Commit Graph

50050 Commits

Author SHA1 Message Date
Alex Vandiver ab9cab51de reset: Tag "forgot password" text for translation. 2023-02-21 09:16:22 -08:00
Abhijeet Prasad Bodas 6e001d0672 user topic: Remove unnecessary check for double addition of muted topic.
This makes use of the new case insensitive UNIQUE index added in the
earlier commit. With that index present, we can now rely solely on the
database to correctly identify duplicates and throw integrity errors as
required.
2023-02-20 21:04:13 -08:00
Abhijeet Prasad Bodas 80bf6b0777 user topic: Add case insensitive UNIQUE constraint.
This will allow us to rely on the database to detect duplicate
`UserTopic`s (with the same `topic_name` with different cases)
and thus correctly throw IntegrityErrors when expected.
This is also important from a correctness point of view, since as
of now, when checking if topic is muted or requesting the backend for
muting a topic, the frontend does not check for case insensitivity.

There might exist duplicate UserTopics (in a case insensitive sense)
which need are removed before creating the new index.
The migration was tested manually using `./manage.py shell`.
2023-02-20 21:04:13 -08:00
Abhijeet Prasad Bodas 9fde88796a mute user: Remove unnecessary check for double muting.
In 141b0c4, we added code to handle races caused by duplicate muting
requests. That code can also handle the non-race condition, so we don't
require the first check.
2023-02-20 21:04:13 -08:00
Sahil Batra ca70089842 settings: Fix disabled select elements in modal.
The background-color and opacity is same for all
select elements in modals and settings in disabled
state, but due to the background of modal being
bright enough, the select element in modals would
not look disabled.

One possible solution could have been to set
"opacity: 1" but that changes opacity for text too
and makes it darker which is not the case for other
select elements.

So instead made the background slightly darker for
select elements inside the modal using hsla property.
It might not be exact same as the other select elements,
but it is still better than the previous behavior.

For role element in bot edit form, we used to set
opacity to 1 to fix this bug, and this commit removes
it as we have fixed it for all modals in general
2023-02-20 16:28:41 -08:00
Sahil Batra 1c055f402d settings: Add bootstrap-focus-style to select elements.
The class "bootstrap-focus-style" was not added to some
select elements in modals and this commit adds those.
2023-02-20 16:28:41 -08:00
Sahil Batra 27d2ac1e37 settings: Remove some duplicate CSS.
Since we added settings_select class to select elements
in both stream settings and user or realm settings in
previous commits, we can have common CSS defined at only
one place.
2023-02-20 16:28:41 -08:00
Sahil Batra c6ff8f0551 modals: Add modal_select class to select elements.
This commit adds modal_select class to select elements in
modals, such that we can add CSS using this class and not
using "select" as selector so that we can easily add a
select element in future with different CSS if needed.
2023-02-20 16:28:41 -08:00
Sahil Batra 6bd650bc9f stream_settings: Add settings_select class to select elements.
This commit adds settings_select class to select elements in
stream settings, such that we can add CSS using this class and
not using "select" as selector so that we can easily add a select
element in future with different CSS if needed.
2023-02-20 16:28:41 -08:00
Sahil Batra 1afc730da7 settings: Add settings_select class to select elements.
This commit adds settings_select class to select elements in
user and organization settings, such that we can add CSS
using this class and not using "select" as selector so that
we can easily add a select element in future with different
CSS if needed.
2023-02-20 16:28:41 -08:00
Sahil Singh 183f5016a1 settings: Indicate character limit on restoring long draft messages.
Currently, when restoring drafts with long
messages no character limit or the compose
banner is shown.

We fix this by adding a check for text
overflow whenever any draft is restored.
2023-02-20 16:23:08 -08:00
Aman Agrawal 845e873c44 narrow_state: Add function to check if message feed is visible.
We directly check if message feed is visible in the code instead
of indirectly checking so via recent topics. This helps read the
code clearly and would be helpful with the upcoming inbox view.
2023-02-20 13:08:42 -08:00
Aman Agrawal cc96be2bf9 recent_conversation: Delegate profile click handling to `body`.
`#recent_topics_table` may not be present in the DOM when
this click handler is initialized which can cause this
it to not work, delegating it to body ensures it will always work.
2023-02-20 13:04:13 -08:00
Aman Agrawal 4debef64e7 recent_conversation: Move click handlers out to an initialize function.
We are moving in the direction of removing click_handlers library.
2023-02-20 13:04:13 -08:00
Aman Agrawal 6e6fb47e20 muted_topics_ui: Extract mute_or_unmuted_topics. 2023-02-20 13:04:13 -08:00
Lauryn Menard 06dd6f8254 message-send: Deduplicate check of `settings.MAX_MESSAGE_LENGTH`.
Removes the initial check in `_internal_prep_message` of the length
of the message content because the `check_message` in the try block
will call `normalize_body` on the message content string, which
does a more robust check of the message content (empty string, null
bytes, length). If the message content length exceeds the value of
`settings.MAX_MESSAGE_LENGTH`, then it is truncated based on that
value. Updates associated backend test for these changes.

