Commit Graph

723 Commits

Author SHA1 Message Date
acrefoot 5a49c5e280 Denormalize urls in routes file.
Currently we use the deprecated django pattern() prefix pattern.
This make it hard to read the router logic in zproject/urls.py

This commit denormalizes the urls so that they can be read
more easily, at the expense of some verbosity. This also makes it
easier to reorganize urls in that file.

We skip denomalizing rest_dispatch due to its unique complications.
2016-06-24 15:12:51 -07:00
Tim Abbott 1565ee8453 Fix using LDAP backend with Zulip mobile apps.
The recent changes to api_fetch_api_key to receive detailed data via
the "return_data" object did not properly update the LDAP backend to
accept that argument, causing mobile password authentication to not
work with the LDAP backend.
2016-06-21 14:57:54 -07:00
Vishnu Ks ad1c3894d9 Add interface for creating new realms.
This is controlled by settings.OPEN_REALM_CREATION; if that setting is
off, this feature doesn't do anything.
2016-06-17 16:15:28 -07:00
Vishnu Ks 8213ca135a Move default_stream list to settings. 2016-06-17 16:01:38 -07:00
Tim Abbott b5e92f541a Add new documentation on Zulip settings system.
Fixes: #962.
2016-06-17 12:15:15 -07:00
Tim Abbott 6d1d7471e6 Refactor out zproject/dev_settings.py. 2016-06-17 12:15:15 -07:00
kunall17 007eee6061 Add route to fetch emails for mobile passwordless login.
[Tweaked by tabbott to rename API to explicitly support not just
Android]
2016-06-17 11:03:19 -07:00
kunall17 7ea0eaed1c Add passwordless login for mobile app development.
[Tweaked by tabbott to rename API to explicitly support not just
Android].
2016-06-17 10:58:33 -07:00
Tim Abbott e109b50152 Fix alignment of airbrake integration in urls.py. 2016-06-16 15:30:45 -07:00
Tomasz Kolek 76cbe89613 Add IFTTT integration. 2016-06-16 15:30:45 -07:00
Tim Abbott 02e6d267f1 [third] Replace jquery-caret with newer implementation.
Apparently, there are like 5 independently developed jquery-caret
plugins, none of which are great.  The previous one we were using was
last modified in 2010.  This new one comes from
https://github.com/acdvorak/jquery.caret and at least doesn't use
deprecated jQuery syntax and has a repository on GitHub.

This plugin is way larger than it needs to be for what it does, but we
can deal with that later.
2016-06-14 16:36:51 -07:00
Tomasz Kolek 4e51a86ea4 Add updownio integration. 2016-06-14 12:14:07 -07:00
Tomasz Kolek 14d69348d3 Add Airbrake integration. 2016-06-13 20:36:40 -07:00
Tim Abbott 8b9c66aac5 Fix missing $ at end of webhook URL patterns. 2016-06-10 17:12:05 -07:00
rahuldeve fa13582ffb Serve uploaded files through get_uploaded_file in development.
Previously, uploaded files were served:
* With S3UploadBackend, via get_uploaded_file (redirects to S3)
* With LocalUploadBackend in production, via nginx directly
* With LocalUploadBackend in development, via Django's static file server

This changes that last case to use get_uploaded_file in development,
which is a key step towards being able to do proper access control
authorization.

Does not affect production.
2016-06-09 22:58:25 -07:00
rahuldeve e1a2660e70 Refactor realm_id to realm_id_str in url.py. 2016-06-08 09:49:14 -07:00
Tim Abbott bc2961d3ac Refactor file upload routes to their own file. 2016-06-06 16:09:05 -07:00
Umair Khan 0ab6b99cbb Fix backend i18n bug.
`makemessages` escapes the `%` sign in `.po` files, but Jinja2 does
not unescape it while replacing the tranlation strings. In Jinja2,
there is an updated implementation of gettext available called
new-style gettext which handles escaping better; this commit switches
to using that.

Fixes #906.
2016-06-06 09:34:51 -07:00
Tomasz Kolek 8411b2e574 Add Crashlytics integration. 2016-06-04 15:18:42 -07:00
Tomasz Kolek 093e5a96d4 Add Transifex integration.
Fixes: #810.
2016-06-04 14:52:57 -07:00
Vishnu Ks 4fd569f910 Change add_default_stream method from PATCH to PUT.
This is more consistent with our other routes.
2016-06-03 09:52:51 -07:00
Tim Abbott 44929523d6 Harden extraction of AUTH_LDAP_BIND_PASSWORD. 2016-05-31 15:06:43 -07:00
Tim Abbott dac8f7d923 Fix buggy extraction of EMAIL_GATEWAY_PASSWORD.
EMAIL_GATEWAY_PASSWORD has a value of None in the defaults list, so it
will never fail to be in vars().
2016-05-31 15:06:17 -07:00
Umair Khan daf3d51d4b Send 'template_rendered' signal from Jinja2.
Send the signal only under DEBUG=True just like Django.
2016-05-31 14:31:13 +05:00
Tomasz Kolek ff4e92dc3d settings: change tab indentation to space. 2016-05-30 20:16:00 -07:00
Eklavya Sharma ea52fc05ed Make zproject/urls.py pass mypy check. 2016-05-25 15:04:39 -07:00
Umair Khan 82b5d9304b [third] Integrate i18next with Handlebars 2016-05-19 22:58:25 -07:00
Umair Khan f9bbc5d6ff Enable i18n support in URL configuration.
This supports i18n using all of the following:
- I18N urls
- Session
- Cookie
- HTTP header
2016-05-19 08:33:30 -07:00
Vishnu Ks 425363ced4 Fix non determinism bug in casper tests.
This manifested as "ReferenceError: Can't find variable: message_list"
on random tests in the Casper test suite.
2016-05-19 08:27:46 -07:00
Eklavya Sharma 016a2faa23 Make zproject/local_settings.py pass mypy check. 2016-05-18 17:10:18 +05:30
Eklavya Sharma 54759be785 Make zproject/local_settings_template.py pass mypy check. 2016-05-18 17:10:18 +05:30
Umair Khan dfc58b0ed0 Upgrade digest email templates to Jinja2.
Fixes: #780
2016-05-13 01:01:28 +05:00
Tomasz Kolek eeeb4d0c92 Add CircleCI integration.
Fixes: #617.
2016-05-11 21:17:37 -07:00
Tim Abbott 92bec8cfea Merge Zulip 1.3.12 security release. 2016-05-10 11:32:26 -07:00
Tim Abbott be216506a9 Improve api_fetch_api_key error messages.
Previously, api_fetch_api_key would not give clear error messages if
password auth was disabled or the user's realm had been deactivated;
additionally, the account disabled error stopped triggering when we
moved the active account check into the auth decorators.
2016-05-10 09:50:57 -07:00
Tim Abbott 52ddd500f0 Add tests for authentication backends. 2016-05-10 09:50:57 -07:00
Tim Abbott b28b3cd65c CVE-2016-4427: Fix access by deactivated realms/users.
The security model for deactivated users (and users in deactivated
realms) being unable to access the service is intended to work via two
mechanisms:

* All active user sessions are deleted, and all login code paths
  (where a user could get a new session) check whether the user (or
  realm) is inactive before authorizing the request, preventing the
  user from accessing the website and AJAX endpoints.
* All API code paths (which don't require a session) check whether the
  user (and realm) are active.

