Commit Graph

842 Commits

Author SHA1 Message Date
Jackson 3a109a56df Migrate notify_settings to settings/notifications
Remove notify_settings from legacy_url.py
2016-12-24 09:24:23 -08:00
anirudhjain75 8acdbef8aa Eliminate legacy json/make_stream_public and json/make_stream_private URL
Migrate from POST to PATCH
2016-12-24 08:54:49 -08:00
Sampriti Panda 87e7dc6799 urls: Remove legacy URL for left_side_userlist and move over to REST PATCH endpoint 2016-12-24 08:38:33 -08:00
Jackson 333cf0f015 Migrate legacy /json/time_setting to new REST style endpoint. 2016-12-23 08:08:27 -08:00
Tommy Ip 1e0de94293 API: convert get_subscribers from legacy URL to REST endpoint. 2016-12-22 09:25:12 -08:00
Tim Abbott 0299f41c80 settings: Extract update_display_settings_backend. 2016-12-22 06:57:06 -08:00
anirudhjain75 c9db6b6658 Clean up legacy language_settings endpoint. 2016-12-22 06:54:04 -08:00
Sampriti Panda 425a55e568 settings: Implement delete avatar functionality 2016-12-21 13:35:22 -08:00
Sampriti Panda e72cd0b1cc urls: convert set_avatar from legacy URL to REST endpoint 2016-12-21 13:35:22 -08:00
Rafid Aslam 73acebb729 API: Remove `json/fetch_raw_message` from `zproject/legacy_urls.py` 2016-12-21 13:08:40 -08:00
Rafid Aslam bfe84a10f0 API: Migrate POST `json/fetch_raw_message` to GET `json/messages/<id>` 2016-12-21 13:08:40 -08:00
Umair Khan 9069cad79d logging: Set django.request to ERROR in testing.
Fixes #2731
2016-12-19 09:12:11 -08:00
Tomasz Kolek bb6d189fa8 Add github dispatcher to have one elegant url for both github integrations.
Dispatcher avoids to create new URL for github_webhook.
2016-12-15 17:42:28 -08:00
Tomasz Kolek 6fdc026f64 Move get_profile_backend to views/users.py.
Fixes: #2710.
2016-12-15 16:04:23 -08:00
Umair Khan 770a899239 Django 1.10: Use single cache prefix for casper tests.
There is a change in Django 1.10 due to which whenever the password
of the user is changed the session hash changes. This change affects
us because we cache user profile objects and these cached objects need
to be refreshed. However, the signal sent by Django in which objects are
refreshed fails to refresh the cache for Tornado because it uses a
different cache prefix.

Note: Backend tests are not affected because they don't rely on Tornado.
2016-12-14 22:40:33 -08:00
Umair Khan 8e30530cc5 subdomains: Make GitHub login work with subdomains.
Fixes #2501.
2016-12-14 11:09:39 -08:00
Umair Khan 2fc6b9a0e4 backends.py: Return type of do_auth should be HttpResponse. 2016-12-14 11:08:53 -08:00
Umair Khan 336a041ac0 Django 1.10: Use uWSGI.
Fixes: #1121

With some tweaks by tabbott to make the number of processes configurable.
2016-12-13 21:40:43 -08:00
Arpith Siromoney 226e3cbf02 Reactions backend: make endpoints more REST-ful.
Adding a reaction is now a PUT request to
/messages/<message_id>/emoji_reactions/<emoji_name>

Similarly, removing a reaction is now a DELETE request to
/messages/<message_id>/emoji_reactions/<emoji_name>

This commit changes the url and updates the views and tests.

This commit also adds a test for invalid emoji when removing reaction.
2016-12-07 22:28:02 -08:00
Joy Chen bfb6ac5fdb streams: Add default stream description tests and functions.
This includes making the default stream description setting into a
dict.  That is an API change; we'll discuss it in the changelog but it
seems small enough to be OK.

With some small tweaks by tabbott to remove unnecessary backwards
compatibility code for the settings.

