Commit Graph

1866 Commits

Author SHA1 Message Date
Jeff Arnold 592451686e More revisions to the privacy policy and terms of service
(imported from commit f6936e7bd8b4d8d2d92f78d697ebc74f180a611a)
2012-10-28 16:08:49 -04:00
Jeff Arnold 1ebd4211a4 Revisions to privacy policy and terms of service
(imported from commit 6f618c858a7c5b53d86a6c032fb7089521c62eb7)
2012-10-28 15:40:56 -04:00
Keegan McAllister 4c0d6eef00 print-all: Provide empty stdin to latex
_out takes a filename but _in takes the input itself.

(imported from commit dee2a1cc920ea3526045146c4e738ca44c38fb47)
2012-10-28 15:20:05 -04:00
Keegan McAllister 9689887cbd Copy the csrf_exempt attribute in @asynchronous
Needed for @csrf_exempt to work.

(imported from commit 563ab11b0d26262511e9a6d9cc2735b0b835a391)
2012-10-27 17:56:18 -04:00
Keegan McAllister da252e8499 runtornado: Abort view processing if request or view middleware returns a response
This is the behavior specified by Django.  Since this was broken before,
our CSRF protection had no effect on Tornado views other than printing
a warning message :(

(imported from commit 7975d3c9b6c18915f917ac2da4592a55f6b6a658)
2012-10-27 17:28:07 -04:00
Keegan McAllister 0f211673ac Puppet: Add missing packages python-flup
Needed for Django runfcgi.

(imported from commit cfd1f20a2f7a08c21e8ab3b321c2928a28319a54)
2012-10-27 12:11:22 -04:00
Keegan McAllister 6ab646cd53 post-receive: Deploy to the new server
Eventually this should go to the staging server, and we'll have a separate
process to migrate changes from there to production.

(imported from commit 2a712758844524fdf2f23f798baf6b607d056b9a)
2012-10-27 11:39:03 -04:00
Keegan McAllister c1171c9832 Change default site in API clients
(imported from commit 185cf8e27cb6ecd1cd8ccca834d30ca0de2236b8)
2012-10-27 11:38:15 -04:00
Keegan McAllister d71b9594fe Configure nginx for the new server
(imported from commit d073276912ea844e75fd710689f152fd7a2213c7)
2012-10-27 11:38:15 -04:00
Keegan McAllister 92b10e3bc2 settings.py: Change deployed check
This is security-critical so we have two checks.

(imported from commit adaa1cefe2d08526cdaac2fb0d8cc02773390224)
2012-10-27 11:18:51 -04:00
Keegan McAllister cbdbc12ab0 Remove config for Apache as app frontend
(imported from commit ae4072bdf59cdfccec76eeee7fd3b99a899eaa19)
2012-10-27 10:56:14 -04:00
Keegan McAllister 36f4ce0c0b Properly defer send_pointer_update setTimeout
(imported from commit 02a9c648eb420c8aebe84386cbb708bec96ca2e7)
2012-10-26 22:48:21 -04:00
Keegan McAllister 92acd7bd1c match_on_visible_text: Return boolean directly, without a conditional
(imported from commit b38800d074ab3e1dd557e49ef5a6cd7adfd677a3)
2012-10-26 22:21:41 -04:00
Keegan McAllister c32b0a1a22 Remove dodgy use of $( array ).last()
Per the docs, these are only meant to be used on arrays of DOM elements.
jQuery might one day assign a different meaning to arrays of strings,
and then we could have some security issues or weird breakage.

(imported from commit 545eee1e9c6955556d5c4bda30cd6db0dce19c60)
2012-10-26 22:21:30 -04:00
Keegan McAllister 5c4fe1d521 Simplify tab click handler
We don't need to get the tab link href twice.

(imported from commit 4b437924c88074e706536b143af493804612746f)
2012-10-26 21:45:05 -04:00
Keegan McAllister 6d0cebb6c2 Simplify update_floating_recipient_bar
The transformation here is

    $($('foo')[0]) -> $('foo:first')

(imported from commit 79ea257c9935eea01c5a2f7afb171045692eff01)
2012-10-26 21:38:39 -04:00
Keegan McAllister 582cb799dd Get rid of the selected_message_class global
Instead we infer this from narrow.active(), with the ability to override during
the narrowing procedure.