However, this security model was not implemented correctly.  In
particular, the check for whether a user has an active account in the
login process was done inside the login form's validators, which meant
that authentication mechanisms that did not use the login form
(e.g. Google and REMOTE_USER auth) could succeed in granting a session
even with an inactive account.  The Zulip homepage would still fail to
load because the code for / includes an API call to Tornado authorized
by the user's token that would fail, but this mechanism could allow an
inactive user to access realm data or users to access data in a
deactivated realm.

This fixes the issue by adding explicit checks for inactive users and
inactive realms in all authentication backends (even those that were
already protected by the login form validator).

Mirror dummy users are already inactive, so we can remove the explicit
code around mirror dummy users.

The following commits add a complete set of tests for Zulip's inactive
user and realm security model.
2016-05-10 09:50:48 -07:00
Tim Abbott b869be9301 style: Use 'not in' consistently rather than `not foo in`. 2016-05-09 17:00:10 -07:00
Tim Abbott 9cf18f8535 settings: Fix whitespace errors. 2016-05-09 16:53:12 -07:00
Umair Khan 5359e6b0d4 Convert Zulip to use Jinja2 templates.
This results in a substantial performance improvement for all of
Zulip's backend templates.

Changes in templates:
- Change `block.super` to `super()`.
- Remove `load` tag because Jinja2 doesn't support it.
- Use `minified_js()|safe` instead of `{% minified_js %}`.
- Use `compressed_css()|safe` instead of `{% compressed_css %}`.
- `forloop.first` -> `loop.first`.
- Use `{{ csrf_input }}` instead of `{% csrf_token %}`.
- Use `{# ... #}` instead of `{% comment %}`.
- Use `url()` instead of `{% url %}`.
- Use `_()` instead of `{% trans %}` because in Jinja `trans` is a block tag.
- Use `{% trans %}` instead of `{% blocktrans %}`.
- Use `{% raw %}` instead of `{% verbatim %}`.

Changes in tools:
- Check for `trans` block in `check-templates` instead of `blocktrans`

Changes in backend:
- Create custom `render_to_response` function which takes `request` objects
  instead of `RequestContext` object. There are two reasons to do this:
    1. `RequestContext` is not compatible with Jinja2
    2. `RequestContext` in `render_to_response` is deprecated.
- Add Jinja2 related support files in zproject/jinja2 directory. It
  includes a custom backend and a template renderer, compressors for js
  and css and Jinja2 environment handler.
- Enable `slugify` and `pluralize` filters in Jinja2 environment.

Fixes #620.
2016-05-09 09:55:18 -07:00
Tim Abbott c0d38f42f1 supervisor: Use 127.0.0.1 rather than localhost for tornado.
In theory these should be the same, but in misconfigured environments
(such at Travis CI) where /etc/hosts has multiple entries for
"localhost", 127.0.0.1 is safer than "localhost".
2016-05-08 17:35:50 -07:00
Tim Abbott 73b3f7a26e settings: Fix new-style template LOADERS syntax. 2016-05-07 19:35:16 -07:00
Umair Khan 4620cd8483 settings: Migrate template settings to using TEMPLATES.
This is cleaner and also is necessary preparation for supporting
Jinja2.
2016-05-07 17:29:51 -07:00
Umair Khan a3acd5e8e9 settings: Add LocaleMiddleware to MIDDLEWARE_CLASSES.
This is needed for internationalization.
2016-05-07 17:00:10 -07:00
rahuldeve 899bfb97ee Add tests for managing uploads in S3. 2016-05-02 22:14:47 -07:00
Tim Abbott 52c1e8ac7d Run a local camo server in voyager production environments.
Camo is a caching image proxy, used in Zulip to avoid mixed-content
warnings by proxying HTTP image content over HTTPS.  We've been using
it in zulip.com production for years; this change makes it available
in standalone Zulip deployments.
2016-05-02 17:21:31 -07:00
Ashish Kumar 48be2e33f8 Delete old route for /json/get_public_streams. 2016-04-29 12:57:57 -07:00
Tim Abbott a0430c02ce Allow users who haven't set a password to set one.
Previously, if a user had only authenticated via Google auth, they
would be unable to reset their password in order to set one (which is
needed to setup the mobile apps, for example).
2016-04-28 14:27:43 -07:00
Antek Grzanka 646ea3214a Add Taiga integration. 2016-04-28 13:44:53 -07:00
Tim Abbott c83999fe52 Fix EXTRA_INSTALLED_APPS in development.
In theory, tools like populate_db should probably be in zerver, not
zilencer, but until we migrate them out, we need to include these in
EXTRA_INSTALLED_APPS in development.
2016-04-26 21:55:31 -07:00
Tim Abbott 8905216df5 Automate inclusion of urls.py files for EXTRA_INSTALLED_APPS.
By removing this hardcoding of the list of valid extra apps, we make
it a lot easier to add additional pluggable apps to the Zulip
codebase.
2016-04-26 21:39:39 -07:00
Tim Abbott bf50dd7771 Simplify zilencer urls.py configuration to a single file.
The previous separated-out configuration wasn't helping us, and this
makes it easier to make the extra installed applications pluggable in
the following commits.
2016-04-26 21:35:07 -07:00
Tim Abbott 2b30b670e0 Factor out EXTRA_INSTALLED_APPS setting. 2016-04-26 21:28:51 -07:00
Vladislav Manchev f5e6176aea Add custom realm emoji UI to administration page. 2016-04-26 13:15:54 -07:00
Tim Abbott e4aab64464 Sort webhook integration URL definitions.
This will merge conflict with every new integraiton in flight, which
is unfortunate, but will make there be fewer merge conflicts as people
add new webhooks in the future (currently, every pair of new
integrations conflict because folks are adding them all at the end,
whereas after this change, there will only be merge conflicts when
adding two integrations near each other alphabetically).
2016-04-26 11:49:33 -07:00
Tomasz Kolek 5fbda3a9c1 Add codeship integration. 2016-04-26 09:54:01 -07:00
David Payne 8c62a27769 Add teamcity webhook integration.
This integration relies on the Teamcity "tcWebHooks" plugin which is
available at
https://netwolfuk.wordpress.com/category/teamcity/tcplugins/tcwebhooks/

It posts build fail and success notifications to a stream specified in
the webhook URL.

It uses the name of the build configuration as the topic.

For personal builds, it tries to map the Teamcity username to a Zulip
username, and sends a private message to that person.
2016-04-26 09:45:26 -07:00
Tim Abbott 49799440a4 Replace use of django-guardian with fields on UserProfile.
As documented in https://github.com/zulip/zulip/issues/441, Guardian
has quite poor performance, and in fact almost 50% of the time spent
running the Zulip backend test suite on my laptop was inside Guardian.

As part of this migration, we also clean up the old API_SUPER_USERS
variable used to mark EMAIL_GATEWAY_BOT as an API super user; now that
permission is managed entirely via the database.

When rebasing past this commit, developers will need to do a
`manage.py migrate` in order to apply the migration changes before the
server will run again.

