Commit Graph

35717 Commits

Author SHA1 Message Date
Tim Abbott 561ded5e59 production: Fix generating bot static files in production.
For upgrade-zulip-from-git to work, we need to be able to run
update-prod-static on production systems, which means provision code
like this cairosvg logic needs to be there for now.
2020-04-17 09:25:48 -07:00
Tim Abbott 0ccc0f02ce upload: Support requesting a temporary unauthenticated URL.
This is be useful for the mobile and desktop apps to hand an uploaded
file off to the system browser so that it can render PDFs (Etc.).

The S3 backend implementation is simple; for the local upload backend,
we use Django's signing feature to simulate the same sort of 60-second
lifetime token.

Co-Author-By: Mateusz Mandera <mateusz.mandera@protonmail.com>
2020-04-17 09:08:10 -07:00
Tim Abbott 7f582b3861 upload: Increase the lifetime of signed upload URLs.
For some mobile use cases, 15 seconds is potentially too short for a
busy+slow device to open a browser and fetch the URL.  60 seconds is
plenty, and doesn't carry a materially increased security risk.
2020-04-17 09:08:10 -07:00
Vishnu KS a9c1fa25d6 upgrade: Set the default billing period to monthly. 2020-04-17 08:57:15 -07:00
vaibhavrajsingh2001 f0c5b1a8d7 design: Use CSS instead of disabled property for non-editable text.
The disabled property actually prevented text selection, so it seems
better to use CSS through the `readonly="readonly"` property.
For this, swapped .prop() with .attr() since .prop() was setting it as
`readonly=""`.
2020-04-17 08:36:21 -07:00
Siddharth Varshney 3e78b3cdc3 help: Add doc for restricting users to change their profile pic.
Fixes part of #14298.
2020-04-16 20:30:30 -07:00
Siddharth Varshney e03176b272 help: Add doc for setting profile picture back to gravatar. 2020-04-16 20:27:52 -07:00
Siddharth Varshney cacf7bb7d4 help: Add docs for who can create and manage user groups.
Part of addressing #14298.
2020-04-16 20:24:01 -07:00
Hashir Sarwar ee0d4541b4 topic_data: Rename `topic_data` module to `stream_topic_history`.
`stream_topic_history` is a more appropriate name as this
module will contain information about last message of a
stream in upcoming commits. Function and variable names
are changed accordingly like:

* topic_history() -> per_stream_history()
* get_recent_names() -> get_recent_topic_names()
* name -> topic_name
2020-04-16 20:11:04 -07:00
Vishnu KS c5eddcb1ca upload: Don't hide upload status if there are errors. 2020-04-16 20:09:19 -07:00
Vishnu KS c06d29d0aa upload: Don't add remaining files if adding a file fails.
If a file cannot be added for upload because of restrictions in frontend
we call cancelAll immediately in 'info-visible' callback. This would
prevent files that are already added to be cancelled but does not cancel
files that are yet to be added. So we use break to prevent any more files
from being added.
2020-04-16 20:09:19 -07:00
Vishnu KS 2f2c384c88 uploads: Don't call cancelAll when upload_files is called with no files.
Existing uploads should not be cancelled if upload_files
is called without any files.
2020-04-16 20:09:19 -07:00
Vishnu KS fc086b7521 uploads: Don't call cancelAll on 'complete' event.
Calling uppy.cancelAll() when a batch of uploads is completed
result in the cancelation of any other batch of uploads that is
in progress. This case happens when a user uploads some files
and then tries to upload another bunch of files before the existing
upload is completed.
2020-04-16 20:09:19 -07:00
orientor cfa7724bcc openapi: Use "description: |" for multiline paragraphs.
"description: |" supports markdown and is overall better for
writing multiline paragraphs. So use it in multiline paragraphs
and line-wrap the newly formed paragraphs accordingly.

Edited by tabbott to change most single-line descriptions to use this
format as well.
2020-04-16 20:02:02 -07:00
Vishnu KS a2781e6364 emails: Set correct language for email in send_email_to_admins.
Previously the emails were translated to the default_language of
admin[0] in build_email function. Now we use realm.default_language
instead.
2020-04-16 19:31:08 -07:00
Vishnu KS 94d4bcd4ec billing: Add tests for reupgrade by billing admin. 2020-04-16 19:28:37 -07:00
Vishnu KS 4207f70568 tests: Remove unused stripe fixtures.
These fixtures were added in 4aa2ac1b52.
The fixture name mentions renewal as the test function name. But we
don't have any function called test_renewal in test_stripe file. This
likely means the fixtures were accidentally added. Also, deleting all
fixtures and running --generate-stripe-fixtures don't result in these
fixtures getting generated as well.
2020-04-16 19:28:37 -07:00
Vishnu KS 3f94195d51 billing: Show appropriate message when not on a paid plan. 2020-04-16 19:28:37 -07:00
Vishnu KS dc4d88f6c9 billing: Call stripe_get_customer only if plan is not empty.
Saves an unnecesary call to Stripe if the plan is empty.
2020-04-16 19:28:37 -07:00
Vishnu KS b686bf76a5 billing: Set plan_name in /billing only if last_ledger_entry is not None.
If make_end_of_cycle_updates_if_needed returns None it means the current
plan has been ended. So we should change the value of variable plan_name
only if last_ledger_entry is not None.
2020-04-16 19:28:37 -07:00
Puneeth Chaganti 464cbcd9c1 tools: Capture incoming bot message screenshot using puppeteer. 2020-04-16 19:25:13 -07:00
Puneeth Chaganti 4d2ce607c9 tools: Add script to trigger webhook notification using fixtures.
When creating a webhook integration or creating a new one, it is a pain to
create or update the screenshots in the documentation. This commit adds a
tool that can trigger a sample notification for the webhook using a fixture,
that is likely already written for the tests.

