Commit Graph

1477 Commits

Author SHA1 Message Date
Waseem Daher a685b6c1a7 Move logout button.
(imported from commit 38cab4dafd0ddf9e0f5b4fce8fd63c7d52edade2)
2012-10-29 13:01:07 -04:00
Jessica McKellar 7912b2abbe Fix find bug causing a search to skip over the first result.
This would only happen when you hit enter directly, instead of using
the search up / down buttons.

(imported from commit 90301f64b3f24e91c103342bd6a7f1b3e61f8928)
2012-10-29 12:33:53 -04:00
Jessica McKellar cfc2601451 Include timestamps in find-able content.
(imported from commit a084a2d1c90b5f51049768ecd608d34ddd390a7b)
2012-10-29 12:25:48 -04:00
Keegan McAllister 238533500a confirmation: Increase entropy of confirmation_key
I am pretty sure there's no point to using a hash at all.  But until I hear
back from the author, let's at least make sure we put as much entropy into the
hash as we expect to get out of it.

(imported from commit 51a231adeab014cc1af8cb67e89baf06e0a1f593)
2012-10-29 12:02:13 -04:00
Jeff Arnold 267683de76 Terms/privacy changes based on Tim's suggestions
(imported from commit 027ef8b1d61eec4ef4b75d9081fbe7400f9d5817)
2012-10-29 11:28:24 -04:00
Keegan McAllister dcdb8ddc05 Remove confirmation/urls.py
We have our routing for the confirmation view.

(imported from commit 90cc09792e15350a97933f6567d6bb6fa13e94e4)
2012-10-29 11:04:25 -04:00
Keegan McAllister f55c8a4397 confirmation: Use HTTPS in email link
(imported from commit 5bf74ba45c7d09495caa7ecfbf3af6bd80311b9e)
2012-10-29 11:04:25 -04:00
Keegan McAllister a1b72f9d05 Remove confirmation/setup.py
This is just for install.  The less code we have in our repo, the better.

(imported from commit d1da643d0a68ed73a1d2303e9f24215f7d2a24a7)
2012-10-29 11:04:25 -04:00
Jeff Arnold b3cf1a5ffb Fix typo in terms
(imported from commit d523cc890d1dcdc3e3f03a3af094d70c7c4d5d3a)
2012-10-28 17:01:30 -04:00
Jeff Arnold 3889818355 More revisions to the privacy policy and terms of service
(imported from commit e0ea80638132a43abef28a880eee38c9141385f8)
2012-10-28 16:56:28 -04:00
Jeff Arnold 66ecf968e1 More revisions to the privacy policy and terms of service
(imported from commit f6c24d8f2d62f753688b8873a86e6d5fcefff08b)
2012-10-28 16:40:32 -04:00
Jeff Arnold 592451686e More revisions to the privacy policy and terms of service
(imported from commit f6936e7bd8b4d8d2d92f78d697ebc74f180a611a)
2012-10-28 16:08:49 -04:00
Jeff Arnold 1ebd4211a4 Revisions to privacy policy and terms of service
(imported from commit 6f618c858a7c5b53d86a6c032fb7089521c62eb7)
2012-10-28 15:40:56 -04:00
Keegan McAllister 4c0d6eef00 print-all: Provide empty stdin to latex
_out takes a filename but _in takes the input itself.

(imported from commit dee2a1cc920ea3526045146c4e738ca44c38fb47)
2012-10-28 15:20:05 -04:00
Keegan McAllister 9689887cbd Copy the csrf_exempt attribute in @asynchronous
Needed for @csrf_exempt to work.

(imported from commit 563ab11b0d26262511e9a6d9cc2735b0b835a391)
2012-10-27 17:56:18 -04:00
Keegan McAllister da252e8499 runtornado: Abort view processing if request or view middleware returns a response
This is the behavior specified by Django.  Since this was broken before,
our CSRF protection had no effect on Tornado views other than printing
a warning message :(

(imported from commit 7975d3c9b6c18915f917ac2da4592a55f6b6a658)
2012-10-27 17:28:07 -04:00
Keegan McAllister 0f211673ac Puppet: Add missing packages python-flup
Needed for Django runfcgi.

(imported from commit cfd1f20a2f7a08c21e8ab3b321c2928a28319a54)
2012-10-27 12:11:22 -04:00
Keegan McAllister 6ab646cd53 post-receive: Deploy to the new server
Eventually this should go to the staging server, and we'll have a separate
process to migrate changes from there to production.