We can't yet remove Guardian from INSTALLED_APPS, requirements.txt,
etc. in this release, because otherwise the reverse migration won't
work.

Fixes #441.
2016-04-20 21:51:52 -07:00
Eklavya Sharma c75c5fb3e1 Use a different uploads directory when running tests. 2016-04-19 16:48:30 -07:00
Tim Abbott 74abd47684 Fix EMAIL_GATEWAY_BOT not being set by default in production.
Previously the DEFAULTS value of None for EMAIL_GATEWAY_BOT was
overriding the initialization code.
2016-04-13 13:19:02 -07:00
Vishnu Ks 35f70e9dac Move 5 legacy global variables to pointer.js.
Move recenter_pointer_on_display, suppress_scroll_pointer_update,
fast_forward_pointer, furthest_read, and server_furthest_read to
a new pointer module in pointer.js.
2016-04-12 10:56:54 -07:00
Ashish 1bf644369f Delete old route for json/update_active_status. 2016-04-11 21:38:23 -07:00
Ashish 78b9f45bf7 Delete old route for json/update_pointer. 2016-04-11 21:38:23 -07:00
Ashish 9429358795 Delete old route for /json/get_profile. 2016-04-11 21:38:23 -07:00
Ashish 86fb7103fa Delete old route for json/change_enter_sends. 2016-04-11 21:38:23 -07:00
Ashish 42fe918138 Delete old route for json/get_old_messages. 2016-04-11 21:38:23 -07:00
Ashish cfefc94200 Delete old route for json/set_alert_words. 2016-04-11 21:38:23 -07:00
Ashish c0a218edfc Delete old route for /json/update_message_flags. 2016-04-11 21:38:23 -07:00
Ashish 8fc8717409 Replace json/set_alert_words with REST style route. 2016-04-11 21:38:22 -07:00
Ashish dac4e58b91 Changes REST API backend route for /json/change_enter_sends. 2016-04-11 21:11:51 -07:00
Anindya Chakravarti f3d03d89b4 Add integration for Yo App.
[includes some small tweaks by tabbott]
2016-04-08 11:02:10 -07:00
Tomasz Kolek 44ed9da7f0 Add pingdom integration. 2016-04-08 10:36:29 -07:00
Ashish 909b0635c8 Add management command to test sending email.
Fixes: #622.

[With cleanups/doc tweaks by tabbott]
2016-04-03 16:50:16 -07:00
Tim Abbott e9637a545f Rename zerver.handlers to zerver.logging_handlers for clarity. 2016-03-30 21:48:38 -07:00
goelakash 25a75bcefe Change LOCAL_UPLOAD_DIR to 'uploads' in development.
Fixes #488.
2016-03-29 11:12:29 -07:00
Luke Faraone 5c28b0340a Don't show Zulip.com terms on other sites
While we already don't link to /terms anywhere on the site, they can still be
accessed if you navigate to /terms directly. Now, those routes will only be
exported on the Zulip.com service.

We should ideally provide a mechanism for deployments to specify their own
terms without modifying source code; in the interim, sites that have already
customised the provided Zulip.com terms can simply carry a patch reverting this
commit.
2016-03-21 05:46:28 +00:00
Eklavya Sharma 9e3c3e14f5 Partially apply Python 3 libmodernize.fixes.fix_dict_six.
Refer to #256
2016-03-19 15:52:58 -07:00
Tomasz Kolek 3e3a224607 Moved pagerduty webhook into its own file pagerduty.py 2016-03-14 20:44:50 -07:00
Tomasz Kolek 05dce01cee Moved travis webhook into its own file travis.py 2016-03-14 20:44:45 -07:00
Tomasz Kolek f640470fa4 Moved zendesk webhook into its own file zendesk.py 2016-03-14 20:44:42 -07:00
Tomasz Kolek b3e5a256f5 Moved freshdesk webhook into its own file freshdesk.py 2016-03-14 20:44:41 -07:00
Tomasz Kolek 021c66fd9a Moved stash webhook into its own file stash.py 2016-03-14 20:44:41 -07:00
Tomasz Kolek 7a4c9d243f Moved deskdotcom webhook into its own file deskdotcom.py 2016-03-14 20:44:41 -07:00
Tomasz Kolek 087bd72814 Moved bitbucket webhook into its own file bitbucket.py 2016-03-14 20:44:41 -07:00
Tomasz Kolek 93b52f6f8e Moved newrelic webhook into its own file newrelic.py 2016-03-14 20:44:41 -07:00
Tomasz Kolek a2b31da045 Moved pivotal webhook into its own file pivotal.py 2016-03-14 20:44:41 -07:00
Tomasz Kolek 5ade895936 Moved jira webhook into its own file jira.py 2016-03-14 20:44:41 -07:00
Tomasz Kolek a0512244b3 Moved beanstalk webhook into its own file beanstalk.py 2016-03-14 20:44:41 -07:00
Tomasz Kolek 6a3ab0605d Moved github webhook into its own file github.py 2016-03-14 20:44:41 -07:00
Tim Abbott 999e4688d4 Fix missing return None in ZulipRemoteUserBackend.authenticate. 2016-02-03 19:29:07 -08:00
Alexander Trost 84f7a1f1ea Make rabbitmq, redis, and memcached configurable via user settings.py.
Previously these were hardcoded in zproject/settings.py to be accessed
on localhost.

[Modified by Tim Abbott to adjust comments and fix configure-rabbitmq]
2016-01-21 22:07:56 -08:00
Javier Ros a6a47aacde Add easy support for using a remote postgres database. 2016-01-11 08:56:03 -08:00
Tim Abbott 85a8a742e2 Remove unused json_events_register route.
The browser registers for events via loading the home view, not this
interface, and this functionality is available via the API-format
register route anyway.
2016-01-09 20:01:38 -08:00
Tim Abbott 99975400df Move LDAP password configuration to zulip-secrets.conf. 2015-12-25 16:47:48 -08:00
Tim Abbott af8d75332c Move email_gateway_password to zulip-secrets.conf. 2015-12-25 16:47:48 -08:00
Tim Abbott 8b1d7d7018 Fix missing step in postfix_localmail installation documentation. 2015-12-25 16:47:48 -08:00
Tim Abbott f4e87936da Silence 'Starting new HTTP connection' logs from requests library. 2015-12-25 16:23:57 -08:00
Tim Abbott 9d108989f3 Silence SimpleQueueClient info output by default. 2015-12-25 16:23:57 -08:00
Reid Barton 4c3334908a Document that 'localhost' is necessary in ALLOWED_HOSTS.
It's needed for the tornado server. Otherwise, you get errors like

2015-12-20 09:33:55,124 ERROR    Internal Server Error: /api/v1/events
Traceback (most recent call last):
  File "/home/zulip/deployments/2015-12-20-13-44-47/zerver/management/commands/runtornado.py", line 209, in get_response
    response = middleware_method(request)
  File "/usr/lib/python2.7/dist-packages/django/middleware/common.py", line 62, in process_request
    host = request.get_host()
  File "/usr/lib/python2.7/dist-packages/django/http/request.py", line 101, in get_host
    raise DisallowedHost(msg)
DisallowedHost: Invalid HTTP_HOST header: 'localhost:9993'. You may need to add u'localhost' to ALLOWED_HOSTS.
2015-12-25 10:07:12 -08:00
Tim Abbott e95739961f Remove now obsolete /json/send_message route. 2015-12-12 18:14:08 -08:00
Tim Abbott 9cec758854 Remove now obsolete /json/subscriptions/add endpoint. 2015-12-12 18:14:08 -08:00
Josh Mandel 716e2d9184 Add integration for Travis CI. 2015-11-30 20:41:33 -08:00
Chris Chapman 44a9e1dff5 Fix for setting file upload size through settings file.
(Slightly tweaked by Tim Abbott to change the variable name, docs, and
default values).

