Commit Graph

60280 Commits

Author SHA1 Message Date
afeefuddin be9d879682 settings_bots: Convert module to TypeScript. 2024-08-21 08:28:40 -07:00
afeefuddin 4b89d0ff06 state_data: Add realm_bot_creation_policy type. 2024-08-21 08:28:40 -07:00
afeefuddin 5579700920 list_widget: Make filter_value optional in render_empty_list_message_if_needed. 2024-08-21 08:28:40 -07:00
Alya Abbott 3227a9f35a help: Add a tip to turn off read receipts with invisible mode. 2024-08-21 08:25:44 -07:00
Alex Vandiver 6cc480e2b5 kandra: Ensure that we do not error out creating standby.signal.
Force us to have restored the `/var/lib/postgresql/14/main` directory
before we try to create `standby.signal` in it.
2024-08-20 14:03:51 -07:00
Alex Vandiver 49e5722a9f kandra: Match the logic in zulip::profile::postgresql. 2024-08-20 14:03:51 -07:00
Alex Vandiver 9e58780d46 puppet: Fix indentation. 2024-08-20 14:03:51 -07:00
Mateusz Mandera 7e1f468f04 saml: Fix exception when syncing missing value to custom profile field.
There was a bug here that would trigger an exception inside
`sync_user_profile_custom_fields`, causing it to get logged with
logging.warning, when an attribute configured for SAML custom profile
field sync was missing from a SAMLResponse or had an empty value.
`sync_user_profile_custom_fields` expects valid values, and None is not
valid.

We could consider a slightly different behavior here instead - when an
attribute is sent with no value in the SAMLResponse, that means the attr
has no value in the IdP's user directory - so perhaps a better behavior
would be to also remove the custom profile field value in Zulip. However
there are two issues with that:

1. It's not necessarily the best behavior, because an organization might
want the "user doesn't have this attribute set at the IdP level" state
to just mean that the user should be free to set the value manually in
Zulip if they wish. And having that value get reset on every login would
then be an issue. The implementation in this commit is consistent with
this philosophy.

2. There's some implementation difficulty - upstream
`self.get_attr(...)`, which we use for reading the attr value from the
SAMLResponse, doesn't distinguish between an attribute being sent with
no value and the attribute not being sent at all - in both cases it
returns None. So we'd need some extra work here with parsing the
SAMLResponse properly, to be able to know when the custom profile field
should get cleared.
2024-08-20 13:57:30 -07:00
Aman Agrawal 2a158cb8d9 test_stripe: Normalize fixtures for test_stripe_billing_portal_urls. 2024-08-20 13:54:48 -07:00
Tim Abbott aaea645a49 docs: Clean up discussion of very old versions. 2024-08-20 11:53:24 -07:00
Mateusz Mandera cde83e8818 saml: Add documentation about user role/custom profile fields sync.
With substantial rewriting by tabbott, including moving mostly
irrelevant references to very old Zulip versions.
2024-08-20 11:53:24 -07:00
Mateusz Mandera 833dce8a13 saml: Add support for syncing user role.
Replace the SOCIAL_AUTH_SYNC_CUSTOM_ATTRS_DICT with
SOCIAL_AUTH_SYNC_ATTRS_DICT, designed to support also regular user attrs
like role or full name (in the future).

Custom attributes can stay configured as they were and will get merged
into SOCIAL_AUTH_SYNC_ATTRS_DICT in computed_settings, or can be
specified in SOCIAL_AUTH_SYNC_ATTRS_DICT directly with "custom__"
prefix.