(imported from commit 2a712758844524fdf2f23f798baf6b607d056b9a)
2012-10-27 11:39:03 -04:00
Keegan McAllister c1171c9832 Change default site in API clients
(imported from commit 185cf8e27cb6ecd1cd8ccca834d30ca0de2236b8)
2012-10-27 11:38:15 -04:00
Keegan McAllister d71b9594fe Configure nginx for the new server
(imported from commit d073276912ea844e75fd710689f152fd7a2213c7)
2012-10-27 11:38:15 -04:00
Keegan McAllister 92b10e3bc2 settings.py: Change deployed check
This is security-critical so we have two checks.

(imported from commit adaa1cefe2d08526cdaac2fb0d8cc02773390224)
2012-10-27 11:18:51 -04:00
Keegan McAllister cbdbc12ab0 Remove config for Apache as app frontend
(imported from commit ae4072bdf59cdfccec76eeee7fd3b99a899eaa19)
2012-10-27 10:56:14 -04:00
Keegan McAllister 36f4ce0c0b Properly defer send_pointer_update setTimeout
(imported from commit 02a9c648eb420c8aebe84386cbb708bec96ca2e7)
2012-10-26 22:48:21 -04:00
Keegan McAllister 92acd7bd1c match_on_visible_text: Return boolean directly, without a conditional
(imported from commit b38800d074ab3e1dd557e49ef5a6cd7adfd677a3)
2012-10-26 22:21:41 -04:00
Keegan McAllister c32b0a1a22 Remove dodgy use of $( array ).last()
Per the docs, these are only meant to be used on arrays of DOM elements.
jQuery might one day assign a different meaning to arrays of strings,
and then we could have some security issues or weird breakage.

(imported from commit 545eee1e9c6955556d5c4bda30cd6db0dce19c60)
2012-10-26 22:21:30 -04:00
Keegan McAllister 5c4fe1d521 Simplify tab click handler
We don't need to get the tab link href twice.

(imported from commit 4b437924c88074e706536b143af493804612746f)
2012-10-26 21:45:05 -04:00
Keegan McAllister 6d0cebb6c2 Simplify update_floating_recipient_bar
The transformation here is

    $($('foo')[0]) -> $('foo:first')

(imported from commit 79ea257c9935eea01c5a2f7afb171045692eff01)
2012-10-26 21:38:39 -04:00
Keegan McAllister 582cb799dd Get rid of the selected_message_class global
Instead we infer this from narrow.active(), with the ability to override during
the narrowing procedure.

(imported from commit fab9c6861f19aedf0ee8af094c1ef4e8a0a73d80)
2012-10-26 21:05:04 -04:00
Keegan McAllister 6e63ac926e Add rows.get_table()
This checks against the table name whitelist before building the jQuery query.

(imported from commit b296f117cdd2707aeb626328f8b0f9e00c723d59)
2012-10-26 21:03:52 -04:00
Keegan McAllister 138721ebbb ui.js: Wrap an extremely long line
(imported from commit e8bef501249cc11655780ab87c425c91e2ad4db5)
2012-10-26 20:41:08 -04:00
Keegan McAllister 19d4631e6f search.js: Call .each on the jQuery match rather than $ itself
(imported from commit cff239b483a8ef1a7997a1430f40a7fda11739b1)
2012-10-26 20:41:08 -04:00
Keegan McAllister a0eea37fd4 search.js: Wrap extremely long line
(imported from commit c5b76e2da4ebb8322b5a69bf0679fa7700bb7bd1)
2012-10-26 20:41:08 -04:00
Keegan McAllister 58ca5b3e24 Harden rows.get against bad input
(imported from commit af0283323089f6ed4edb4cb732fe1cc821fb5dd5)
2012-10-26 20:41:08 -04:00
Keegan McAllister 3ebee51ce0 rows.js: Use full module pattern
(imported from commit 770741958798317401e918a7b8331cfc2f73bf77)
2012-10-26 20:41:08 -04:00
Keegan McAllister 6bd2087d89 zephyr.js: Combine get_huddle_recipient{,_names}
(imported from commit dcb4c32250f4ff3a3cf32d999d6469916b17b06e)
2012-10-26 20:31:52 -04:00
Keegan McAllister 465bbf5614 print-all: Fix incorrect progress output
(imported from commit 266b9da0a4aee094c2df6502766ff06c2a967a2d)
2012-10-26 17:52:47 -04:00
Keegan McAllister b0d669aa03 print-all: Use psnup rather than pdfnup
Our printer strongly dislikes the pdfnup output.