Fixes #276.
2015-11-24 06:06:46 -08:00
Tim Abbott aa33a0daec Move users views into their own file. 2015-11-24 05:20:37 -08:00
Tim Abbott 4d79083cf5 Move tutorial views into their own file. 2015-11-24 05:20:37 -08:00
Tim Abbott f77b0bdb43 Move alert_words views into their own file. 2015-11-24 05:20:37 -08:00
Tim Abbott e64a3d0fae Move reporting views to their own file. 2015-11-24 05:20:37 -08:00
Tim Abbott 8526d02370 Move settings views into their own file. 2015-11-24 05:20:37 -08:00
Tim Abbott 37d4a11610 Move streams views into their own file. 2015-11-24 05:20:37 -08:00
Tim Abbott abdb148f42 Clarify instructions for setting up the S3 integration.
These instructions still aren't great due to #291, but at least this
is clear about how to get this working.
2015-11-15 13:50:12 -08:00
Allie Jones 85809e6140 Add webpack build process. 2015-11-06 09:13:25 -08:00
Shumbashi 123791bfdd Fix 'manage.py makemessages' errors.
Running 'manage.py makemessages' produced two errors previously.

Closes #265.
2015-11-04 07:39:48 -08:00
Tim Abbott 2ea0663a4a Apply Python 3 futurize transform libmodernize.fixes.fix_imports_six. 2015-11-01 09:26:16 -08:00
Tim Abbott 9c66229456 Apply Python 3 futurize transform libfuturize.fixes.fix_absolute_import. 2015-11-01 09:26:16 -08:00
Tim Abbott 43abd83d1c Apply Python 3 futurize transform lib2to3.fixes.fix_ws_comma. 2015-11-01 09:26:14 -08:00
Tim Abbott c1686235cd Fix construction of names in LDAP integration.
Previously these users' names were being set to 1-element lists
containing the name, not the names themselves.  This bug caused
existing users to have their people module state (e.g. @-mentions,
etc.) to break whenever a new user joined.

Fixes #222.
2015-10-26 22:49:10 -07:00
Tim Abbott 54c964a332 Rewrite the email gateway integration instructions. 2015-10-19 10:10:20 -07:00
Tim Abbott a6ddd28c9e Clarify the steps in the outgoing SMTP setup process. 2015-10-19 10:09:45 -07:00
Tim Abbott 5d22f5ee0a Improve LDAP_APPEND_DOMAIN default.
The documentation suggests the default is None; this change makes that
true.  Also make the actual code robust to this being set to "" instead.
2015-10-15 09:16:59 -04:00
Tim Abbott 419d31a007 Expand documentation for the LDAP auth integration.
Fixes #134, #173.
2015-10-15 09:16:58 -04:00
Tim Abbott 784ba7e066 Fix support for LDAP Authentication mechanism.
This addresses a few issues:
* The LDAP authentication integration now creates an account a new
  Zulip account if the user authenticated correctly but didn't have a
  Zulip account.
* The previous code didn't correctly disable the LDAP group
  permissions functionality.  We're not using groups support from the
  Django LDAP extension and not doing so can cause errors trying to
  fetch data from LDAP.

Huge thanks to @toaomatis for the initial implementation of this.

Fixes #72.
2015-10-15 09:16:58 -04:00
Darren Worrall 77fad7a16e Add an api endpoint to fetch GOOGLE_CLIENT_ID
Further to #102, this provides an endpoint suitable for mobile apps to
consume the GOOGLE_CLIENT_ID if configured.
2015-10-06 23:28:08 +00:00
Tim Abbott 3b00029c52 Show the username/password form if ZulipLDAPAuthBackend is enabled. 2015-09-30 09:04:16 -07:00
Tim Abbott 1482a386c2 Fix documentation for how to enable ZulipLDAPAuthBackend. 2015-09-30 09:04:16 -07:00
Tim Abbott 92aebe595b Dramatically extend post-install documentation for production Zulip. 2015-09-30 09:04:14 -07:00
Tim Abbott 5ad84fd997 Improve documentation for the Zulip email integration.
* Document fix for the 'less insecure' email problem.
* Mention that general Django email documentation applies.
2015-09-29 18:58:27 -07:00
Tim Abbott 3efdb7ebf3 Document how to setup the Zulip S3 integration. 2015-09-29 18:11:58 -07:00
Tim Abbott 80fa5006f8 Document the purpose of local_settings.py properly. 2015-09-29 18:05:04 -07:00
Waseem Daher 6bb9b129f7 Update Zulip support email to zulip-devel@googlegroups.com.
Ideally some of these templates should really point to the
local installation's support email address, but this is a
good start.

Exceptions:
* Where to report security incidents
* MIT Zephyr-related pages
* zulip.com terms and conditions
2015-09-29 17:59:47 -07:00
Thomas Butter d93d4c7216 Fix settings documentation of twitter keys.
Twitter keys are stored in zulip-secrets.conf.
2015-09-29 17:45:05 -07:00
Tim Abbott 852ac66f8e Extend the Google oauth documentation in local_server_template.py. 2015-09-28 10:05:58 -07:00
Tim Abbott b6c1f1d162 Fix incorrect name for email_password secret in settings template.
Fixes #49.
2015-09-27 17:06:03 -07:00
Caleb Anderson ed742fa847 small typo fix 2015-09-27 01:10:01 -06:00
Tim Abbott af4aac6836 settings: Document SMTP firewall issues in email configuration. 2015-09-26 21:32:47 -07:00
Tim Abbott 2c6bfe136a Remove confusing EMAIL_HOST_PASSWORD setting in SMTP configuration.
This was one of the various configuration options made confusing by
the secrets-to-configuration migration.

Fixes #27.
2015-09-26 17:48:21 -07:00
Tim Abbott 5dd330e769 Document how to setup Google auth for Zulip voyager. 2015-09-26 13:50:46 -07:00
Tim Abbott 140e598a89 Update configuration examples to use current Google auth backend. 2015-09-26 13:50:28 -07:00
Tim Abbott ae4cb6df35 Make python-postmonkey not a required package.
This is in some ways a regression, but because we don't have
python-postmonkey packaged right now, this is required to make the
Zulip production installation process work on Trusty.

(imported from commit 539d253eb7fedc20bf02cc1f0674e9345beebf48)
2015-09-25 00:22:14 -07:00
Tim Abbott a0006d5faf Remove duplicate REQUIRED_SETTINGS check.
This makes fetching settings from here for the rabbitmq config not
work; and the main place we check for this is in initialize-database
anyway.