Fixes #2427.
2016-12-07 21:12:44 -08:00
anirudhjain75 beaa62cafa mypy: Convert several directories to use typing.Text.
Specifically, these directories are converted: [analytics/, scripts/,
tools/, zerver/management/, zilencer/, zproject/]
2016-12-07 20:51:05 -08:00
Tim Abbott 0855cf29f7 settings: Move INLINE_URL_EMBED_PREVIEW. 2016-12-07 20:48:19 -08:00
Igor Tokarev c93f1d4eda Add oembed/Open Graph/Meta tags data retrieval from inline links.
This change adds support for displaying inline open graph previews for
links posted into Zulip.

It is designed to interact correctly with message editing.

This adds the new settings.INLINE_URL_EMBED_PREVIEW setting to control
whether this feature is enabled.

By default, this setting is currently disabled, so that we can burn it
in for a bit before it impacts users more broadly.

Eventually, we may want to make this manageable via a (set of?)
per-realm settings.  E.g. I can imagine a realm wanting to be able to
enable/disable it for certain URLs.
2016-12-07 17:40:18 -08:00
Zac Pullar-Strecker e6e11aefb3 settings: Add option to disable websockets.
This can be useful in scenarios where the network doesn't support
websockets.  We don't include it in prod_settings_template.py since
it's a very rare setting to need.

Fixes #1528.
2016-12-05 21:55:22 -08:00
K.Kanakhin 7bf10ec74f update-sockjs: Update sockjs from version 0.3.4 to 1.1.1.
- Add browserify to npm dependencies.
- Add SockJS-client to npm dependencies.
- Add npm postinstall script to generate browser version of SockJS-client
  from npm package.
- Change deprecated SockJS object property 'protocol_whitelist' to
  'transports'.
- Fix settings.
2016-12-05 21:36:10 -08:00
nikolay abc2ff4a06 pep8: Fix many rule E128 violations.
[Tweaked by tabbott to adjust some approaches used in wrapping]
2016-12-03 13:33:31 -08:00
Arpith Siromoney 4491ea8d6b reactions: Add support for removing emoji reactions.
This commit adds support for removing reactions via DELETE requests to
the /reactions endpoint with parameters emoji_name and message_id.

The reaction is deleted from the database and a reaction event is sent
out with 'op' set to 'remove'.

Tests are added to check:
1. Removing a reaction that does not exist fails
2. When removing a reaction, the event payload and users are correct
2016-12-02 16:39:53 -08:00
Alex Huang c8ddea16c3 pep8: Fix E122. 2016-12-01 23:16:35 -08:00
AZtheAsian 1ba150fa85 pep8: Fix E203 violations 2016-12-01 20:37:57 -08:00
AZtheAsian f7582f0050 pep8: Fix E124 violations 2016-12-01 14:18:11 -08:00
Rafid Aslam c5316b4002 lint: Fix E127 pep8 violations.
Fix pep8: E127 continuation line over-indented for visual indent
style issue.
2016-12-01 10:23:55 -08:00
Bickio e009383460 pep8: Fix E231. 2016-11-30 19:59:25 -08:00
Rafid Aslam 41bd88d5ed pep8: Fix E301 pep8 violations.
Fix "E301: expected (1 or 2) blank line" pep8 violations.
2016-11-29 08:51:44 -08:00
Rafid Aslam 7a2282986a pep8: Fix E225 pep8 violations. 2016-11-28 15:21:15 -08:00
Tim Abbott 1fcf2ff525 tornado: Move zerver.tornadoviews to zerver.tornado.views.
This furthers the overall goal of moving all the Tornado-specific code
to zerver/tornado/.
2016-11-26 22:29:28 -08:00
Arpith Siromoney 001847ac5b Add backend support for emoji reactions.
This commit adds the following:

1. A reaction model that consists of a user, a message and an emoji that
are unique together (a user cannot react to a particular message more
than once with the same emoji)
2. A reaction event that looks like:
    {
        'type': 'reaction',
	'op': 'add',
	'message_id': 3,
	'emoji_name': 'doge',
	'user': {
	    'user_id': 1,
            'email': 'hamlet@zulip.com',
            'full_name': 'King Hamlet'
	}
    }
3. A new API endpoint, /reactions, that accepts POST requests to add a
reaction to a message
4. A migration to add the new model to the database
5. Tests that check that
   (a) Invalid requests cannot be made
   (b) The reaction event body contains all the info
   (c) The reaction event is sent to the appropriate users
   (d) Reacting more than once fails

It is still missing important features like removing emoji and
fetching them alongside messages.
2016-11-26 18:10:21 -08:00
Tim Abbott ffb3291c82 urls: Clarify comment on v1_api_and_json_patterns. 2016-11-19 19:10:23 -08:00
Vladislav Manchev d7e1e4a2c0 Add initial implementation of custom realm filters.
This PR was abandoned by Vladislav and then substantially modified by
Igor Tokarev and Tim Abbott to complete it and fix a number of bugs.