Currently, the developer needs to take a screenshot manually, but this could
be automated using puppeteer or something like that.

Also, the tool does not support webhooks with basic auth, and only supports
webhooks that use json fixtures. These can be fixed in subsequent commits.
2020-04-16 19:25:13 -07:00
Puneeth Chaganti 4c142b778a generate_zulip_bots_static_files: Move imports outside the function. 2020-04-16 19:25:13 -07:00
Tim Abbott 777a3b6c18 puppet: Fix nagios check to not require typing_extensions. 2020-04-16 17:56:05 -07:00
Tim Abbott e1ce53ac46 puppet: Update nagios checks for disk to exclude kernel filesystems.
The fact that we have to explicitly list these is almost certainly a
bug in check_disk, but at least this works.
2020-04-16 17:49:29 -07:00
Tim Abbott cfbb617f5c puppet: Update nagios configuration for checking local disk. 2020-04-16 17:48:36 -07:00
Tim Abbott 9821dfa9fc puppet: The letsencrypt package is debian is now certbot.
It was an alias starting with Ubuntu Xenial, and will eventually be
removed.
2020-04-16 17:30:01 -07:00
Mateusz Mandera 7ed3c3f9f0 saml: Add setting to require limit_to_subdomains on configured IdPs.
If SAML_REQUIRE_LIMIT_TO_SUBDOMAINS is enabled, the configured IdPs will
be validated and cleaned up when the saml backend is initialized.
settings.py would be a tempting and more natural place to do this
perhaps, but in settings.py we don't do logging and we wouldn't be able
to write a test for it.
2020-04-16 17:04:12 -07:00
Mateusz Mandera 143db68422 saml: Implement limiting of IdP to specified realms.
Through the limit_to_subdomains setting on IdP dicts it's now possible
to limit the IdP to only allow authenticating to the specified realms.

Fixes #13340.
2020-04-16 17:04:08 -07:00
Mateusz Mandera 7a9d592dbe tests: Remove out-of-date comment on a saml test for multiple idps. 2020-04-16 17:02:36 -07:00
Tim Abbott 8e5a866122 puppet: Update tuning for load average monitoring. 2020-04-16 16:47:05 -07:00
Tim Abbott 20ac4e1fba docs: Update changelog for Zulip 2.1.4 release. 2020-04-16 16:20:58 -07:00
Tim Abbott b1ff823798 puppet: Remove old zulipbot configuration.
We haven't used zulipbot hosted here for years.
2020-04-16 16:18:48 -07:00
Tim Abbott 1219a2e854 docs: Deprecate support for Xenial and Stretch.
Also make sure our documentation for upgrading is reasonable for
Stretch => Buster.

Our reasoning for deprecating support for these releases is as follows:

* Ubuntu 16.04 Xenial reached desktop EOL last year; and will reach
  EOL on the server in about a year.

* Debian Stretch will each EOL in 2020 (the precise date is unclear in
  Debian's documentation, but based on past precedent it's in the next
  few months, perhaps July 2020).
  https://wiki.debian.org/DebianReleases#Production_Releases

* Both Ubuntu 16.04 and Debian Stretch use Python 3.5 as the system
  Python, which will reach EOL in September 2020 (and we're already
  seeing various third-party dependencies that we use drop support for
  them).

* While there is LTS support for these older releases, it's not clear it's
  going to be worth the added engineering effort for us to maintain EOL
  releases of the base OSes that we support.

* We (now) have clear upgrade instructions for moving to Debian Buster
  and Ubuntu 18.04.
2020-04-16 15:36:18 -07:00
Pranav daacd2b5bf account settings: Add user_details_section to template.
Added a div(user_details_section) to group all the similar user
settings together into the div. Unindented to make the changes
easily visible.
2020-04-16 15:14:57 -07:00
Pranav e09cccb628 settings-ui: Allow users to view the settings_save_discard_widget.
Removed the condition in the settings_save_discard_widget page which
allowed the page to be rendered only for admins. This change was
important so that this widget can be used on the user settings page
for displaying confirmation messages.