(imported from commit fcc6eff3882f880fdc8b127daffc9a3173f3ff20)
2015-09-25 00:22:14 -07:00
Tim Abbott 858d0a984b Move API super users configuration into the database.
(imported from commit 3cc702f93e7252b42930dba4bde93a915b6dbf44)
2015-09-20 11:13:20 -07:00
Tim Abbott 36a9dc2cf7 Cleanup various minor Zanitization issues.
(imported from commit 5784eb5ac70706f72b05463354434a83a6e1beaa)
2015-09-20 00:25:38 -07:00
David Roe 3ac95ddc1a Add UserProfile flag to control whether we have a left side userlist.
Previously this was hardcoded for a single customer.

(imported from commit a6b7095050aa10cef976541505d9b09a35453f48)
2015-09-19 23:22:59 -07:00
Tim Abbott fcec80461b Remove the SSO-only realm integration.
It's messy code, only one customer ever used it, and it's not in use
today.

(imported from commit af3f512ac6af74af66c588c7d40d699e98514d0a)
2015-09-19 21:54:51 -07:00
Tim Abbott 166192fb57 Add additional missing IP addresses to ALLOWED_HOSTS.
(imported from commit 4f81101a1df35074947228c259e944c4565061c6)
2015-09-19 15:51:27 -07:00
Tim Abbott cf1aff661c Add current production IP addresses to ALLOWED_HOSTS.
(imported from commit c255acb6ad7cd47d8a51509f4c24a05ac06ebd9a)
2015-09-19 15:13:02 -07:00
Reid Barton 73264ab530 Move VOYAGER detection to after initialization of ZULIP_COM
(imported from commit c9aa814ebc30a78abe8babfc3bf2eedb8198d17d)
2015-08-29 12:07:33 -07:00
Tim Abbott 17fd248f23 Move postgres host configuration for zulip.com out of settings.py.
(imported from commit fe95011ae86ff7c5f20c789b459a763326da374d)
2015-08-22 13:49:43 -07:00
Tim Abbott 930c64df8a Move zulip.com-related statsd configuration out of main settings.py.
This also removes the convenient way to run statsd in the Dev VM,
because we don't anticipate anyone doing that.  It's just 2 lines of
config to configure it anyway:

STATSD_HOST = 'localhost'
STATSD_PREFIX = 'user'

(imported from commit 5b09422ee0e956bc7f336dd1e575634380b8bfa2)
2015-08-22 13:49:43 -07:00
Tim Abbott 3e87c82d56 Reorganize settings.py to put the default values in a sane place.
(imported from commit 00f09c6c65cb95d29c466e996b17f80a30635acf)
2015-08-22 13:49:43 -07:00
Yoyo Zhou 50ccbc4230 Refactor database configuration to make ZULIP_COM the special case instead of the default.
(imported from commit bba7a3a78dc4fd0e442503f8707295eabc581652)
2015-08-22 13:48:52 -07:00
Yoyo Zhou 8549606eb3 Require ALLOWED_HOSTS to be set in production.
(imported from commit 581e3d44aa42b5c8e6322b760b8b66a1f0aaf375)
2015-08-22 13:48:52 -07:00
Tim Abbott da84aa3412 Require REQUIRED_SETTINGS in PRODUCTION.
(imported from commit 7f43ba4d54021f806481b2e369c5482b0e0f99fe)
2015-08-22 13:48:47 -07:00
Tim Abbott 6f50a2703e Remove duplicate ZULIP_COM detection from settings.py.
And fix up some required configuration.

(imported from commit 761758638baa297118848c9f5640638d6b2f4f67)
2015-08-21 10:48:13 -07:00
Tim Abbott e78361f985 Move STATSD_CONFIGURATION below setting defaults.
(imported from commit 48d833c672ad96318f738c663c3bea61cd1ec382)
2015-08-21 10:42:15 -07:00
Tim Abbott 83a653efce Change semantics of ZULIP_COM to include ZULIP_COM_STAGING machines.
(imported from commit 2e84c756b4ac41c13d619ab6ceb99e347d1f48cb)
2015-08-21 10:41:14 -07:00
Tim Abbott 16e0f21687 Fix a bunch of Zulip Voyager related comments.
(imported from commit 176e875cbc310ba00d6137930ddb718bd68f1866)
2015-08-21 10:40:54 -07:00
David Roe e3f38acbce Enterprise => Voyager.
(imported from commit 41b9a67301aeaf5fd40bbbb8f34a326ca98431fd)
2015-08-21 10:33:35 -07:00
David Roe 3f7cb34b00 enterprise => voyager
(imported from commit 04be792bb480d5e5db1c91d296d1000cf1682571)
2015-08-21 10:33:35 -07:00
David Roe edf7e732a2 ENTERPRISE => VOYAGER.
(imported from commit 4f8080b9f506a87ca40bef32e39de5218cba916a)
2015-08-21 10:33:35 -07:00
David Roe f9f1fdc4d7 change deploy_type in zulip.com conf file.
(imported from commit 6fad28d15f530a619d7359bce0a182ed61b876ab)
2015-08-21 10:33:35 -07:00
David Roe f79adf830f deployed => production
(imported from commit 2d7b0a7a73b0c84b32634a88af1e0d666139d4ff)
2015-08-21 10:33:35 -07:00
David Roe d702ddb3cf DEPLOYED => PRODUCTION
(imported from commit a7d365c07916c5103fc721c712db94f9af977640)
2015-08-21 10:33:35 -07:00
David Roe 63e576b811 STAGING_DEPLOYED => ZULIP_COM_STAGING
(imported from commit 25419979292218932c53cface59c1e8e2348a7c2)
2015-08-21 10:33:35 -07:00
David Roe 8778c4726a Add settings.DEVELOPMENT as a complement of settings.DEPLOYED.
(imported from commit 0437140d9fee7eec7b28abe583cfe8cde3e07c21)
2015-08-21 10:33:35 -07:00
David Roe 24f6743288 Eliminate TESTING_DEPLOYED.
(imported from commit 477d8b7a15f703df1e10ae5682e02fea5ce040e4)
2015-08-21 10:33:35 -07:00
David Roe 59b94a901c Moving ALLOWED_HOSTS to local_settings.
(imported from commit b89c6983fd87ede42954dd84706f999ed0de740d)
2015-08-21 10:33:35 -07:00
Tim Abbott 80651c99cd Stop using local_settings.py at all in the Dev VM.
(imported from commit d067bcfe9d71628d8f671c5bc7bb38f521f9a965)
2015-08-21 10:33:35 -07:00
Tim Abbott 78277b5ee5 Make ADMIN_DOMAIN and ZULIP_ADMINISTRATOR have sane dev defaults.
(imported from commit 3d2602166541c7eaa72ea7fad87a2dc86f7c8f15)
2015-08-21 09:01:58 -07:00
Tim Abbott 3e61714035 Make DEPLOYMENT_ROLE_KEY no longer required.
(imported from commit 046ce610d847cc987d3f6d584ccc0bc84b55df84)
2015-08-21 09:01:58 -07:00
Tim Abbott 90bfc39d55 Remove dead GoogleBackend from prod configuration.
(imported from commit 5fcf5c4bdb8d3564819005b624076878b59cd23b)
2015-08-21 01:42:22 -07:00
Reid Barton ab9539cffe Remove OpenID authentication
(imported from commit 70a859041a851ed10dc40cfc068330e472d2ed09)
2015-08-20 23:52:48 -07:00
Reid Barton 15fe02b618 Remove authhack
In Django 1.8 the username length limit seems to be 254 by default.

