Commit Graph

8683 Commits

Author SHA1 Message Date
Rhea Parekh f2b5f5a8f9 import: Fix processing_avatars bug in 'import_uploads_s3'.
All the avatars should be processed later on to run the
'ensure_medium_avatar_image' function. This is similar to
'import_uploads_local'.
2018-06-18 22:37:34 +05:30
Rhea Parekh f66ca9a5c3 import: Pass 'processing_emojis' in 'import_uploads_s3'.
'import_uploads_s3' should be passed with the parameter
'processing_emojis' from 'import_uploads'.
2018-06-18 22:35:36 +05:30
Rhea Parekh b2e971b9b1 tests: Add tests for the export file's records.
For the emojis, In 'records.json', the record should contain
the attribute 'file_name', which was missing in the S3 backend.
This commit adds this attribute, as well as tests for the
records of uploads, avatars and emojis in both local and S3 backend.
2018-06-18 09:19:24 -07:00
Rhea Parekh 5cbad76445 tests: Add tests for importing files from local. 2018-06-18 09:19:24 -07:00
Rhea Parekh edb506a605 tests: Add a function to setup export of files.
Add the function '_setup_export_files' to setup the files to
be exported.
2018-06-18 09:19:24 -07:00
Rhea Parekh f735fae777 tests: Add tests for a basic import logic. 2018-06-18 09:19:24 -07:00
Rhea Parekh 0e8f0e2393 tests: Rename 'message.json' to 'messages-000001.json' in export tests.
The export script produces messages in the format 'messages-%06d.json'.
Hence we rename it to 'messages-000001.json'.
2018-06-18 09:19:24 -07:00
Yashashvi Dave 8909cb1d15 custom fields: Allow list of users in user type of custom fields.
Allow user to add more than one user-value in user type of custom
fields.

Tweaked by tabbott to improve the models.py code and type annotations.
2018-06-16 09:37:49 -07:00
Eeshan Garg 943a77105b integrations/irc: Capitalize the integration name properly.
It is IRC, not Irc, which is what the default code in Integration
renders.
2018-06-16 08:52:49 -07:00
Vishnu Ks 4da61e2a17 signup: Copy enter_sends value when importing settings. 2018-06-16 08:50:49 -07:00
Vishnu Ks b639778d0f signup: Copy hotspots when importing settings. 2018-06-16 08:50:49 -07:00
Rhea Parekh d0bc8d0736 zcommands: Add zcommand module and separate test module.
Move the zcommands from '/views/messages.py' to
'/lib/zcommand'.

Also, move the zcommand tests from '/tests/test_messages.py'
to '/tests/test_zcommand'.
2018-06-16 10:32:42 -04:00
Shubham Dhama b0bfb6b153 streams: Hide create stream UI from guest users. 2018-06-16 06:33:14 -07:00
Shubham Dhama d40c2bb166 emoji: Make uploading new realm emoji inaccessible for guest users. 2018-06-16 06:33:14 -07:00
Shubham Dhama 596ce5b60f invite: Make inviting new users inaccessible for guest users. 2018-06-16 06:33:13 -07:00
Tim Abbott 425b4a3866 invite: Use require_realm_admin decorator. 2018-06-16 06:33:13 -07:00
Neil Pilgrim ba55d22fdb mypy: Improve MessageOutput typing in export.py.
See the comments above for why this is the correct list of options.
2018-06-14 15:22:56 -07:00
Eeshan Garg 05b752bd3f webhooks/trello: Mention that Trello script can be run from anywhere.
This is one of those weird webhooks where the
download-python-bindings.md macro doesn't work, because the user
only needs the bindings to run the one-time Trello script to register
the webhook and that script can be run from anywhere and doesn't need
to be "hosted" anywhere.
2018-06-11 07:46:16 -04:00
Tim Abbott 93b5e0df61 custom profile fields: Extract a separate various for whether enabled.
This will make it possible to do this on a per-organization basis.
2018-06-07 11:35:04 -07:00
Roman Godov 0b9d4fbb06 auth: Added time conversion in new login emails.
This commit adds code for date and time conversion in
"new login" emails according to user's timezone.

Fixes #9336.
2018-06-07 08:40:22 -07:00
Yashashvi Dave f7f039e772 custom fields: Add endpoint to delete value of custom profile data.
Add delete endpoint at `users/me/profile_data` to delete value of
custom profile data.

Fixes #9669
2018-06-07 08:35:04 -07:00
Adam Birds 5855fe3e53 integrations: Add Zabbix webhook.
With a few changes to the documentations by Eeshan Garg.
2018-06-07 08:31:24 -07:00
Eeshan Garg 4446b76427 pypi: Upgrade to release 0.5.0. 2018-06-07 08:31:21 -07:00
MaTaM673 d27c230982 webhooks/teamcity: Include branch name in build notifications. 2018-06-07 08:15:30 -07:00
Tim Abbott 4481c74a71 GitHubAuthBackendTest: Remove token_data_dict argument.
This was always the same, and there's not much reason to customize it.
2018-06-06 15:22:52 -07:00
Aditya Bansal 1205e02c64 provisioning: Don't rebuild DB if running migrations is sufficient.
This results in a significant optimization in the performance of
re-provisioning Zulip if all that you're doing is rebasing onto a
newer version of master (which just adds new migrations).

The change carries some risk of generating unpleasant-to-debug
situations, because if we merge a buggy migration and then later fix
it, some clients may not have a properly migrated database (and also,
this changes how populate_db commutes with migrations).  But it seems
worth it, given how much time is currently wasted by not having this.

Fixes: #9512.
2018-06-06 13:43:59 -07:00
Aditya Bansal 65dc80fe9d test_fixtures: Add run_generate_fixtures_if_required function.
In this commit we are adding run_generate_fixtures_if_required,
a new function which is meant to de-duplicate a bit of code
between test-server and test-backend which is essentially
responsible for rebuilding the test database if that was required.
2018-06-06 13:37:35 -07:00
Aditya Bansal f7c11d1747 test_fixtures: Refactor to have template_database_status API.
In this commit we are essentially just refactoring the function
is_template_database_current to be called template_database_status
and adjusting the return values accordingly.
This is essentially a preparatory commit for the upcoming commits
which will essentially enable us to not throw away entire DB and
rebuild from scratch if only running migrations could do the job.
2018-06-06 13:37:35 -07:00
Vishnu Ks 53237d39aa registration: Allow users to import profile picture. 2018-06-06 13:29:42 -07:00
Vishnu Ks ca87cf4c97 upload: Seperate writing avatars into s3 as function. 2018-06-06 13:29:42 -07:00
Vishnu Ks 7960785261 upload: Separate writing avatars as local files into function. 2018-06-06 13:29:42 -07:00
Tim Abbott 7d250cb2f9 attachment: Fix handling of stream history.
This fixes two issues:

* Our guest users feature gave guest users access to public stream
  attachments even if they couldn't access the public stream.

* After a user joins a private stream with our new shared history
  feature, they couldn't see images uploaded before they joined.

The tests need to check for a few types of issues:
* The actual access control permissions.
* How many database queries are used in the various
  cases for that second model, especially with multiple messages
  referencing an attachment.  This function gets called a lot, and we
  want to keep it fast.

Fixes #9372.
2018-06-06 09:40:22 -07:00
Tim Abbott 541ccfeb7f validate_attachment_request: Simplify execution flow.
This makes the code more readable, by narrowing the try/except block
and only querying `messages` when we're going to use it.
2018-06-06 09:13:51 -07:00
Tim Abbott 35c4a9f1d2 auth: Rewrite our social auth integration to use pipeline.
This new implementation model is a lot cleaner and should extend
better to the non-oauth backend supported by python-social-auth (since
we're not relying on monkey-patching `do_auth` in the OAuth backend
base class).
2018-06-05 23:24:48 -07:00
Yashashvi Dave 5145b24635 users: Replace duplication with generic func to validate user id.
This adds a common function `access_user_by_id` to access user id
within same realm, complete with a full suite of unit tests.

Tweaked by tabbott to make the test much more readable.
2018-06-05 11:13:13 -07:00
Umair Khan 9b698dec08 2FA: Use patch.object for monkey patching.
Ref #9521
2018-06-05 09:25:40 -07:00
Tim Abbott 238ba2d486 auth: Move some simple GitHub tests to the long-term test class. 2018-06-04 23:57:09 -07:00
Tim Abbott 869d75b02f AuthBackendTest: Fix typos in error message checks.
Previously, these checks did nothing.
2018-06-04 23:45:13 -07:00
Raymond Akornor 0335da7e05 python: Use python3 style super() in 2FA code paths. 2018-06-04 20:55:42 -07:00
Shubham Dhama 01555e8772 streams: Handle guest user ids for stream settings changes' events. 2018-06-04 11:35:37 -07:00
Steve Howell a42492d0ac Fix very recent build error w/url coverage for casper.
Example:
    http://localhost:9991/casper/casper-failure1.png
2018-06-04 12:37:10 -04:00
Tim Abbott ec90322e5d bots: Fix behavior for bots mentioned in PMs.
We've for a long time had the behavior that a bot mentioned in a
stream message receives the notification, regardless of whether the
bot was actually subscribed to the stream.

Apparently, this behavior also triggered if you mentioned a bot in a
private message (i.e. the bot would be delievered the private message
and would probably respond unhelpfully in a new group private message
thread with the PMs original recipients plus the bot).

The fix for this bug is simple: To exclude this feature for private
messages.
2018-06-03 22:29:15 -07:00
Tim Abbott ec2eb0edba storage: Don't double-minify webpack bundles.
What was happening before is that we built the webpack bundles in
tools/minify-js with nicely hashed filenames, and then `manage.py
collectstatic` was extending these filenames with a second hash
through the use of storage.

Removing the first one didn't seem ideal, but would probably have
worked, but seems confusing for people only familiar with webpack
(ideally, we want the Django toolchain piece to be increasingly
invisible as we replace it).

And we can't exclude the webpack bundles from being processed by
storage, since we need these bundles to be included in the manifest.
So, instead, we set the hash function to be a no-op for the bundle
files.

Fixes significant portions #5971.

More work is required to deal with versioning for some of the
image/font assets.
2018-06-03 16:49:59 -07:00
Tim Abbott 714ad67db1 storage: Move library code into zerver/lib.
There's no particularly good reason for this to have been a top-level
file.
2018-06-03 16:02:02 -07:00
Rishi Gupta 182215d125 portico: Update text of why-zulip.
With edits from tabbott.
2018-06-03 09:37:00 -07:00
Shubham Dhama 4483e33102 digest: Make newly registered users data inaccessible to guest users.
The new can_access_all_realm_members function is meant to act as a
base function for guest users and Zephyr realm users regarding the
accessibility of the information of other users in the realm.
2018-06-03 09:30:59 -07:00
Shubham Padia 8883107a7f streams: Allow cross-realm bots to post to announcement_only streams.
This fixes an issue where if you make #announce (the default
announcement stream) announce-only, then creating a new stream will
throw an exception (because notification-bot can't send there).

Fixes #9636.
2018-06-02 10:36:29 -07:00
Steve Howell 47b4dd6bdb slash commands: Refine /day and /night.
These two slash commands now use zcommand to talk to
the server, so we have no Message overhead, and if you're
on a stream, you no longer spam people by accident.

The commands now also give reasonable messages
if you are already in the mode you ask for.

It should be noted that by moving these commands out of
widget.py, they are no longer behind the ALLOW_SUB_MESSAGES
setting guard.
2018-06-02 09:40:12 -07:00
Steve Howell 4b2e8b83c4 slash commands: Add /ping command (via zcommand).
This adds a /ping command that will be useful for users
to see what the round trip to the Zulip server is (including
only a tiny bit of actual server time to basically give a
200).

It also introduce the "/zcommand" endpoint and zcommand.js
module.
2018-06-02 09:40:12 -07:00
Rhea Parekh f8e53511ea slack import: Add support for bold-italics formatting.
Fixes #8927
2018-06-02 09:01:55 -07:00
Tim Abbott 18702b0d71 actions: Document validate_user_access_to_subscribers_helper.
This function is important, carefully optimized, and hard to read, so
it deserves a long docstring.
2018-06-02 08:46:58 -07:00
Shubham Dhama 8e2337509d streams: Hide public streams & subscribers from guest users.
The main change here is making can_access_public_streams
2018-06-02 08:39:39 -07:00
Shubham Dhama ca02143074 test_subs: Fix typos in test_previously_subscribed_private_streams. 2018-06-02 08:06:45 -07:00
Tim Abbott 751c602a0b update-prod-static: Don't copy/minify templates and styles.
This is a performance optimization: Rather than copying these files
into the `prod-static` directory and then deleting them, we just don't
copy them over in the first place.

For styles, it might have once been the case that this did something,
but we've moved them all to being managed by webpack some time ago.

For the js directory, I think it was never useful to copy and then
delete them; these files were always compiled via tools/minify-js,
and the raw JS files weren't needed, anyway.
2018-06-01 16:39:35 -07:00
Tim Abbott 2a52b0c1e8 compilemessages: Use json.dump with sort_keys option.
This should help make these files stable over time.  Mostly useful for
diffing release tarballs.
2018-06-01 16:39:03 -07:00
Eeshan Garg 52c3c00ea0 test-api: Test against generic fixtures.
In a few commits before this one, we just added de-duplicated
generic fixtures that apply to multiple API tests. The tests
needed to be modified to accommodate that change.
2018-06-01 14:06:26 -07:00
Yago González 9f98002b76 tests: Allow testing our REST API against the OpenAPI docs. 2018-06-01 12:03:31 -07:00
Tim Abbott c37fe998d2 templates: Make zulip_default_context available in API endpoints.
This is mostly useful for advertising support_email, but some other
fields may by helpful over time.
2018-06-01 11:32:18 -07:00
Tim Abbott 0d84eb0a8b mypy: Clean zerver/views/users.py for strict-optional. 2018-06-01 08:48:17 -07:00
Tim Abbott 0a0ae5e703 users: Move add_service to zerver.lib.users so it is reusable. 2018-06-01 08:48:17 -07:00
Eeshan Garg 10523813fd webhooks/pagerduty: Update docs to conform to style guide.
A few things have changed on PagerDuty's end, so I thoroughly tested
this webhook with a local ngrok instance. Also, added a message
screenshot!
2018-05-31 23:48:42 -04:00
Eeshan Garg 1df6c22df0 webhooks/pagerduty: Fix small capitalization error in docs.
It is PagerDuty, not Pagerduty!
2018-05-31 23:42:07 -04:00
Tim Abbott bab69a325f registration: Narrow try/exception block for LDAP usernames.
This just makes the code a bit more clear about where we expect that
exception to come from.
2018-05-31 14:04:47 -07:00
Tim Abbott 059d6672ba query_ldap: Print the email address for configuration (C).
This should make it easier to debug whether LDAP configuration (C) is
working correctly.
2018-05-31 13:47:26 -07:00
Sampriti Panda 46711a43f0 pgroonga: Upgrade to PGroonga 2 API. 2018-05-31 13:00:34 -07:00
Sampriti Panda e95f972e24 migrate: Add do_batch_update method for running batch updates.
* Refactor pgroonga_0002 migration to use new method.
2018-05-31 13:00:34 -07:00
Tim Abbott b9b81cf658 export: Rename ALL_ZERVER_TABLES to ALL_ZULIP_TABLES.
They don't all start with zerver, now :).
2018-05-31 10:47:27 -07:00
Tim Abbott 42aea68df3 export: Automate validation of ALL_ZERVER_TABLES.
This should help make it explicit whenever we add a new table to Zulip
that we need to correctly categorize it for whether it will be
included in the data export, or not.
2018-05-31 10:47:27 -07:00
Tim Abbott 328136344a import: Fix typo in zerver_customprofilefieldvalue table name.
Apparently, we were doing this slightly wrong.
2018-05-31 10:47:27 -07:00
Shubham Padia cd1233d3f7 upload: Add test jpg image with no exif data. 2018-05-31 08:08:59 -07:00
Tim Abbott 5967de9177 test_auth_backends: Move GitHub signup tests to new suite.
This eliminates a lot of duplicated, mocking-heavy code.
2018-05-30 18:24:27 -07:00
Tim Abbott 7d8d6f1978 test_auth_backends: Move GitHub deactivated test to new suite. 2018-05-30 18:24:27 -07:00
Tim Abbott 29492325a8 test_auth_backends: Move github_auth_enabled test to new suite.
This is step 1 of a migration to eventually delete the legacy test suite.
2018-05-30 18:24:27 -07:00
Steve Howell 554883e039 submessages: Add submessage_id to submessage event.
It's useful to have the submessage_id so that widgets
can in theory sort all the events (and not have to rely
on them arriving in sequence).
2018-05-30 14:47:36 -07:00
Shubham Padia 214ce1ccca streams: Add create and edit ui for is_announcement_only.
The user can now specify the value while creating a stream.
An admin can later change it via `Change stream permissions`
modal. Add is_announcement_only to subscription type text.
2018-05-30 14:22:15 -07:00
Shubham Padia bb8ad15fa9 streams: Set is_announcement_only when creating streams.
Adds is_announcement_only to create_stream_if_needed and
add_subscriptions_backend.
2018-05-30 14:17:33 -07:00
Steve Howell bfc13ecea4 submessages: Just send content for submessage events.
For some reason in my original version I was sending both
content and data to the client for submessage events,
where data === JSON.parse(content).  There's no reason
to not just let the client parse it, since the client
already does it for data that comes on the original
message, and since we might eventually have non-JSON
payloads.

