Commit Graph

83 Commits

Author SHA1 Message Date
Rishi Gupta f0807353ae settings: Remove ABOUT_LINK_DISABLED.
Was introduced in 0f4bbc8, I think because the /team page was unfinished at
the time.
2017-11-16 21:15:24 -08:00
Greg Price 271a9f0da7 settings: Eliminate disused variable EXTERNAL_API_URI.
This was part of the logic to handle EXTERNAL_API_PATH varying.
But also it was already no longer used -- it was only ever passed
into template contexts, as `external_api_uri`, and it'd been
overtaken there by `external_api_uri_subdomain`.

So, update our dev docs to reflect that, and eliminate the variable.
2017-10-30 18:29:29 -07:00
Greg Price aeb69dfd61 template context: Eliminate now-constant variable `api_site_required`. 2017-10-30 18:29:29 -07:00
Greg Price bf1395b3ec template context: Eliminate the disused variable `external_api_path`.
This is not only now redundant, but actually already has no uses.
2017-10-30 18:29:29 -07:00
Greg Price 7366a4ca7a settings: Eliminate the disused EXTERNAL_API_PATH.
This setting isn't documented at all, and I believe nobody has used it
since the end of api.zulip.com in 2016.  So we get to complete the
cleanup of this logic.
2017-10-30 18:29:29 -07:00
Greg Price 093bae4bc5 subdomains: Fix some implicit uses of "" for the root subdomain.
These are just instances that jumped out at me while working on the
subdomains code, mostly while grepping for get_subdomain call sites.
I haven't attempted a comprehensive search, and there are likely
still others left.
2017-10-26 10:29:17 -07:00
Tim Abbott 1ab2ca5986 subdomains: Extract zerver.lib.subdomains library.
These never really belonged with the rest of zerver.lib.utils.py, and
having a separate library makes it easier to enforce full test
coverage.
2017-10-18 22:27:48 -07:00
Tim Abbott 9378489367 context_processors: Don't require coverage for ZulipElectron block.
This mostly makes sense because that code path doesn't do anything but
impact how a CSS class is handled.
2017-10-11 14:52:38 -07:00
Brock Whittaker 07e5f7ea1e context_processors: Enable platform detection in templates.
This enables the ability to detect the platform in a template.
2017-10-11 14:02:48 -07:00
Greg Price a116303604 passwords: Express the quality threshold as guesses required.
The original "quality score" was invented purely for populating
our password-strength progress bar, and isn't expressed in terms
that are particularly meaningful.  For configuration and the core
accept/reject logic, it's better to use units that are readily
understood.  Switch to those.

I considered using "bits of entropy", defined loosely as the log
of this number, but both the zxcvbn paper and the linked CACM
article (which I recommend!) are written in terms of the number
of guesses.  And reading (most of) those two papers made me
less happy about referring to "entropy" in our terminology.
I already knew that notion was a little fuzzy if looked at
too closely, and I gained a better appreciation of how it's
contributed to confusion in discussing password policies and
to adoption of perverse policies that favor "Password1!" over
"derived unusual ravioli raft".  So, "guesses" it is.

And although the log is handy for some analysis purposes
(certainly for a graph like those in the zxcvbn paper), it adds
a layer of abstraction, and I think makes it harder to think
clearly about attacks, especially in the online setting.  So
just use the actual number, and if someone wants to set a
gigantic value, they will have the pleasure of seeing just
how many digits are involved.

(Thanks to @YJDave for a prototype that the code changes in this
 commit are based on.)
2017-10-08 15:48:44 -07:00
Tim Abbott 1d72629dc4 subdomains: Hardcode REALMS_HAVE_SUBDOMAINS=True. 2017-10-02 16:42:43 -07:00
Tim Abbott e9f13a91e7 subdomains: Remove get_unique_non_system_realm.
This functionality is no longer required with REALMS_HAVE_SUBDOMAINS
always True.
2017-10-02 16:32:10 -07:00
rht 2949d1c1e8 zerver: Remove the rest of absolute_import. 2017-09-27 10:02:39 -07:00
Supermanu ac79bbfe08 login: Enable non-email username to login. 2017-09-15 10:30:19 -07:00
Tim Abbott a0a1fe1512 settings: Rename SERVER_URI to ROOT_DOMAIN_URI.
This should be a lot less confusing.