(imported from commit fab9c6861f19aedf0ee8af094c1ef4e8a0a73d80)
2012-10-26 21:05:04 -04:00
Keegan McAllister 6e63ac926e Add rows.get_table()
This checks against the table name whitelist before building the jQuery query.

(imported from commit b296f117cdd2707aeb626328f8b0f9e00c723d59)
2012-10-26 21:03:52 -04:00
Keegan McAllister 138721ebbb ui.js: Wrap an extremely long line
(imported from commit e8bef501249cc11655780ab87c425c91e2ad4db5)
2012-10-26 20:41:08 -04:00
Keegan McAllister 19d4631e6f search.js: Call .each on the jQuery match rather than $ itself
(imported from commit cff239b483a8ef1a7997a1430f40a7fda11739b1)
2012-10-26 20:41:08 -04:00
Keegan McAllister a0eea37fd4 search.js: Wrap extremely long line
(imported from commit c5b76e2da4ebb8322b5a69bf0679fa7700bb7bd1)
2012-10-26 20:41:08 -04:00
Keegan McAllister 58ca5b3e24 Harden rows.get against bad input
(imported from commit af0283323089f6ed4edb4cb732fe1cc821fb5dd5)
2012-10-26 20:41:08 -04:00
Keegan McAllister 3ebee51ce0 rows.js: Use full module pattern
(imported from commit 770741958798317401e918a7b8331cfc2f73bf77)
2012-10-26 20:41:08 -04:00
Keegan McAllister 6bd2087d89 zephyr.js: Combine get_huddle_recipient{,_names}
(imported from commit dcb4c32250f4ff3a3cf32d999d6469916b17b06e)
2012-10-26 20:31:52 -04:00
Keegan McAllister 465bbf5614 print-all: Fix incorrect progress output
(imported from commit 266b9da0a4aee094c2df6502766ff06c2a967a2d)
2012-10-26 17:52:47 -04:00
Keegan McAllister b0d669aa03 print-all: Use psnup rather than pdfnup
Our printer strongly dislikes the pdfnup output.

(imported from commit 0539def995191143365ed1e62f1fbf6ec572627e)
2012-10-26 17:49:38 -04:00
Zev Benjamin 5413f74a7e Allow API users to update the pointer and receive pointer updates
The get_profile API call now returns a client_id, which an API user
can pass to update_pointer and get_messages (note that clients still
need to pass a pointer argument to get pointer updates).  This
client_id is currently the equivalent of the website's session key,
but the website might get client_ids in the future to distinguish
browser windows.

This commit differs from 88f6cf0033c849af88d1b99da3bdc2148dfbb6fe in
that it uses request.POST.get("foo") instead of request.POST["foo"].
For some reason the latter triggers CSRF errors.

(imported from commit b2a4a7322d16dbf241cd6eef146621c79d84cafc)
2012-10-26 17:17:09 -04:00
Zev Benjamin b36f1702fc Revert "Allow API users to update the pointer and receive pointer updates"
This reverts commit 88f6cf0033c849af88d1b99da3bdc2148dfbb6fe.
It seems to have broken API users.

(imported from commit 2f861ebc016076547092421f87dbcac00a65e2f6)
2012-10-26 16:19:57 -04:00
Keegan McAllister faa7565a75 Clean up duplicated code in setup.js
(imported from commit 86566f194497b618dff0be6ea2bc829204d03366)
2012-10-26 16:08:18 -04:00
Keegan McAllister 3e86da67f9 Set the CSRF token cookie as HttpOnly
(imported from commit 0bf4239db085edcfc311efeb61da3ef409cc6206)
2012-10-26 16:08:18 -04:00
Keegan McAllister 80ef222a60 Get the CSRF token from the DOM rather than a cookie
This simplifies the code, and lets us set the CSRF cookie as HttpOnly, which
adds a little bit of security.

(imported from commit 9d5923a1acf19bd27e6e1d55cf627049526de245)
2012-10-26 16:08:18 -04:00
Zev Benjamin a4fd478e3d Allow API users to update the pointer and receive pointer updates
The get_profile API call now returns a client_id, which an API user
can pass to update_pointer and get_messages (note that clients still
need to pass a pointer argument to get pointer updates).  This
client_id is currently the equivalent of the website's session key,
but the website might get client_ids in the future to distinguish
browser windows.