The role sync is plumbed through to user creation, so users can
immediately be created with their intended role as provided by the IdP
when they're creating their account, even when doing this flow without
an invitiation.
2024-08-20 11:53:24 -07:00
Mateusz Mandera 9841bb9522 docs: Add note to SOCIAL_AUTH_SYNC_CUSTOM_ATTRS_DICT in settings.py. 2024-08-20 11:53:24 -07:00
Mateusz Mandera 8c1a1ea8db scim: Extract ROLE_TYPE_TO_NAME dict to UserProfile.
This allows these mappings to used in other APIs. Specifically, we want
to use this for syncing role during SAML auth.
2024-08-20 11:53:24 -07:00
Mateusz Mandera 76b41e433a maybe_send_to_registration: Enforce kwargs.
Most of these should be kwargs, to make sure we're not accidentally
getting the order wrong when calling it.
2024-08-20 11:53:24 -07:00
Kenneth Rodrigues 86bf0d3ea3 decorators: Migrate to typed_endpoint.
Modify `semgrep-py.yml` to treat arguments after `*args` as
keyword-only arguments.
2024-08-20 10:15:30 -07:00
Alex Vandiver 47ebef057e puppet: Switch to an included limits.d file. 2024-08-20 10:04:40 -07:00
Alex Vandiver 64516ab9f4 install-aws-server: Output tsh ssh command, not ssh. 2024-08-20 10:04:40 -07:00
Alex Vandiver c0237e3d58 kandra: Correct group ownership and permissions to match package's.
This reverts b000328ba5 and re-applies
a759d26a32.  It is likely that the
upstream packages are simply inconsistent.
2024-08-20 10:04:40 -07:00
Alex Vandiver a5a898ba21 install-aws-server: Switch to 24.04. 2024-08-20 10:04:37 -07:00
Alex Vandiver 3adedc9545 install-aws-server: Set the name of the root EBS volume. 2024-08-20 10:03:59 -07:00
Alex Vandiver fe0a7b3b77 kandra: Drop support for 20.04 hosts. 2024-08-20 10:03:59 -07:00
Kenneth Rodrigues 50712bfa81 scheduled_messages: Migrate to typed_endpoint.
Migrate `scheduled_message.py` to typed_endpoint.

Perform Json parsing in the endpoint itself instead of
in `recipient_parsing.py`.
2024-08-20 10:03:22 -07:00
Aman Agrawal 7f38c95384 dropdown_widget: Fix click event being triggered multiple times.
Reset event handlers attached to the dropdown widget and by removing
it from DOM.

User is unlikely to use the same dropdown multiple times, even if
they do, the operation is fast.
2024-08-20 09:56:59 -07:00
Aman Agrawal 82d3058b53 dropdown_widget: Remove unused instance property. 2024-08-20 09:56:59 -07:00
Lauryn Menard 3cb14ba7db api-docs: Clarify the behavior of the near operator.
On the server-side, the implementation of the "near" operator is a
noop. Clients should instead use the "anchor" parameter to express
the "near" operator in a search box or URL fragment.
2024-08-20 09:56:00 -07:00
evykassirer d9f25d01a1 web: Use util.the for accessing element of single-item lists. 2024-08-20 09:48:15 -07:00
evykassirer 113de14547 message_edit: Remove TODOs to parse more data that we don't need.
I'd thought maybe we want to make sure they were in sync, but we don't
need to parse the full data structure.
2024-08-20 09:48:15 -07:00
Lauryn Menard 31c32bcba7 support: Remove abbreviation for "Organization type". 2024-08-20 09:45:49 -07:00
Lauryn Menard b52b1bcca8 support: Consolidate sponsorship forms for remote and Zulip Cloud views.
In the Zulip Cloud support view, adds a "Realm management" section
for support actions that are specific to that view, (e.g., changing
an organization's type or deactivating an organization).

Moves the note about emailing organization owners when a full
sponsorship is approved for Zulip Cloud Standard to the success
message for that action, which mirrors the remote server/realm
support view.
2024-08-20 09:45:49 -07:00
Lauryn Menard 85e5494507 support: Remove unused class names on support forms. 2024-08-20 09:45:49 -07:00
Lauryn Menard c152061ef2 support: Consolidate margin bottom CSS rule for forms. 2024-08-20 09:45:49 -07:00
Karl Stolley 485428db86 rendered_markdown: Approximate non-alpha dark mode table border color. 2024-08-20 09:34:07 -07:00
Ujjawal Modi 2e67d88a20 user_groups: Update code to check whether user can edit a user group.
Earlier there was only a realm level setting for configuring
who can edit user groups. A new group level setting is also added
for configuring who can manage that particular group.
Now, a user group can be edited by a user if it is allowed from
realm level setting or group level setting.