The server still continues to validate that the payload
is JSON, and the client will blueslip if the server
regressses and sends bad JSON for some reason.
2018-05-30 13:53:11 -07:00
Rhea Parekh e2f2ea7248 test_export: Add tests for 'do_export_user'. 2018-05-30 10:28:10 -07:00
Rhea Parekh 74cc07bb2f test_export: Add tests for export of files.
Thanks @Zachary-Jackson for some preliminary work
on this.
2018-05-30 10:28:10 -07:00
Tim Abbott f8e8d1fb27 upload: Suppress coverage warnings for now. 2018-05-30 09:31:47 -07:00
Tim Abbott bbcdf8ca99 upload: Fix logic for orientation when uploading avatars.
The previous logic was broken for an avatar without exif data.
2018-05-30 09:22:36 -07:00
Tim Abbott 99c6a82b7f i18n: Clean up logic for picking language in app.
We now have a simple algorithm: First, look at the URL path
(e.g. /de/, which is intended to be an override).  Second, look at the
language the user has specified in their settings.
2018-05-30 08:57:26 -07:00
Shubham Dhama 1d9afc7328 i18n: Pass translation data in page_params.
This is a preliminary step to make translation_data available as a
resource to `i18next.init()`.
2018-05-30 08:57:26 -07:00
Robert Hönig 647c63050f botserver: Add outgoing webhook tokens to botserverrc.
The tokens will be used to authorize the server when sending
messages to the Botserver.
2018-05-30 10:00:19 -04:00
Eeshan Garg 9157b217f0 webhooks/jira: Update docs to conform to style guide.
I spend a lot of time on this. One of our users had reported that
this webhook wasn't working at all. So I tested this with a local
ngrok instance and made sure that it was working. I also took this
opportunity to rewrite the docs for this, which were quite outdated.

With a few changes by Rishi Gupta!
2018-05-29 17:16:52 -07:00
Yashashvi Dave 47aaf4e20a users: Replace duplication with generic func to validate bot id.
This adds a common function `access_bot_by_id` to access bot id within
same realm.  It probably fixes some corner case bugs where we weren't
checking for deactivated bots when regenerating API keys.
2018-05-29 15:47:27 -07:00
Rhea Parekh 1db442acd4 IRC: Add integration documentation. 2018-05-29 10:59:53 -07:00
Rhea Parekh 25e3515d9b Matrix: Add integration documentation. 2018-05-29 10:59:53 -07:00
Shubham Padia 8b8a9be377 upload: Rotate image according to exif data when resizing avatar and emojis.
Fixes the avatar/emoji part of #8177.

Does not address the issue with uploaded images, since we don't do
anything with them.

Also adds 3 images with different orientation exif tags to
test-images.
2018-05-29 10:39:39 -07:00
Tim Abbott 7ccefc3e5d migrations: Remove dependence on PRIVATE_STREAM_HISTORY_FOR_SUBSCRIBERS.
We don't want to keep around a declaration of
PRIVATE_STREAM_HISTORY_FOR_SUBSCRIBERS forever, so we should just move
this to a getattr; if the user has set it on their server, we'll use
the value; otherwise, we just use False.
2018-05-29 07:36:53 -07:00
Tim Abbott 91ec0aba09 auth: Improve interactions between LDAPAuthBackend and EmailAuthBackend.
Previously, if you had LDAPAuthBackend enabled, we basically blocked
any other auth backends from working at all, by requiring the user's
login flow include verifying the user's LDAP password.

We still want to enforce that in the case that the account email
matches LDAP_APPEND_DOMAIN, but there's a reasonable corner case:
Having effectively guest users from outside the LDAP domain.

We don't want to allow creating a Zulip-level password for a user
inside the LDAP domain, so we still verify the LDAP password in that
flow, but if the email is allowed to register (due to invite or
whatever) but is outside the LDAP domain for the organization, we
allow it to create an account and set a password.

For the moment, this solution only covers EmailAuthBackend.  It's
likely that just extending the list of other backends we check for in
the new conditional on `email_auth_backend` would be correct, but we
haven't done any testing for those cases, and with auth code paths,
it's better to disallow than allow untested code paths.

Fixes #9422.
2018-05-28 22:47:47 -07:00
Tim Abbott 3842404cc0 ldap: Don't allow password reset for users in LDAP domain.
This is the analog of the last commit, for the password reset flow.
For these users, they should be managing/changing their password in
the LDAP server.

The error message for users doing the wrong thing here is nonexistent
isn't great, but it should be a rare situation.
2018-05-28 22:47:47 -07:00
Tim Abbott 8119670da1 user_settings: Prevent LDAP users from setting a Zulip password.
Previously, if both EmailAuthBackend and LDAPAuthBackend were enabled,
LDAP users could set a password using EmailAuthBackend and continue to
use that password, even if their LDAP account was later deactivated.

That configuration wasn't supported at all before, so this doesn't fix
a pre-existing security issue, but now that we're making that a valid
configuration, we need to cover this case.
2018-05-28 22:47:47 -07:00
Sampriti Panda 250015a5d5 pgroonga: Fix issues with HTML escaping in queries. 2018-05-28 16:53:30 -07:00
Tim Abbott bf9012a559 message: Do future-proofing for public streams with private history.
This should have no effect for now, but it'll make things a bit
simpler in case we make future changes to support public streams
without history public to subscribers (and other organization
members).
2018-05-28 12:25:57 -07:00
Shubham Dhama b410aeb897 message: Limit message access for guest users.
Tweaked by tabbott to interact correctly with the
history_public_to_subscribers feature.
2018-05-28 12:20:32 -07:00
Rhea Parekh 66e3fc4042 import: Clean up the management command.
Significantly tweaked by tabbott because:
* Argparse was already handling the early checks
* Splitting the bottom loop into two loops means we validate all the
input before trying to run actual import code on anything.
* The argparse documentation was confusing about whether the paths
  should be files or directories.
2018-05-28 11:54:04 -07:00
Robert Hönig 497cd4a1f9 outgoing webhooks: Change default URL in all tests.
This reflects the changes to the default URL publicly
displayed to the user. It also changes the default
URL of the default test server outgoing webhook, which
prevented the test server flaskbotrc from working out
of the box.
2018-05-28 10:40:44 -07:00
Yashashvi Dave e82c879b85 custom fields: Add user type of custom fields.
Fixes #8878
2018-05-27 23:01:21 -07:00
Yashashvi Dave 1e948ab405 zerver/lib/users.py: Add function to check given user id is valid.
This function check if given user id exists in realm.
It also check, if user is active and not a bot.
2018-05-27 22:57:55 -07:00
Vishnu Ks c90aac56ba registration: Copy user full_name when importing settings. 2018-05-27 22:39:21 -07:00
Sampriti Panda 018a33ff7c send_test_email: Send email from NOREPLY address as well.
Tweaked by tabbott to also set different subject lines, to make it
easier to see that one got 2 emails.
2018-05-27 22:18:44 -07:00
Rhea Parekh 468afe4840 export: Support export of Custom emojis.
Export of RealmEmoji should also include the image
file of those emojis.

Here, we export emojis both for local and S3 backend
in a method with is similar to attachments and avatars.

Added tests for the same.
2018-05-27 21:54:20 -07:00
Rhea Parekh 7198cc3899 import: Fix RealmEmoji import bug.
RealmEmoji should be imported after UserProfile,
as the new user_profile ids are not allocated
if we import it before.
2018-05-27 21:54:20 -07:00
Rhea Parekh 1b7b9a7164 import: Fix reaction import bug.
In 'zerver_reaction', the emoji_code should be updated
with the RealmEmoji allocated id when the 'reaction_type'
is 'realm_emoji'. Hence we add an extra field 'reaction_field'
in 're_map_foreign_keys', to process the above mentioned
condition.
2018-05-27 21:54:20 -07:00
Rhea Parekh 7a8b853708 Export: Support export of reactions.
We get the reactions from the messages exported.
2018-05-27 21:54:20 -07:00
Rhea Parekh c79d7f1070 Import: Move zerver_reaction from 'messages-000001.json' to 'realm.json'.
Also change the existing slack conversion script structure, to
include 'zerver_realm' in 'realm.json'.
2018-05-27 21:54:20 -07:00
Yago González f84c9b919b api docs: Read parameters and response fixtures from OpenAPI files. 2018-05-26 22:49:55 +02:00
Yago González 30682241c7 api docs: Move OpenAPI files to zerver/openapi. 2018-05-26 21:48:17 +02:00
Tim Abbott 445932cc86 bugdown: Increase limit for number of digits in tweet IDs.
Apprently, they just reached 19 digits.  We set the limit to 30 to
give plenty of headroom for the future.
2018-05-26 10:12:15 -07:00
Yago González b4084d30d2 emails: Move user role logic for followup_day1 to notifications.py. 2018-05-26 07:29:58 -07:00
Yago González d87f0ccb4e api docs: Show Yes/No in the "Required" field of the args table. 2018-05-25 23:31:30 +02:00
Tim Abbott 4e70c9402a export: Fix path logic for exporting avatars with S3 backend.
Apparently, we missed this when we converted the export format to use
longer path names for avatars.
2018-05-25 12:04:34 -07:00
Robert Hönig 7a8c1ec9dc outgoing webhooks: Send additional useful data.
This adds the fields `trigger` and `service_email`
to each message event dispatched by outgoing webhook bots.
`trigger` will be used by the Botserver to determine if
a bot is mentioned in the message.
`service_email` will be used by the Botserver to determine
by which outgoing webhook bot the message should be handled.
2018-05-25 10:33:40 -07:00
Eeshan Garg 0a1b429d04 settings: Remove PRIVATE_STREAM_HISTORY_FOR_SUBSCRIBERS.
Now that we have a UI for this feature, we don't need this setting
anymore.
2018-05-24 17:18:14 -07:00
Tim Abbott 6967b6519d settings: Add a development-only setting for less dense mode.
This should make it easier for us to iterate on a less-dense Zulip.

We create two classes on body, less_dense_mode and more_dense_mode, so
that it's easy as we refactor to separate the two concepts from things
like colors that are independent.
2018-05-24 12:31:37 -07:00
Vishnu Ks 54a002c2e2 requirements: Upgrade pyflakes to 2.0.0.
We fix a few errors that only the new version finds.
2018-05-24 11:31:36 -07:00
Steve Howell 69517f5ac5 Support zform-based widget content in the server.
API users, particularly bots, can now send a field
called "widget_content" that will be turned into
a submessage for the web app to look at.  (Other
clients can still rely on "content" to be there,
although it's up to the bot author to make the
experience good for those clients as well.)

Right now widget_content will be a JSON string that
encodes a "zform" widget with "choices."  Our first
example will be a trivia bot, where users will see
something like this:

    Which fruit is orange in color?

        [A] orange
        [B] blackberry
        [C] strawberry

The letters will be turned into buttons on the webapp
and have canned replies.

This commit has a few parts:
    - receive widget_content in the request (simply
        validating that it's a string)
    - parse the JSON in check_message and deeply
        validate its structure
    - turn it into a submessage in widget.py
2018-05-24 09:30:22 -07:00
Shubham Dhama fc3dcbfb5a messages: Allow "no topic" topics editable indefinitely.
Fixes: #9484.
2018-05-24 07:35:52 -07:00
Umair Khan adaeaccd20 2FA: Add link in settings to setup two-factor. 2018-05-23 15:49:41 -07:00
Umair Khan e063bb0d50 2FA: Add tests for two-factor auth. 2018-05-23 15:49:35 -07:00
Umair Khan bf740f9232 2FA: Add zulip_otp_required decorator.
We need to add this because otp_required doesn't play well with tests.
2018-05-23 15:46:57 -07:00
Umair Khan 0b1e25f453 2FA: Integrate with login feature. 2018-05-23 15:46:57 -07:00
Umair Khan a2d3aea027 2FA: Add two-factor related code.
This commit adds a view which will be used to process login requests,
adds an AuthenticationTokenForm so that we can use TextField widget for
tokens, and activates two factor authentication code path whenever user
tries to login.
2018-05-23 15:46:56 -07:00
Tim Abbott 9c29592178 mypy: Fix rebase errors in create_user.py. 2018-05-23 11:36:28 -07:00
Vishnu Ks 8369e2b15e registration: Allow users to import settings from other realm.
This should significantly improve the user experience for creating
additional accounts on zulipchat.com.

Currently, disabled in production pending some work on visual styling.
2018-05-23 10:30:00 -07:00
Vishnu Ks 2a66818e2e registration: Add function to copy user settings.
This is intended to support our upcoming feature to support copying a
user's customization settings from an existing account that user owns
in another organization.
2018-05-23 10:12:14 -07:00
Rhea Parekh c24c249b8c export: Support export of Custom Profile Field. 2018-05-23 09:07:26 -07:00
Robert Hönig ac04553d67 outgoing_webhook.py: Fix incorrect variable type. 2018-05-23 08:57:56 -07:00
Aditya Bansal 8cfb437677 provision: Don't run create_realm_internal_bots management command.
We essentially stop running create_realm_internal_bots during
every provisioing and move its operations to run from populate db.
In fact to speed things up a bit we actually make populate db call the
funcs which create_realm_internal_bots calls behind the scenes.

