Commit Graph

9054 Commits

Author SHA1 Message Date
Austin Riba b22578f975 hash_util: Rename _uri functions to _url.
It's 2022 and the WHATWG no longer recognizes the term URI. Everything
is now a URL or a type of URL. Which is great because it's way less
confusing. Details here:
https://url.spec.whatwg.org/
2022-03-01 18:14:31 -08:00
Austin Riba b39d47995d hash_util: Move stream uri functions to shared.
Moves hash_util.by_stream_uri and hash_util.by_stream_topic_uri to
internal_url so they can be used by external codebases. Due to these
functions being called in many places in the web codebase, wrappers
for both functions are left in hash_util in order to keep these
calls simple.

Also adds test for explicitly testing each function.
2022-03-01 18:14:31 -08:00
Austin Riba 9f1c184311 hash_util: Move encode_stream_id to shared.
Move hash_util.encode_stream_id to internal_url, so it can be shared
with external codebases. Also add a test that explicitly tests escaping
special characters in stream names.
2022-03-01 18:14:31 -08:00
Austin Riba 403310a9e2 hash_util: Move stream_id_to_slug to shared.
Move stream_data.id_to_slug to internal_url, making it shareable. The
function has been renamed to stream_id_to_slug to reflect that it
operates on a stream id.
2022-03-01 18:14:31 -08:00
Austin Riba c0828f118b hash_util: Move enc/decodeHashComponent to shared.
Moves the encodeHashComponent and decodeHashComponent functions out of
hash_util and into internal_url which belongs to shared. This is to
accommodate sharing of this code with mobile or any other codebases that
do not wish to duplicate logic.
2022-03-01 18:14:31 -08:00
Austin Riba f6d9a0b5a4 hash_util: Pass up decoding exception.
In order to accommodate the sharing of hash_util with other codebases
including mobile, UI and web specific code should be removed. In this
commit, we remove exception handling for the decodeHashComponent
function and instead add the UI handling of it further up the call
stack.
2022-03-01 18:14:31 -08:00
Austin Riba 980fd2f976 streams: Fix malformed stream name slugs.
The stream_data.id_to_slug and stream_data.name_to_slug
functions mistakenly used Javascript's String.replace method,
this commit changes it to use String.replaceAll, the result
being slugs generated from streams with names greater than
2 words are now properly formatted.
2022-03-01 18:14:31 -08:00
Anders Kaseorg 8ed7dcf4c0 rendered_markdown: Appease zjquery.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-03-01 15:19:15 -08:00
Anders Kaseorg d22fca7a78 timerender: Fix object-shorthand ESLint error.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-03-01 14:37:48 -08:00
Anders Kaseorg e090027adc CVE-2022-23656: Fix cross-site scripting vulnerability in tooltips.
An attacker could maliciously craft a full name for their account and
send messages to a topic with several participants; a victim who then
opens an overflow tooltip including this full name on the recent
topics page could trigger execution of JavaScript code controlled by
the attacker.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-03-01 14:26:42 -08:00
Aman Agrawal 7e365f7ee3 icons: Replace fa-globe icon with a custom globe icon. 2022-03-01 11:36:38 -08:00
yogesh sirsat 1a15d60de4 settings: Fix external account profile field initialization order.
In open_edit_form, we had an initialization order bug where we called
set_up_external_account_field_edit_form, which clears the field name
field if the external account is of the "custom" type, after
populating the initial values for edit form.

This resulted in these fields being displayed as empty in the UI for
this field type. Fix the issue by reordering the initialization.

Fixes: #21262.
2022-02-28 16:30:49 -08:00
Anders Kaseorg f244c2eca4 Revert "drafts: Use simplebar for scrollbar."
This reverts commit f3964673e7.

It broke drafts_scroll by confusing jQuery object APIs with DOM
element APIs.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-02-28 15:26:47 -08:00
Julia Bichler f3964673e7 drafts: Use simplebar for scrollbar.
This was originally merged in #21082 in a different variation.
2022-02-28 15:06:19 -08:00
Tim Abbott 7ddefc68cc settings: render_alert_words_ui -> rerender_alert_words_ui.
Correctly specifying that this is a rerender function makes starting
with a `loaded` conditional make much more sense.
2022-02-25 17:33:11 -08:00
jai2201 d6c00521b3 settings: Clean up muted_topics/users rendering logic.
This commit removes the unnecessary `data-list-widget` attribute
present in the <div> and <tbody> tag for muted_topics and muted_users table.