Fixes #544.
2016-11-17 17:11:25 -08:00
Tim Abbott fa8480bb62 subdomains: Add option to make subdomains homepage not a login form. 2016-11-15 19:05:06 -08:00
Brock Whittaker 75db036733 Add toggle component.
This adds the toggle component which removes the necessity to have HTML.
2016-11-15 10:20:37 -08:00
Steve Howell 59750a1cb9 Move more unread logic out of stream_list.js.
There are two split-outs code of the code here:

    - Animation stuff is in unread_ui.js.
    - PM unread counts get handled by pm_list.js.
2016-11-14 17:50:55 -08:00
Rishi Gupta c1713c9659 Prevent code from using email domain to determine realm when subdomains.
Also removes the intermediate step of going through Realm.domain in the
non-subdomains case. Part of a larger project to remove Realm.domain
entirely.
2016-11-11 15:26:51 -08:00
Steve Howell 7b0c6459b4 Extract static/js/pm_list.js.
This handles most of the details of building the Private Messages
section in the upper left corner of the app.
2016-11-11 12:12:13 -08:00
Umair Khan da78f27934 Django 1.10: Upgrade zproject urls. 2016-11-10 16:20:03 +05:00
Umair Khan fa6b607fc2 Django 1.10: Upgrade legacy urls. 2016-11-10 16:20:02 +05:00
Umair Khan f8e569cb69 Django 1.10: Upgrade urls of dev_urls.py. 2016-11-10 16:20:02 +05:00
Tim Abbott cf2007d4e0 docs: Add a simple markdown-based help center.
The plan is to use this for adding user documentation to Zulip.
2016-11-09 21:39:55 -08:00
Umair Khan eade575267 Django 1.10: Redirect is not permanent by default. 2016-11-09 15:29:58 -08:00
Steve Howell b5ef679360 Add get_topic_history_for_stream(). 2016-11-09 13:56:27 -08:00
Kevin Chen 6107c877e8 bugdown: Add option to support "file:///" as hyperlink.
This contains contributions from Tim Abbott and Igor Tokarev.

Fixes #380.
2016-11-06 22:30:05 -08:00
umkay 21c024fc29 auth: Make supported authentication backends a bitfield on realm.
This makes it possible to configure only certain authentication
methods to be enabled on a per-realm basis.

