The "Who can access all users" setting is not disabled for
organizations not on "Plus" plans in production because of
the "page_params.development_environment" check.
We do not need that check anymore as the feature is now
enabled in production.
The previous logic would treat navigating with the arrow keys, or
alt-tab, as a reason to clear the subdomain unavailable warning, and
would not necessarily check again immediately. Now just trigger off
changes in the input.
Instead, just trigger off actual changes in the value of the input.
The problem was that earlier this was just an uncaught JsonableError,
leading to a full traceback getting spammed to the admins.
The prior commit introduced a clear .code for this error on the bouncer
side, meaning the self-hosted server can now detect that and handle it
nicely, by just logging.error about it and also take the opportunity to
adjust the realm.push_notifications_... flags.
On /upgrade page, we show annual schedule & price for a
fixed-price plan, by default.
This also acts as a prep commit for fixed-price plan
with pay-by-invoice collection method as we only offer
annual plan in such case. So, annual data is shown by default
on /upgrade page.
Adds a count for mobile users registered for the remote server
with a RemotePushDeviceToken that does not have an associated
remote realm, which was a recently added field.
If the remote server is pre-8.0 and does not have remote realms,
then only the total mobile user count is displayed, as the count
for uncatagorized mobile users would be equal to the total mobile
user count.
This is useful in the support view in case the audit log data is
stale and user counts are not updated for billing.
Also, renames formatting function for optional datetimes that is
used in the support and activity views/charts. And instead of
showing these datetime strings in the eastern US timezone, we
now show and label them as UTC.
We don't have an index on `(server_id, id)`, and in any case, we have
a stronger guarantee that `remote_id` is time-sorted, from the
construction of the analytics tables, than that the `id`s given these
entries when uploaded are time-sorted.
Many of these code paths largely expect it to be a valid user ID, so
we could raise an exception if the user ID is invalid, but probably
gracefully proceeding is reasonable for the callers.
Note that this uses `ssh-keyscan` to write in the currently-observed
host fingerprint; if DNS or network is untrusted during initial puppet
apply, this can allow attackers to write their own host key, obviating
the utility of known_hosts.
We do not view this as a likely attack mechanism, since in our
deployment the network and DNS is almost certainly trusted, and if
not, the timing attack to catch only initial configuration is likely
impossible.
This commit removes the stale 'email_gateway' parameter
from 'do_send_messages' function.
This should have been removed in 6c473ed75f,
when the call to 'build_message_send_dict' was removed
from 'do_send_messages'.
This correctly avoids pageup/pagedown scrolling past already rendered
content, while also always making progress, which the previous logic
introduced in d8ec141de2 might do, at
least in degenerate cases with very small render windows.
I'm not sure this change has any effect in practice with current
render window values, but it does fix a bug if I set the maximum
render window size to 20.
The previous batch of improvements to this code path in
6562ea94e4 introduced a race bug where:
- You navigate to a narrowed view; Zulip renders cached data from
`all_messages_data` that we know is current, but
`fetch_status.has_found_newest` is initialized to `false`
nonetheless.
- The bottom is visible, triggering the check for whether the view
should be marked as read.
- `fetch_status.has_found_newest` is still `false`, and so we
incorrectly refuse to mark as read.
- We finish fetching data from the server, do the background rerender
for that (with no changes), but that doesn't trigger a re-check for
whether the bottom is visible.
There's several ways to address this, but most correct to me is to not
check fetch_status in this particular code path.
The same reasoning applies to the navigate.js call sites.
This error message didn’t make sense for the check as written, and our
OpenAPI document already provides the expected format for our 200
responses.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
Real requests would not validate against the previous version. There
seems to be no consistent way to determine whether a string parameter
should be coerced to an integer for validation against an allOf
schema (which works at the level of JSON objects, not strings).
See also https://github.com/python-openapi/openapi-core/issues/698.
Signed-off-by: Anders Kaseorg <anders@zulip.com>