It became unnecessary/useless in 19cf6d0e04 and
then was renamed while still useless.

Also uses the correct variable name `muted_topic` and `muted_user`
instead of `muted_topics` and `muted_users` to render a item of their list
in DOM through Listwidget.
2022-02-25 17:33:11 -08:00
jai2201 5e49ddf4e1 settings: Add sorting feature for list of alert words.
This changes the method of rendering list of alert words in DOM,
earlier it was rendered using 'for' loop over the array of alert_words
which is now changed to render using ListWidget, which gets a array
of objects from get_word_list() in alert_words.js.

The use of ListWidget helps to define a parent_container and $container
in table-body of alert-words-table using which we can now apply sorting over
alert words with the help of handle_sort() function in list_widget.js

Changed the method of adding alert_word_settings_item row in table body
through {{#with}} loop because of rendering through ListWidget, which was done
earlier using for loop over each alert-word in while rendering the list.

this commit also mocks template of render_alert_word_item
while mocking ListWidget.create() function in render_alert_words_ui().
and checks that ListWidget.create() is not called when variable `loaded`
is set as false.

Fixes #21142.
2022-02-25 17:33:11 -08:00
Aman Agrawal 27b985e868 recent_topics: Standardize format of last message time.
We follow how other apps present older messages, e.g. Gmail,
Facebook Messenger, etc. display it.

Specifically, the logic we use is:

If the time is <24hr ago, show an absolute time, like "21:30" (or "9:30pm").
Otherwise, show what day it was, and not a time
  If the day was yesterday, say "Yesterday".
  Otherwise, if it was <7 days ago, say the day of week, like "Friday".
  Otherwise, if it was <1 year ago, say the month and day, like "Sep 6".
  Otherwise, say the year, month, and day, like "Sep 9, 2020".

With some tweaks from Tim Abbott to better handle the future case.

Fixes #19775
2022-02-25 16:33:47 -08:00
Aman Agrawal 5ae178b39c recent_topics: Show loading indicator before fetching initial messages.
Hide the loading indicator after initial fetch for recent topics.
2022-02-25 16:29:43 -08:00
Aman Agrawal bab9e50581 scroll_to_bottom_button: Use unicode icon for right arrow. 2022-02-25 14:57:22 -08:00
Sahil Batra 75d54206e6 buddy_list: Remove user from buddy_list immediately on deactivation. 2022-02-25 14:55:44 -08:00
Sahil Batra dc478ee091 settings_users: Remove unused code from update_user_data.
Previously, update_user_data was called when deactivating
bots, but it was removed in 58b612a4f0.

Now, update_user_data is only called for 'type="realm", op="update"'
events, but these events are not sent when deactivating or
reactivating a user or bot, so this code is not used.
2022-02-25 14:55:44 -08:00
Sahil Batra 6a64e1c442 settings_users: Call update_view_on_deactivate from server_events_dispatch.
This commit changes the code to call update_view_on_deactivate function
from server_events_dispatch.js on receiving the user/bot remove event
instead of having it repeatedly in the success_continuation method
of click handlers.

We also add check to make sure we return early if the relevant settings
page is not opened yet.
2022-02-25 14:55:44 -08:00
Sahil Batra 9b7dcd11ae settings_users: Pass user_id instead of row to update_view_on_deactivate. 2022-02-25 14:55:44 -08:00
Mateusz Mandera d5db254ca8 CVE-2021-3967: Only regenerate the API key by authing with the old key. 2022-02-25 14:00:52 -08:00
Sahil Batra 9be82356cb invite: Add frontend support to send an invite which never expires.
Fixes part of #20337.
2022-02-24 16:32:20 -08:00
Sahil Batra cec8191bfa popovers: Add option to deactivate user to "Manage user" modal.
This commit adds option to deactivate user to "Manage user" modal.
A modal is opened on clicking the option to confirm the deactivation
and the "Manage user" modal is closed.
The error from the server, if any, is shown in the modal itself
and in case deactivation is done successfully, the modal is closed.