Fixes: #9467.
2018-05-23 13:34:52 +05:30
Aditya Bansal d343f25cc6 create_realm_internal_bots: Refactor to extract main op as a function.
We extract the entire operations of the management command to a
function create_if_missing_realm_internal_bots in the
zerver/lib/onboarding.py. The logic for determining if there are any realm
internal bots which have not been created is extracted to a function
missing_any_realm_internal_bots in actions.py.
2018-05-23 11:53:22 +05:30
Aditya Bansal 528230df41 test_fixtures.py: Add check_settings to is_template_database_current.
In this commit we add a new param (Django settings) on which the
is_template_database_current decision will depend upon.
2018-05-23 11:53:20 +05:30
Tim Abbott 998e1048e8 test_bots: Add coverage for no-op changes to bot owner.
This isn't a complete long-term fix, in that ideally we'd be doing
this check at the view layer, but various structural things make that
annoying, and we'll want this test either way.
2018-05-22 15:04:27 -07:00
Eeshan Garg e0ef831993 webhooks: Migrate to UnexpectedWebhookEventType.
This improves test coverage for a lot of our webhooks that relied
on ad-hoc methods to handle unexpected event types.

Note that I have deliberately skipped github_legacy, it isn't
advertised and is officially deprecated.

Also, I have refrained from making further changes to Trello, I
believe further improvements to test coverage should be covered
in separate per-webhook commits/PRs.
2018-05-22 08:30:19 -07:00
Eeshan Garg 3ed20589f2 webhooks: Add generic exception for unexpected webhook events.
UnexpectedWebhookEventType is a generic exception that we may
now raise when we encounter a webhook event that is new or one
that we simply aren't aware of.
2018-05-22 08:30:19 -07:00
Umair Khan f38d6ac6fe ldap: Make Zulip compatible with django-auth-ldap==1.5.
In version 1.5, get_or_create_user method is not used. It exists just
for the compatibility. The main function to use now is
get_or_build_user.

See the changelog:
https://django-auth-ldap.readthedocs.io/en/latest/changes.html#id1

Fixes #9307
2018-05-22 08:13:41 -07:00
Michael J. Sullivan d5ee801d60 mypy: Set local_partial_types = True.
The daemon implicitly sets this flag, so set it explicitly and fix all
of the type errors.
2018-05-21 22:41:00 -07:00
Tim Abbott 80a331385e push_notifications: Fix missing mypy annotation. 2018-05-21 11:39:58 -07:00
Tim Abbott cec7686f3d push notifications: Clean up unregistered/bad APNS tokens.
We've had this sort of logic for GCM for a long time; it's worth
adding for APNS as well.

Writing this is a bit of a reminder that I'm not a fan of how our unit
tests for push notifications work.
2018-05-21 11:30:56 -07:00
Tim Abbott c6909fb99c migration_tests: Document the migration test framework. 2018-05-21 09:59:55 -07:00
Aditya Bansal b489eded17 migration_test: Add test for 0145 migration. 2018-05-21 09:46:52 -07:00
Aditya Bansal 0767a5b955 test_classes: Add class MigrationsTestCase for writing migration tests.
The MigrationsTestCase class is based on this blog post:
https://www.caktusgroup.com/blog/2016/02/02/writing-unit-tests-django-migrations/

It provides a basic framework for writing unit tests for django
db migrations.
2018-05-21 09:46:37 -07:00
Aditya Bansal a85576149d test_helpers: Add use_db_models decorator.
This is somewhat messy, but it's purpose is to make it easy to write
tests in test_migrations.py.
2018-05-21 09:46:24 -07:00
Tim Abbott 3853e133f4 migrations: Add missing reverse_code for migration 0167. 2018-05-21 09:42:19 -07:00
Aditya Bansal e41d32a15a reminders: Add various design improvements for the UI/reminder msg. 2018-05-21 09:07:37 -07:00
Aditya Bansal 57f247283d scheduledmessages: Handle multiple servers running this delivery job.
We add conditional infinite sleep to this delivery job as a means to
handle case of multiple servers in service to a realm running this
job. In such a scenerio race conditions might arise leading to
multiple deliveries for same message. This way we try to match the
behaviour of what other jobs do in such a case.
Note: We should eventually do something to make such jobs work
while being running on multiple servers.
2018-05-21 08:53:14 -07:00
Tim Abbott 43ec7ed456 narrow: Add is_web_public_compatible check for narrows.
This will be used to limit which narrows will be allowed for
web-public browsing of Zulip.
2018-05-21 08:45:48 -07:00
Umair Khan 18defcc673 2FA: Fix check for context_data attr.
This attribute only makes sense for responses that are generated using a
template.
2018-05-21 07:50:05 -07:00
Tim Abbott 7dd275328b github: Add a complete end-to-end GitHub OAuth2 test.
This revised GitHub auth backend test is inspired by the end-to-end
flow model of the Google auth backend test.  My hope is that we will
be able to migrate the rest of the important cases in the GitHub auth
backend tests to this model and then delete what is now
GitHubAuthBackendLegacyTest.

The next step after that will be to merge the GitHub and Google auth
tests (since actually, the actual test functions are basically
identical between the two).
2018-05-20 23:44:20 -07:00
Tim Abbott 86ec78eaa9 test_auth_backends: Move ResponseMock earlier in the file.
We're going to be using this in the GitHub auth backend as well.
2018-05-20 22:02:43 -07:00
Tim Abbott 9b8331cf88 test_presence: Fix nondeterministic test failures.
Apparently, the bug here was that we were aliasing the user_profile
variable, so that the results depended on what the last iteration in
the loop landed on.
2018-05-20 22:02:43 -07:00
Tim Abbott 6cbe9890aa embedded bots: Use get_active_user helper to look up users.
This should have no effect, but is part of a larger effort to avoid
using get_user (not get_active_user) unless we actually want inactive
users.
2018-05-20 20:04:16 -07:00
Tim Abbott 336ad0fbb1 password reset: Handle deactivated users and realms.
Since this is a logged-out view, need to actually write code for the
case of deactivated realms.

The change to get_active_user is more for clarity; the Django password
reset form already checks for whether the user is active earlier.
2018-05-20 20:02:27 -07:00
Tim Abbott e7fa77f120 validate_email_for_realm: Clarify errors for deactivated users.
If a user's account has been deactivated, we want to provide a special
error message that makes clear what's going on.

Future work is to provide some administrative controls on whether a
user should be able to re-activate their account.
2018-05-20 19:32:53 -07:00
Tim Abbott 2609274719 streams: Don't allow adding deactivated users to streams.
This query was incorreclty not checking whether a user was deactivated
before managing their subscriptions.

This isn't an important bug, but should prevent some weird corner
cases (like trying to send a notification PM to a deactivated user,
which fails).
2018-05-20 19:17:15 -07:00
Tim Abbott cedad52c59 presence: Extract and use get_active_user helper.
This adds a new reusable function for fetching just active users.
2018-05-20 19:07:29 -07:00
Tim Abbott 451b12d0b2 test_home: Fix broken narrow parsing exception test. 2018-05-20 19:06:14 -07:00
Tim Abbott 44b3aeb08d home: Improve logging for narrow parsing exceptions.
This now includes the request and (and thus the related metadata).
2018-05-20 18:47:43 -07:00
Tim Abbott 9360af37d4 typing: Remove unnecessary conditional for recipient types.
It wasn't actually possible for `recipient_for_emails` to return a
STREAM regardless, and this makes things read a little clearer.
2018-05-20 18:35:48 -07:00
Tim Abbott ecdc7fb296 typing: Fix unnecessary else clause for recipient validation.
The other cases all return anyway.
2018-05-20 18:27:25 -07:00
Tim Abbott ae0a929988 tornado: Ensure that tornado doesn't autoreload into syntax errors.
We've for a long time been plagued by run-dev.py needing to be
restarted every time one does a rebase that has merge conflicts,
because the Tornado process restarts itself into a syntax error and
crashes.

This fixes the Tornado autoreload process to check explicitly for
whether files actually syntax-check before trying to actually reload
the Tornado process to run that code.

There are a few things that are a bit janky:
* Ideally, this would go into Tornado upstream
* We removed the `_watched_files` feature, which we weren't using.
* Ideally, we'd use something other than `importlib.reload` that just
  does the syntax-check without adjusting the state within our current
  process.

Fixes #4351.
2018-05-20 16:50:10 -07:00
Tim Abbott 4f4d56b021 tornado: Import autoreload module from upstream Tornado.
This allows to patch things directly.
2018-05-20 16:49:17 -07:00
Vishnu Ks 61e124a2ab models: Create get_source_profile function.
This will be used in our upcoming feature to import settings from
other Zulip realms.
2018-05-20 15:30:30 -07:00
Vishnu Ks 74e823f5fa models: Add function for getting membership realms. 2018-05-20 15:17:19 -07:00
Joshua Pan afe09071b9 slash-commands: Implement /day and /night. 2018-05-20 14:42:09 -07:00
Joshua Pan bdba539480 Rename get_fixed_content_for_widget to do_widget_pre_save_actions. 2018-05-20 14:42:09 -07:00
Tim Abbott 9be3c704f1 register_server: Fix recommendation to run with python 2.
Since `python` is usually Python 2, this recommendation failed on most
systems.
2018-05-20 13:16:33 -07:00
Eeshan Garg 3dcde1c139 webhooks/mention: Update docs to conform to style guide.
This one took quite a while too. The interaction between Mention
and Zapier is kinda weird and the Zapier instructions are pretty
complicated.
2018-05-20 10:54:13 -07:00
Eeshan Garg 2f93c16df2 webhooks/slack: Update docs to conform to style guide. 2018-05-20 10:54:13 -07:00
Eeshan Garg 257d0f5537 webhooks/statuspage: Update docs to conform to style guide. 2018-05-20 10:54:13 -07:00
Sampriti Panda d94202c662 notifications: Add consistent order for sending email notifications.
Notification emails are sent in increasing order of the max message-id
of the unread message thread.
2018-05-20 10:19:13 -07:00
Sampriti Panda 407aa99704 test_notifications: Fix confusing variable naming in test_unread_anchor. 2018-05-20 10:16:53 -07:00
Sampriti Panda 3f4200db3c tests: Disable slow query messages in test environment.
Slow queries during backend tests sends messages to Error Bot
which affects the database state causing the tests to fail.
This fixes the occasional flakes due to that.
2018-05-20 10:16:53 -07:00
Eeshan Garg 2aa044d327 webhooks/librato: Stop advertising Snapshot notifications.
We ask our users to enable Snapshot notifications in Zulip via
Slack! But our Slack integration isn't exactly super robust and
I checked and our librato implementation isn't super smart about
handling snapshot payloads that come in via Slack.

Overall, this seems like a very poor solution, asking the user
to set up Slack in order to get the notifications in Zulip. So, I
thought we should get rid of at least the docs that suggest doing
this.

I also read librato/view.py and it wasn't clear to me how Slack
is supposed to act as an intermediate service here in a reliable
manner, which is another reason to not advertise this.
2018-05-20 10:14:03 -07:00
Eeshan Garg 9d9988d368 webhooks/librato: Rewrite docs to conform to style guide. 2018-05-20 10:14:03 -07:00
Yashashvi Dave 38db31779b /json/bots: Return "No user" if access other realms bot.
Instead of returning warning "Insufficient Permission", return
"No such bot" warning if user tries to access other realms bot."
2018-05-18 15:20:43 -07:00
Yashashvi Dave 4162e61f33 /json/users: Replace email with user_id in API to reactivate user. 2018-05-18 15:20:43 -07:00
Yashashvi Dave 06e7e933cc /json/users: Replace email with user_id in API to update/remove users. 2018-05-18 15:20:43 -07:00
Tim Abbott b8e2339a65 test_presence: Update debugging print statements. 2018-05-18 15:20:15 -07:00
jkiely aa8248e734 mypy: Enable strict optional for check redis management command
Removed the error handling on the get_user_profile_by_id function, as it
would have just caused a different error shortly after.
2018-05-17 13:44:35 -07:00
Tim Abbott 3006b3f52f url_preview: Fix crash when description has no content.
There's several things we'll want to cleanup with this feature, but
for now we're content to just make this not crash.
2018-05-17 12:40:43 -07:00
jkiely 058ee1ce1e mypy: Enable strict optional on lib/soft_deactivation.
Tweaked by tabbott to add assert statements, rather than new
conditionals.
2018-05-17 12:13:53 -07:00
Tim Abbott d4119d0198 initialize_voyager_db: Do nothing if a realm already exists.
This should help avoid confusing error messages for anyone
accidentally running this twice.

In particular, this also makes it easier to run Zulip inside
Kubernetes, since one doesn't need to worry about duplicate calls.
2018-05-17 11:38:09 -07:00
jkiely 104fdd8bf9 mypy: enable strict optional for lib/message.
Add assert in order to pass checks under strict conditions.
2018-05-17 11:12:08 -07:00
jkiely 04c50cffa7 mypy: Enable strict optional in zerver/lib/bugdown.
Explicitly check for none in optional value and set it to a dict.
2018-05-17 11:12:01 -07:00
jkiely b3d43df498 mypy: Enable strict optional for lib/exceptions.
Change return type of reduce_ex to pass under stricter conditions.
2018-05-17 11:11:58 -07:00
jkiely ca3ce90496 mypy: Enable strict optional in lib/avatar.py.
Add assert to function and modify tests in order to pass under
strict conditions.
2018-05-17 11:11:55 -07:00
jkiely a1b5e7d6d5 mypy: Enable strict optional in lib/events.
Modify one variable assignment to pass under strict conditions.
2018-05-17 11:11:53 -07:00
jkiely ad065fde29 mypy: Enable strict optional for lib/notifications.
Modify fix_emojis function to pass under strict conditions.
2018-05-17 11:11:49 -07:00
Tim Abbott d782927b4c test_webhooks_common: Add logging for a test flake case.
This seems to happen occasionally in CI, and we don't know why.
2018-05-17 09:18:31 -07:00
Vishnu Ks 372e9740ac events: Add date_joined to user_dict. 2018-05-17 07:49:35 -07:00
Vishnu Ks 47b0a0d843 queue: Remove unused enqueue_welcome_emails import. 2018-05-17 07:45:37 -07:00
Tim Abbott fc32fe16c6 test_presence: Add debugging output to help track down a flake.
This test has been failing nondeterministically, and the debug output
should help us figure out why.
2018-05-17 07:44:46 -07:00
Rishi Gupta 847e13cd54 push bouncer: Fix instructions in register_server.py. 2018-05-17 04:50:33 -07:00
Steve Howell 8812dba57e Add server-side widget support for poll/tictactoe. 2018-05-16 15:13:33 -07:00
Steve Howell 1f0ffdc415 Add widget.py to enable widgets on the server side.
The only slash command implemented in this initial
version is an extremely crippled version of a
"/stats" slash command that reports that you are
running 1 server.
2018-05-16 15:13:33 -07:00
Steve Howell de47eeb6f1 Add /submessage endpoint. 2018-05-16 15:13:33 -07:00
Steve Howell 4332fd64f7 Add submessages to message payloads. 2018-05-16 15:13:33 -07:00
Steve Howell ff097623fa Add SubMessage table. 2018-05-16 15:13:33 -07:00
Shubham Padia 4d70d032bc populate_db: Make is_web_public default to False.
Explicit mentions of `is_web_public` as False in the stream dict to be
passed to `bulk_create_streams` have been removed.
2018-05-16 13:40:22 -07:00
Shubham Padia 315047a38b populate_db: Make invite_only default to False.
Explicit mentions of `invite_only` as False in the stream dict to be
passed to `bulk_create_streams` have been removed.
2018-05-16 13:40:10 -07:00
Shubham Padia 7b4f6e0058 tests: Make is_announcement_only true for `announce` stream in populate_db.
Makes announce stream `is_announcement_only` for the dev db for easier
manual testing. The default value for `is_announcement_only` in
`bulk_create_streams` is False.
2018-05-16 13:35:45 -07:00
Lyla Fischer 98c50f7041 user docs: Update time-format docs. 2018-05-16 16:17:39 -04:00
Tim Abbott 495104bd56 mypy: Clean test_subs.py of mypy strict-optional errors.
Most of this is just asserting that the sub_dict return value from
access_stream_by_id is not None in the cases where it shouldn't be,
but additionally, we also need to pass a function into
validate_user_access_to_subscribers_helper (in this case, just `lambda:
True` works fine)
2018-05-16 12:09:52 -07:00
Tim Abbott ee0f1992bf lint: Fix lint errors in recently merged tests. 2018-05-15 20:07:33 -07:00
Baron Chandler 1e4f54560a actions: Ensure validate_user_access_to_subscribers_helper raises on invalid params. 2018-05-15 19:14:43 -07:00
Baron Chandler 024e6fc704 actions: Make sure get_recipient_info asserts on invalid recipient type. 2018-05-15 19:14:42 -07:00
Baron Chandler 7251e978d5 actions: Make sure get_typing_user_profiles raises on invalid recipient types. 2018-05-15 19:14:42 -07:00
Tim Abbott f0ef335412 models: Remove unused ModelReprMixin class.
It appeared to be used as a base class in various Django migrations,
but because it didn't define any model fields, it wasn't actually.
2018-05-15 19:11:22 -07:00
Tim Abbott 351fab204b str_utils: Move force_bytes into ccache.py.
This is only used there, and so belongs in that bundle of
barely-maintained code.
2018-05-15 19:07:32 -07:00
Tim Abbott aec57baef2 test_presence: Add tests for various analytics pages.
While maybe these don't all belong in this test file, the overall
effect is that we now have quite good test coverage on
analytics/views.py.