See #6013 for discussion.
2017-08-28 14:09:28 -07:00
Tim Abbott 0693656b89 register: Allow the empty string as a subdomain.
This is conditioned on the server being configured with
ROOT_DOMAIN_LANDING_PAGE=True.
2017-08-24 19:39:40 -07:00
Tim Abbott 3d4893d906 settings: Rename SUBDOMAINS_HOMEPAGE to ROOT_DOMAIN_LANDING_PAGE.
This new setting name is a lot more readable.
2017-08-24 19:32:16 -07:00
Vaida Plankyte 52046d537a auth.py: Add config_error page for misconfigured github/google auth.
Significantly modified by tabbott to use a better system, pass tests,
and clean up the content.
2017-08-16 10:05:19 -07:00
neiljp (Neil Pilgrim) 52ed997d23 mypy: Reorder and annotate variables around if statements. 2017-08-15 17:50:18 -07:00
Jack Zhang a533ab5881 context_processors.py: Add flag for whether user is logged in. 2017-08-15 12:15:21 -07:00
Jack Zhang b82bdc82bf context_processors.py: Add flag for whether page is help center.
This is needed once the header markup is deduplicated.
2017-08-15 12:15:21 -07:00
Brock Whittaker 36f6da9ebf /register/: Hide sign up on invite-only realms.
This hides the right-hand sign up form for realms that are
invite-only, and shows some text that states the realm is invite-only.
2017-07-27 16:53:57 -07:00
Rishi Gupta a26703109e settings: Change all uses of ZULIP_ADMINISTRATOR to FromAddress.SUPPORT.
Make it less likely that further development will break compatibility with
ZULIP_ADMINISTRATORs of the form "name <email>".

Note that the suggested value for this setting has been
'zulip-admin@example.com' for a while, so hopefully this commit causes no
change for most installations.
2017-07-05 15:33:01 -07:00
Rishi Gupta 81220e050b context_processors: Remove zulip_admin from zulip_default_context.
There is no real distinction between zulip_admin and support_email in the
codebase, so fold them into a single variable.
2017-06-29 11:20:32 -07:00
Tim Abbott ec6abddc38 portico: Remove obsolete code for Zulip open sourcing announcement.
This was only ever used on the old zulip.com.
2017-06-06 11:36:03 -07:00
Greg Price 4165c9a62e apps: Link directly to the upstream /apps page.
Now that this page redirects to upstream, make our own links
to it point directly upstream.  This saves a redirect, and
makes it more transparent where the link points if the user
examines it before following.
2017-06-06 11:21:20 -07:00
Tim Abbott 1549f8773e portico: Always display org info when a server has only 1 realm.
Previously, we were incorrectly using the get_unique_open_realm
function to determine whether we're in the (common) single-realm
server case and should just display an org-info-enabled login form on
the homepage.

Now, we use a slightly different function extracted from
get_unique_open_realm that doesn't check whether the realm is
invite-only.

Fixes #4841.
2017-06-02 15:00:22 -07:00
Tim Abbott 847f469cf2 subdomains: Toggle various links with SUBDOMAINS_HOMEPAGE. 2017-05-15 21:54:35 -07:00
Tim Abbott 6eada74bfe portico: Fix exception if no realm description is set.
This was caught via Casper tests, which I regret not running.
2017-05-11 14:23:46 -07:00
Tim Abbott 223624be25 settings: Add support for longer, markdown-powered realm descriptions.
This makes it possible to create much prettier login pages.

Further work on styling may be necessary.
2017-05-11 13:59:46 -07:00
Tim Abbott a3ddd94aa3 integrations: Remove unnecessary email_integration_enabled.
Previously, we were ending up with 2 copies of the email integration
in there.
2017-05-10 11:24:25 -07:00
Tim Abbott dad183093a context_processors: Clean up logic for fetching realm. 2017-05-03 16:39:31 -07:00
Rohitt Vashishtha 47eb19331d ux: Display error on login/registration if no auth backends are enabled.
Also makes a small tweak to CSS to ensure the styling is consistent on
the two pages.

Fixes #4525.
2017-05-01 17:17:37 -07:00
Tim Abbott 84008b9c37 context_processors: Rename confusingly named add_settings context.
Also document this.
2017-05-01 15:47:58 -07:00
Tim Abbott 3fa6bdf49c login: On single-realm servers, assume the only open realm.
This makes it possible to display the nice new login/registration
banner on single-realm servers, which is the common case.
2017-04-26 18:04:05 -07:00
Brock Whittaker 7afbc9ddd6 Redesign login and registration pages.
This completes a major redesign of the Zulip login and registration
pages, making them look much more slick and modern.