Note that the authentication_methods_dict function (which checks what
backends are supported on the realm) requires an in function import
due to a circular dependency.
2016-11-06 16:16:24 -08:00
Tim Abbott b41c15fa05 auth: Reject authentication if auth backends are disabled. 2016-11-06 16:16:22 -08:00
Tim Abbott 30ab27c843 auth: Separate email_auth_enabled from ldap_auth_enabled. 2016-11-06 16:16:16 -08:00
Tim Abbott f8bb55f9c1 auth: Refactor auth backend enabled checking code. 2016-11-06 16:16:12 -08:00
Tim Abbott 3a3cee411d auth: Remove old password_auth_enabled hack.
This was used by an old configuration for zulip.com, which is no
longer in production use.
2016-11-06 14:50:15 -08:00
Umair Khan dd314b3796 Django 1.10: context_processors have been moved to django.template. 2016-11-04 10:20:24 -07:00
Umair Khan d3a4fa3e94 Django 1.10: Add Python Social Auth to Installed Apps. 2016-11-04 10:20:23 -07:00
Umair Khan b140236fcf Django 1.10: Do not use patterns function. 2016-11-04 10:06:00 -07:00
Tim Abbott 2e65dc1206 puppet: make check_send_receive_time target host configurable. 2016-11-02 23:40:53 -07:00
trueskawka 977339954c css: Create a separate file for left-sidebar CSS.
Create a new file left-sidebar.css.
Move all left-sidebar CSS from zulip.css to left-sidebar.css.
2016-11-01 21:32:57 -07:00
Steve Howell a9e851b646 Load people.js earlier during startup.
Lots of things depend on people.js, whereas people.js basically only
depends on page_params and core modules like dict.js.
2016-11-01 13:55:48 -07:00
Brock Whittaker 9ad27b3e69 Reorder CSS Files to fix compose box issues.
The media queries should always be last in the pipeline to be delivered
so that other styles don’t override them.
2016-10-31 17:17:17 -07:00
Steve Howell 7111bb1744 Deprecate /json/streams.
Note that we still need the equivalent function in our
user-facing API, so there is not much code removal yet.
(Also, we will probably always keep this in our API,
as bot authors will usually just want a simple endpoint
here, whereas our client code gets page_params and events.)
2016-10-28 13:44:46 -07:00
Umair Khan 26646abe8c Authenticate subdomains using single Google OAuth entry.
Previously, we used to create one Google OAuth callback url entry
per subdomain. This commit allows us to authenticate subdomain users
against a single Google OAuth callback url entry.
2016-10-28 11:04:08 -07:00
Umair Khan 50422e775b Add LDAP tests. 2016-10-28 09:27:55 -07:00
Umair Khan ccc1f3861f Fix return value logic of ZulipLDAPAuthBackend.get_or_create_user.
The actual logic is that if the user already exists than the
function should return a False and if the user does not exist
the function should first create the user and return True.
2016-10-28 17:47:20 +05:00
K.Kanakhin 78b1b80987 caching: Add configuration class for post-migration cache flushing.
- To avoid redefining migrate manage command is added new application
  configuration class which emit post_migration signal. This signal
  require models module inside application and defined AppConfig
  Instance as signal sender.  Documentation here:
  https://docs.djangoproject.com/en/1.8/ref/signals/#post-migrate.
- Add AppConf subclass to __init__ zerver app file to make apllication
  load it by default.

Fixes #1084.
2016-10-27 23:26:34 -07:00
Tim Abbott 9b7a3f040c Remove now-unused /json/get_events endpoint. 2016-10-27 21:34:58 -07:00
Rishi Gupta dee597cfc5 dev_settings.py: Set EXTERNAL_HOST when REALMS_HAVE_SUBDOMAINS.
Sets EXTERNAL_HOST to zulipdev.com:9991 when REALMS_HAVE_SUBDOMAINS, since
subdomains don't currently work with localhost anyway.
2016-10-27 16:57:06 -07:00
trueskawka df7e430849 css: Create a separate file for compose CSS.
Create a new file compose.css.
Move all compose CSS from zulip.css to compose.css.
2016-10-27 16:45:32 -07:00
Steve Howell 4f38cfdc7f Extract topic_list.update_count_in_dom().
This creates the new topic_list.js module, and the first
function that we extract is topic_list.update_count_in_dom().