It'd be nice to add some more assert statements for specific values
being present in the pages, but since we're not really working on that
part of the product, it's not a priority yet.
2018-05-15 18:52:18 -07:00
Tim Abbott 276b78e952 tornado: Extract AsyncDjangoHandlerBase and mark as nocoverage.
We're never going to add tests for this block, which is fundamentally
well-tested code from Django with a since line changed which is hard
to screw up (long-polling will not work at all without it).  The hope
is to remove it entirely and replace it with a cleaner monkey-patch,
but until then, unit tests for it would be redundant.
2018-05-15 18:39:52 -07:00
Tim Abbott 00861b910d test_presence: Add tests for seconds_usage_between.
This isn't widely used, but is a nice way to verify the logic further.
2018-05-15 18:37:49 -07:00
Tim Abbott 930cbabbb7 test_queue: Add a test for register_json_consumer.
This expands the coverage of the SimpleQueueProcessor logic to be
mostly complete.  We still don't have real tests for
TornadoQueueProcessor.
2018-05-15 18:24:45 -07:00
Tim Abbott 962c64a1d4 test_queue: Add basic tests for SimpleQueueClient. 2018-05-15 17:56:30 -07:00
Tim Abbott c46149efcb migrate: Remove obsolete act_on_message_ranges.
This has a cool structure, but it's written against the long-dead
South API, and we can always pull it out of the Git history if we want
to use this approach in the future.
2018-05-15 17:19:14 -07:00
Yashashvi Dave b949d10592 /json/bots: Replace email with user_id in API to generate bot_api_key.
Fixes #3643.
2018-05-15 16:37:06 -07:00
Yashashvi Dave d6e2f9fc88 /json/bots: Replace email with user_id in API to update bots. 2018-05-15 16:34:17 -07:00
Tim Abbott 16d807d157 Revert "test_helpers: Fix a nonexistent import."
This reverts commit fa18913b8b.

We fix the typo when doing this, though.
2018-05-15 16:08:29 -07:00
Greg Price fa18913b8b test_helpers: Fix a nonexistent import.
This module doesn't exist, and never did; the name appears to be a
mistaken variant of the module that really does contain ZulipTestCase.
So, fix the import to use the real name.

This would never have worked at runtime, which is why it's in an
`if False:`.  It's also an example of the kind of error that can be
hidden by `ignore_missing_imports`; we'd have caught the issue
immediately if we hadn't had a blanket application of that flag
in place.
2018-05-15 18:14:33 -04:00
Eeshan Garg f29b9f14fd integrations: Update docs for git and codebase.
Doing both as once due to the common dependency on
change-zulip-config-file-indented.md.
2018-05-15 18:02:56 -04:00
Tim Abbott 31ce382e71 coverage: Disable coverage checking for exceptions.py.
We also take the opportunity to slightly improve the errors if
AbstractEnum ever gets used.
2018-05-15 13:57:40 -07:00
Tim Abbott 191e6dc13a create_user: Remove user_profile_id option.
This hasn't been used in years, had no test coverage, and doesn't have
a clear use case.
2018-05-15 13:51:56 -07:00
= e731aeda44 zerver: Remove dead code from do_change_password. 2018-05-15 13:39:53 -07:00
= 9d07faaf0c zerver: Remove dead code from do_create_realm. 2018-05-15 13:39:53 -07:00
= 344d6544da zerver: Remove dead code for accessing subscribers.
These haven't been used in years, and clutter the codebase.
2018-05-15 13:39:39 -07:00
Yashashvi Dave 8909836815 zerver/tests/test_custom_profile_data.py: Refactor tests.
Refactor custom fields creation and deletion tests to assert
if created/deleted field exist or not, instead of asserting
total count of all realm fields.
2018-05-15 12:38:18 -07:00
Shubham Padia 3703013b4f models: Add `is_announcement_only` to Stream.to_dict(). 2018-05-15 12:05:52 -07:00
Baron Chandler f59adfa67c actions: Change do_change_is_admin Exception to an Assertion Error.
- do_change_is_admin now raises AssertionError when a non-admin
  permission is given.
- adds test to test_users to ensure admin asserts on invalid
  permission values.
2018-05-15 11:27:01 -07:00
Baron Chandler 4bdc8332fa zerver: Require permissions be acceptable to do_change_is_admin. 2018-05-15 11:25:47 -07:00
Yago González f9f8d9c578 bugdown: Parse argument JSON files as streams. 2018-05-15 11:05:03 -07:00
RobbieClarken f81b936727 zerver/tests: Require 100% test coverage of zerver/lib/upload.py.
The last line here is impossible to test.

Fixes #4489.
2018-05-15 10:52:20 -07:00
RobbieClarken 17d6d4fed1 zerver/tests: Add test for get_emoji_url for local upload backend. 2018-05-15 10:50:39 -07:00
RobbieClarken fb42b58316 zerver/tests: Test emoji upload for local storage backend. 2018-05-15 10:50:39 -07:00
RobbieClarken 2dc13d6b50 zerver/tests: Test ensure_medium_avatar_url when the file exists. 2018-05-15 10:50:39 -07:00
RobbieClarken 398141268f zerver/tests: Test get_emoji_url for S3. 2018-05-15 10:50:39 -07:00
RobbieClarken dd19ed3972 zerver/tests: Test upload emoji to S3. 2018-05-15 10:50:39 -07:00
RobbieClarken ff95c67197 zerver/tests: Test upload realm icon for S3. 2018-05-15 10:50:39 -07:00
RobbieClarken 25e91b289d zerver/tests: Test delete message image from S3 when file is missing. 2018-05-15 10:50:39 -07:00
RobbieClarken b3a6c0a253 zerver/tests: Test currently_used_upload_space function. 2018-05-15 10:50:38 -07:00
RobbieClarken efc63d4ca0 zerver/tests: Test S3 file upload with undefined content type. 2018-05-15 10:42:10 -07:00
RobbieClarken b9fff04f39 zerver/tests: Add test for resize_emoji for images that need resizing. 2018-05-15 10:42:10 -07:00
RobbieClarken 69a5ce102f zerver/tests: Remove unecessary re-open on files in tests.
The get_test_image_file helper function returns a file handle so we can
call the read method on this directly.
2018-05-15 10:42:10 -07:00
RobbieClarken f34d9dc910 zerver/tests: Test get_realm_for_filename when filename doesn't exist. 2018-05-15 10:42:10 -07:00
Baron Chandler 52d53f4a81 test_subs: Ensure gather_subscriptions_helper excludes deleted streams. 2018-05-15 10:11:32 -07:00
Tim Abbott a2ed06314d send_test_email: Throw an error if email not configured.
This should help minimize confusion when folks try to use this before
properly configuring outgoing email.

Thanks to Bruce Eckel for the report.
2018-05-14 12:02:36 -07:00
RobbieClarken 2cca5dc79f zerver/tests: Test upload when mimetype is supplied as a query param. 2018-05-14 10:58:24 -07:00
Joshua Pan df84e1d7eb tests: Reach 100% coverage for zerver/liv/management.py.
Cleaned up add_user_list_args(). The "help" and
"all_users_help" have all default values. As noted in
an earlier commit, "all_users_help" is always passed in,
so we can get rid of "all_users_arg". We keep the default
for "all_users_help" so we don't have to change variable order
in function definition.
2018-05-14 10:46:21 -07:00
Joshua Pan ef098d2223 management: Remove the parameter required from add_user_list_args.
We remove an unecessary "required" paramter from this function
because as seen in the get_users() function right below, you have
to pass either -u/--users or -a/--all-users, meaning there should
never be a reason to require --users.
2018-05-14 10:46:21 -07:00
Joshua Pan 231b487bca tests: Cover check_config() in zerver/lib/management.py.
Add a comment to code to clarify what the config check does.
2018-05-14 10:46:21 -07:00
Darshan Markandaiah 607cab2a53 tests: Add 100% test coverage to zerver/apps.py.
Tweaked by tabbott to rename to test_cache.py and remove the
sender_name argument (Since it was kinda confusing).
2018-05-14 10:36:10 -07:00
Tim Abbott 726017f682 actions: Remove dead do_change_bot_type function.
This is a tiny fraction of a feature we don't support, so we should
just kill it.
2018-05-13 17:58:49 -07:00
Tim Abbott 8b09118009 actions: Rename pick_color_helper to pick_color.
Now that there's only one function here, it's weird to have the
unnecessary _helper suffix.
2018-05-13 17:52:36 -07:00
Tim Abbott 234b5fa21b actions: Remove dead pick_color function.
We've been using pick_color_helper only for a long time.
2018-05-13 17:52:04 -07:00
Tim Abbott 60cfc210ce address: Remove dead msg_type function.
This was never used; we instead use `.is_stream` and `.is_private`
instead.
2018-05-13 17:47:21 -07:00
Aditya Bansal bd063b86c4 request.pyi: Remove unused import of typing.Text. 2018-05-14 05:16:22 +05:30
Eeshan Garg 5c0d4660c1 models: Add history_public_to_subscribers to Stream.to_dict().
This commit also updates all the relevant parts where this attribute
could be useful, e.g. payloads for user subscriptions.
2018-05-13 09:15:07 -07:00
Shubham Padia 295fcb8536 models: Add `is_announcement_only` to stream_dict in `actions.py`.
Adds `is_announcement_only` to `stream_dict`s in order to access
the property in the frontend.
2018-05-13 09:11:51 -07:00
Shubham Padia 897ed17f0c api: Allow realm_admins to make a stream announcement_only. 2018-05-13 09:11:51 -07:00
Shubham Padia bb8577ba94 stream: Only realm admins can post to an announcement_only streams.
If a non-admin tries to post to an announcement_only stream, error
message will be shown.
2018-05-13 09:11:51 -07:00
Shubham Padia a5759108d3 models: Add field is_announcement_only to stream. 2018-05-13 09:06:20 -07:00
Vishnu Ks 08d20dce23 docs: Cover the missing case in DocPageTest. 2018-05-13 08:56:04 -07:00
Vishnu Ks 99186952f6 integrations: Make integration_doc endpoint work only on ajax. 2018-05-13 08:56:04 -07:00
Aditya Bansal a68376e2ba zerver/lib: Change use of typing.Text to str. 2018-05-12 15:22:39 -07:00
Aditya Bansal 5416d137d3 zerver/tests: Change use of typing.Text to str. 2018-05-12 15:22:39 -07:00
Aditya Bansal 993d50f5ab zerver: Change use of typing.Text to str. 2018-05-12 15:22:39 -07:00
Aditya Bansal 63dff4549f zerver/lib/test_classes.py: Change use of typing.Text to str. 2018-05-12 15:22:39 -07:00
Aditya Bansal c02011d7f5 zerver/lib/bugdown/__init__.py: Change use of typing.Text to str. 2018-05-12 15:22:39 -07:00
Aditya Bansal 97b7075dd2 zerver/lib/actions.py: Change use of typing.Text to str. 2018-05-12 15:22:39 -07:00
Aditya Bansal e9f87671e2 zerver/models.py: Change use of typing.Text to str. 2018-05-12 15:22:38 -07:00
Aditya Bansal e79a2f2707 zerver/tornado: Change use of typing.Text to str. 2018-05-12 15:22:38 -07:00
Aditya Bansal a40ae4cae5 zerver/webhooks: Change use of typing.Text to str. 2018-05-12 15:21:24 -07:00
Aditya Bansal 64ddfc6ac0 zerver/webhooks: Change use of typing.Text to str. 2018-05-10 14:19:49 -07:00
Aditya Bansal e8506b5020 zerver/management: Change use of typing.Text to str. 2018-05-10 14:19:49 -07:00
Aditya Bansal 1f9244e060 zerver/lib: Change use of typing.Text to str. 2018-05-10 14:19:49 -07:00
Aditya Bansal 2f3b2fbf59 zerver/tests: Change use of typing.Text to str. 2018-05-10 14:19:49 -07:00
Tim Abbott 0a39eb2a58 export: Convert a bunch of error cases to AssertionError.
This reflects the fact that these are just defensive programming (we
don't expect them to ever happen) and also nicely makes these lines
not show up in our missing test coverage reports.
2018-05-09 20:49:13 -07:00
Tim Abbott 3872e5521e tornado: Mark setup_tornado_rabbitmq for nocoverage.
We only use this in the direct management command, and it involves
some autoreload process setup stuff that we probably don't want to do
in our unit tests regardless.
2018-05-09 20:49:13 -07:00
Tim Abbott 7e2841b358 bulk_create: Mark bulk_create_streams as nocoverage.
It's only used in `populate_db`, so it gets tested that way.
2018-05-09 20:49:12 -07:00
Tim Abbott 81e17c7d47 test_i18n: Stop using six.moves for SimpleCookie.
This requires a 'type: ignore' because of a typeshed bug.
2018-05-09 20:45:45 -07:00
Tim Abbott 4c1777f146 tests: Add a good set of unit tests for UserActivityInterval.
This system was written years ago and has been working well the whole
time, but having unit tests for it will help future developers in
understanding what the intent is.
2018-05-09 20:45:02 -07:00
Raymond Akornor f67efd5291 zerver: Migrate away from six. 2018-05-09 18:38:25 +00:00
Tim Abbott fba45bb9d3 archive: Add functions for accessing web-public streams.
These will be helpful for variable upcoming projects to support the
web-public streams feature.
2018-05-08 12:12:15 -07:00
Tim Abbott f24630fd4a events: Include data for whether push notifications are enabled.
This is primarily useful for the mobile app, but could also be used to
control whether we display push-notifications related settings to
users in the web UI.
2018-05-08 11:45:13 -07:00
Tim Abbott 6317e4d63c events: Extract post_process_state.
This is a preparatory refactor for potentially being able to call this
from the web-public archive feature's code path.
2018-05-06 23:21:29 -07:00
Tim Abbott 112805251f fetch_initial_state_data: Use realm local variable.
This is just a simple code cleanup.
2018-05-06 23:20:52 -07:00
Tim Abbott 602b13db34 home: Make emojiset an explicit parameter.
This is cleaner than accessing the UserProfile object directly (we
don't really do that anywhere else).
2018-05-06 22:36:29 -07:00
Tim Abbott f648bc1eae register_server: Remove broken, unused import.
This import preventing this script from working in most production
environments.
2018-05-06 21:53:49 -07:00
Yago González 6837fc5d56 i18n: Add missing strings for custom profile fields and fix capitalization.
The "Short/Long Text" option for custom profile fields wasn't properly
capitalized (i.e. "Text" should have been all lowercase), and also
wasn't properly tagged for translation.

