Commit Graph

263 Commits

Author SHA1 Message Date
Greg Price a116303604 passwords: Express the quality threshold as guesses required.
The original "quality score" was invented purely for populating
our password-strength progress bar, and isn't expressed in terms
that are particularly meaningful.  For configuration and the core
accept/reject logic, it's better to use units that are readily
understood.  Switch to those.

I considered using "bits of entropy", defined loosely as the log
of this number, but both the zxcvbn paper and the linked CACM
article (which I recommend!) are written in terms of the number
of guesses.  And reading (most of) those two papers made me
less happy about referring to "entropy" in our terminology.
I already knew that notion was a little fuzzy if looked at
too closely, and I gained a better appreciation of how it's
contributed to confusion in discussing password policies and
to adoption of perverse policies that favor "Password1!" over
"derived unusual ravioli raft".  So, "guesses" it is.

And although the log is handy for some analysis purposes
(certainly for a graph like those in the zxcvbn paper), it adds
a layer of abstraction, and I think makes it harder to think
clearly about attacks, especially in the online setting.  So
just use the actual number, and if someone wants to set a
gigantic value, they will have the pleasure of seeing just
how many digits are involved.

(Thanks to @YJDave for a prototype that the code changes in this
 commit are based on.)
2017-10-08 15:48:44 -07:00
Brock Whittaker 99933d5cce settings: Set the upload table colum min-widths.
This sets the column width of the upload table actions and size
columns to always be 75 so that the buttons are always in the same
line and take up the least amount of space possible with that
constraint.
2017-10-04 14:29:18 -07:00
Vishnu Ks 0c35bd60cf frontend: Seperate out info on accessing emails to template. 2017-10-04 08:20:29 -07:00
Anupam-dagar f82c5e9626 settings: Remove save changes button from "UI settings" section.
Fixes: #6330.
2017-09-30 09:11:18 -07:00
Ali Rizwi 6c0ea18ea9 user settings: Make "Mobile push notifications always" a subsetting.
"Mobile push notifications always" is now indented and a
sub-setting of "Mobile push notifications when offline".
It can be selected only when the outer setting is
selected, otherwise it is greyed out.

Fixes #6570.
2017-09-29 17:58:41 -07:00
Brock Whittaker 8e2d9d64b2 settings: Enable sorting on uploads table.
This allows for sorting in the uploads table by all of the attributes
in ascending order by clicking on the headers.

Fixes #6747.
2017-09-28 16:16:16 -07:00
Brock Whittaker 7b8fd1aafb settings: Add file search to the uploads table.
This uses the searching capabilities of the list_render class to search
for files by name; normalized by lowercase locale.
2017-09-28 14:13:33 -07:00
Brock Whittaker 583d7b2834 settings: Move the upload tips input, and alerts out of list-render wrapper.
This moves the stuff that should not scroll with the table such as the
search box and tips so it is moved out to be above the
`.progressive-table-wrapper` element.
2017-09-28 14:13:33 -07:00
Vishnu Ks 17cc32f168 settings: Show error or success message when deleting uploaded files.
Fixes #6519
2017-09-27 17:50:22 -07:00
Vishnu Ks 8faa9ab214 settings: Show upload quota and total uploads size in uploaded files page.
Fixes #6408
2017-09-27 17:50:22 -07:00
Vishnu Ks 865bc06945 settings: Show attachment size and upload date in uploaded files page. 2017-09-27 17:50:22 -07:00
Harshit Bansal ee6024281a org_settings: Fix dropup menu for notifications stream not opening.
We were having an anchor tag inside a button which is incorrect HTML.
Chrome and safari handle this case but firefox doesn't and hence the
dropup menu wasn't opening on firefox.
2017-09-26 23:04:49 -07:00
Cynthia Lin a758c2615e user docs: Update docs to point to Organization settings page. 2017-09-16 02:26:47 -07:00
Brock Whittaker d7651bdd25 Restyle default streams list to be grey-box and inline.
This moves the form to an inline style and restyles the box to be green.
2017-09-15 04:57:03 -07:00
Brock Whittaker d7d5b382a7 Change realm filter settings box to be grey.
This changes the realm filter settings box to be the same grey as the
emoji add box instead of the green it was before.
2017-09-15 04:57:03 -07:00
Brock Whittaker 73ac9f4406 Restyle emoji box to look grey, inline form.
This makes it more compact as well as recoloring it to not be green.
2017-09-15 04:57:03 -07:00
Brock Whittaker 78adf01850 Normalize `.settings-section-title` headers.
This normalizes the headers to all look the same and in a larger font
size + weight.
2017-09-15 04:57:03 -07:00
Sarah c3a8138f74 user_settings: Add push notifications for all stream messages.
Add setting to enable push notifications for all stream messages.
2017-09-14 05:41:37 -07:00
Rishi Gupta 75337258a8 accounts-settings: Reassure user if they do not have a password for API key. 2017-08-28 20:39:53 -07:00
Tim Abbott aa66d0129a settings: Reorder organization settings.
This makes the situation with the "Save changes" buttons slightly more
reasonable.  We'll want to do more on this front, though.
2017-08-28 17:27:22 -07:00
Brock Whittaker dba09c979c Restructure organization settings and permissions.
This restructures organization settings and permissions to be
more accurately grouped and for the permissions page to not be too
long.