Fixes #18944.
2022-02-24 15:59:58 -08:00
Sahil Batra 0a27c38af7 settings: Pass handle_confirm function as argument to confirm_deactivation.
We pass handle_confirm function as an argument to confirm_deactivation
because we will use confirm_deactivation to deactivate the user from
user-info popover and the popover case will have a different handle_confirm
function (which is called after clicking "Confirm" button of the modal)
since error handling in that case will be different as there will be no
overlay in the background.
2022-02-24 15:59:58 -08:00
Anders Kaseorg 21cd1c10b3 docs: Add missing space in “time zone”.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-02-24 14:05:12 -08:00
Austin Riba 26ec71c39d lightbox: Prevent panning image out of view.
This commit adds a method to detect whether the draggable element has
moved out of view and if it has, move it back into view.

The panzoom library does have a `bounds` option that is supposed to
provide the functionality, but at the time of the commit it does not
appear to work correctly. Upstream bug:
https://github.com/anvaka/panzoom/issues/112
2022-02-23 12:13:17 -08:00
Austin Riba 7d3bbe03ac lightbox: Swap panzoom library to anvaka/panzoom.
This PR changes the library used for panning and zooming in the lightbox
module from timmywil/panzoom to avanka/panzoom.

The original (timmywil) version of the library contains a bug where if
you have a high resolution touchpad and Firefox and you zoom in and out
repeatedly on an image, the image may drift. avanka/panzoom does not
appear to display this behavior.

Restores the behaviour from before 5f83bc5cfe, where clicking
outside the image closes the lightbox, primarily by way of swapping
out the panzoom library.

Fixes: #21163.
2022-02-23 12:12:04 -08:00
Steve Howell ca17a452fd subscribers: Rename file to stream_edit_subscribers.js.
We are going to move to this code organization for
managing streams:

    stream_create.js
        stream_create_subscribers.js
    stream_edit.js
        stream_edit_subscribers.js

The modules stream_create.js and stream_edit.js historically
manage the entire process of creating and editing stream
data (respectively).

Going forward both will delegate most of the subscriber-specific
pieces to either stream_create_subscribers or stream_edit_subscribers.

The stream_*_subscribers modules will be somewhat similar in
nature, but the way that we manage subscribers at creation time
is a bit different than how we manage subscribers at edit time.
2022-02-22 16:29:36 -08:00
Steve Howell 22660a78c7 edit subscribers: Generalize pill/button handling.
This will help us avoid some duplicate code when
we use input pills for stream-create.

See the long comment in set_up_handlers() for
more context.

We also rename:

    submit_add_subscriber_form -> subscribe_new_users

Ideally set_up_handlers() would also extract the
concept of clearing the pills as soon as you either
hit enter or clicked on the Add button, but our
current paradigm for clearing pills when you edit
subscribers for an existing stream on the Subscribers
tab is that we wait for the server to acknowledge
the request. I believe this is a bit of a misfeature,
but I am punting on that change for now.
2022-02-22 16:29:36 -08:00
Steve Howell ebda1dfc8b manage streams: Extract add_subscribers_pill.js.
This is mostly a pure code move.  A few small tweaks:

    * The create() function is new.
    * The new module doesn't assume a `pill_widget`
      global.

This module represents the truly re-usable code
that can be shared during these two user actions:

    * edit-stream subscribers (now)
    * create-stream subscribers (future)

In both situations the input pill has (or will have)
essentially the same behavior, and the next commit
will tighten up the abstraction.

(The two processes will both also use fairly similar
ListWidgets, but the mechanics of managing the list
are going to be different, so we do not intend
to keep around stream_subscribers_ui in its current
name. More on that later.)
2022-02-22 16:29:36 -08:00
Steve Howell 65b51ae3bd subscribers: Extract subscriber_api.
This simplifies some of our dependencies.

As an example, we really don't want compose.js
to depend on stream_subscribers_ui.js, since
the former doesn't use any actual UI code from
the latter.

We also rename the two functions here:

    invite_user_to_stream -> add_user_ids_to_stream
    remove_user_from_stream -> remove_user_id_from_stream

(The notion of "inviting" somebody to a stream is
somewhat misleading, since there is really no invitation
mechanism; you just add them.)

Apart from naming changes this is a verbatim code move.