This commit make changes in frontend to also use group level setting
in determining whether a group can be edited by user or not and disables
changing the group settings when group cannot be edited by user.
2024-08-20 09:28:05 -07:00
Ujjawal Modi d32f30cedc user_groups: Add function for determining group creation permissions.
Earlier in frontend there was a single function to determine whether
user can create and edit user groups.
This commit adds a separate function for determining group creation
permissions.
2024-08-20 09:28:05 -07:00
Ujjawal Modi 3f24dd1049 user_groups: Allow setting and changing can_manage_group.
This commit adds a group level setting can_manage_group in
`#groups` overlay. This setting can be set while creating a
new user_group and can be changed for existing groups.
2024-08-20 09:28:05 -07:00
Ujjawal Modi 20229d0d3d user_groups: Add can_manage_group field to user_group object.
This commit adds can_manage_group field in user_group
object in frontend and also adds code to update the field
value from server events.
2024-08-20 09:28:05 -07:00
Ujjawal Modi 5d613ce98d user_groups: Add support to update can_manage_group setting.
This commit adds API support to update can_manage_group setting
of a user group.
2024-08-20 09:28:05 -07:00
Ujjawal Modi b0b36e884c user_groups: Add support to set can_manage_group during creation.
This commit adds API support to set can_manage_group while
creating a user group.
2024-08-20 09:28:05 -07:00
Ujjawal Modi 2505813359 user_groups: Add can_manage_group field to UserGroup objects.
This commit make changes in code to include can_manage_group
field to UserGroup objects passed with response of various endpoints
including "/register" endpoint and also in the group object
send with user group creation event.
2024-08-20 09:28:05 -07:00
Ujjawal Modi 423d5c42f6 user_groups: Update code to check whether user can edit a user group.
Earlier there was only a realm level setting for configuring
who can edit user groups. A new group level setting is also added
for configuring who can manage that particular group.
Now, a user group can be edited by a user if it is allowed from
realm level setting or group level setting.

This commit make changes to also use group level setting
in determining whether a group can be edited by user or not.

Also, updated tests to use api_post and api_delete helpers instead
of using client_post and client_delete helpers with different users
being logged in.
2024-08-20 09:28:05 -07:00
Ujjawal Modi 03220ba456 user_groups: Add can_manage_group field in database.
This commit adds a new group level setting can_manage_group
for configuring who can manage a group. This commit only adds
the field in database and make changes to automatically create
single user groups corresponsing to acting user
which will be the default value for this setting.

Fixes part of #25928.
2024-08-20 09:28:05 -07:00
Ujjawal Modi 9e699dfc85 tests: Separate test of group edit setting for creation and deletion.
Earlier there was a single backend test for testing group edit policy
for creating and deleting user group.This commit make changes in the test
and now there are two separate tests for testing group edit policy for
creating and deleting user groups.

This was done because in future commits we will be adding a
realm level setting for configuring who can create user groups.

Also, updated tests to use api_post and api_delete helpers instead
of using client_post and client_delete helpers with different users
being logged in.
2024-08-20 09:28:05 -07:00
Ujjawal Modi bb0b6900df user_groups: Add a decorator to check group creation permission.
Earlier there was a single decorator function to check whether
user can create and edit user groups. This commit adds a new
decorator function to check whether user has permissions to
create user groups.

This was done because in future commits we will be adding a
realm level setting for configuring who can create user groups.
2024-08-20 09:28:05 -07:00
Sahil Batra 3f800002be user_groups: Allow not passing old_setting_api_value. 2024-08-20 09:28:05 -07:00
evykassirer b1198785be message_edit: Convert module to typescript. 2024-08-19 16:33:04 -07:00
evykassirer d5eb997242 feedback_widget: Allow undo opts to be undefined.
There's existing logic that assumes `on_undo` can be `undefined`.
(see the `opts.on_undo === undefined` if clause)

This commit updates some types to let it actually be `undefined`,
which it is in `message_edit`, which we're about to convert to
typescript.
2024-08-19 16:33:04 -07:00
evykassirer b2400496fd rows: Consistently pass JQuery to `get_closest_row`.
This was inconsistent before, with `message_edit` using JQuery
elements, and `compose_popover` and the definition of
`get_closest_row` using HTMLElements.
2024-08-19 16:33:04 -07:00
evykassirer f393f35e1b message_edit: Rename message list to specify it holds message ids. 2024-08-19 16:33:04 -07:00
evykassirer bcb5c664ac message_edit: Add missing required attribute for StreamWildcardOptions. 2024-08-19 16:33:04 -07:00