Commit Graph

33623 Commits

Author SHA1 Message Date
Mateusz Mandera a62d084247 social_backends: Rename display_logo to display_icon. 2019-11-03 15:54:05 -08:00
Mateusz Mandera 15126dbe31 docs: Describe the name field of social_backends in /server_settings. 2019-11-03 15:54:05 -08:00
Mateusz Mandera 5a39e70bce social_backends: Remove sort_order from social backend dicts.
These are returned through the API, at the /server_settings
endpoint. It's better to just return the list of dicts with a guarantee
of being sorted in the correct order, than to clutter things with the
sort_order field.
2019-11-03 15:51:49 -08:00
Mateusz Mandera 339f742578 test_signup: Add test for a non-covered case in accounts_register. 2019-11-03 15:51:19 -08:00
Anders Kaseorg 28f3dfa284 js: Automatically convert var to let and const in most files.
This commit was originally automatically generated using `tools/lint
--only=eslint --fix`.  It was then modified by tabbott to contain only
changes to a set of files that are unlikely to result in significant
merge conflicts with any open pull request, excluding about 20 files.
His plan is to merge the remaining changes with more precise care,
potentially involving merging parts of conflicting pull requests
before running the `eslint --fix` operation.

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2019-11-03 12:42:39 -08:00
Anders Kaseorg f7245e9ec6 unminify: Update for webpack chunk splitting.
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2019-11-01 18:25:30 -07:00
Mateusz Mandera 2e1529e879 registration: Fix logic disabling password requirement in the form.
This small block of code was over-indented. It should be run in this
part of the function unconditionally, not inside an "else" block.
We obviously want it to run regardless of whether
request.POST.get('from_confirmation')
is True or not.
2019-11-01 16:59:06 -07:00
Hashir Sarwar 35561c7fa8 docs: Replace username with YOUR_USERNAME in Git clone.
The other similar commands in this file use this style.
2019-11-01 16:39:50 -07:00
Mateusz Mandera a4838d8b97 urls: Reorder where the accounts/login/google/ endpoint is defined.
Needed so that the google entry in social_backends in /server_settings
shows the new url rather than the legacy accounts/login/google/ url as
the login url.
2019-11-01 16:30:52 -07:00
Mateusz Mandera 29314f3195 api: Remove unused /get_auth_backends endpoint.
This legacy endpoint was designed for the original native Zulip mobile
apps, which were deprecated years ago in favor of the React Native
app.

It was replaced by /server_settings for active use years ago, so it's
safe to remove it now.
2019-11-01 12:30:59 -07:00
Lobster 7e4f8a42cf docs: Update redmine integration documentation.
With some textual tweaks by tabbott.
2019-11-01 12:21:37 -07:00
Anders Kaseorg 87b23720f5 blueslip: Apply ESLint.
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2019-11-01 12:13:59 -07:00
Mateusz Mandera 8fd51a0ab5 docs: Improve SAML development environment docs. 2019-10-31 14:16:41 -07:00
Thomas Ip c93522d847 blueslip: Make stack trace more readable.
The stack trace popup is now sourcemapped and each stackframe have a
expandable code context window.

[anders@zulipchat.com: Rebased and simplified.]
2019-10-31 13:47:54 -07:00
Anders Kaseorg 94c8fffdf3 docs: Fix invalid link.
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2019-10-30 18:41:40 -07:00
David Rosa dc5dbcbee3 docs: Merge "Backups" with export-and-import.
- Merges the "Backups" section from production/maintain-secure-upgrade.md
  with existing "Backups" section in production/export-and-import.md.
- Cleans up and makes content more clear/explicit.
- Adds short missing section on how to use wal-e configuration.
- Removes a lot of previously duplicate text explaining the difference between
  the tools.
- Various textual tweaks by tabbott.