(imported from commit cf0027431f5a4fea9e366a49d345b9d09b90d869)
2015-08-20 23:15:45 -07:00
Reid Barton 0aab583bb1 Django 1.8 compatibility: transactions
- autocommit is now the default
- commit_on_success is now atomic

(imported from commit b6166ca666ff23d34f2871ca365ce3ec66b0fa86)
2015-08-20 23:15:45 -07:00
Reid Barton 599742536b Switch from South to native Django migrations
This commit loses some indexes, unique constraints etc. that were
manually added by the old migrations. I plan to add them to a new
migration in a subsequent commit.

(imported from commit 4bcbf06080a7ad94788ac368385eac34b54623ce)
2015-08-20 23:01:26 -07:00
Yoyo Zhou 15abf9ed31 Move all remaining calls of get_secret from local_settings.py to settings.py.
(imported from commit 099a122121f8e06568cef3579f955cb73b20ee50)
2015-08-20 22:19:26 -07:00
Yoyo Zhou bd5fc484f0 Move GOOGLE_OAUTH2_CLIENT_SECRET to be read in settings.py.
(imported from commit 814dc32cd6099516486be76fa8baffbafda69596)
2015-08-20 22:19:17 -07:00
Yoyo Zhou 4b3874988f Move DROPBOX_APP_KEY to be read from get_secrets
(imported from commit 99acd66c4478a0826b0e0ec7bf26c9a59f7febca)
2015-08-20 21:58:59 -07:00
Yoyo Zhou ef320c6e95 Remove Redis remote authentication feature.
We can add it back later but for now we can just stick with localhost
since that's what most people will want.

(imported from commit c5fe524282219dc62a0670f569c0cb6af04be339)
2015-08-20 21:58:59 -07:00
Yoyo Zhou e41c00107d Move twitter secret keys to use get_secrets in settings.py
(imported from commit cc21265ae64a49be20bec74386314d60ee822746)
2015-08-20 21:58:59 -07:00
Yoyo Zhou 32f6d1055d Get s3_key and s3_secret_key from secrets in settings.py.
(imported from commit 2c2574988486bbb6f0f769250664a5a2a4c9e6c9)
2015-08-20 21:58:51 -07:00
Yoyo Zhou d34d44e1d4 Read ANDROID_GCM_API_KEY from secrets; move to settings.py
(imported from commit 0d0d59116065956b9cbbe895eb09f0433b752cf1)
2015-08-20 21:54:55 -07:00
Yoyo Zhou ec5ed87ca0 Make get_secret return None instead of an exception if the secret isn't defined.
Remove empty key generation from generate_enterprise_secrets, since get_secret ignores missing keys now.

(imported from commit 32d61e3058f0d41bfb4b17775e581a3c84540fe7)
2015-08-20 21:54:38 -07:00
Yoyo Zhou 2cab113035 Rename getsecret -> get_secret and remove duplicate secret-reading code in settings.py
(imported from commit 097d6b4fad1fcf8b6f09dc212056fdb313efe5e4)
2015-08-20 21:52:26 -07:00
Tim Abbott 58e5c654fa Make feedback button option default-off.
(imported from commit 23b89ab72bd04826016631e01da950af0a5df694)
2015-08-20 19:47:00 -07:00
David Roe 13f3b448e5 Kill Embed.ly integration.
(imported from commit dfe42a26e57100108c3c50298041bd520e0d8b1b)
2015-08-20 19:46:48 -07:00
Anders Kaseorg bded0d9d54 Remove corporate beta signup form
(imported from commit 1b3a0cd8a59a124905fa4cbd3121a78d23aeb3a2)
2015-08-20 18:40:34 -07:00
Kate Buckner 4d0f7c7ea4 Add a user-visible setting for 24-hour time display.
(imported from commit d934824fd6b72e64a455aac9ff4585b262145f02)
2015-08-20 17:33:16 -07:00
Tim Abbott e79447131f Make build-enterprise-tarball run again.
(imported from commit e3dd8d75811458d0cee8a2d05a4b47abd6eda7fd)
2015-08-20 17:33:16 -07:00
acrefoot 0a6bb975c3 Replace settings.OG_ZULIPER_EMAILS with database lookups
Also renames the OG_ZULIPER_EMAILS to CROSS_REALM_BOT_EMAILS

(imported from commit a9e0ccebbd6b37376e535600670ad493dc8de7e1)
2015-08-20 17:20:41 -07:00
Anders Kaseorg 7cd1d9665d test_settings: set CAMO_KEY = 'dummy' to make tests pass
(imported from commit d8705d8bbcad365b6b94a456d1942a8afc1a32d4)
2015-08-20 11:07:52 -07:00
Cat Miller 0a20f168a7 Auto-generate dev-secrets file.
Source LOCAL_DATABASE_PASSWORD and INITIAL_PASSWORD_SALT from the secrets file.
Fix the creation of pgpass file.

Tim's note: This will definitely break the original purpose of the
tool but it should be pretty easy to add that back as an option.

(imported from commit 8ab31ea2b7cbc80a4ad2e843a2529313fad8f5cf)
2015-08-20 00:20:44 -07:00
Tim Abbott 86278804c9 Use the EmailAuthBackend for the test suite.
(imported from commit 2f7bf9864991358e9dabacbd2b0f652a9f69230c)
2015-08-19 23:34:30 -07:00
Jonathan Dahan 6f77e68622 Add GET /export endpoint, which dumps important tables in json.
Meant to be used in tandem with the manage.py import command.
The following sensitive data is scrubbed:

  * user api keys
  * user password hashes
  * stream email keys
  * invite-only streams
  * messages from invite-only streams
  * messages from users from other domains