This function needed to be decoupled from some non-topic-list
stuff which was overly complicated.
2016-10-27 15:49:25 -07:00
Tim Abbott 88269c7228 settings: Only create staging Nagios bots in production.
In ce528c2b5f, we added these bots,
which were intended as a setup convenience in production, but ended up
breaking the test suite.
2016-10-26 09:23:41 -07:00
Tim Abbott ce528c2b5f settings: Add NAGIOS_STAGING_{SEND,RECEIVE}_BOT bots.
This makes it a bit more convenient to have multiple machines running
the Zulip `check_send_receive_time` Nagios checks, if desired.
2016-10-26 00:11:08 -07:00
trueskawka 0b8a2a6449 css: Create a separate file for subscriptions CSS.
Moves all subscriptions page CSS from zulip.css to a new file,
subscriptions.css.
2016-10-25 22:57:50 -07:00
hackerkid b5816bf99e Don't use zulipdev.com when subdomain support is disabled. 2016-10-25 13:52:13 -07:00
Arpith Siromoney ee97ba04fe Add an API endpoint to send typing notification events.
POST to /typing creates a typing event
Required parameters are 'op' ('start' or 'stop') and 'to' (recipient
emails). If there are multiple recipients, the 'to' parameter
should be a JSON string of the list of recipient emails.
The event created looks like:
{
  'type': 'typing',
  'op': 'start',
  'sender': 'hamlet@zulip.com',
  'recipients': [{
    'id': 1,
    'email': 'othello@zulip.com'
  }]
}
2016-10-20 23:05:18 -07:00
Amy Liu 3ee777a11a Add UI for deactivating your own Zulip account.
Fixes #1009.
2016-10-20 22:29:30 -07:00
Steve Howell ff6404cb3c Add comment about /json/subscriptions/exists endpoint.
We should remove this endpoint.  For now I'm just adding
the comment to the code explaining why we should do that.
2016-10-17 16:11:04 -07:00
umkay 906a4e3b26 analytics: Add performance and transaction logging to counts.py.
For each database query made by an analytics function, log time spent and
the number of rows changed to var/logs/analytics.log.
In the spirit of write ahead logging, for each (stat, end_time)
update, log the start and end of the "transaction", as well as time
spent.
2016-10-17 16:10:03 -07:00
Tim Abbott 4a4664d268 mypy: Remove a bunch of now-unnecessary type: ignore annotations.
Since mypy and typeshed have advanced a lot over the last several
months, we no longer need these `type: ignore` annotations.
2016-10-17 11:48:34 -07:00
Tim Abbott 8f145e03cf views: split events_register.py from main views file. 2016-10-11 21:27:06 -07:00
Tim Abbott 0c02015541 views: Move one-click unsubscribe to its own file. 2016-10-11 21:27:06 -07:00
Tim Abbott 5b7dfafcac views: Move json_refer_friend to invite.py. 2016-10-11 21:27:06 -07:00
Tim Abbott dd352dd456 views: Move invitation views to their own file. 2016-10-11 21:27:06 -07:00
Tim Abbott 67d9e19ccf views: Split views/auth.py out of core views file. 2016-10-11 21:27:06 -07:00
Rishi Gupta d75731f988 Realm creation flow: Remove invite page.
Previously, we sent users to an "invite your friends" page after they
created an organization. This commit removes that step in the flow and sends
users directly to the home page. We also remove the now-unused
initial_invite_page.html template, initial_invite.js (which pre-filled the
invite emails with characters from literature), and the /invite URL route.
2016-10-11 15:54:05 -07:00
Umair Khan c23aaa1785 GitHub: Show error on login page for wrong subdomain.
While logging in through GitHub, if the user tries to login
to the wrong subdomain then show an appropriate message.
2016-10-10 08:42:34 -07:00
Rishi Gupta d387012bc6 Fix EXTERNAL_HOST computations in test_settings.py.
test_settings.py was setting EXTERNAL_HOST after importing settings.py,
which has several variables (like SERVER_URI) that are computed from
EXTERNAL_HOST.

[tweaked by tabbott to add comments explaining the story here].
2016-10-05 19:04:55 -07:00
baali 142dce2cd4 Replace legacy endpoint for renaming a stream and add tests.
This moves the logic for renaming a stream to the REST API
update_stream_backend method, eliminating the legacy API endpoint for
doing so.

It also adds a nice test suite covering international stream names.
2016-10-02 20:33:49 -07:00
Tim Abbott c7b7893254 auth: Give nicer subdomain errors when using ZulipDummyBackend.
This improves Google and JWT auth as well as the registration
codepath to log something if the wrong subdomain is encountered.

Ideally, we'd have tests for these, and code to make the Google and JWT
auth cases show a clear error message.
2016-09-27 23:25:07 -07:00
Tim Abbott a4e5450ace subdomains: Add support for aliases of the root subdomain.
We default to counting "www" as such an alias.
2016-09-27 23:25:07 -07:00
hackerkid ea39fb2556 Add option for hosting each realm on its own subdomain.
This adds support for running a Zulip production server with each
realm on its own unique subdomain, e.g. https://realm_name.example.com.

This patch includes a ton of important features:
* Configuring the Zulip sesion middleware to issue cookier correctly
  for the subdomains case.
* Throwing an error if the user tries to visit an invalid subdomain.
* Runs a portion of the Casper tests with REALMS_HAVE_SUBDOMAINS
  enabled to test the subdomain signup process.
* Updating our integrations documentation to refer to the current subdomain.
* Enforces that users can only login to the subdomain of their realm
  (but does not restrict the API; that will be tightened in a future commit).