For the sake of consistency, the change to proper capitalization has
also been applied to the models and any tests involving this feature.

Due to a bug in Django, it complained about the models having changed
and thus not being consistent with the migrations. That isn't actually
true (since the database stores the numeric values for each key), but
the migrations have been modified to avoid this error. This does not
affect the migrations' behaviour in any way.
2018-05-06 19:44:36 -07:00
Tim Abbott a9dc83d78e register_server: Fix a typo. 2018-05-05 16:42:11 -07:00
Tim Abbott cfd22c6832 zilencer: Clean up logic around mobile push notifications signup.
This fixes exceptions when sending PMs in development (where we were
trying to connect to the localhost push bouncer, which we weren't
authorized for, but even if we were, it wouldn't work, since there's
no APNS/GCM certs).

At the same time, we also set and order of operations that ensures one
has the opportunity to adjust the server URL before submitting
anything to us.
2018-05-05 16:42:00 -07:00
Eeshan Garg 6817232a67 webhooks/bitbucket2: Support events of type "repo:updated". 2018-05-05 15:48:38 -07:00
Eeshan Garg 9fb9c0d901 webhooks: Migrate to validate_extract_webhook_http_header.
This is a part of our efforts to close #6213.
2018-05-05 15:48:38 -07:00
Eeshan Garg 34d1b0ebf1 webhooks: Add helper to extract and validate HTTP event headers.
This is a part of our efforts to close #6213.
2018-05-05 15:48:37 -07:00
Eeshan Garg 19fa73891e actions: Refactor rate-limiting logic out of send_pm_if_empty_stream.
It makes sense to refactor out the last_reminder logic out of
send_pm_if_empty_stream and have a generic function that can send
rate-limited PM notifications to a bot owner and can be used by
methods other than send_pm_if_empty_stream.
2018-05-05 15:46:27 -07:00
Tim Abbott 956bd74905 attachments: Send events for attachment updates.
We send add events on upload, update events when sending a message
referencing it, and delete updates on removal.

This should make it possible to do real-time sync for the attachments
UI.

Based in part on work by Aastha Gupta.
2018-05-04 16:22:27 -07:00
Tim Abbott 69c4645bd2 attachments: Stop fetching attachments in / endpoint.
We only use this data in a rarely-used settings screen, and it can be
large after years of posting screenshots.

So optimize the performance of / by just loading these data when we
actually visit the page.

This saves about 300ms of runtime for loading the home view for my
user account on chat.zulip.org.
2018-05-04 16:22:26 -07:00
Tim Abbott 60185dddfd bots: Fix buggy database queries in loop.
A typo in my reading of 6cc2e8bbff meant
that we were incorrectly doing database queries for each Service
object, just to get the user_profile.id, which we already had.
2018-05-04 15:23:13 -07:00
Tim Abbott 59d3fefc07 bots: Improve performance of fetching core bot data.
This eliminates the need to call user_ids_to_users inside the
get_service_dicts_for_bots code path, saving a database query.

This completes my refactor to fix backend performance issues in this
code path.  Previously, our messy layering of queries that resulted in
Zulip doing work even if none of the bots actually had Services or
config_data.
2018-05-04 13:44:43 -07:00
Tim Abbott 0e81353ce0 bots: Merged get_services_for_bots into its caller.
This function is now only a few lines of simple code called in one
place, and is better eliminated.
2018-05-04 13:41:41 -07:00
Tim Abbott 6cc2e8bbff bots: Remove unnecessary select_related on Service objects.
Given how we're using these, there's no need for the full UserProfile
object to be fetched from the server.
2018-05-04 13:41:29 -07:00
Tim Abbott 186152bfc0 bots: Pass a list of user IDs into get_services_for_bots.
We weren't using the full profile objects.
2018-05-04 13:41:15 -07:00
Tim Abbott 4eb3c72c74 bots: Move get_services_for_bots into actions.py.
It's better to just have this bundle of code all in one place; also,
after some cleanup, we'll be inlining it into
get_service_dicts_for_bots.
2018-05-04 13:36:25 -07:00
Tim Abbott 894a952f6f bots: Compute embedded bots list using bot_dicts. 2018-05-04 13:34:54 -07:00
Tim Abbott 13f1f6a388 bots: Pass the full bot_dicts objects into get_service_dicts_for_bots.
This is preparatory refactoring for not needing to fetch the
bot_profile objects from the database.
2018-05-04 13:33:32 -07:00
Tim Abbott 447f8db8cb get_bot_configs: Adjust API to accept a list of bot user IDs.
This is preparatory refactoring for removing user_profile objects from
the get_service_dicts_for_bots code path.
2018-05-04 13:31:28 -07:00
Tim Abbott fdc1182a76 events: Optimize query for custom profile fields.
Our query for Custom Profile fields was for no good reason passing the
list of all users in the realm (potentially many thousands) into a
database query, rather than letting the database do that join.

Fixing this saves 100ms-200ms in the loading time for / on
chat.zulip.org for all users, since we were previously doing a ton of
work even if the feature wasn't being used.
2018-05-04 12:59:30 -07:00
Vishnu Ks 733da0ac07 settings: Fix 500 when trying to change email to disposable email.
Fixes #9240
2018-05-04 10:52:38 -07:00
Tim Abbott 508dc5b6ed decorators: Add new decorators for guest users.
These decorators will be part of the process for disabling access to
various features for guest users.

Adding this decorator to the subscribe endpoint breaks the guest users
test we'd just added for the subscribe code path; we address this by
adding a more base-level test on filter_stream_authorization.
2018-05-04 10:25:52 -07:00
Tim Abbott 8b26f912af streams: Limit access to public streams for guest users.
With most of the tests tests written by Shubham Dhama.
2018-05-04 09:47:58 -07:00
Tim Abbott 7cbff8b521 push registration: Use standard error message for auth problems.
This avoids adding an unnecessary new translated string.
2018-05-04 09:04:39 -07:00
Tim Abbott 43098a6f7c zilencer: Add automated signup system for push notifications.
Based on an initial version by Rishi Gupta.

Fixes #7325.
2018-05-03 21:27:49 -07:00
Tim Abbott b1ad7593ba validators: Improve mypy type annotations.
The main thing here is writing check_string_fixed_length and
check_capped_string as returning a Validator, but we also fix issues
around passing default=None.
2018-05-03 21:27:43 -07:00
Tim Abbott 51517fa188 request: Add new str_validator validator type.
This is helpful for cases where an argument is supposed to be a normal
string, and we want to use a Zulip validator function to do basic
things like check its length.
2018-05-03 21:11:02 -07:00
Tim Abbott f2e84f25a0 management: Refactor checkconfig code to live in library.
This makes it possible to call this from other management commands.
2018-05-03 21:11:02 -07:00
Tim Abbott ad0cfb3512 validators: Add check_string_fixed_length.
This will be useful in some upcoming work on zilencer.
2018-05-03 14:30:03 -07:00
Tim Abbott 594451707d check_capped_string: Clean up corner case.
We were rejecting strings of length equal to the max.

While we're at it, fix the unnecessary period in the error message,
which doesn't align with similar validators.
2018-05-03 14:30:03 -07:00
Rishi Gupta 42a99e8c1d zilencer: Rename remote_server_unregister_push. 2018-05-03 12:50:29 -07:00
Rishi Gupta 76650f5930 zilencer: Rename remote_server_register_push to register_remote_push_device. 2018-05-03 12:50:29 -07:00
Eeshan Garg d28d08e7da streams: Add get_default_value_for_history_public_to_subscribers().
This commit adds a function that makes it easier to get a default
value for Stream.history_public_to_subscribers when one isn't
explicitly provided.
2018-05-03 10:24:27 -07:00
Armaan Ahluwalia 8fe54a533a test_home: Change requiring pygments.css to requiring app-styles.js.
This commit changes the tests based on the fact that pygments.css
will no longer be found in the template during testing. pygemnts.css
is being compiled by webpack under app-styles and so we look for the
stubentry for app-styles instead.

Tweaked by tabbott to do a cleaner test.
2018-05-02 17:18:11 -07:00
Aditya Bansal c38b70566c views/archive.py: Make 'StreamDoesNotExist' return a error msg page. 2018-05-02 15:23:33 -07:00
Aditya Bansal 5d7907b59f public_archives: Add basic infra for displaying topics.
We add very basic infra so that we can view any discussion which
happened under a topic of a global public stream without
authorization.
2018-05-02 15:23:33 -07:00
Aditya Bansal 75d76e4eb3 lib/streams.py: Extract get_stream_by_id as a separate function.
We extract get_stream_by_id function out of the body of
access_stream_by_id function to help us access streams for archives.
2018-05-02 15:23:33 -07:00
Aditya Bansal 9629be689b populate_db: Add a web public stream to dev database.
We flip the Stream "Rome" to be a web public stream. Also we add
attribute is_web_public in various stream dicts and in the
bulk_create_streams function of bulk_create.py responsible for
default stream creation in dev environment.
2018-05-02 15:23:33 -07:00
Aditya Bansal 1f358954be web_public_streams: Add is_web_public to Stream table.
Also add function do_change_stream_web_public in lib/actions.py
to help in changing a streams web public status.
2018-05-02 15:23:33 -07:00
Umair Khan 29e3a1d576 two_factor: Add templates for 2-factor-auth setup.
Note from Tim: We'll likely need to do some work on the strings in
these before translating, so I removed some translation tags.
2018-05-02 15:20:49 -07:00
Umair Khan b778259547 login-page: Return early if resp is a redirect.
Redirect response does not need a context.
2018-05-02 15:15:37 -07:00
Umair Khan aef2234e97 login_page: Create update_login_page_context().
This will also be used from two factor login.
2018-05-02 14:30:02 -07:00
novokrest 0fb13eed2f outgoing_webhook: Extract success response handling to separate method.
Extract success response handling in do_rest_call() method to
separate method process_success_response()
2018-05-02 11:57:26 -07:00
novokrest 036bc120c3 outgoing_webhook: Extend process_success() return value to tuple.
Change return value type of OutgoingWebhookServiceInterface.process_success
to 2-elements tuple as (success_message, failure_message)
2018-05-02 11:57:08 -07:00
Tim Abbott a0e8a37e7f topics: Fix get_topics_backend logic for zephyr realms.
This removes a check on invite_only, that should have been a check on
history_public_to_subscribers.  In addition to fixing a bug for zephyr
realms, it also makes "more topics" work correctly for realms using
the new settings for stream history being public to subscribers.
2018-05-02 09:02:57 -07:00
Tim Abbott 4df886f36f populate_db: Fix initialization of history_public_to_subscribers.
This was being incorrectly not initialized properly in the test suite,
because we neglected to update the bulk_create code path for creating
streams.
2018-05-02 09:02:57 -07:00
Tim Abbott 866cb38270 test_classes: Compute history_public_to_subscribers correctly.
We apparently missed updating this when we split out this database field.
2018-05-02 09:02:57 -07:00
Rohitt Vashishtha 2f6da2661f push_notifications: Format blockquotes properly in text_output.
New output is of the format:

Hamlet said:
> Polonius said:
> > This is the.
> > Second layer of nesting.
> First layer of nesting.

Fixes #9251.
2018-05-02 08:57:17 -07:00
Vishnu Ks 8705ac1091 portico: Add noindex tags for non root realms.
There may be further work required for the /integrations pages.
2018-05-01 15:28:30 -07:00
Tim Abbott d92edb8ea5 css: Remove support for legacy desktop app.
We haven't seen significant traffic from the legacy desktop app in
over a year, and users using it get a warning to upgrade since last
summer, so it's probably OK to stop providing special fonts for it.
2018-05-01 09:49:28 -07:00
Rohitt Vashishtha 6c96ba79e0 test_bugdown: Fix ignore-testcase feature for markdown_test_cases.
We accidentally were 'return'ing on encountering an ignored case, and thus
exiting the loop, not running further testcases.
2018-05-01 09:24:15 -07:00
Tim Abbott c1432d9dfc slack import: Reformat UserProfile to one-line-per-field.
This should be more readable and convenient for future editing.
2018-05-01 09:16:12 -07:00
Tim Abbott a2f49b425b slack import: Fix some erroneous UserProfile field values.
* tutorial_status was the invalid value 'T'; should be the default of 'W'.
* last_reminder can be just the default None
* enable_desktop_notifications was just the model default of True.
2018-05-01 09:14:47 -07:00
Rhea Parekh f00b80058d slack import: Remove unwanted comments. 2018-05-01 09:09:36 -07:00
Rhea Parekh e579bef8fd slack import: Improve how we construct user_profile objects.
Fixes #9260
2018-05-01 09:09:36 -07:00
Angelika Serwa f4f64243dd custom_profile_fields: Support changing the sort order of the fields.
Tweaked by tabbott for variable naming and the URL.

Closes #8879.
2018-04-30 18:17:41 -07:00
Tim Abbott a4ff917789 emails: Fix spelling of "Unknown IP" and tag for translation. 2018-04-30 12:04:39 -07:00
Vishnu Ks b72874226f enails: Pass new login details as separate variables.
Refactored by tabbott to eliminate some unnecessary complexity.
2018-04-30 12:03:10 -07:00
Vishnu Ks 69b0783b35 emails: Pass realm_name instead of realm in notify_change_in_email context. 2018-05-01 00:11:44 +05:30
Tim Abbott de30474ddd test_custom_profile_data: Don't do a database query on import.
This is a general code cleanlyness improvement.

While we're at it, we combine together two test classes that didn't
have a particularly good reason for existing.
2018-04-30 10:57:23 -07:00
Yashashvi Dave 0a9fbe2ce6 zerver/tests/test_custom_profile_data.py: Refactor tests.
Refactor tests to include generic function for invalid
assertion and remove repetitive assertion code.
2018-04-30 10:53:23 -07:00
Yashashvi Dave a97a00a4c6 custom fields: Replace field id with field name in error message. 2018-04-30 10:53:23 -07:00
Yashashvi Dave 0d7d94d0db custom fields: Add support for custom URL field type. 2018-04-30 10:53:23 -07:00
Yashashvi Dave 4033f210af custom fields: Add support for custom date field type. 2018-04-30 23:04:25 +05:30
Yashashvi Dave 94d787aa2e zerver/test/test_custom_profile_data.py: Remove hard-coded field no's. 2018-04-30 23:04:25 +05:30
Yashashvi Dave 66759358e2 create stream: Add maxlength restriction on name and description. 2018-04-30 10:11:25 -07:00
Yashashvi Dave 7e9ccead2e stream settings: Fix server error on long stream description.
Add backend validations to check stream description length.
2018-04-30 10:11:23 -07:00
Tim Abbott 976e61d687 validators: Improve error messages for check_capped_string. 2018-04-30 10:07:06 -07:00
Yashashvi Dave 7bbe44d7a0 org settings: Remove "Delete streams" administrative tab from settings.
Fixes #9227
2018-04-30 17:47:34 +05:30
Eeshan Garg 0a7d1bc746 webhooks/freshdesk: Update docs to conform to new style guide. 2018-04-29 18:06:14 -07:00
Eeshan Garg 057ff9c91e models: Add Stream.history_public_to_subscribers.
This commit adds a new field history_public_to_subscribers to the
Stream model, which serves a similar function to the old
settings.PRIVATE_STREAM_HISTORY_FOR_SUBSCRIBERS; we still use that
setting as the default value for new streams to avoid breaking
backwards-compatibility for those users before we are ready with an
actual UI for users to choose directly.