(imported from commit 8e58dcdcb80ef1c7127d3ab15accf40c6187633f)
2015-08-19 15:31:08 -07:00
Tim Abbott 7cffb41e13 Reorganize and document settings.py.
(imported from commit e2694979d5aee95c22b83b7aa84d80b56ffae1d6)
2015-08-18 20:57:35 -07:00
Tim Abbott 5b8894cd25 Rename USING_SSO to something more clear.
(imported from commit 94e8ae84b01419783872a5d09bafe5c2eb933c18)
2015-08-18 20:48:15 -07:00
Tim Abbott 05b0cbb36a Zulip doesn't use MEDIA_URL.
(imported from commit ebc370d9c5cf2d7e7d366cbb25fe721c817f212e)
2015-08-18 20:48:15 -07:00
Tim Abbott dcc3b3fe37 Don't create Zulip employee accounts automatically in Dev VM.
(imported from commit 378f12d3f2ac4c131919c0efbd049b9eaa961694)
2015-08-18 20:46:35 -07:00
Tim Abbott 2de3e2ebdd Move several secrets to using the get_secret function in settings.py.
(imported from commit 08fb828265c4a9e35294a51c0901bd5ad3990344)
2015-08-18 20:17:48 -07:00
Tim Abbott 8c88746912 Move iOS App IDs to settings.py since it's needed to run the app.
(imported from commit 891e32ffa82430487fc333fa549ee465f0d018c0)
2015-08-18 20:17:48 -07:00
Tim Abbott 43c7ff64d1 Remove unused FULL_NAVBAR configuration setting.
(imported from commit 47c3be669f7ba44426301a46e3f54054f3e2440b)
2015-08-18 20:17:48 -07:00
Tim Abbott 0dae10eab4 Remove unused secret HASH_SALT.
(imported from commit 831c4cb7680b7bf8dadbd930195175e9a4186356)
2015-08-18 20:17:48 -07:00
David Roe 2ffd022a5f Include defaults for AUTHENTICATION_BACKENDS
(imported from commit cdfffacc45f30e6959085ba8bc5aed72ae3527cf)
2015-08-18 20:17:47 -07:00
David Roe 78f32dcbd8 Fix bug in dev login which showed email/password prompts on logins after the first.
(imported from commit 626684ef1da8feb53aca05c9225ee628156f9810)
2015-08-18 20:17:47 -07:00
David Roe 46e224997e Add a new dev login page for logging in without a password on the dev VM.
(imported from commit ac8f2504771c9907b7e92dc91cec5f7220ce951b)
2015-08-18 20:17:47 -07:00
Tim Abbott 29ed28af00 Fix ZulipRemoteUserBackend for activating mirror dummies.
If you're using e.g. our Jabber<=>Zulip mirroring capability along
with the RemoteUser SSO integration, previously it would fail if a
user with a corresponding dummy user tried to login/signup (since they
didn't have an account but one wouldn't be created because
ZulipRemoteUserBackend was reporting that an account already existed).

(imported from commit 006eaa9afa8feedddd860c2bef41e604285228a7)
2015-08-18 11:28:36 -07:00
Luke Faraone f5089e535d Add dummy secrets for use in development.
We also reference these secrets from zproject/local_settings.py, keying
off IS_DEPLOYED.

(imported from commit eb83310e219616ed1c6c253f0d6893134bbe3517)
2015-08-16 21:35:34 -07:00
Luke Faraone 48f1a84d6e Additional defaults for dev.
(imported from commit 1b4bd71ff4ed27a83a24e58e797d900a7869c72d)
2015-08-16 16:46:08 -07:00
Luke Faraone 8ea139c772 Fix bugdown fixture for dummy camo key
(imported from commit 698b261918457117a01ce51f69d49f54f35b3297)
2015-08-16 16:45:15 -07:00
Zev Benjamin 466a678c2c Remove "More messages below" indicator
It's been very buggy for a while, has limited usefulness compared with
unread counts, and profiling over the weekend indicates that it's very
slow.

(imported from commit 716fe47f2bbec1bd8a6e4d265ded5c64efe2ad5c)
2015-03-30 15:44:36 -07:00
Leo Franchi d865732e0d Maintain two APNS connections and send correct notifications to each
Now we have 2 different Zulip apps out there, and they are signed with
two certs: Zulip and Dropbox. The Dropbox-signed apps are going to need
to be sent APNS notifications from the appropriate APNS connection

(imported from commit 6db50c5811847db4f08e5c997c7bbb4b46cfc462)
2015-02-11 06:57:25 +00:00
Luke Faraone 910429f365 Move secrets to their own file
(imported from commit 4e46f217e8a1df9b7cc03db9dc9fc41a6c273365)
2015-02-10 17:31:26 -08:00
Jason Michalski 15713964a5 Add the notification-bot to the cross realm PM whitelist
(imported from commit 92a19f955a99650c79b83c6afb23726caf02e577)
2015-02-08 21:03:45 -08:00
Jason Michalski a0a537e0ce Add the feedback bot to OG_ZULIPER_EMAILS
The feedback bot needs to be included in the OG_ZULIPER_EMAILS so users
can send feedback.

(imported from commit b0c3295379d0f062a912f8b6c957419335be1c48)
2015-02-08 10:08:32 -08:00
Jason Michalski f4239d60ca Add pagerduty webhook
(imported from commit 06219066b423f53d08094f3f97a98016e145b2a7)
2015-02-07 18:16:11 -08:00
Jason Michalski 1eebcb472d Only allow users in the OG zuliper list to send cross realm PMs
Changes from allowing all of the zulip realms to a whitelist of users.

(imported from commit 5ad2db9a62b430ef2c9d867e4afdf661b11ae96a)
2015-01-30 23:39:47 -08:00
Zev Benjamin 2c760ae735 Remove mixpanel
(imported from commit 9b6cc58ee9be483db8bf2d2eaaaecabc14f821e4)
2015-02-06 13:59:30 -08:00
Zev Benjamin 9738f2fa17 Send feedback to prod
(imported from commit 52c76dfb6f8b8e49d1a9e799852a1683e85673c6)
2015-02-05 22:46:30 -08:00
Jason Michalski 7e9c121ad3 Use the full_name if available
We were trying to default the users first name when using google auth,
but it was getting lost when rendering the form.

(imported from commit 710e0c2ce591488920458dca74209c75e7031abd)
2015-02-05 21:54:28 -05:00
Jason Michalski 439b86fe3b Migrate the google SSO from openid to oauth2
(imported from commit 6938c1cc5d245cc5642043279470365ff04df903)
2015-02-05 21:54:28 -05:00
Jason Michalski 3f68c56554 Disable password auth for dropbox
This change disabled password auth, but the UI still shows the login
form. I will remove that once we have the new hostname.

(imported from commit 6ca119571854ac54645680b40255e346be1c1613)
2015-02-05 21:47:59 -05:00
Luke Faraone e241e6e833 [manual] Support chat.dropboxer.net hostname.
This needs to be deployed on both prod and lb0 to be functional

DEPLOY INSTRUCTIONS: restart carefully

(imported from commit d97a450754608357418c80e5b3c7b3bbcd1d09fb)
2015-02-05 17:55:29 -08:00
Tim Abbott 7e786d5426 Import default session middleware as start for custom session middleware.
(imported from commit 76aae367ab6ea5c2a7b0d98368482a3cb312b217)
2015-01-15 21:09:52 -08:00
Zev Benjamin f63ee86730 Fix login popup on cross-realm authenticated content previews
We were serving 401s on /user_uploads when the user wasn't authenticated (due to
it being a REST endpoint).  This was causing a login popup to display instead of
just a broken image preview.

(imported from commit 62640f5bd59eb3b86ab5aae5923ccfa742459805)
2014-10-29 17:53:05 -07:00
Jason Michalski 50c43b45ee Allow mirror dummy users to register with google auth
Mirror dummy users should not be found during login to allow
registration.

(imported from commit d8cc4c97438193d7bb13d065705e2202ba96591c)
2014-10-06 15:27:56 -07:00
Jason Michalski 2a5826242d Add the hipchat bot to the list of API_SUPER_USERS
This is a public mirroring bot that needs to be able to send forged
messages to a stream.

(imported from commit 3fa691b1f1d06bf68a8cbc2c31ed5e3e5efef177)
2014-10-06 15:27:55 -07:00
Leo Franchi e4dbe57c10 Fix Google OAuth login by checking True as well as true in oauth response
(imported from commit c80620eca4dbd9b5b0122e8e564bc7257a2bd4f5)
2014-05-14 10:00:03 -07:00
Luke Faraone 8f8b2519ea Redirect legacy URLs to their new secure location.
URLs with a realm of "unk" will be queried against the new bucket to
determine the relevant realm of the uploading user.