(imported from commit 0539def995191143365ed1e62f1fbf6ec572627e)
2012-10-26 17:49:38 -04:00
Zev Benjamin 5413f74a7e Allow API users to update the pointer and receive pointer updates
The get_profile API call now returns a client_id, which an API user
can pass to update_pointer and get_messages (note that clients still
need to pass a pointer argument to get pointer updates).  This
client_id is currently the equivalent of the website's session key,
but the website might get client_ids in the future to distinguish
browser windows.

This commit differs from 88f6cf0033c849af88d1b99da3bdc2148dfbb6fe in
that it uses request.POST.get("foo") instead of request.POST["foo"].
For some reason the latter triggers CSRF errors.

(imported from commit b2a4a7322d16dbf241cd6eef146621c79d84cafc)
2012-10-26 17:17:09 -04:00
Zev Benjamin b36f1702fc Revert "Allow API users to update the pointer and receive pointer updates"
This reverts commit 88f6cf0033c849af88d1b99da3bdc2148dfbb6fe.
It seems to have broken API users.

(imported from commit 2f861ebc016076547092421f87dbcac00a65e2f6)
2012-10-26 16:19:57 -04:00
Keegan McAllister faa7565a75 Clean up duplicated code in setup.js
(imported from commit 86566f194497b618dff0be6ea2bc829204d03366)
2012-10-26 16:08:18 -04:00
Keegan McAllister 3e86da67f9 Set the CSRF token cookie as HttpOnly
(imported from commit 0bf4239db085edcfc311efeb61da3ef409cc6206)
2012-10-26 16:08:18 -04:00
Keegan McAllister 80ef222a60 Get the CSRF token from the DOM rather than a cookie
This simplifies the code, and lets us set the CSRF cookie as HttpOnly, which
adds a little bit of security.

(imported from commit 9d5923a1acf19bd27e6e1d55cf627049526de245)
2012-10-26 16:08:18 -04:00
Zev Benjamin a4fd478e3d Allow API users to update the pointer and receive pointer updates
The get_profile API call now returns a client_id, which an API user
can pass to update_pointer and get_messages (note that clients still
need to pass a pointer argument to get pointer updates).  This
client_id is currently the equivalent of the website's session key,
but the website might get client_ids in the future to distinguish
browser windows.

(imported from commit 88f6cf0033c849af88d1b99da3bdc2148dfbb6fe)
2012-10-26 16:06:41 -04:00
Waseem Daher 22e6a8ac1d Revert "Hide additional search buttons when not in use."
This reverts commit 074011dfe7dfa4d3cb331b32fc6cf465f98d095f.  For
some reason this introduces some buggy behavior, and if anything I
should debug it more locally first.

(imported from commit 182193e6bb466a5668c2bb64e41712a793fa7ca2)
2012-10-26 15:41:38 -04:00
Waseem Daher b0406ee1d2 update_floating_recipient_bar: Don't loop infinitely if no message selected.
(imported from commit a75cfd41ed8a8ce5256d1caa29f6c5bc0689e7d2)
2012-10-26 15:10:30 -04:00
Tim Abbott fdba3addc8 Update puppet configuration to be slightly more accurate.
This still needs a lot of work though.

(imported from commit 4472488c399f7c5b96bcf900b1a5e957625cb450)
2012-10-26 14:58:05 -04:00
Waseem Daher 9274437eb5 Hide additional search buttons when not in use.
(imported from commit 074011dfe7dfa4d3cb331b32fc6cf465f98d095f)
2012-10-26 14:55:42 -04:00
Waseem Daher 44a6a2b8a4 Have search bar always take on color of main area.
(imported from commit 85f6db17ca2fd616e4c7b63a98b80332cbddc1c0)
2012-10-26 14:31:05 -04:00
Waseem Daher e365b94a27 Restyle searchbox to look more consistent/bootstrappy.
(imported from commit 2d381fb6ea7f27846d583e27dda0fd1a6df77fab)
2012-10-26 14:31:05 -04:00
Jessica McKellar 92593b7cc8 Add basic up/down search functionality, including across narrows.
(imported from commit c82acad95e97733b87d65287c685caf7533a774e)
2012-10-26 14:31:05 -04:00