This commit adds code to live-update the inline-topic edit
icon on changing move_messages_within_stream_limit_seconds
or edit_topic_policy. We simply rerender the message list
as it becomes difficult to check for each recipient row
and update it because topic edit permission depends on
when the message was sent.
This also live-updates the resolve topic icon as it depends
on topic edit permission only.
This commit adds dropdown for move_messages_between_streams_limit_seconds
setting which is used to control for how long the user is allowed to
edit stream.
This commit adds dropdown for move_messages_within_stream_limit_seconds
setting which is used to control for how long the user is allowed to
edit topic.
This commit adds code to check time limit as per recently added
move_messages_between_streams_limit_seconds setting when moving
messages between streams in webapp. There is no time limit for
admins and moderators.
We add a new function "is_stream_editable" (similar to already
existing is_topic_editable function) to check whether user is
allowed to move message between streams.
This commit adds time restriction on moving messages between streams
using the move_messages_between_streams_limit_seconds setting in the
backend. There is no time limit for admins and moderators.
We now use realm_move_messages_within_stream_limit_seconds setting in
webapp to check topic edit permission replacing the 3-day limit.
As was the case previously, there is no limit for admins and
moderators.
We now use the newly added move_messages_within_stream_limit_seconds
setting to check for how long the user can edit the topic replacing
the previously used 3-day limit. As it was previously, there is no
time limit for admins and moderators.
This commit renames parse_message_content_edit_or_delete_limit
to parse_message_time_limit_setting and also renames
MESSAGE_CONTENT_EDIT_OR_DELETE_LIMIT_SPECIAL_VALUES_MAP to
MESSAGE_TIME_LIMIT_SETTING_SPECIAL_VALUES_MAP.
We do this change since this function and object will also be
used for message move limit and it makes sense to have a more
generic name.
This commit extracts a function to parse message time limit type settings
and to set it if the new setting value is None.
This function is currently used for message_content_edit_limit_seconds and
message_content_delete_limit_seconds settings and will be used for
message_move_limit_seconds setting to be added in further commits.
This commit adds code to update move_messages_between_streams_policy
in page_params dict and also call sync_realm_settings which updates
the setting element in UI.
Documents the Do Not Disturb option with a dedicated page in
the Notifications section.
The capitalization is not our standard style because the desktop app
doesn't follow that style convention.
Fixes#24169.
Previously, when sending a message to a resolved topic, if you disissed
the 'You are sending a message to a resolved topic' banner, it would
reappear as soon as the user enters another character.
Fix this by showing the banner at most once per narrow. It does not
reappear if the user closes the banner and continues typing. It will
only be shown again if the user closes compose, changes stream/topic,
sends a message or otherwise clears the compose box state.
We also remove the existing check for whether this banner is already
visible; this is essentially a more precise version of the same logic.
Fixes#24245.
Uptil now, the right sidebar user list unread count included bot and group
PMs which sometimes resulted in the confusing state of the user list icon
indicating unread messages but on expanding the user list, no username
had a counter beside it, since the list only has individual human users.
Now this right sidebar unread count too excludes bots and groups, so the
unread count and the user list are consistent, without any ghost counts.
Set width of the heading tag displaying user profile name heading, which
doesn't let the edit button get pushed off the user profile modal.
Ellipsis property is applied to user profile name on text overflow.
Fixes: #23781.
Changed the width of the file column to show the names properly,
while making sure that the table UI remains consistent in different
languages too (checked the same for Russian language).
Drop the file size column if the viewport is less than 992px (lg_min)
to ensure that the size word doesn't break when there are no uploaded files.
Discussed on CZO thread.
Changed the position of the Date uploaded arrow to stay visible
in all view ports and added word-break to prevent spill over of Mentioned-in
and date uploaded.
Fixes: #23738
Overlays.js incorrectly checked for whether `#groups` overlay
was open, so it re-assigned the global `open_overlay_name`
variable. As a consequence unwanted bluslip errors were thrown
when closing the groups overlay after any group event was
received while the `#groups` overlay was open.
The new `#groups` overlay had no way for user groups to be deleted.
This commit adds UI support for removing user groups along with
adding support for live update of `#groups` overlay on remove
event for user groups.
We add live update support for user group events as part of
https://github.com/zulip/zulip/issues/19526.
This however has a few TODOs:
1. Deciding on how we want to sort the group list on left of
#groups overlay.
2. How we highlight the newly created groups after it is added
to the list.
These will be covered as we add support for more groups events.
Since we do not currently have live update on newly
created ui for user group management, alert shown
after successful creation of user group apeared across
full width of right panel of #groups overlay. Which
made it look a bit awkward, so we add margins to that
alert info.
This removes the focus outline on `simplebar-content-wrapper` in
the left sidebar and other places in the app when focused since
it doesn't look visually nice.
This commit fixes the code which incorrectly set the cursor
property to "pointer" for input and textarea elements where
only select elements should have it. The code causing this bug
was added in d708bc338.
In Zulip, message topics are case-insensitive but case-preserving.
The `get_context_for_message` function erroneously did a
case-sensitive search, and thus only messages whose topic matched
exactly were pulled in as context.
Make the missed-message pipeline aware that message topics are not
case-sensitive. This means that, when collapsing adjacent messages,
we merge messages with topic headers which are "different"; create a
separate explicit "grouping" to know which to collapse.
Similar to the previous commit, Django was responsible for setting the
Content-Disposition based on the filename, whereas the Content-Type
was set by nginx based on the filename. This difference is not
exploitable, as even if they somehow disagreed with Django's expected
Content-Type, nginx will only ever respond with Content-Types found in
`uploads.types` -- none of which are unsafe for user-supplied content.