CHANGES:

PROFILE:
    (this was split out)
    organization-profile-admin.handlebars:
        form #1:
            name
            description
            (SUBMIT)
        avatar:
            (UPLOAD)
            (DELETE)

SETTINGS:
    organization-settings-admin.handlebars:
        language (mostly untouched)
        message editing:
            time limit/history/retention
        message feed:
            mandatory-topics
            preview images
            preview websites

PERMISSIONS:
    organization-permissions-admin.handlebars
    (mostly stuff was removed)
    Joining:
        restrict domains
        require invite
    User Identity:
        name changes
        email changes
    Streams/Emoji:
        creating streams:
            waiting period (ADDED)
        adding emojis
    (SUBMIT) for whole panel

The profile group (name, description, avatar) were split into a new
page that did not previously exist, and the permissions was stripped
of message settings (message editing, message feed), but keeping the
"waiting period" input and putting it in the "Streams & custom emoji"
section.

Fixes: #5844.
2017-08-28 17:20:13 -07:00
Tim Abbott 126171cb76 api: Remove root_domain_uri from API page links.
These pages should be references the current server's UI anyway.
2017-08-28 14:13:37 -07:00
Tim Abbott a0a1fe1512 settings: Rename SERVER_URI to ROOT_DOMAIN_URI.
This should be a lot less confusing.

