Use `tabindex` instead of `href` to set focus on `a` tag.
Ideally, we should use `button` for these elements but since
we want to keep the pattern for these dropdowns same where some
`a` elements do have a valid `href`.
(cherry picked from commit 95e74558c5)
For example, gear menu was not closed after `Integrations` button
was clicked since we don't have an event handler which opens
`/integrations` in a new tab but we let the browser navigate user
to `/integrations` after clicking on `a href='/integrations'`.
There was no handler for hiding the popover after clicking on such
links, so this commit adds one.
(cherry picked from commit 70ba7cc042)
This commit migrates `popover_menus` module to TypeScript. Also adds
a placeholder types declaration file for `css_variables` module.
(cherry picked from commit 02257b8cbf)
- Makes "Deployment options" easier to navigate by splitting the
"Reverse proxies" and "System configuration" sections out into
dedicated pages.
Fixes#28928.
(cherry picked from commit 2b95068406)
Previously, the sorting was broken due to
incorrect referencing of the property.
The code has been updated to use the "expiry_date"
property instead of "expires_at".
Fixes#29005.
(cherry picked from commit bf464db61b)
This is no longer necessary for vertical alignment, and by
removing the 6px of padding it represents, bot DM rows will have
the same 22px height as other DM rows.
(cherry picked from commit ea83b1f4de)
LoggingCountStats with a daily duration and that are directly stored
on the RealmCount table (not via aggregation in process_count_stat),
can be in a state, after the hourly cron job to update analytics
counts, where the logged value will be live-updated later, because
the end time for the stat is still in the future.
As these logging counts are designed to be used on the self-hosted
installation for either debugging or rate limiting, sending these
partial/incomplete counts to the bouncer has low value.
(cherry picked from commit 40daf10a74)
The proposed_val for "realm_can_access_all_users_group" setting
was always returning NaN value which resulted in the value
being included in request even when it was not changed or disabled
due to org not being on "Plus" plan. This resulted in a bug where
user was not allowed to change the "guest" indicator setting
on orgs without "Plus" plan.
For orgs with "Plus" plan there was no problem in changing the
setting but the save button was visible incorrectly if the setting
was set to the initial value.
This commit fixes both the bugs.
(cherry picked from commit 4a98eb205d)
The "Who can access all users" setting is not disabled for
organizations not on "Plus" plans in production because of
the "page_params.development_environment" check.
We do not need that check anymore as the feature is now
enabled in production.
(cherry picked from commit ae9ef830f0)
This matches the algorithm that we designed for the Python API, except
that we use a ratio of 2 rather than sqrt(2) in the message_fetch code
path, because it's a heavier request.
We increase the number of failures before showing a user-facing error
to roughly preserve the same time period before a user-facing error is
shown.
(cherry picked from commit b5b496c752)
Previously, these endpoints just did exponential backoff, without
looking at the rate-limiting headers returned by the server, resulting
in requests that the client could have been certain would fail with an
additional rate-limiting error.
Fix this by using the maximum of the existing exponential backoff with
the value returned by the rate-limiting header.
Fixes#28807.
(cherry picked from commit e3960c22be)
This should help reduce the risk of hitting rate limits when users
have a very large number of messages to fetch via this mechanism.
Inline the `messages` variable that was only used in one place while
we're touching this.
(cherry picked from commit 8f32ebe706)
This function incorrectly and misleadingly did an immediate initial
call, despite both of its callers doing immediate calls themselves (in
one case, with a different parameter passed).
This led to unnecessary server load when reloading the app via event
system triggered reloads, since every client would call `/` twice.
(cherry picked from commit 2c56978b02)
This will prevent any message we want to select after narrowing
from being offscreen entirely or partially.
Steps to reproduce the bug:
* `./manage.py populate_db -n 3000 --max-topics=2`
* Narrow to a stream and scroll high up.
* Align two recipient bars together with nothing between them.
* Click on the first recipient bar after keeping the selected message
on the second recipient bar.
* You will see that the selected message is not in view.
(cherry picked from commit 120ff78516)
This was introduced in #28767 with the intention to skip scrolling
the selected message.
So, the actual bug that the PR fixed would have been just fixed
by opening the compose box early.
(cherry picked from commit aa76919ddb)
The update_selection function name was rather misleading, since that
function call is in fact what renders the message list object for the
view.
Also add comments about a few subtle/confusing details that I noticed
while debugging this code path today.
(cherry picked from commit 61ff8f2bef)
As discussed in the new comments, we had a bug where the
system-initiated animated scroll that happens when the compose box
opens as a result of narrowing would race with the internal
rerendering that occurs when the message_fetch request asking the
server for additional data returns.
The correct fix for this is just to open the compose box, if we're
going to do so, before setting the user's scroll position in the
narrowing/rendering process.
This ends up being a UI improvement (in that the compose box is
available for typing a bit earlier) as well as avoiding both the risk
of this race as well as the bad UX of adjusting the user's scroll
position multiple times as part of entering the view.
This does not address an as-yet-unknown bug wherein the animated
scroll that occurs when opening the compose box, when racing with a
background rerender, results in a bogus ending scroll position, though
it's easy to see how that might occur given that rerendering does
clear the DOM briefly.
(cherry picked from commit 4e2a282a1b)
This should give some more room for systems that are still below 4GB
of RAM to use the lower-memory multithreaded mode, which is less
likely to have OOM kills (a very bad experience).
There should be little cost, as few systems are likely allocated with
memory in this range.
(cherry picked from commit a22f418827)
The defaults for how many uwsgi processes to run no longer depend on
the queue processor mode, but instead the total memory on the system.
(cherry picked from commit 62dbe2298e)
The problem was that earlier this was just an uncaught JsonableError,
leading to a full traceback getting spammed to the admins.
The prior commit introduced a clear .code for this error on the bouncer
side, meaning the self-hosted server can now detect that and handle it
nicely, by just logging.error about it and also take the opportunity to
adjust the realm.push_notifications_... flags.
(cherry picked from commit e8018a7285)
This commit updates the API to check the permission to subscribe other
users while creating multi-use invites. The API will raise error if
the user passes the "stream_ids" parameter (even when it contains only
default streams) and the calling user does not have permission to
subscribe others to streams.
We did not add this before as we only allowed admins to create
multiuse invites, but now we have added a setting which can be used
to allow users with other roles as well to create multiuse invites.
Alex Vandiver
Tim Abbott
Aman Agrawal
Lalit
David Rosa
Alya Abbott
sujal
Karl Stolley
Lauryn Menard
Sahil Batra
Anders Kaseorg
Mateusz Mandera