Note that toggling settings.REALMS_HAVE_SUBDOMAINS on a live server is
not supported without manual intervention (the main problem will be
adding "subdomain" values for all the existing realms).

[substantially modified by tabbott as part of merging]
2016-09-27 23:24:14 -07:00
Brock Whittaker 87afe61860 Add overlay lightbox for displaying inline image previews.
This adds an event listener (by way of delegation) to the
.message_inline_image elements that pops up the overlay and hides it
when the overlay exit is clicked.

Fixes #654.
2016-09-27 17:50:51 -07:00
Tim Abbott 2ea7d2341e css: Move new-style buttons to new components.css and expand. 2016-09-27 17:48:24 -07:00
Tim Abbott 03bf8893e2 Remove legacy /api/v1/send_message endpoint.
This was the original way to send messages via the Zulip API in the
very early days of Zulip, but was replaced by the REST API back in
2013.

Fixes: #730.
2016-09-27 14:51:54 -07:00
Steve Howell edfa022bac Remove json/get_active_statuses endpoint. 2016-09-27 14:33:56 -07:00
sunnypalace 3b76a489c9 Remove humbug-user-uploads and related code.
Fixes: #1672.
2016-09-19 10:52:05 -07:00
Kouhei Sutou e80279c2e4 test: Add a missing PGroonga configuration
Fix #1769
2016-09-19 01:06:52 +09:00
Tim Abbott 0f4bbc8617 portico: Add options to disable login and about links.
This gives us a great deal more flexibility for controlling the
context of the portico footer.
2016-09-13 22:59:09 -07:00
Rishi Gupta de11e7c1b3 Add support for subdomain URIs to /api and /api/endpoints.
To the extent possible, we share code with the already-existing
IntegrationView code path.
2016-09-13 22:31:56 -07:00
Tim Abbott b7ab83c6ec Move api_endpoint_docs to integrations views file. 2016-09-13 21:58:02 -07:00
Tim Abbott 6c617910c3 Add an app-internal about page for the project.
We will want to link to this from at least the portico.
2016-09-13 21:10:07 -07:00
Tim Abbott ca91605e85 Extract zerver/views/pointer.py. 2016-09-13 17:30:39 -07:00
Tim Abbott b8bdf1365b tests: Add a Google web authentication test suite. 2016-09-13 17:08:14 -07:00
Steve Howell ab0ee0b923 Upgrade: revert change to default LOCAL_UPLOADS_DIR in prod settings.
The main purpose of the "var" convention is to make it easy to write stuff
inside of our git repo when running a dev instance, and then "var" gets
excluded from checkins. For production, that's not as much of a concern.
For upgrades we don't want to be changing the directory around and confusing
matters, especially with the extra moving part of nginx configs (which have
their own issues in terms of being overwritten by accident when admins go to
S3).
2016-09-06 14:51:29 -07:00
Kouhei Sutou 683f49aa99 Support full text search for all languages using pgroonga.
This adds support for using PGroonga to back the Zulip full-text
search feature.  Because built-in PostgreSQL full text search doesn't
support languages that don't put space between terms such as Japanese,
Chinese and so on. PGroonga supports all languages including Japanese
and Chinese.

Developers will need to re-provision when rebasing past this patch for
the tests to pass, since provision is what installs the PGroonga
package and extension.

PGroonga is enabled by default in development but not in production;
the hope is that after the PGroonga support is tested further, we can
enable it by default.

Fixes #615.

[docs and tests tweaked by tabbott]
2016-08-26 21:04:03 -07:00
Brock Whittaker 8f73701b96 Upgrade jQuery to 1.12.1 and fetch from node_modules.
Fixes: #1196.
2016-08-25 15:32:08 -07:00
Tim Abbott 3ba604cb47 Migrate jquery-validate to a current version installed via npm. 2016-08-25 15:32:08 -07:00
Vishnu Ks a7ead9e99d settings: Eliminate ADMIN_DOMAIN for creating initial realm.
We now use `./manage.py generate_realm_creation_link` as the flow flow
for creating one's first realm.
2016-08-25 09:37:33 -07:00
Tim Abbott 5b68e0defe settings: Fix buggy MANDRILL_API_KEY logic. 2016-08-25 09:37:33 -07:00
Tim Abbott 21b9efd985 Clarify ALLOWED_HOSTS string format.
This is obvious to anyone who knows Python, but knowing Python should
not be a requirement to administer a Zulip server.