Fixes #13184 and resolves #293.
2019-10-30 17:22:02 -07:00
Vishnu Ks 2f5f23ecc6 tests: Remove get-presence from curl test exclude_list. 2019-10-30 16:49:27 -07:00
Vishnu Ks 7aabbe2f35 tests: Remove delete-queue from curl test exclude_list. 2019-10-30 16:49:27 -07:00
Vishnu Ks a99b96d9db tests: Remove get-events-from-queue from curl test exclude_list. 2019-10-30 16:49:27 -07:00
Vishnu Ks 4aae633d59 tests: Remove get-stream-topics from curl test exclude_list. 2019-10-30 16:49:27 -07:00
Vishnu Ks db294072be tests: Remove update-subscription-data from curl test exclude_list. 2019-10-30 16:49:27 -07:00
Vishnu Ks eb567abcec tests: Remove mark-as-read-bulk from curl test exclude_list. 2019-10-30 16:49:27 -07:00
Vishnu KS 39f7d250bd tests: Remove update-message-flags from curl test exclude_list. 2019-10-30 16:49:27 -07:00
Vishnu KS 31a50753f3 tests: Remove get-message-history from curl test exclude_list. 2019-10-30 16:49:27 -07:00
Vishnu KS 93c003d2aa tests: Remove update-message from curl test exclude_list. 2019-10-30 16:49:27 -07:00
Vishnu KS 8e9ccdf376 tests: Remove get-raw-message from curl test exclude_list. 2019-10-30 16:49:26 -07:00
Tlazypanda 722f3a6cfe docs: Add documentation for tab switcher.
Documentation for tab switcher added under User documentation
features as a section at the bottom of "Tips and Warnings" article.

Text substantially rewritten by tabbott.

Fixes #12505
2019-10-30 16:36:30 -07:00
Mateusz Mandera 65a709fb48 docs: Fix typo in gsoc-ideas.md.
This is a GSoC doc, so the GSoD reference seems to be a misspelling.
2019-10-30 16:20:38 -07:00
Andrew Szeto b312001fd9 rabbitmq: Set a short TCP keepalive idle time on BlockingConnection.
The code comment explains this issue in some detail, but essentially
in Kubernetes and Docker Swarm systems, the container overlayer
network has a relatively short TCP idle lifetime (about 15 minutes),
which can lead to it killing the connection between Tornado and
RabbitMQ.

We fix this by setting a TCP keepalive on that connection shorter than
15 minutes.

Fixes #10776.
2019-10-30 16:15:44 -07:00
David Wood 7fc72dff44 left sidebar: Avoid unnecessary scrollbar.
This commit modifies the `#add-stream-link` element to be a `div`
containing the previous `a` element. The margin that was added to
`#stream-filters-container .simplebar-content` is then moved to that new
`div`.

This preserves the intended behaviour of the commit which introduced
the margin, to fix #12519 while removing an unnecessary scrollbar
which could hide the top-most stream in the stream list.

Fixes #13050

Signed-off-by: David Wood <david@davidtw.co>
2019-10-30 13:21:28 -07:00
Anders Kaseorg c10f3f87b7 package.json: Move @types/* to devDependencies.
We only run TypeScript as a linter, so these need only be present in
development.

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2019-10-30 13:13:21 -07:00
Anders Kaseorg c31615a760 package.json: Remove @types/source-map.
`source-map` provides its own types, so with TypeScript configured
with `--moduleResolution node`, we don’t need the obsolete
`@types/source-map` package.

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2019-10-30 13:13:21 -07:00
Anders Kaseorg 98676f5a1f typescript: Move js/js_typings/zulip/index.d.ts to js/global.d.ts.
The js_typings directory is not set up correctly for us to add new
type declarations for untyped external modules.  The correct
configuration would be something like

{
    "compilerOptions": {
        "baseUrl": ".",
        "paths": {
            "*": ["js_typings/*"],
        },
        "typeRoots": ["js_typings"],
    },
    "exclude": [
        "js_typings",
    ],
}

but that configuration is incompatible with using the same directory
for _internal_ modules like the ones declared here.

Also, correct some mistakes the generation of this list.

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2019-10-30 13:12:54 -07:00
Anders Kaseorg 8654af367d tsconfig: Set module-related options.
Set `--esModuleInterop` and `--isolatedModules` for consistency with
Babel.  `tsc --init` adds `--esModuleInterop` by default.