This also comes with a migration to set the value of the new field for
existing streams with an algorithm matching that used at runtime.

With significant changes by Tim Abbott.

This is an initial part of our efforts on #9232.
2018-04-28 22:54:04 -07:00
Tim Abbott e087be6630 home: Ignore handlebars errors in the test suite.
The handlebars error message is just for the manual development
environment; this prevents the state of compiling handlebars templates
from run-dev.py from potentially causing the unit tests to fail.
2018-04-28 13:49:24 -07:00
Tim Abbott 7d6bb3dcb4 settings: Remove obsolete default_desktop_notifications setting.
This actually hasn't been hooked up to do anything in years.

While we're at it, we remove the entire "Zulip Labs" settings page.
2018-04-28 13:46:07 -07:00
Shubham Dhama 30b1ec9433 org settings: Change default allow_community_topic_editing value.
This changes the default value of allow_community_topic_editing to
`True` which was merged with `False` default value temporarily.
2018-04-28 13:00:29 -07:00
Tim Abbott 127ac0df54 auth: Remove unnecessary case from validate_email_for_realm.
The removed code path was only needed due to buggy setup code in the
test_cross_realm_scenarios test.  We address that with a less buggy
workaround, and which lets us remove unnecessary complexity from this
important validation function.

Thanks for Umair Waheed for some preliminary work on this.

Fixes #7561.
2018-04-28 11:03:03 -07:00
Tim Abbott a3fc7d1371 message_edit: Fix spelling of "has passed". 2018-04-27 19:24:14 -07:00
YJDave 6bef44a9fa org setting: Add time limits for message deleting.
Add realm setting to set time limit for message deleitng.
Set default value of message_content_delete_limit_seconds
to 600 seconds(10 min).

Thanks to Shubham Dhama for rebasing and reworking this.  Some final
edits also done by Tim Abbott.

Fixes #7344.
2018-04-27 19:22:28 -07:00
Eeshan Garg 7d14ce2cb6 pypi packaging: Upgrade to release 0.4.6.
As a part of the upgrade, we had to update our API tests in
zerver/lib/api_test_helpers.
2018-04-27 14:50:25 -07:00
Tim Abbott abef9f203b api: Don't use ujson library unecessarily.
ujson is very fast, but doesn't provide good error messages for
parsing errors.
2018-04-27 14:49:46 -07:00
Eeshan Garg bd2270eecb test-api: Add test helpers that pretty-print JSON output. 2018-04-27 14:49:34 -07:00
Eeshan Garg 3db515b306 webhooks/pivotal: Add "epic_update_activity" to unsupported types.
Epics are a way to further organize Pivotal Stories and are a
somewhat advanced feature that would take a significant amount of
work to properly implement. Unless we get requests for supporting
epics, I don't think we should support them.
2018-04-27 14:26:14 -07:00
Tim Abbott 224acb8256 email_mirror: Add a test for sending to a private stream.
This verifies an important case.  We still have an open bug for why in
some production environments, the email_gateway_bot seems to not be
tagged as an API super user (resulting in this code path not working).
2018-04-27 13:56:06 -07:00
Vishnu Ks f140b0e870 emails: Add translation tags to invitation. 2018-04-27 11:59:36 -07:00
Vishnu Ks 185811f436 emails: Add translation tags to find_team. 2018-04-27 11:59:36 -07:00
Tim Abbott 0ea46e06c9 signals: Remove an unused import. 2018-04-26 11:11:45 -07:00
Tim Abbott 2cdd367d49 email_mirror: Fix handling of empty topic.
Also fixs some corner cases around pure-whitespace topics, and
migrates from the years-obsolete "no subject".

Fixes #9207.
2018-04-26 10:21:29 -07:00
Tim Abbott 3392c607c7 github_legacy: Use a client string for Legacy webhook.
This should make it easier to ensure we're getting all users migrated
off this webhook.
2018-04-26 10:21:29 -07:00
Tim Abbott 32c841dfbc github_legacy: Suppress certain TypeError exceptions. 2018-04-26 10:21:29 -07:00
Umair Khan cf2f6b38dd profile: Add choice field.
Fixes part of #8878
2018-04-26 00:35:51 -07:00
Umair Khan 4ea3e8003a profile: Create mypy types for profile data.
This makes the code more readable.
2018-04-25 23:28:27 -07:00
Umair Khan a1b384039c profile: Check field_type against FIELD_TYPE_CHOICES. 2018-04-25 23:28:27 -07:00
Tim Abbott d5946de718 decorator: Add nocoverage comments for rate_limit decorator.
We've already got a bunch of other comments on work we need to do for
this decorator and an open issue that will ensure we at some point
rework this and add tests for it.  In the meantime, I'd like to lock
down the rest of decorator.py at 100% coverage.

Fixes #1000.
2018-04-25 22:37:12 -07:00
Tim Abbott 18e7ef23fc decorator: Add a test to more fully cover require_post.
We also add a nocoverage for what is currently an impossible code
path.
2018-04-25 22:37:09 -07:00
Tim Abbott 2afec13074 decorator: Don't require coverage on @asynchronous @csrf_exempt case.
This line is potentially valuable if we ever do more with this code
path, and doesn't really cost us anything.
2018-04-25 22:36:48 -07:00
Tim Abbott dfb946d84b decorator: Test error cases for authenticated_rest_api_view.
We now have 100% coverage on this important function.
2018-04-25 22:36:48 -07:00
Tim Abbott 6f87091120 test_push_notifications: Cover the last lines of validate_api_key.
This push notification bouncer error case wasn't previously tested.
2018-04-25 22:36:48 -07:00
Tim Abbott 2ac67a9c2f decorator: Add nocoverage markings for a few functions. 2018-04-25 22:02:09 -07:00
Tim Abbott c6b062f26e test_decorators: Add coverage to to_not_negative_int_or_none. 2018-04-25 21:59:48 -07:00
Tim Abbott e78b11e920 decorator: Move flexible_boolean to github webhook.
We don't really intend to use this hacky function elsewhere in the
codebase, so it's best to move it out of a core file.
2018-04-25 21:59:48 -07:00
Tim Abbott 2217285ac0 test_push_notifications: Add a better test for auth code path.
This is mostly to prevent an issue similar to the one fixed in the
last commit.
2018-04-25 21:51:24 -07:00
Tim Abbott 2fa58fe9ad decorator: Fix exception format for invalid API key.
This exception class was clearly missing the part where `role` gets
stored, which was intended to be inherited from
InvalidZulipServerError.

This fixes an unnecessary 500 error in the push notifications bouncer.
2018-04-25 21:44:31 -07:00
Tim Abbott b40780d003 mypy: Fix errors in new bugdown module.
I introduced these when making final changes before merging.
2018-04-25 15:56:46 -07:00
Lyla Fischer 0f3cb14aae user docs: Use {settings_tab} macro for more organization settings. 2018-04-25 14:39:30 -07:00
Lyla Fischer dbc573584b user docs: Use the {settings_tab} macro for four organization settings. 2018-04-25 14:39:30 -07:00
Lyla Fischer b2be1a67f8 help docs: Add {settings_tab} for the first three org settings. 2018-04-25 14:39:30 -07:00
Lyla Fischer 68f68bf56d help docs: Use {settings_tab} macro for some user settings. 2018-04-25 14:39:30 -07:00
Lyla Fischer a4ea71ec0f help docs: Use {settings_tab|notifications} macro. 2018-04-25 14:39:30 -07:00
Lyla Fischer d40f246599 help docs: Use {settings_tab|display-settings}. 2018-04-25 13:51:29 -07:00
Lyla Fischer b24659b005 bugdown: Add {settings|my-setting} macro.
Tweaked by tabbott to add a test and fix a super subtle issue with the
relative_settings_link variable having been set once the first time a
/help article was rendered.
2018-04-25 13:41:24 -07:00
Tim Abbott ff9371d63c slack import: Fix issues with Slack empty files.
Fixes #9217.
2018-04-25 10:20:55 -07:00
neiljp (Neil Pilgrim) 9692a8572d mypy: Add assertion in timeout.py. 2018-04-25 08:58:55 -07:00
Rishi Gupta 718a87bd47 emails: Update followup_day1. 2018-04-25 08:52:29 -07:00
Rishi Gupta d57e10158c portico: Update text on confirm_continue_registration.
A common path is a new user goes to realm_uri, which redirects to
realm_uri/login, and clicks the google auth button thinking it is a
registration button.

This commit just changes the wording on the page they land on to be
friendlier for that use case.
2018-04-25 08:50:24 -07:00
Tim Abbott 62fb139af7 Revert "test_fixtures: Add settings files to things that require reprovision."
This reverts commit 2bc51931a8.

See #9210 for the follow-up work needed before we can re-add this.
2018-04-24 11:01:20 -07:00
Tim Abbott 79e8bff8fa views: Change use of typing.Text to str.
This is the first part of a general migration of our typing codebase
to use the simpler `str` for strings.
2018-04-23 18:51:23 -07:00
Aditya Bansal ae398dc48b csp_nonce: Add nonce to script tags loading minified JS. 2018-04-24 06:13:21 +05:30
Aditya Bansal e9f2efedb5 minified_js.py: Remove dead code used for handling js minification.
This piece of code was used when we used Django template engine. Since
we moved to Jinja2 template engine, we wrote a newer version of this
function (minified_js) in 'zproject/jinja2/compressors.py' which is
now used in our templates. This newer function essentially retired the
old function defination and thus the old code became dead. We probably
missed out this clean up at the time we migrated to Jinja2 template
engine.
2018-04-24 06:13:21 +05:30
Aditya Bansal 8c0a5c69f3 csp: Dynamically generate and add nonce to script tags. 2018-04-24 06:13:21 +05:30
Preston Hansen efc7967355 slack import: Update `build_zerver_realm` to use `Realm` defaults.
Fixes #9131.
2018-04-23 17:15:51 -07:00
Vishnu Ks 134fdd8fd0 bugdown: Replace vimeo link with video title. 2018-04-23 17:04:24 -07:00
Vishnu Ks 5671cef6d0 bugdown: Cleanup Vimeo preview. 2018-04-23 17:04:24 -07:00
Tim Abbott 1703e23980 templates: Move all core app templates into a subdirectory.
This should make it easier to find the templates that are actually
part of the core webapp, instead of having them all mixed together
with the portico pages.
2018-04-23 16:46:37 -07:00
Tim Abbott c4b886d8ae import: Split out import.py into its own module.
This should make it a bit easier to find the code.
2018-04-23 15:21:12 -07:00
Eeshan Garg 8158342ad3 decorators: Log webhook error payloads in authenticated_rest_api_view.
This completes the effort to ensure that all of our webhooks that do
parsing of the third-party message format log something that we can
use to debug cases where we're not parsing the payloads correctly.
2018-04-23 14:14:42 -07:00
Eeshan Garg ad1b043098 webhooks/updown: Update docs to conform to style guide. 2018-04-23 12:03:34 -07:00
Eeshan Garg c4bfb5022c webhooks/sentry: Update docs to conform to new style guide. 2018-04-23 12:03:34 -07:00
Preston Hansen 0258d7db0d slack import: Be less strict in `check_subdomain_available`.
If the sysadmin is doing something explicit in a management command,
it's OK to take a reserved or short subdomain.

Fixes #9166.
2018-04-23 11:48:12 -07:00
Vishnu Ks c9e932a7ce settings: Add support for Hangouts as the video chat provider.
The only thing that's annoying about this feature is that you need to
be a paying G Suite customer to use it.
2018-04-23 09:39:47 -07:00
Tim Abbott 01be6b01b1 validate_domain: Add verification of domain length. 2018-04-23 09:29:03 -07:00
Vishnu Ks d1c143de42 models: Add attribute for video provider in realm. 2018-04-23 09:15:12 -07:00
Eeshan Garg 980218aea2 webhooks/papertrail: Update docs to conform to style guide. 2018-04-23 00:07:19 -07:00
Eeshan Garg 58e70ec858 webhooks/transifex: Update docs to conform to style guide. 2018-04-23 00:07:19 -07:00
Eeshan Garg 81f0f2ebd3 webhooks/semaphore: Update docs to conform to style guide. 2018-04-23 00:07:19 -07:00
Eeshan Garg ed719c7d5a webhooks/wordpress: Update docs to conform to style guide. 2018-04-23 00:07:19 -07:00
Tim Abbott a9fb02b712 test_auth_backends: Add a test for GitHub auth mobile_flow_otp. 2018-04-22 19:55:05 -07:00
Tim Abbott c88163eea8 auth: Make "Continue to registration" actually register you.
The main change here is to send a proper confirmation link to the
frontend in the `confirm_continue_registration` code path even if the
user didn't request signup, so that we don't need to re-authenticate
the user's control over their email address in that flow.

This also lets us delete some now-unnecessary code: The
`invalid_email` case is now handled by HomepageForm.is_valid(), which
has nice error handling, so we no longer need logic in the context
computation or template for `confirm_continue_registration` for the
corner case where the user somehow has an invalid email address
authenticated.

We split one GitHub auth backend test to now cover both corner cases
(invalid email for realm, and valid email for realm), and rewrite the
Google auth test for this code path as well.

Fixes #5895.
2018-04-22 19:55:05 -07:00
Tim Abbott c65a4e8f0b test_signup: Remove unnecessary LoginOrAskForRegistrationTestCase.
This test class is basically a poor version of the end-to-end tests
that we have in `test_auth_backends.py`, and didn't really add any
value other than making it difficult to refactor.
2018-04-22 19:41:18 -07:00
Tim Abbott 2dcec3704c auth: Introduce confirmation_link local variable.
This is just a prepartory refactor in maybe_send_to_registration.
2018-04-22 16:24:43 -07:00
Tim Abbott 8026b4f9db auth: Refactor login_or_register_remote_user interface.
By moving all of the logic related to the is_signup flag into
maybe_send_to_registration, we make the login_or_register_remote_user
function quite clean and readable.

The next step is to make maybe_send_to_registration less of a
disaster.
2018-04-22 16:24:43 -07:00
Tim Abbott 64023fc563 auth: Fix incorrect use of get_realm_from_request.
The code in maybe_send_to_registration incorrectly used the
`get_realm_from_request` function to fetch the subdomain.  This usage
was incorrect in a way that should have been irrelevant, because that
function only differs if there's a logged-in user, and in this code
path, a user is never logged in (it's the code path for logged-out
users trying to sign up).

This this bug could confuse unit tests that might run with a logged-in
client session.  This made it possible for several of our GitHub auth
tests to have a totally invalid subdomain value (the root domain).