However, for consistency, have Django provide both Content-Type and
Content-Disposition headers.
The Content-Type of user-provided uploads was provided by the browser
at initial upload time, and stored in S3; however, 04cf68b45e
switched to determining the Content-Disposition merely from the
filename. This makes uploads vulnerable to a stored XSS, wherein a
file uploaded with a content-type of `text/html` and an extension of
`.png` would be served to browsers as `Content-Disposition: inline`,
which is unsafe.
The `Content-Security-Policy` headers in the previous commit mitigate
this, but only for browsers which support them.
Revert parts of 04cf68b45e, specifically by allowing S3 to provide
the Content-Disposition header, and using the
`ResponseContentDisposition` argument when necessary to override it to
`attachment`. Because we expect S3 responses to vary based on this
argument, we include it in the cache key; since the query parameter
has dashes in it, we can't use use the helper `$arg_` variables, and
must parse it from the query parameters manually.
Adding the disposition may decrease the cache hit rate somewhat, but
downloads are infrequent enough that it is unlikely to have a
noticeable effect. We take care to not adjust the cache key for
requests which do not specify the disposition.
This was missed in 04cf68b45ebb5c03247a0d6453e35ffc175d55da; as this
content is fundamentally untrusted, it must be served with
`Content-Security-Policy` headers in order to be safe. These headers
were not provided previously for S3 content because it was served from
the S3 domain.
This mitigates content served from Zulip which could be a stored XSS,
but only in browsers which support Content-Security-Policy headers;
see subsequent commit for the complete solution.
In nginx, `location` blocks operate on the _decoded_ URI[^1]:
> The matching is performed against a normalized URI, after decoding
> the text encoded in the “%XX” form
This means that if a user-uploaded file contains characters that are
not URI-safe, the browser encodes them in UTF-8 and then URI-encodes
them -- and nginx decodes them and reassembles the original character
before running the `location ~ ^/...` match. This means that the `$2`
_is not URI-encoded_ and _may contain non-ASCII characters.
When `proxy_pass` is passed a value containing one or more variables,
it does no encoding on that expanded value, assuming that the bytes
are exactly as they should be passed to the upstream. This means that
directly calling `proxy_pass https://$1/$2` would result in sending
high-bit characters to the S3 upstream, which would rightly balk.
However, a longstanding bug in nginx's `set` directive[^2] means that
the following line:
```nginx
set $download_url https://$1/$2;
```
...results in nginx accidentally URI-encoding $1 and $2 when they are
inserted, resulting in a `$download_url` which is suitable to pass to
`proxy_pass`. This bug is only present with numeric capture
variables, not named captures; this is particularly relevant because
numeric captures are easily overridden by additional regexes
elsewhere, as subsequent commits will add.
Fixing this is complicated; nginx does not supply any way to escape
values[^3], besides a third-party module[^4] which is an undue
complication to begin using. The only variable which nginx exposes
which is _not_ un-escaped already is `$request_uri`, which contains
the very original URL sent by the browser -- and thus can't respect
any work done in Django to generate the `X-Accel-Redirect` (e.g., for
`/user_uploads/temporary/` URLs). We also cannot pass these URLs to
nginx via query-parameters, since `$arg_foo` values are not
URI-decoded by nginx, there is no function to do so[^3], and the
values must be URI-encoded because they themselves are URLs with query
parameters.
Extra-URI-encode the path that we pass to the `X-Accel-Redirect`
location, for S3 redirects. We rely on the `location` block
un-escaping that layer, leaving `$s3_hostname` and `$s3_path` as they
were intended in Django.
This works around the nginx bug, with no behaviour change.
[^1]: http://nginx.org/en/docs/http/ngx_http_core_module.html#location
[^2]: https://trac.nginx.org/nginx/ticket/348
[^3]: https://trac.nginx.org/nginx/ticket/52
[^4]: https://github.com/openresty/set-misc-nginx-module#set_escape_uri
This commit fixes the issue where the "Click to view or download" comes
to the right of the image title. We add a parent division in this commit
that leads to the break tag being applied successfully, shifting the
secondary tooltip content ("Click to view or download") to next line.
Some non-English characters overflow when the line height is reduced
for the tooltip text. This commit increases the line height of the
tooltips to accommodate these non-English characters and fixes the
hotkey hint margins for the same.
This commit enables the stylistic set "ss01" in Source Sans 3
font family which contains stylistic variant of the upper-case
character "I", which contains two bars, one each on the top and
bottom of the letter. This provides a uniform look across all
the characters when used in the hotkey hints of the tooltips.
The second line of a multi-line tooltip generally desctribes the
additional information which helps the major text, i.e. the first
line of the multi-line tooltip, hence it would be a good idea to
add italics styling, to differentiate it from the main title. We
describe a simple ".italic" class for the same.
We also add a shorter line height to this description using the
".tooltip-inner-content" class.
We scan a tooltip for any required windows-to-mac hotkey conversions
from the list of attributes supplied to the hotkey_hints helper.
If we find any, we add/modify the hotkyes in the hotkey hints list to
match the mac-style key combinations and then return back the modified
list of hotkey hints to be displayed in the tooltip.
We also rename the "adjust_mac_shortcuts" function, used for the
keyboard shortcuts menu and help center documnets, to
"adjust_mac_kbd_tags" to avoid any ambiguity with the
adjust_mac_tooltip_keys funtion which is used for tooltip hotkeys.