Set `--moduleResolution node` so we can find type definitions in
modules that provide them.

Set `--forceConsistentCasingInFileNames`, which seems like a good
idea, and which `tsc --init` will add by default in TypeScript 3.7.

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2019-10-30 13:12:54 -07:00
Anders Kaseorg 7a0a186e5f tsconfig: Remove redundant options.
`--jsx preserve` and `--removeComments false` are already the default.
`--strict` already implies `--noImplicitAny`, `--noImplicitThis`,
`--alwaysStrict`.

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2019-10-30 13:12:54 -07:00
Anders Kaseorg 70f72a3ae8 security: Send SameSite=Lax cookies.
Send the `csrftoken` and `sessionid` cookies with `SameSite=Lax`.
This adds a layer of defense against CSRF attacks and matches the new
default in Django 2.1:

https://docs.djangoproject.com/en/2.1/releases/2.1/#samesite-cookies

This can be reverted when we upgrade to Django ≥ 2.1.

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2019-10-30 13:12:11 -07:00
Anders Kaseorg 042c558bb3 eslint: Enable sort-imports rule.
I figure we should enable this before we have lots of imports.

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2019-10-30 13:10:25 -07:00
Anders Kaseorg 0ae2c5c96e nginx: Enable TLS 1.3 if supported.
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2019-10-30 13:09:57 -07:00
Anders Kaseorg d577537304 pointer: Fix pointer update.
Commit d17b577d0c (#13321) incorrectly
transformed this line, even though I thought my script had a specific
guard against this.

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2019-10-30 11:50:15 -07:00
Rafid Aslam 447f74ae63 Upgrade pika to 1.1.*.
Upgrade pika to 1.1.* and make some changes accordingly
to comply with the new version.

Fixes #12899.
2019-10-29 17:01:12 -07:00
Tim Abbott c7c6f01236 docs: Advertise SAML authentication as an official feature.
Fixes #13275.
2019-10-29 16:55:22 -07:00
Mateusz Mandera 4561652513 ldap docs: LDAP backend now works for initial realm creation.
Fixes #9576.

Initial realm creation now works fine with the LDAP backend, so the
part of the docs about needing to create the first realm with the
email backend is unnecessary and just complicates the setup process,
so it seems best to just remove it.
2019-10-29 16:21:58 -07:00
Tim Abbott 18b4a58bc2 docs: Update GSoC/GSoD ideas pages.
The main goal is to correct sections that clearly haven't been updated
since 6+ months ago.
2019-10-29 16:07:10 -07:00
Mateusz Mandera f229839022 docs: Document social_backends in /server_settings.
This updates the docs for the /server_settings endpoint to document the
newly added social_backends structure.
2019-10-29 15:57:29 -07:00
Hemanth V. Alluri ac9008f564 openapi: Update the test and python code example for get-all-users.
This is following the change to the /users endpoint where we allow
an optional parameter "include_custom_profile_fields" which would
allow the client to request for users' custom profile fields along
with their other standard data.
2019-10-29 15:41:35 -07:00
Hemanth V. Alluri c1370547d5 events: Only send bot_type for bots and thus remove the for_api param. 2019-10-29 15:41:35 -07:00
Hemanth V. Alluri fa6bd42f4c docs: Update the example for /users for custom profile fields.
The previous example no longer gives a good enough idea of what the user
can expect when the `include_custom_profile_fields` boolean parameter is
set to true.
2019-10-29 15:41:35 -07:00
Hemanth V. Alluri 5b3e346369 users: Send custom profile fields with the /profile endpoint. 2019-10-29 15:41:35 -07:00
Anders Kaseorg d6377b00c0 node_cache: Don’t retry copying node_modules; let yarn do its thing.
`copytree` throws an error if the target already exists, and we don’t
really want to rerun the copy anyway.

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2019-10-29 12:30:28 -07:00
Anders Kaseorg d4443bc4f8 requirements: Upgrade Python requirements.
Addresses a potential Pillow DoS vulnerability, among other things.

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2019-10-28 16:42:20 -07:00