See #6013 for discussion.
2017-08-28 14:09:28 -07:00
Yago González 7d5d8ac61e lint: Add rule for spacing inside Handlebars translation tags.
This commit also includes the fixes to make all Handlebars templates
compliant with the new rule.
2017-08-23 13:08:57 -07:00
Tim Abbott 06f8fd529d realm: Add clear error message for too-long realm name.
This fixes an exception we saw in production, as well as fixing the
form to not offer ultra-long names that we don't allow.
2017-08-22 22:04:52 -07:00
Brock Whittaker 25e5a10a5b unicode: Replace "×" with HTML and HEX entities.
This refactors and fixes unicode issues where entities don't display
properly due to being a special character that seems to be rendered
incorrectly in a non-deterministic way every time.
2017-08-22 16:31:53 -07:00
Tim Abbott 1e5aee054b settings: Migrate main settings-change code to API.
This was one of the few major remaining endpoints that were still on
the old-style legacy API.
2017-07-31 13:08:06 -07:00
vaibhav 691aff55a3 bots: Add UI to select Slack compatible interface for webhooks.
interface_type select menu will be used to choose the interface
for outgoing webhooks. It will be displayed only when the selected
bot type is OUTGOING WEBHOOK type. The default value is GENERIC
interface type (1).
2017-07-28 16:22:55 -07:00
Rishi Gupta ad47d3b651 settings: Update wording in organization-permissions-admin.handlebars. 2017-07-24 17:33:14 -07:00
Rishi Gupta f91098143b settings: Reorder options in organization-permissions-admin.handlebars.
Also adds <hr>'s to separate the options into sections.
2017-07-24 17:33:14 -07:00
Rishi Gupta ace67c6669 settings: Remove tooltip for user settings -> full name.
It's hinted in the registation process, and as long as one person in the
realm does it, everyone else will know. The tooltip also draws too much
visual attention.
2017-07-24 17:33:14 -07:00
Rishi Gupta 481c85fb48 settings: Update text in templates. 2017-07-24 17:33:14 -07:00
Harshit Bansal c1dc48f41b emoji: Merge the two semantically same tips on the `Custom emoji` page.
In case the user was not allowed to upload an emoji, we were displaying
two different but sematically same tips. This commit merges them and
also updates `update_custom_emoji_ui()` function in settings_emoji.js
to live update tooltip.
2017-07-21 13:29:27 -07:00
Cynthia Lin e21c3e1cb7 settings: Nest PM content setting in Desktop notification setting.
Fixes #5879
2017-07-21 12:13:43 -07:00
Rishi Gupta a05de7ce84 settings: Fix Display Settings categorized as Language Settings.
"Display user list on left side in narrow windows." was a duplicate and
was removed.
2017-07-18 00:19:31 -07:00
Brock Whittaker 0d3ea50379 settings: Change .btn => .button components.
This changes all of the old bootstrap .btn buttons in the settings UI
to the new .button classes that they should be.
2017-07-17 17:20:09 -07:00
Vaida Plankyte c9bc803118 frontend: Change inaccurate aria-hidden assignments on buttons.
This either removes aria-hidden=true assignments from buttons with
text, or adds a span to only hide the 'x' symbol rather than the
button for closing buttons.
2017-07-17 16:40:28 -07:00
Brock Whittaker e5e73f364b settings: Change [Change] button styles. 2017-07-17 16:18:46 -07:00
Brock Whittaker 563847e5fe settings: Redesign and responsively fix account settings.
This makes the avatar portion more responsive and efficient on many
screen settings and also fixes some of the design incongruences present
on the page.
2017-07-17 16:18:31 -07:00
Brock Whittaker 3b9d084b29 settings: Modify notification settings headers for consistency.
This changes bold h4 headers to be thin h3 headers like the rest of the
pages.
2017-07-17 16:18:31 -07:00
Brock Whittaker 330a3bd144 setttings: Indent display settings checkboxes and fix header styles.
Aside from the indentation of checkboxes, the headers are added and
changed to become more unified with other page styling.
2017-07-17 16:15:04 -07:00
Vaida Plankyte 32c3d1b6f9 frontend: Add aria-label to organization overlay elements. 2017-07-17 11:46:41 -07:00
Durga Akhil Mundroy 146dfa6f0b org-permissions: Add allow_edit_history organiztion setting.
This new setting controls whether or not users are allowed to see the
edit history in a Zulip organization.  It controls access through 2
key mechanisms:

* For long-ago edited messages, get_messages removes the edit history
  content from messages it sends to clients.

* For newly edited messages, clients are responsible for checking the
  setting and not saving the edit history data.  Since the webapp was
  the only client displaying it before this change, this just required
  some changes in message_events.js.

Significantly modified by tabbott to fix some logic bugs and add a
test.
2017-07-16 10:10:06 -07:00
Vaida Plankyte 28ea174ed9 backend: Implement high contrast mode display setting. 2017-07-14 14:53:24 -07:00
Tim Abbott 5cdfd61f2b lint: Require translation tags on aria-label tags.
Since these are, by their nature, directly user-facing strings, they
should always be tagged for translation.
2017-07-14 14:48:17 -07:00
Vaida Plankyte 216900b9e3 frontend: Add aria-label attributes to textareas/input fields. 2017-07-14 14:45:10 -07:00
Vaida Plankyte 6be210052e frontend: Fix label 'for' attribute to include correct name. 2017-07-14 14:45:10 -07:00
Vaida Plankyte 1675867f30 frontend: Make ID assignments unique. 2017-07-14 14:45:09 -07:00
Abhijeet Kaur 85b7a89d85 bots UI: Display message for empty 'Active/Inactive bots' tab.
Add a line of text stating that there are no active or inactive bots.

This is for better understanding of the user, as blank screen that
used to appear in case of no bots being present might seem broken
to some.

Tweaked by tabbott to improve the English.
2017-07-13 21:51:48 -07:00
Harshit Bansal 86de196d12 emoji: Don't lock out admins when only admins are allowed to upload emoji.
Prior to this, when the setting for controlling whether can admins only
upload an emoji was set to true, we were not displaying upload emoji form
even for admins and as a result they were locked out.
2017-07-13 14:08:30 -07:00