(imported from commit 88f6cf0033c849af88d1b99da3bdc2148dfbb6fe)
2012-10-26 16:06:41 -04:00
Waseem Daher 22e6a8ac1d Revert "Hide additional search buttons when not in use."
This reverts commit 074011dfe7dfa4d3cb331b32fc6cf465f98d095f.  For
some reason this introduces some buggy behavior, and if anything I
should debug it more locally first.

(imported from commit 182193e6bb466a5668c2bb64e41712a793fa7ca2)
2012-10-26 15:41:38 -04:00
Waseem Daher b0406ee1d2 update_floating_recipient_bar: Don't loop infinitely if no message selected.
(imported from commit a75cfd41ed8a8ce5256d1caa29f6c5bc0689e7d2)
2012-10-26 15:10:30 -04:00
Tim Abbott fdba3addc8 Update puppet configuration to be slightly more accurate.
This still needs a lot of work though.

(imported from commit 4472488c399f7c5b96bcf900b1a5e957625cb450)
2012-10-26 14:58:05 -04:00
Waseem Daher 9274437eb5 Hide additional search buttons when not in use.
(imported from commit 074011dfe7dfa4d3cb331b32fc6cf465f98d095f)
2012-10-26 14:55:42 -04:00
Waseem Daher 44a6a2b8a4 Have search bar always take on color of main area.
(imported from commit 85f6db17ca2fd616e4c7b63a98b80332cbddc1c0)
2012-10-26 14:31:05 -04:00
Waseem Daher e365b94a27 Restyle searchbox to look more consistent/bootstrappy.
(imported from commit 2d381fb6ea7f27846d583e27dda0fd1a6df77fab)
2012-10-26 14:31:05 -04:00
Jessica McKellar 92593b7cc8 Add basic up/down search functionality, including across narrows.
(imported from commit c82acad95e97733b87d65287c685caf7533a774e)
2012-10-26 14:31:05 -04:00
Jessica McKellar 74a75eea0c Add search bar and buttons above narrowbar.
(imported from commit 7def7d5824714a44c65d6a8e6699b2d8cda31418)
2012-10-26 14:29:30 -04:00
Jessica McKellar 14388baf4b Add jQuery highlight plugin, for use by search.
(imported from commit b596d0435db11f0369e2e6903714e2e1346b006b)
2012-10-26 14:29:30 -04:00
Tim Abbott 8c20bafb98 Add Nagios configuration to puppet.
(imported from commit 34c09661e63b31bd177b9704b69a0d8d0d644de7)
2012-10-26 14:15:27 -04:00
Tim Abbott 7c03f03557 trac-bot: Show summary in tickets.
(imported from commit fdf48c0e6cd0c7a94d7ddb1f982d2398381e310a)
2012-10-26 14:15:27 -04:00
Keegan McAllister 53b6fc80c7 register.html: Wrap an extremely long line
(imported from commit cc7a2089c156d23c21b91f1cb627e837d4bb236d)
2012-10-26 14:03:23 -04:00
Keegan McAllister 3f9cf64eba Add a tool to print out the entire codebase (!) as a PDF
(imported from commit 51199eb81735137a66a2e441d0392b142ce197d0)
2012-10-26 13:59:34 -04:00
Zev Benjamin 652c524777 Try loading older messages after user is idle
(imported from commit bb3c39f9b5a9b7befb353647af75001ec168fc8d)
2012-10-26 13:31:14 -04:00
Zev Benjamin 807303a325 jquery.idle: don't allow the active handler to fire as a result of the user going idle
(imported from commit 28793228e50449b096dfe999a8cd17b7fa9e347e)
2012-10-26 13:31:14 -04:00
Keegan McAllister 8173bd720b privacy.html: Fix markup
(imported from commit 20c1fab0e341231acafb13b93a20510ece849189)
2012-10-26 13:19:32 -04:00
Keegan McAllister 6f3b9ef00d Enable /terms and /privacy on the live site
At Jeff's request.

(imported from commit 2cc25252e3183f858fcd63dddcc97573a5ac6082)
2012-10-26 13:00:01 -04:00
Zev Benjamin ec389c5c83 Non-asynchronous API calls only take two arguments
(imported from commit 39f21892e38b0f8c2369d77ffcfb077f1006863e)
2012-10-26 11:53:01 -04:00