_steps.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2024-01-05 10:32:54 -05:00
Anders Kaseorg f98bacc241 models: Extract zerver.models.realm_audit_logs.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2024-01-05 10:32:54 -05:00
Anders Kaseorg d07d773809 models: Extract zerver.models.scheduled_jobs.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2024-01-05 10:32:54 -05:00