Finally, we eliminate a little bit of test cruft--the
`override` helper already ensures that a function gets
called at least once during a test.
2022-02-22 16:29:36 -08:00
Steve Howell 1bf9a9e84a node tests: Directly test user_group_pill helpers.
We also sort user_ids to be deterministic.
2022-02-22 16:29:36 -08:00
Steve Howell 0452f49c97 node tests: Directly test simple stream_pill helpers.
We also sort the user_ids to be deterministic.
2022-02-22 16:29:36 -08:00
Purushottam Tiwari 3984df88bb message-editing: Add support for dynamic elements in edit-history.
Edit history of message was rendered directly without passing
it through rendered_markdown.js. Due to this several visual
features for dynamic elements like time, spoilers, mentions
etc were not available.

To fix above issues we pass the content of edit-history
through rendered_markdown before showing edit history modal.

Fixes: #16029.
2022-02-22 15:00:01 -08:00
m-e-l-u-h-a-n 16687d4c74 markdown: Improve drafts rendering of custom Markdown features.
Improves rendering of drafts to make it look more closer
to normal messages. This is done by passing the draft content
through rendered_markdown so that dynamic elements in the content
get updated before showing drafts modal.
2022-02-22 14:59:50 -08:00
NerdyLucifer 891ed242d1 popovers: Add "busy" status to default emoji status set.
Add info about the status in the array
"default_status_messages_and_emoji_info".
Set status message as "Busy" and emoji "working_on_it".

Fixes #21179
2022-02-22 10:33:31 -08:00
Sahil Batra 21051d2130 settings: Show or hide digest weekday option on changing emails setting.
Previousy, we used to show or hide the digest weekday setting after
saving the emails setting, but now we show/hide as soon as we check
or uncheck the email setting checkbox like we do for other settings.
2022-02-21 08:53:33 -08:00
Dinesh 6afdf2410d message feed: Notify user when messages are not being marked as read.
Notifies user when messages are not being marked as read through a
banner that lets them mark all messages in the narrow as read. Note
that the banner is only displayed if the user's actions, like
scrolling, would've actually marked the messages as read.

This avoids distracting the user when viewing a thread they've already
read.

tabbott has verified that if new messages come in, the banner will reappear.

Fixes: #18768.
2022-02-18 14:48:31 -08:00
Tim Abbott bb5889b0a0 message_list: Add helper for checking if a message list has unreads. 2022-02-18 14:48:31 -08:00
Dinesh a2ca558c3e unread_ops: Add process_scrolled_to_bottom().
There are a few instances where we check if messages can be marked
read and mark that list as read when scrolled to bottom. Using
this would be nicer and also this function can be extended later to
display a banner when messages are not being marked.
2022-02-18 14:48:31 -08:00
Aman Agrawal 0eafa6039b message_scroll: Show scroll to bottom button.
Show/hide scroll to bottom button when the last message is
not visible in the current scroll position.

We adjust the bottom offset of the button based on compose box
height.

Fixes #19862
2022-02-18 13:29:57 -08:00
Aman Agrawal ea07b6440c integrations: Adjust font size to fit integration name during initial load. 2022-02-18 12:22:32 -08:00
Aman Agrawal 9b622b7d25 gear_menu: Allow user to configure preferred theme.
We save the preferred theme in localstorage so that user doesn't
have to re-select the theme on every reload. Users on slow
computers might see flash of a theme change, if it happens.
2022-02-18 11:29:48 -08:00
yogesh sirsat 8a1df07e64 recent topics: Display user info popover when clicking participants.
Tweaked by tabbott to do something reasonable for muted users and
display a cursor indicating clicking will do something.

Fixes #21154.
2022-02-17 15:49:24 -08:00
Aman Agrawal 70c9c2e137 message_events: Remove existing messages that were updated.
For filters that cannot be applied locally, we don't know if the
messages are still a part of the filter. So, we remove the
existing message that were updated and let `maybe_add_narrowed_messages`
treat them all as new messages to the filter.

This fixes the bug where existing messages that were present in
the narrow were not updated.
2022-02-17 15:11:48 -08:00
Aman Agrawal bda90ec5ae message_events: Ask server if cannot filter locally.
For filters that cannot be applied locally, we ask the server
to determine if the `events_messages` are part of the narrow.

Fixes #21073
2022-02-17 12:56:33 -08:00