Fixes #1606.
2016-08-24 22:19:54 -07:00
Tim Abbott 797a7ef97b notifications: Don't spoof emails as from users by default.
The previous default configuration resulted in delivery problems if
the Zulip server was authorized in the SPF records for the domains of
all users on the Zulip server.
2016-08-24 14:10:52 -07:00
Tim Abbott 7d19d1809d android: Default to the GOOGLE_CLIENT_ID needed by the Android app. 2016-08-22 21:06:40 -07:00
Tim Abbott 916a77e764 settings: Use DEFAULT_FROM_EMAIL for error traceback reporting. 2016-08-22 16:22:52 -07:00
Taranjeet Singh 86ecf28588 prod_settings_template.py: Fix line with length greater than 120.
This updates file zproject/prod_settings_template.py.
2016-08-19 11:56:43 -07:00
Tim Abbott b5d85fe5f1 settings: Disable DisallowedHost error emails by default.
These error messages are pretty spammy because most servers on the
public Internet receive some amount of HTTP(S) scanning traffic.

We still log them, just don't email the administrators.
2016-08-18 18:44:20 -07:00
Tim Abbott e0432f21f1 Move webathena views to its own file. 2016-08-18 18:26:49 -07:00
Tim Abbott 05d3094420 webathena: Remove hardcoding of zulip.com server. 2016-08-18 18:21:38 -07:00
Tim Abbott d876fac01a Use WatchedFileHandler rather than TimedRotatingFileHandler.
TimedRotatingFileHandler does not properly handle multiple processes
writing logs at the same time, and thus can end up losing data.
2016-08-17 22:39:33 -07:00
Tim Abbott 4fbb8c3eee templates: Add new context variables to all templates.
This adds a few new helpful context variables that we can use to
compute URLs in all of our templates:
* external_uri_scheme: http(s)://
* server_uri: The base URL for the server's canonical name
* realm_uri: The base URL for the user's realm

This is preparatory work for making realm_uri != server_uri when we
add support for subdomains.
2016-08-13 16:27:35 -07:00
Tim Abbott 3bae3cd54d settings: Add option to disable email deliverer. 2016-08-12 19:24:45 -07:00
Tim Abbott 5b53521b32 memcached: set a low retry_timeout. 2016-08-12 12:57:24 -07:00
Tim Abbott 4baf120c7c memcached: Enable TCP_NODELAY optimization. 2016-08-12 12:57:24 -07:00
Tim Abbott d8c066ba52 memcached: Pass verify_keys option. 2016-08-12 12:57:23 -07:00
Tim Abbott 386c6c2a31 settings: Refactor SYSTEM_ONLY_REALMS configuration. 2016-08-12 12:12:53 -07:00
Tim Abbott ecb81fabf3 settings: Extract EVENT_LOGS_ENABLED setting. 2016-08-12 12:12:53 -07:00
Rishi Gupta 7910a6e134 Terms of Service: Add ability to update TOS and have users re-sign.
Most directly useful for the migration to zulipchat.com.

Creates a new field in UserProfile to store the tos_version, as well as two
new settings TOS_VERSION and FIRST_TIME_TOS_TEMPLATE. We check for a version
mismatch between what the user has signed and the current
settings.TOS_VERSION whenever the user hits the home page, and redirect them
if needed.