(imported from commit 5d39801951face3cc33c46a61246ba434862a808)
2014-05-05 20:26:29 -07:00
Zev Benjamin 2f7af69091 Add customizations for CUSTOMER16 employees' realm
CUSTOMER16 wants their employee realm to:
* only use JWT logins
* have name changes be disabled (they want users' full names to be the
  their CUSTOMER16 user name).
* not show the suggestion that users download the desktop app

(imported from commit cb5f72c993ddc26132ce50165bb68c3000276de0)
2014-04-04 16:51:32 -07:00
Zev Benjamin bd3f1c6a9e Add JSON web token (JWT) authentication
We currently expect the use of HMAC SHA-256, although there shouldn't be
anything preventing us from using other algorithms.

(imported from commit 354510a0b7e9e273d062a1ab5b2b03d4a749d6a3)
2014-04-04 16:51:32 -07:00
Zev Benjamin 2e1d5ffd1c Make password_auth_enabled() take a realm object
This will actually be used in an upcoming commit.

(imported from commit 5d3db685a245899b2523440398f2ed2f0cfec4f4)
2014-04-04 16:51:32 -07:00
Steve Howell e5467d3268 Move ui.js click handlers to click_handlers.js
(imported from commit adfeb1f152cca473bc4c6ba5ccd142b38947b335)
2014-03-14 20:48:59 -04:00
Steve Howell 16faed0a83 Create copy_and_paste.js (with code from ui.js).
(imported from commit 37a06af5489e7da5196e5710f384d1f5a7ee7578)
2014-03-14 20:48:59 -04:00
Steve Howell c5993c2d2d Create gear_menu.js (with code from ui.js).
(imported from commit fc4d058d49d5d4aaaa20ef6237ea3e927eac03e3)
2014-03-14 20:48:58 -04:00
Steve Howell 405c3d7626 Created floating_recipient_bar.js (with code from ui.js).
(imported from commit 2b6631938b0fc8e39c14aacd92f9f1670b68b199)
2014-03-14 20:48:58 -04:00
Steve Howell f8b71fa497 Created condense.js (with code taken from ui.js).
(imported from commit 72b27b48614a7c396170d46936646e52757e2743)
2014-03-14 20:48:58 -04:00
Steve Howell 84b59d4335 Created scroll_bar.js (with code taken from ui.js).
(imported from commit 0c4e8538031ceb1a0f50eea9a34e315e23e7d9ff)
2014-03-14 20:48:56 -04:00
Steve Howell be2a1c2893 Move resizing code to resize.js.
(imported from commit b6df0007307872751e1a4200af740076e08b5c11)
2014-03-14 20:48:55 -04:00
Steve Howell 7fce920522 Move favicon-related functions to favicon.js
util.reset_favicon -> favicon.reset
util.set_favicon -> favicon.set

(imported from commit 250848ec5dc7ac58649197c8cc4b7b4e7b19f25c)
2014-03-14 20:48:55 -04:00
Steve Howell 91e83731f0 Promote setup.js in the list of JS files.
I don't think this matters a ton, but there's no reason for
the two muting files to come before setup.js.

(imported from commit c18231b633fba6acccaf5bc180c7605f7591462e)
2014-03-14 20:48:53 -04:00
Steve Howell 50bc5401a4 Moved loading_indicator functions to loading.js.
util.make_loading_indicator -> loading.make_indicator
util.destroy_loading_indicator -> loading.destroy_indicator

(imported from commit 8a171622a6096476dd040912d3f1460d53159f20)
2014-03-14 20:48:52 -04:00
Waseem Daher 095c82ecc4 Actually switch to Bootstrap3-esque buttons.
(imported from commit ddcecb8c5a63324a666ffe170e2d5a76171776c9)
2014-03-05 16:24:54 -05:00
Jason Michalski 3f6e53db6e Add bot_data module that updated with events
(imported from commit b0bd714258132fc81db763d316a15f5a81b1f4ff)
2014-03-05 14:16:20 -05:00
Zev Benjamin f999440cc6 Add bot1@customer36.invalid to the list of API super users
(imported from commit 07767022db0f894d398d0031053f93439258ea0d)
2014-03-04 23:02:27 -05:00
Allen Rabinovich 1eae686443 Add slim scrollbar to stream list
(imported from commit 58b64081db68fe9b1d2addcaece10167332d1a1b)
2014-02-27 20:25:41 -05:00
Leo Franchi 748e5b6da6 Remove disabled summarization code
This experiment has been disabled for everyone for a while: if we
bring something like this back, it is not likely to be exactly the same,
and will be different enough to require a different implementation.

As it is, the summarization code was making a few code paths (rendering
especially) more complex, and is worth removing for simplicity's sake.

(imported from commit 6ac8cdc9f7077a5a1da01ab4268aba3db0bc43f8)
2014-02-27 20:25:23 -05:00
Jason Michalski 0244b50f0b Split bot deactivation from user deactivation
(imported from commit 153a870b244e040e3b5976f639866dbace5563f6)
2014-02-18 15:09:22 -05:00
Jason Michalski d177f49a96 Change the create bot API to use rest_dispatch
(imported from commit 0fac290be2ed04178c4df866f5bc958441b2d320)
2014-02-18 15:09:20 -05:00
Jason Michalski 9d973ff106 Change get_bots API to use rest_dispatch
(imported from commit 921895dd636ba118a0f57e60a7bcb9dca1c7c605)
2014-02-18 15:09:19 -05:00
Leo Franchi acec697fe7 Report unnarrow times as well as narrow times
(imported from commit b3a889aa11dc112508c5a1d213f68e5223a879fc)
2014-02-13 14:45:22 -05:00
Zev Benjamin 631783f3cd [manual] Use dedicated Redis server for staging
Before we deploy this commit, we must migrate the data from the staging redis
server to the new, dedicated redis server.  The steps for doing so are the
following:

* Remove the zulip::redis puppet class from staging's zulip.conf
* ssh once from staging to redis-staging.zulip.net so that the host key is known
* Create a tunnel from redis0.zulip.net to staging.zulip.net
  * zulip@redis0:~$ ssh -N -L 127.0.0.1:6380:127.0.0.1:6379 -o ServerAliveInterval=30 -o ServerAliveCountMax=3 staging.zulip.net
* Set the redis instance on redis0.zulip.net to replicate the one on staging.zulip.net
  * redis 127.0.0.1:6379> slaveof 127.0.0.1 6380
* Stop the app on staging
* Stop redis-server on staging
* Promote the redis server on redis0.zulip.net to a master
  * redis 127.0.0.1:6379> slaveof no one
* Do a puppet apply at this commit on staging (this will bring up the tunnel to redis0)
* Deploy this commit to staging (start the app on staging)
* Kill the tunnel from redis0.zulip.net to staging.zulip.net
* Uninstall redis-server on staging

The steps for migrating prod will be the same modulo s/staging/prod0/.

(imported from commit 546d258883ac299d65e896710edd0974b6bd60f8)
2014-02-10 13:23:28 -05:00