The removed length check would truncate the message content with a
hard coded value instead of using the value for
`settings.MAX_MESSAGE_LENGTH`.

Also, removes an extraneous comment about removing null bytes. If
there are null bytes in the message content, then `normalize_body`
will raise an error.

Note that the previous check had intentionally reduced any message over
the 10000 character limit to 3900 characters, with the code in
question dating to 2012's 100df7e349.

The 3900 character truncating rule was implemented for incoming emails
with the email gateway, and predated other features to help with
overly long messages (better stripping of email footers via Talon,
introduced in f1f48f305e, and
condensing, introduced in c92d664b44).
While we could preserve that logic if desired, it likely is no longer
a necessary or useful variation from our usual truncation rules.
2023-02-20 12:55:15 -08:00
Alex Vandiver 93e78ea72f spectators: Save a redirect to /register/. 2023-02-20 12:21:33 -08:00
Anders Kaseorg 64f0dcecb0 install-node: Upgrade Node.js to 18.14.1 security release.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-02-20 12:16:28 -08:00
Anders Kaseorg 99f1d08786 styles: Hoist @keyframes to top level.
This has always been in the global namespace.  Pretending that it’s
scoped when it isn’t and giving it a short name will lead to
confusion.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-02-20 12:10:18 -08:00
Anders Kaseorg f99cff0735 styles: Fix flatpickr dark theme in automatic mode.
Flatpickr had been unconditionally using the light theme in automatic
color scheme mode; this fixes it to follow the system preference like
the rest of the app.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-02-20 12:09:52 -08:00
Alex Vandiver d3403dde86 rabbitmq: Add a RABBITMQ_PORT setting. 2023-02-20 12:04:25 -08:00
Lauryn Menard 0463b0df7b api-docs: Update content parameter for `max_message_length`.
Updates the descriptions of content parameters (optional and
required) to note that the maximum size of the message content
should be based on the `max_message_length` value returned by
the register endpoint.

Previously these descriptions had a hardcoded value of 10000
bytes as the maximum message size.

Also, updates the description of `max_message_length` to clarify
that the value represents Unicode code points.
2023-02-20 12:03:12 -08:00
Lauryn Menard b25cba16a7 tests: Remove ignored parameter from `authenticated_json_view` test.
The password parameter being passed in the `_do_test` helper
function for `TestAuthenticatedJsonPostViewDecorator` tests was
being ignored, as the user needs to be logged in. Removes the
parameter from the helper function and updates the success test
to use `assert_json_success` instead of just checking the status
code.

Also adds a test case for when a user is not logged in to confirm
that it returns an UnauthorizedError.
2023-02-20 11:56:00 -08:00
Alex Vandiver 8998aa00cd Revert "create_user: Use transaction.atomic decorator for do_create_user."
This reverts commit 851d68e0fc.

That commit widened how long the transaction is open, which made it
much more likely that after the user was created in the transaction,
and the memcached caches were flushed, some other request will fill
the `get_realm_user_dicts` cache with data which did not include the
new user (because it had not been committed yet).

If a user creation request lost this race, the user would, upon first
request to `/`, get a blank page and a Javascript error:

    Unknown user_id in get_by_user_id: 12345

...where 12345 was their own user-id.  This error would persist until
the cache expired (in 7 days) or something else expunged it.

Reverting this does not prevent the race, as the post_save hook's call
to flush_user_profile is still in a transaction (and has been since
168f241ff0), and thus leaves the potential race window open.
However, it much shortens the potential window of opportunity, and is
a reasonable short-term stopgap.
2023-02-17 21:20:52 -05:00
Alex Vandiver 7feda75c5f populate_db: Temporarily remove post-delete signal on AlertWord.
The post-delete signal on AlertWord clears the realm cache; when it is
called repeatedly, this results in re-fetching the realm object O(n)
times, where n scales by number of users in the database.

Disconnect this cache-clearing signal before removing the AlertWord
entries, and reconnect it afterwards.  This is not thread-safe, but
this section is single-threaded.  It is also probably unnecessary to
re-connect the signal, as rest of `./manage.py populate_db` does not
delete AlertWord objects, but cleanliness dictates doing the
re-connection.