Note that accounts_accept_terms.html and
zerver.views.accounts_accept_terms were unused before this commit
(they date from c327446537)
2016-08-11 23:37:48 -07:00
Tim Abbott 11cac86a58 settings: Add support for specifying a remote redis password. 2016-08-11 16:54:22 -07:00
Tim Abbott f418e54ae2 local_settings: Fix zulip.com terms of service. 2016-08-11 16:39:47 -07:00
Umair Khan 25f70ebdaa Annotate zproject/jinja2/backends.py 2016-08-09 09:19:24 -07:00
Umair Khan 60f30fdb36 Annotate zproject/backends.py. 2016-08-09 09:19:24 -07:00
Umair Khan 4bc4c39528 Add *args and **kwargs to functions.
Arguments are added to:
    - SocialAuthMixin.get_email_address
    - SocialAuthMixin.get_full_name
2016-08-08 15:15:29 -07:00
Umair Khan a3fd1b5d11 Annotate jinja2/__init__.py. 2016-08-08 15:12:12 -07:00
Umair Khan 1259bc3057 Annotate jinja2/compressors.py. 2016-08-08 15:12:12 -07:00
Tim Abbott b3a768f4b2 settings: Improve ALLOWED_HOSTS defaults logic and docs.
This removes the requirement for the user to put localhost/127.0.0.1
in their ALLOWED_HOSTS list, since it is now added automatically.

Fixes: #1358.
2016-08-05 21:25:29 -07:00
Umair Khan f6b0baef7d Give default value for APNS_SANDBOX 2016-08-05 10:36:57 -07:00
Umair Khan 0b88deb640 APNS_SANDBOX should be a bool.
Fixes: #1480
2016-08-05 10:36:57 -07:00
Steve Howell cdd03dec4d Extract media queries to media.css.
Create `media.css` using media queries that had been at the bottom
of `zulip.css`, then update miscellaneous setttings/docs files.

I also add `.screen-medium-show` and `.screen-narrow-show` to
`media.css`, as they seem to be an important part of our
responsive design.

Fixes #1532.
2016-08-05 10:32:55 -07:00
Tomasz Kolek 09d081d9bd Replace hardcoded integration-lozenges to generating ones. 2016-08-04 11:41:18 -07:00
Tomasz Kolek 0e33b8bd4d Add integrations library.
Define Integration and WebhookIntegration classes.
Change webhook part of integration's guide.
Replace hardcoded webhook urls to generating
based on WEBHOOKS list.
2016-08-04 11:39:20 -07:00
Umair Khan 6c248a662d prod_settings_template.py: Add GitHub team and org. 2016-08-03 12:01:15 -07:00
Umair Khan faa3e9b724 Give logical defaults to social auth settings.
Both key and secret settings of team and organization default to
SOCIAL_AUTH_GITHUB_KEY and SOCIAL_AUTH_GITHUB_SECRET respectively.
SOCIAL_AUTH_GITHUB_TEAM_ID and SOCIAL_AUTH_GITHUB_ORG_NAME default
to `None`.
2016-08-03 12:01:15 -07:00
Umair Khan 9bb6d45c06 Add GitHub team and organisation authentication.
Fixes: #1473
2016-08-03 12:01:15 -07:00
Tim Abbott 25c0710800 prod_settings_template: Fix typo in redis documentation. 2016-07-31 19:45:53 -07:00
Steve Howell 643f2e03e0 Extracted zjsunit/output.js 2016-07-30 14:54:30 -07:00
Steve Howell 8741903a14 Add comment to STYLESHEETS section of settings.py. 2016-07-29 22:07:24 -07:00
Christie Koehler 31efecf03d Add HelloWorld webhook integration + Walkthough.
Improves webhook integration docs and Hello World webhook.  Includes
many suggested improvements from @timabbott and @tomaszkolek.
2016-07-29 21:38:40 -07:00
acrefoot b7ccf64c79 Move Zulip's TOS to TERMS_OF_SERVICE markdown file.
This reimplements zulip.com/terms using the new markdown system.
2016-07-29 20:47:42 -07:00
acrefoot e568dbc76f Add TERMS_OF_SERVICE setting.
This new setting allows the server administrator to add a custom
Terms of Service page by supplying the path to a markdown file.

Also adds a test.
2016-07-29 20:47:31 -07:00
Tim Abbott 700e803840 settings: Add new DEBUG_RATE_LIMITING setting.
This exists primarily in order to allow us to mock settings.DEBUG for
the purposes of rate limiting, without actually mocking
settings.DEBUG, which I suspect Django never intended one to do, and
thus caused some very strange test failures (see
https://github.com/zulip/zulip/pull/776 for details).
2016-07-29 19:32:02 -07:00