For non-admins, trying to access admin-only settings, behaviour remains
the same as before as these settings are disabled for non-admins.
2020-04-16 15:14:46 -07:00
Tim Abbott d30c8d4a66 terms: Fix email address visibility displayed when accepting ToS.
Apparently, we never tested this unusual flow (primarily used after
Slack import) with an organization with EMAIL_ADDRESS_VISIBILITY_ADMINS.
2020-04-16 11:44:51 -07:00
Abhishek-Balaji b40bd56f3e alert settings: Change style of alert words list.
Narrowing the list of words by reducing margin and padding.
Also reducing the width to 50% of the previous value.
2020-04-15 17:56:14 -07:00
Abhishek-Balaji 52e0063deb alert settings: Move alert word form on top and sort alert words.
The form for entering alert words has been moved above the list
of words.
The list of words will be presented alphabetically rather than
time of addition.
2020-04-15 17:56:14 -07:00
Abhishek-Balaji 255fe13151 alert settings: Include the actual alert word in the success message.
The message now says 'Alert word "foo" added successfully!' when
you add "foo" as an alert word.
2020-04-15 17:56:14 -07:00
Ryan Rehman 9340cd1a0b muting: Send muted_topic's date_muted field to frontend. 2020-04-15 15:48:25 -07:00
Kartik Srivastava a060691389 default streams: Change add api to use stream_id.
This refactors add_default_stream in zerver/views/streams.py to
take in stream_id as parameter instead of stream_name.

Minor changes have been made to test_subs.py and settings_streams.js
accordingly.
2020-04-15 15:47:04 -07:00
vaibhavrajsingh2001 2a212b3300 docs: Add documentation for weekly digest emails.
Added documentation explaining the digest emails feature and how to
disable it, along with a link to the /digest.

Resolves: #14136
2020-04-15 15:38:39 -07:00
Tim Abbott 382261dc72 upgrade-zulip: Remove tsearch-extras on upgrade.
We stopped using tsearch-extras in Zulip 2.1.0 after Anders figured
out how to achieve its goals with native postgres.  However, we never
did a `DROP EXTENSION` on systems thta had upgraded, which meant that
backups created on systems originally installed with Zulip 2.0.x and
older, and later upgraded to Zulip 2.1.x, could not be restored on
Zulip servers created with a fresh install of Zulip 2.1.x.

We can't do this with a normal database migration, because DROP
EXTENSION has to be done as the postgres user, so we add some custom
migration code in the upgrade-zulip-stage-2 tool.

It's safe to run this whenever tsearch_extras.control is installed because:
* Zulip is AFAIK the only software that ever used tsearch_extras.
* The package was only installed via puppet on production servers configured to
  run a local Zulip database.
* We'll only run this code once per system, because it removes the
  package and thus the control files.

Fixes #13612.
2020-04-15 15:18:44 -07:00
Jagan 8ae34eaa12 settings UI: Make the settings avatar delete/edit UI slicker.
Added UI support for uploding the new profile picture by
clicking on the avatar rather than a button.
Added new spinner for loading indication while uploading
a new avatar over the avatar area.
Fixes #10255
2020-04-15 15:15:57 -07:00
Steve Howell aa5ffcbd2e admin user: Sort bot owners by name.
The original commit here was sorting bot owners by
id, which is of course meaningless to users:

    444ce74a8e

It was also returning 1/-1 in cases where the bot
owner on both sides of a comparison were missing,
which is a big no-no for sorting algorithms.
2020-04-15 15:13:26 -07:00
Steve Howell 0b71b092b3 admin users: Fix email sort.
The email sort now works correctly for admins in
realms with hidden emails.  (We want to sort on
delivery email.)
2020-04-15 15:13:26 -07:00
Steve Howell cf741e9a11 list_render: Add replace_list_data().
The data() function was used in only one place,
and it can be replaced now with two simple
lines of code.
2020-04-15 15:13:26 -07:00
Steve Howell d406df75b3 list_render: Remove support for jQuery items.
All of our widgets now use templates to turn
items into HTML strings, so we can simplify
the code.
2020-04-15 15:13:26 -07:00
Steve Howell c9d0c6852e admin users: Use plain HTML and static dates.
We want to avoid creating jQuery objects that just
get turned right back into strings by the list
widget, so we now have our template just include
`last_active_date` instead of kludging it in
after the fact, and we return the template
string in `modifier` rather than wrapping it.

To deal with plain HTML we switch to using
`render_now`.

Calling `render_now` leads to a more simple
codepath than `render_date`, beyond just dealing
with text.

The `render_date` function has special-case logic
that only applies to our time dividers in our
message view, which is why we were passing the
strange `undefined` parameter to it before this
fix.

The `render_date` function was also putting
the dates into `update_list` for once-a-day
updates, which is overkill for an admin screen.
We don't use this logic for drafts or attachments
either.  I'm not sure how well tested that logic
is, and it's prone to slow leaks.

This commit sets us up to simplify the list
widget not to have bit-rot-prone code related
to jQuery objects.
2020-04-15 15:13:26 -07:00