This drops the time to repeatedly run:
    python3 ./manage.py populate_db --num-messages=0 --extra-users=1000

...from 47 seconds to 36 seconds.
2023-02-17 13:59:11 -08:00
Anders Kaseorg 7cafbefdef ci: Reduce production suite tarball retention from 14 days to 1.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-02-16 10:15:11 -05:00
Anders Kaseorg bf7d3124ab openapi: Correct “we-public” typo.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-02-15 15:21:54 -08:00
Alex Vandiver 0d42abe1a8 puppet: wal-g is a tarball with a single file, not a directory.
5db55c38dc switched from `ensure => present` to the more specific
`ensure => directory` on the premise that tarballs would result in
more than one file being copied out of them.  However, we only extract
a single file from the wal-g tarball, and install it at the output
path.  The new rule attempts to replace it with an empty directory
after extraction.

Switch back to `ensure => present` for the tarball codepath.
2023-02-14 18:18:36 -05:00
Alex Vandiver f8a16fb9af model: Handle parsed user-agents longer than 30 characters.
The Client.name field is only 30 characters long, but there is no
limit to the length of parsed User-Agent value which we may attempt to
store in it.  This can cause requests with long user-agents to 500
when the creation of the Client row fails.

Truncate the name at 30 characters for the cache key, and passing
`name` to `get_or_create`.
2023-02-14 14:58:15 -08:00
Alex Vandiver 6f8ce2d00a hooks: Fix shebang line to use /usr/bin/env bash. 2023-02-14 17:28:58 -05:00
Alex Vandiver 044ccdb334 chat.zulip.org: Enable Sentry hook. 2023-02-14 17:20:35 -05:00
Alex Vandiver 63de600451 backends: Use staticfilesfor social auth logos. 2023-02-14 17:17:06 -05:00
Alex Vandiver 3559bf416d settings: Allow customization of STATIC_URL.
Some requests will still be to `/static/`, either at the realm's
domain, or at the root domain.
2023-02-14 17:17:06 -05:00
Alex Vandiver dd21e472e7 subdomains: Extend tests for for same-host when STATIC_URL has domain. 2023-02-14 17:17:06 -05:00
Alex Vandiver a1967a7f2d markdown: Rewrite /static/ images to use staticfiles_storage.url. 2023-02-14 17:17:06 -05:00
Alex Vandiver ccecc8eb84 markdown: Comment why we do not hash or use STATIC_URL for :zulip:. 2023-02-14 17:17:06 -05:00
Alex Vandiver 6806bec2e9 email_notifications: Use stable, unhashed, URLs for emoji in emails. 2023-02-14 17:17:06 -05:00
Alex Vandiver 72ac38eff8 send_email: Use STATIC_URL as base for images in emails. 2023-02-14 17:17:06 -05:00
Alex Vandiver e31767dda4 settings: Make DEFAULT_LOGO_URI/DEFAULT_AVATAR_URI use staticfiles. 2023-02-14 17:17:06 -05:00
Alex Vandiver 5d0d0ba4a9 static: Replace handlebars static images with their require'd versions. 2023-02-14 17:17:06 -05:00
Alex Vandiver e0a7658db7 ts: Pull in static assets via import. 2023-02-14 17:17:06 -05:00
Alex Vandiver ea2a0a7632 js: Pull in static assets via import. 2023-02-14 17:17:06 -05:00
Alex Vandiver 1f47d7793d landing-page: Stop relying on image paths. 2023-02-14 17:17:06 -05:00
Alex Vandiver c24bd07b76 templates: Use static() helper to generate /static/ URLs. 2023-02-14 17:17:06 -05:00
Alex Vandiver 10b1e11410 styles: Remove unnecessary ../static/ in image path. 2023-02-14 17:17:06 -05:00
Alex Vandiver ede0ae9069 unminify: Do not assume /static/ exists in the stacktrace. 2023-02-14 17:17:06 -05:00
Alex Vandiver ab9f974f48 emoji_settings: Stop using the avatar as placeholder; it is never seen.
The design of this element was changed midway through #22504, and
despite a separate placeholder icon using used, the preview was still
reset to the default avatar -- but is always hidden when so set.
2023-02-14 17:17:06 -05:00
Alex Vandiver 25b97c2872 storage: Skip hashing markdown files. 2023-02-14 17:17:06 -05:00
Alex Vandiver d9af7f25e8 storage: Fix extension logic to not hash other resource files. 2023-02-14 17:17:06 -05:00
Anders Kaseorg e0e17d2391 docs: Update frontend_tests/puppeteer_lib/common.ts path.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-02-14 13:39:41 -08:00