Fixing that bug in the tests, in turn, let us delete a code path in
the GitHub auth backend logic in `backends.py` that is impossible in
production, and had just been left around for these broken tests.
2018-04-22 16:24:43 -07:00
Tim Abbott b36298efda mypy: Fix a missing type annotation in auth code. 2018-04-22 16:24:43 -07:00
Tim Abbott 00c9f45821 auth: Remove dead invalid_subdomain code path.
This code path has actually been dead for a while (since
`invalid_subdomain` gets set to True only when `user_profile` is
`None`).  We might want to re-introduce it later, but for now, we
eliminate it and the artificial test that provided it with test
coverage.
2018-04-22 14:44:06 -07:00
Tim Abbott 65025e8327 auth: Add return_data for RemoteUserBackend.
This is done mainly because this backend has the simplest code path
for calling login_or_register_remote_user, more than because we expect
this case to come up.  It'll make it easier to write unit tests for
the `invalid_subdomain` corner case.
2018-04-22 14:44:06 -07:00
Tim Abbott 6df821a40f tests: Replace messy direct test of login_or_register_remote_user.
This code path is much more naturally tested with the existing
end-to-end test for the function that we have for the RemoteUser auth
backend.
2018-04-22 14:44:06 -07:00
Tim Abbott f806526551 auth: Remove unused request.verified_email variable.
This has never been used since it was introduced in the very first
version of our Google auth code in April 2013.
2018-04-22 14:44:06 -07:00
Shubham Dhama 26d2ffa821 populate_db: Add new user of "guest" type.
The purpose of this user is to act as a guest.
(This is a preliminary step in adding the guest type of user
and is a part of #8385.)
2018-04-20 16:20:00 -07:00
Shubham Dhama 1191f1730a guest: Add a model field for guest users.
This adds new field `is_guest` to UserProfile model and
is meant for the new type of user i.e. "Guest Users".

(Part of #8385).
2018-04-20 16:08:29 -07:00
Tim Abbott 49f58583a4 models: Introduce can_access_public_streams field.
This is a simple computed field.  It's intended to more clearly
capture the meaning of this restriction for the users in zephyr mirror
realms, and eventually support guest user accounts in normal Zulip
realms.
2018-04-20 12:06:57 -07:00
Tim Abbott dc6d7d0d12 actions: Use presence_disabled for presence zephyr_mirror code path.
This is part of the effort to remove the use of is_zephyr_mirror_realm
across the code path for situations that might be relevant for other
users.  It helps keep the code readable.
2018-04-20 12:06:57 -07:00
Tim Abbott 7e91e66987 import: Fix ordering of subdomain availability check.
When you're importing with --destroy-rebuild-database, we need to
check subdomain availability after we've cleared out the database;
otherwise, trying to reuse the same subdomain doesn't work.
2018-04-20 10:39:30 -07:00
Tim Abbott 360d708340 gitlab: Document the local network security setting.
This should help users debug issues with the GitLab webhook not
working with recent GitLab releases.
2018-04-20 08:34:38 -07:00
Roman Godov d99758129e subs: Notify organization admins when private streams are renamed.
This commit sends the event for renaming of a private stream to
organization admins of the realm, in addition to the obvious list of
subscribers of the private stream.

Normally, admins can manage a private stream (e.g. unsubscribing a
user).  But when the admin tried to unsubscribes a user from a
previously renamed stream, we previously were throwing a JS error, as
the webapp hadn't been notified about the new stream name.

Fixes #9034.
2018-04-19 22:00:18 -07:00
Preston Hansen e168f9938c tests: Refactor use of test and webhook data fixtures. 2018-04-19 21:50:29 -07:00
Preston Hansen 76d6c71595 tests: Move zerver/fixtures to zerver/tests/fixtures for clarity.
Fixes #9153.
2018-04-19 21:50:17 -07:00
Umair Khan 0420b89468 profile: Add hint attribute to custom profile fields.
This is the model for #8876.
2018-04-19 11:32:35 -07:00
Umair Khan 00ffa808da check_capped_string: Return a validator.
This allows us to create custom validators.
2018-04-19 11:21:50 -07:00
Eeshan Garg 19177a4aff webhooks: Move github_webhook/ to github/. 2018-04-19 11:00:55 -07:00
Eeshan Garg 48b8558c02 webhooks: Move github/ to github_legacy/ and remove docs. 2018-04-19 11:00:55 -07:00
Tim Abbott aa4b067e68 avatars: Fix 500 with the /avatar/ URL to be a 404.
Apparently, we had a somewhat sloppy regular expression for the URL
for this endpoint.
2018-04-18 12:43:57 -07:00
Tim Abbott 7dfa0edfa6 slack import: Don't try to import pinned/unpinned items.
There isn't a corresponding Zulip concept, and they don't have a
"text" attribute, so there's no message content to import.
2018-04-18 11:36:31 -07:00
Tim Abbott acd3a364e1 slack import: Refactor handling of dropped messages.
This is a more coherent ordering, because some messages we skip lack a
"text" attribute.
2018-04-18 11:35:59 -07:00
Tim Abbott e759fd9be4 slack import: Improve error handling for invalid messages. 2018-04-18 11:29:40 -07:00
Shubham Dhama b26c38bc47 analytics: Make stats of all realms accessible to server admins.
In this commit:
Two new URLs are added, to make all realms accessible for server
admins. One is for the stats page itself and another for getting
chart data i.e. chart data API requests.
For the above two new URLs corresponding two view functions are
added.
2018-04-18 11:06:50 -07:00
Shubham Dhama 40dc48a033 decorator: Add decorator for checking whether user is server admin.
This is just variabnt of `require_server_admin` for JSON/api views.
2018-04-18 11:01:46 -07:00
Tim Abbott 1410a1e460 slack import: Remove unnecessary zerver_realm_skeleton.json.
This was stored as a fixture file under zerver/fixtures, which caused
problems, since we don't show that directory under production (as its
part of the test system).

The simplest emergency fix here would be to just move the file, but
when looking at it, it's clear that we don't need or want a fixture
file here; we want a Python object, so we just do that.

A valuable follow-up improvement to this block would be to create an
actual new Realm object (not saved to the database), and dump it the
same code we use in the export tool; that should handle the vast
majority of these correctly.

Fixes #9123.
2018-04-18 10:33:53 -07:00
Tim Abbott 77ca9e7eca hotspots: Tag strings for translation. 2018-04-18 09:33:09 -07:00
Tim Abbott 9f844ff681 tornado: Fix logging of tornado activity level.
This logging was apparently broken when sorting imports; it's a fairly
unique thing in our codebase that this would be a problem.  Prevent
future regressions by adding this exception explicitly to the isort
configuration.
2018-04-17 15:59:01 -07:00
Vishnu Ks cc93ac34a8 coverage: Add coverage to estimate_recent_messages.
With this message.py is fully covered and can be
removed from not_yet_fully_covered in test-backend.
2018-04-17 11:01:20 -07:00
Eeshan Garg 4fbdfef63b webhooks/stripe: Update docs to conform to new style guide. 2018-04-17 09:07:27 -07:00
Eeshan Garg dde9bb448f webhooks/circleci: Add steps instead of linking to CircleCI docs.
We let Markdown increment the list step numbers, which is more
reliable than keeping track of numbered-steps manually.

Also, instead of linking to the CircleCI docs, we now have full
instructions for how to setup a webhook by modifying the circle.yml
file.
2018-04-16 16:39:23 -07:00
Tim Abbott 5cc70675c6 webhooks: Suppress errors from very old GitLab versions.
Ancient GitLab from several years ago doesn't include the
HTTP_X_GITLAB_EVENT header (and seems to have a different format), so
we should ignore its requests.

Might be good to document the version threshhold, but it's very hard
to tell from Googling what it is.
2018-04-16 16:13:20 -07:00
Tim Abbott e2f8bc9eac /api: Fix tests for /api homepage. 2018-04-16 16:13:20 -07:00
Rhea Parekh a2070fb7e5 slack importer: Add comment on size information of avatars.
The size information of an avatar is not required during the import.
Check function 'import_uploads_local' and 'import_uploads_s3'
in 'export.py' for this.
2018-04-16 14:44:57 -07:00
Nikhil Kumar Mishra 91412e5843 test_upload: Add test for `get_realm_for_filename`. 2018-04-16 11:52:44 -07:00
Nikhil Kumar Mishra c96dc1652e test_upload: Add tests for `resize_emoji`. 2018-04-16 11:52:44 -07:00
Tim Abbott 0c30a26d81 bulk_create: Remove some long-dead code.
We used to use these in populate_db, but haven't done so in a long
time, and it doesn't seem likely that will change anytime in the
future.
2018-04-16 11:41:42 -07:00
Ben Reeves fdfbd45208 soft_deactivation: Change `<` to `<=` in add_missing_messages.
We should still short-circuit the iteration in
`add_missing_messages` if the unsubscription was the last
thing to happen to the user before unsubscription and
soft deactivation.
2018-04-16 11:28:08 -07:00
Alyssa Wagenmaker d4e5777296 tests: Test user unsubscribing before soft deactivation.
Brings lib/soft_deactivation.py up to 100% test coverage.

Improves: #7089.
2018-04-16 11:28:08 -07:00
Rhea Parekh f6b6aa1e75 slack import: Implement threading as a management command. 2018-04-15 19:53:02 +05:30
Rhea Parekh 7c0c3930a8 slack importer: Thread avatar downloads. 2018-04-15 19:53:01 +05:30
Rhea Parekh ebc2ee28e9 slack importer: Thread emoji downloads. 2018-04-15 19:52:59 +05:30
Rhea Parekh 8a291d0232 slack importer: Thread attachment downloads.
Use Zulip's run_parallel method to run thread downloads.
2018-04-15 19:51:58 +05:30
Eeshan Garg 6d86c83966 webhooks/solano: Update docs to conform to style guide. 2018-04-14 09:38:22 -07:00
Eeshan Garg eec7e17e70 webhook/raygun: Update docs to conform to style guide. 2018-04-14 09:38:22 -07:00
Eeshan Garg c51a3dce62 webhooks/pivotal: Update docs to conform to style guide. 2018-04-14 09:38:22 -07:00
Eeshan Garg 911b9582bd webhooks/opbeat: Update docs to conform to style guide. 2018-04-14 09:38:22 -07:00
Eeshan Garg 3e0eb9530c webhooks: Remove the Facebook integration.
Rishi and I decided that it makes sense to get rid of the Facebook
integration for a few reasons, some of which are:

* The setup process is too complicated on Facebook's end. The users
  will surely have to browse Facebook's huge API reference before even
  having a vague idea of what they want.
* Slack chooses not to have a Facebook integration, but relies on
  Zapier for it. Zaps that integrate with Facebook are much more
  streamlined and the setup process isn't as much of a pain. Zapier's
  Facebook Zaps are much more fine-tuned and there are different Zaps
  for different parts of the FB API, a luxury that would likely span
  2K+ lines of code on our end if we were to implement it from
  scratch. So, I think we should relegate integration with Facebook to
  Zapier as well!
* After thoroughly testing the setup process, we concluded that the
  person who submitted the FB integration didn't really test it
  thoroughly because there were some gaping holes in the docs (missing
  steps, user permissions, etc.).
2018-04-14 09:38:22 -07:00
Tim Abbott 5ddf2614f0 uploads: Add new way of querying for mobile uploads endpoint.
This extends the /user_uploads API endpoint to support passing the
authentication credentials via the URL, not the HTTP_AUTHORIZATION
headers.  This is an important workaround for the fact that React
Native's Webview system doesn't support setting HTTP_AUTHORIZATION;
the app will be responsible for rewriting URLs for uploaded files
directly to add this parameter.
2018-04-13 17:51:45 -07:00
Tim Abbott db830c4085 bugdown: Replace link to old pre-open-source Zulip trac. 2018-04-13 08:41:44 -07:00
Rohitt Vashishtha 9e7929417d markdown: Increase rendered_content length limit.
This commit increases the rendered_content limit from 2x to 10x of the
original message length.

Earlier, we had placed a limit of MAX_MESSAGE_LENGTH * 2 for the
rendered content (explained in commit
77addc5456).  That limit was based on
the assumption that in most cases, the rendered content wouldn't cause
a large increase in message length. However, quite prominently in
syntax highlighted codeblocks, that wasn't true and this caused the
limit condition to be hit for long messages composed primarily of code
blocks.

Example: The following message would render close to 10x it's original size.

```py
if:
def:
print("x", var)
x = y
```

Because the syntax highlighted logic is extremely compressible, having
rendered_content reach up to 100KB doesn't create a network
performance problem.
2018-04-13 08:39:51 -07:00
Rohitt Vashishtha 3bdc8bbaa5 CVE-2018-9986: Fix XSS issues with frontend markdown processor.
This fixes a set of XSS issues with Zulip's frontend markdown
processor, which is used in a limited set of contexts, such as local
echo of messages and the drafts feature.

The implementation of several syntax elements, including the <em>
syntax, user and stream mentions, and some others failed to properly
escape the content inside the syntax.

Fix this, and add tests for each corrected code path.

Thanks to w2w for reporting this issue.
2018-04-12 09:46:37 -07:00
Tim Abbott e6833b6427 cleanup: Remove the legacy Dropbox file upload integration.
This has been hard-disabled for years, we have no plans to re-enable
it, and it has some hacky code in it.
2018-04-11 11:39:48 -07:00
Aditya Bansal 6c1a50da76 csp_reports: Add endpoint to handle logging of reports sent by clients. 2018-04-11 23:01:13 +05:30
Vishwesh Jainkuniya 383c62fb03 dev_login: Identify each user's realm when listing them.
This is a mobile-specific endpoint used for logging into a dev server.
On mobile without this realm_uri it's impossible to send a login request
to the corresponding realm on the dev server and proceed further; we can
only guess, which doesn't work for using multiple realms.

Also rename the endpoint to reflect the additional data.

Testing Plan:
Sent a request to the endpoint, and inspected the result.

[greg: renamed function to match, squashed renames with data change,
 and adjusted commit message.]
2018-04-10 17:03:36 -07:00
Rhea Parekh f7398cbb09 slack import: Implement custom profile fields.
Add custom profile fields in the slack converted
data 'realm' file.
Added tests for the custom profile fields.

Fixes #8928
2018-04-10 13:28:53 -07:00
Rhea Parekh 852e8516b4 slack import: Add custom profile fields.
Build CustomProfileField and CustomProfileFieldValue
for every user and process the field type after getting an
entire list of the custom fields.
2018-04-10 13:28:53 -07:00
Rhea Parekh ccefaf7b26 scripts: Remove the depreciated script 'postgres-reset-sequences'. 2018-04-10 13:07:14 -07:00
rht a183186672 slack importer: User session.get to recycle previous connections. 2018-04-09 22:02:01 -07:00
Shubham Dhama b650b6b38c markdown: Add @stream as an alias for @all.
Fixes: #8930.
2018-04-09 16:35:14 -07:00
rht 7a8655cc50 Slack importer: Add test for Slack channel mention to Zulip stream mention. 2018-04-09 10:47:39 -07:00
rht 630adb406b Slack importer: Map Slack channel mentions to Zulip stream mentions. 2018-04-09 10:47:39 -07:00
Rhea Parekh 035c440ff3 import script: Support import custom profile fields.
Import of Custom profile fields is only supported for slack
import script for now.
2018-04-09 10:45:35 -07:00
Tim Abbott c41d7ee300 slack import: Write reasonable multi-line JSON.
This is a lot better for debugging.
2018-04-09 10:45:35 -07:00
Rhea Parekh ed7127c8b4 import script: Delete medium sized avatars if it exists.
Deletion of medium sized image is done if it exists before calling the
function 'ensure_medium_avatar_image', to avoid potentially confusing
problems with left-over medium-size avatar images from a previous run
being used when repeatedly importing the same realm in a development
environment..

Fixes #8949.
2018-04-08 07:04:24 -07:00
rht f6feac1316 Slack importer: Map Slack command for mentions to Zulip's all.
Fixes #9003.
2018-04-07 20:02:39 -07:00
Rhea Parekh e037c2f93e import script: Fix upload links.
Rendered content is None for Slack imports, hence it is replaced only
for Zulip->Zulip imports.