Major features include:
* Display of the realm name, description and icon on the login page
  and registration pages in the subdomains case.
* Much slicker looking buttons and input fields.
* A new overall style for the exterior of these portico pages.
2017-04-26 18:04:05 -07:00
Tim Abbott 1fe8df10f0 context: Include realm name, icon, and description.
This will be used in our upcoming login/registration page redesign.
2017-04-17 22:15:51 -07:00
K.Kanakhin 4891a8d850 Add default response for `terms` and `privacy` endpoints.
- Add setting for `privacy policy` template defining.
- Configure default templates for `privacy policy` and
  `terms of service` pages.
- Add route for privacy page.
- Remove condition for showing `privacy` and `terms` pages.
- Add `privacy_policy` setting to context processor.
- Add documentaion part for `privacy` and `terms` templates
  configuration.
- Add tests.

Fixes #3686.
2017-04-12 14:09:14 -07:00
Tim Abbott 6d452e87a5 context_processors: Handle requests without user set.
If `render()` is called from middleware that runs before the
authentication middleware, then this code path will be called with a
request object where request.user is not yet set.  Handle this by
providing a reasonable error message.
2017-03-21 10:06:39 -07:00
James Wang 405f07454c Add server version to about page template.
zserver/context_processors.py: Pull in ZULIP_VERSION variable from version.py
about.html: Put server version into template.

Fixes: #3907
2017-03-09 22:10:54 -08:00
Tim Abbott 9cc83f87fc lint: Clean up E241 PEP-8 rule. 2017-01-23 21:21:14 -08:00
Bojidar Marinov 786dd0fca4 auth: Make min password length and strength configurable.
This adds some configuration options to settings.py, namely
PASSWORD_MIN_LENGTH and PASSWORD_MIN_QUALITY, which control
when the frontend validator invalidates the password.

Closes #2628
2017-01-10 04:55:41 -08:00
Rishi Gupta 2b0a7fd0ba Rename models.get_realm_by_string_id to get_realm.
Finishes the refactoring started in c1bbd8d. The goal of the refactoring is
to change the argument to get_realm from a Realm.domain to a
Realm.string_id. The steps were

* Add a new function, get_realm_by_string_id.

* Change all calls to get_realm to use get_realm_by_string_id instead.

* Remove get_realm.

* (This commit) Rename get_realm_by_string_id to get_realm.

Part of a larger migration to remove the Realm.domain field entirely.
2017-01-04 17:12:23 -08:00
Umair Khan f208813ea3 Add Find My Team feature. 2017-01-03 21:33:42 -08:00
paxapy ff1e97603d context_processors: use a common context for emails.
Fixes #1611.
2016-11-08 11:37:16 -08:00
paxapy 8c7ed80281 context_processors: refactor add_settings realm code.
The new code is substantially clearer and ensures realm_uri is always
set reasonably.
2016-11-08 11:37:16 -08:00
umkay 21c024fc29 auth: Make supported authentication backends a bitfield on realm.
This makes it possible to configure only certain authentication
methods to be enabled on a per-realm basis.

Note that the authentication_methods_dict function (which checks what
backends are supported on the realm) requires an in function import
due to a circular dependency.
2016-11-06 16:16:24 -08:00
Tim Abbott 0f4bbc8617 portico: Add options to disable login and about links.
This gives us a great deal more flexibility for controlling the
context of the portico footer.
2016-09-13 22:59:09 -07:00
Tim Abbott 7950d3181e zmirror: Fix hardcoding of zulip.com support email address.
We now use support_email == settings.ZULIP_ADMINISTRATOR just like
every other support email address reference.
2016-08-18 18:36:07 -07:00
Tim Abbott 4fbb8c3eee templates: Add new context variables to all templates.
This adds a few new helpful context variables that we can use to
compute URLs in all of our templates:
* external_uri_scheme: http(s)://
* server_uri: The base URL for the server's canonical name
* realm_uri: The base URL for the user's realm

This is preparatory work for making realm_uri != server_uri when we
add support for subdomains.
2016-08-13 16:27:35 -07:00