Fixes #8959.
2018-04-07 20:01:20 -07:00
Rhea Parekh b3f951d2cf import script: User profile ids should be allocated before allocating bot ids. 2018-04-07 13:28:33 +05:30
Vishnu Ks e92838a31f registration: Catch email validation error and show error message. 2018-04-06 15:18:32 -07:00
Shubham Dhama 0e6757af5c org settings: Change default realm description to empty string.
This fixes a traceback that users would get when editing the realm
description just after creating a new organization.
2018-04-06 15:15:47 -07:00
Rhea Parekh 2baa9bc16e Import: Add subdomain in the import script.
Also remove user input of subdomain in the slack data
conversion script.
2018-04-06 09:12:56 -07:00
Tim Abbott ad861c5fae messages: Improve comment on need_messages. 2018-04-06 08:57:46 -07:00
Eeshan Garg 42bbfea775 webhooks/splunk: Update docs to conform to style guide. 2018-04-05 23:28:27 -07:00
Eeshan Garg 7b1ce446cf webhook/opsgenie: Update docs to conform to style guide. 2018-04-05 22:47:22 -07:00
Eeshan Garg 2e700477e3 webhooks/groove: Update docs to conform to style guide. 2018-04-05 22:47:21 -07:00
Eeshan Garg 902ab01785 webhooks/trello: Update docs to conform to style guide.
This one is one of the most tedious to set up and get working.

We now also rely on the Trello scripts available as part of the
`python-zulip-api/zulip` API package to make the setup process
easier.
2018-04-05 14:48:37 -07:00
Tim Abbott b0b134cb4c help: Clean up settings_html and subscriptions_html.
After some thinking, I don't think there's any actual value to doing
the ../ style relative links here, whereas there is actual harm from
the links being slightly broken in the current model.  We fix this by
just using /#settings as the URL.

Fixes #8978.
2018-04-05 14:48:26 -07:00
Steve Howell 36844418e9 bug fix: Respect include_history for certain queries.
For certain queries where both include_history and
use_first_unread_anchor are set to True, we were excluding
historical rows.  Now we only use the use_first_unread_anchor
flag to filter rows that we use to find the anchor, without
having it filter the actual search results.

The bug went unreported for a long time, because it only
affected mobile users who had newly subscribed to streams.

Note that we make a small change to the test called
test_use_first_unread_anchor_with_muted_topics, which has
a very scary comment about being "arcane" and "be
absolutely sure you know what you're doing."  I think it's
fine.

Also, the new test code would fail before this fix, so it
should help prevent future regressions.

Fixes #8958
2018-04-05 17:16:41 -04:00
Steve Howell b64117d872 refactor: Build query in find_first_unread_anchor().
This is a bit more than a pure refactor, because we duplicate a
chunk of code to calculate a query inside of
find_first_unread_anchor(), so we're doing a bit more work
than before.

We need this refactoring to start decoupling find_first_unread_anchor
from get_messages_backend for the case where include_history is
True.  This will happen in a subsequent commit.

The only test that changes here is a direct test on
find_first_unread_anchor().  All other tests pass without
modification, and we have decent coverage on get_messages_backend.
2018-04-05 17:16:41 -04:00
Steve Howell 345d44b5f1 Extract get_base_query_for_search(). 2018-04-05 17:16:41 -04:00
Steve Howell 59a9b69c25 Simplify search code for keyword searches.
We use an array now to build up the list of search operands and
then consolidate the special search handling after the loop (which
means setting the flag, putting two more columns in the query, and
using ' '.join to build the string).
2018-04-05 13:27:31 -07:00
Steve Howell d521906fb6 search refactor: Extract add_narrow_conditions().
This code was basically pulled from two near-to-each-other
sections of get_messages_backend, and it does an early
return for narrow-is-None.
2018-04-05 13:27:31 -07:00
Steve Howell 3ac660d972 minor: Show `narrow` for UnicodeDecodeError.
We have a debugging statement for some obscure errors we get
when narrows have search terms.  We now show all the narrow
operators.  This isn't really to improve debugging; it's more
to make it easier in the next commit to extract a function
that would make search_term have to be passed back in a tuple.
But it shouldn't hurt debugging either.
2018-04-05 13:27:31 -07:00
Tim Abbott d7658bbec5 test_docs: Add an end-to-end test for HTML settings links.
This would have caught the issue fixed in the last few commits.
2018-04-05 12:22:41 -07:00
Tim Abbott 98889608a2 help: Fix structure of markdown context logic.
Refactoring in this file had resulted in the logic for
html_settings_link being duplicated and extra logic being needed to
ensure these variables were set where they were needed.

This fixes subscriptions_html not being rendered properly in the /help
and /api pages, in addition to removing duplicate code.
2018-04-05 12:22:41 -07:00
Nikhil Kumar Mishra 2cf32bda12 embed link: Add test for link_embed_data_from_cache. 2018-04-05 10:48:40 -07:00
Steve Howell a0aa8d4b11 Add test for find_first_unread_anchor(). 2018-04-05 09:55:54 -07:00
Steve Howell 4cba679d38 Move code for find_first_unread_anchor().
This is a pure refactoring and just pulls the function out
to the top level of the module.  (The prior commit extracted
it inside a larger function to make a nicer diff.)
2018-04-05 09:55:54 -07:00
Steve Howell d8a95c6517 Extract find_first_unread_anchor().
This is a pure refactoring.
2018-04-05 09:55:54 -07:00
Tim Abbott c06565d909 users: Improve testing for user_ids_to_users. 2018-04-04 16:31:30 -07:00
novokrest 4d2082ab14 actions.py: Obtain bot profiles by using users.user_ids_to_users().
Remove models.get_user_profiles_by_ids() and
obtain user's bots profiles in actions.get_service_dicts_for_bots() by
users.user_ids_to_users() instead of models.get_user_profiles_by_ids().
Fixes #8939
2018-04-04 16:24:55 -07:00
novokrest 807a6ccf2c users.py: Implement user_ids_to_users() by generic_bulk_cached_fetch().
Optimize users.user_ids_to_users() implementation
by using generic_bulk_cached_fetch() to obtain user profiles
2018-04-04 16:24:55 -07:00
Tim Abbott 53e47e6991 messages: Modify access_message for is_history_public_to_subscribers.
This completes the Message side of #2745.
2018-04-04 16:18:47 -07:00
Tim Abbott bec71d7a50 messages: Add a server-level setting to control private stream history.
We don't indend for this server-level setting to exist in the long
term; the purpose of this is just to make it easy to test this code
path for development purposes.

This implements much of the Message side part of #2745.
2018-04-04 16:18:46 -07:00
Tim Abbott 228f41e916 messages: Pass UserProfile to is_public_stream_by_name and rename.
The new name can_access_stream_history_by_name gets to the point of
what this function actually does.  And passing in a user object lets
us define what this does based on the user subscribed.
2018-04-04 15:13:11 -07:00
Tim Abbott 5e82d750c5 get_messages: Refactor ok_to_include_history to accept a UserProfile.
If we make history accessible to some stream subscribers of private
streams, we'll need the UserProfile to be available here.
2018-04-04 15:06:53 -07:00
Rhea Parekh f4ad464d82 import script: Fix broken links to attachments.
The comments explain this pretty well, but basically because we
rewrite the realm ID during the import process, we need to edit all
the message bodies that link to an attachment to instead link to the
post-processed URL where that file will be hosted on the new server.

Fixes #8926.
2018-04-04 10:05:15 -07:00
Rhea Parekh 5a9cea4134 import script: re map foreign key of UserProfile.last_active_message_id. 2018-04-04 08:53:09 -07:00
Rhea Parekh ed36314042 import script: Fix 're_map_foreign_keys' logging error. 2018-04-04 08:53:09 -07:00
Rhea Parekh 877c7760b7 import script: re_map Attachment foreign keys. 2018-04-04 08:53:09 -07:00
novokrest a613f3c0a1 get_owned_bot_dicts: Optimize admin's bot dicts loading from database.
Implement few optimizations for reading admin's bot dicts from database
for a constants number of requests:
- add models.get_user_profiles_by_ids() for reading bots profiles
  by single query from database
- add models.get_services_for_bots() for reading services for bots
  by single query from database
- add bot_config.get_bot_configs() for reading config data for bots
  by single query from database

Fixes #8838
2018-04-03 09:10:32 -07:00
Tim Abbott 758d7b9146 bots: Clean up editing bots impacting non-bot users.
This fixes a bug where the endpoint for editing bot users would allow
an organization administrator to edit the full name of a bot user.

A combination of this an another recently fixed bug made it possible
for this process to set a `bot_owner` for a non-bot user; so we also
include a migration to fix that for any users that might have had our
model invariants corrupted in that way.
2018-04-02 18:58:26 -07:00
Tim Abbott 938c4cee08 settings: Add option to control Jitsi video chat integration.
Fixes #8922.
2018-04-02 16:55:16 -07:00
Greg Price e792fc6c07 spelling: Correctly write "cannot".
None of these errors were user-facing; mainly in comments, plus
one bit of internal docs and a developer tool.
2018-04-02 15:36:31 -07:00
Eeshan Garg 026ff48020 webhooks/bitbucket2: Detect pushes that remove branches correctly.
This was a user-reported bug and a very subtle and painful one
to track down.

Previously, if payload['push']['changes'][i]['closed'] was True,
we assumed that a branch was removed. Looking at whether `closed`
was set to True or not was our way to tell whether a push removed
a branch or not.

However, this is wrong! `closed` being set to True can also mean
that the pull request associated with the branch was approved but
the branch itself was not deleted. According to the BitBucket docs,
the correct way to see if a branch is deleted is to check if `new`
is null.

This bug was leading to KeyErrors about not being able to find
the `commits` key, which shouldn't happen anymore!
2018-04-02 19:30:09 -02:30
novokrest ad3ea775df actions.py: Rename get_service_dicts_for_bots() to get_service_dicts_for_bot() 2018-04-02 11:18:50 -07:00
Tim Abbott da27461491 bugdown: Rename rewrite_if_relative_link to more clear name.
The name was actually sorta the reverse of what that function did.
2018-04-02 10:37:18 -07:00
Tim Abbott 7d4234b167 bugdown: Only open #narrow hash links inside the app. 2018-04-02 10:34:48 -07:00
Tim Abbott 6744938b6d bugdown: Simplify implementation for target_blank.
The previous version not using startswith() was harder to read.
2018-04-02 10:30:50 -07:00
Tim Abbott 6055a7bceb bugdown: Clean up rewrite_if_relative_link.
This implementation is more obviously correct, and may fix a corner
case where a `/` is missing after the realm URI.
2018-04-02 10:29:32 -07:00
Umair Khan e48f8bdafd check_short_string: Use check_capped_string for impl. 2018-04-02 09:51:09 -07:00
Umair Khan 7fdf043564 profile: Set max length for long text to 500. 2018-04-02 09:51:09 -07:00
Umair Khan 1d4b74482c check_short_string: Change max_length to 50. 2018-04-02 09:51:09 -07:00
Umair Khan c30a282dd9 profile: Remove integer and float fields. 2018-04-02 09:46:21 -07:00
Rhea Parekh 1bba6cc4ce slack importer: Support custom emoji reactions. 2018-04-01 23:24:35 -07:00
Rhea Parekh 2c116e46ce slack importer: Get custom emojis. 2018-04-01 23:24:35 -07:00
Rhea Parekh 00c1f25b58 import script: Support custom emojis.
'processing_emojis' check is added in the 'import_uploads'
function, so that the emoji files present in the to be imported
data file can be uploaded.

The procedure of saving emoji files in slack importer is same as
saving attachments and avatars, and the import has the similar
procedure too.
2018-04-01 23:24:35 -07:00
Rhea Parekh c650b8fa3e slack importer: Add zerver_realmemoji. 2018-04-01 23:24:35 -07:00
Rhea Parekh b133d175a7 slack importer: Change 'get_user_data' function implementation.
Change 'get_user_data' function to a more general function
to get data from the slack api using legacy tokens.

Also, change the error handling as upon invalid token,
the response is 200, but the response has an error
field in it.

For eg. Go to the following link with invalid token:
https://slack.com/api/emoji.list?token=xoxp-249056023425
2018-04-01 23:24:35 -07:00
Rhea Parekh 220ad6a386 slack importer: Map standard reactions.
As mentioned in
https://get.slack.help/hc/en-us/articles/202931348-Use-emoji-and-emoticons,
slack supports the standard emoji codes
(https://www.webpagefx.com/tools/emoji-cheat-sheet/)
and majority of them are already supported in Zulip.
2018-04-01 23:24:35 -07:00
Rhea Parekh 6f867fee40 import script: Support import of reactions. 2018-04-01 23:24:33 -07:00
Rhea Parekh 8a028142d8 slack importer: Remove id allocation function and its implementation.
Remove allocation ID function from slack import script. All the IDs
count will start from 0. Hence the ID List returned
by the allocation function is of no use, and we remove its implementation.
(example: get_total_messages_and_attachments function is of no use anymore,
hence we remove it)
2018-04-01 23:10:55 -07:00
Rhea Parekh d147bd25d0 import script: Change file path of the upload in the import script.
In importing avatars, we use the implementation where the 'avatar_path'
is seperately calculated using realm and user ID and then the content
of the path provided in the avatar's 'records.json' are copied to this
'avatar_path'.

Similary, here for the uploads, 's3_file_name' is seperately calculated
using the realm ID and uploaded file name and then the content of the
path provided in upload's 'records.json' are copied to this 's3_file_name'.
2018-04-01 23:04:14 -07:00
Rhea Parekh ff34d07fa0 import script: Add function to update model ids after allocation.
Add function 'update_model_ids' to remove repetitive code.
2018-04-01 22:29:23 -07:00
Rhea Parekh a2ecdeb28d import script: re_map minor foreign keys. 2018-04-01 22:29:23 -07:00
Rhea Parekh 078453554e import script: re_map Message foreign keys. 2018-04-01 22:29:23 -07:00
Rhea Parekh 93aabcb81c import script: re_map Subscription foreign keys. 2018-04-01 22:29:23 -07:00
Rhea Parekh 9ef7870c5a import script: re_map Recipient foreign keys. 2018-04-01 22:29:23 -07:00
Rhea Parekh 4537223ba7 import script: re_map UserProfile foreign keys. 2018-04-01 22:29:23 -07:00
Rhea Parekh 1314e7d247 import script: re_map Stream foreign keys.
'recipient_field' is added as a bool variable in the function
'update_id_map' to update the recipient foreign keys.

Recipient Foreign Key is equal to the UserProfile ID, if the
type is 1, and the same is equal to Stream ID, if the type is 2.
Hence a check is added in the 'update_id_map' field for this.
2018-04-01 22:29:23 -07:00
Rhea Parekh 8624ba4132 import script: re_map Realm foreign keys.
All the objects with realm ID as the foreign keys need to
be remapped with updated with the allocated ID.
Also the ID of the realm object itself is updated with the allocated
ID.
2018-04-01 22:29:23 -07:00
Rhea Parekh 2b0ee472af import script: Refactor re_map_foreign_keys.
The 'id_field' bool variable is added to the function just to check
if the field is the ID of that object, and not the foreign key relation.
For foreign key field names, a "_id" has to be added after the field name,
however we don't need that for the ID field of the object.
2018-04-01 22:29:23 -07:00
Rhea Parekh cd0871bae4 Import script: Add id allocation functions. 2018-04-01 22:29:23 -07:00
Shubham Padia 10115491a3 real-time sync: Server sends recipent data with delete_message event.
Fixes #8853.
In certain cases, the browser is not able to look up the message.
Include the recipient data for the message in the delete_message event,
so look up of those attributes by the browser isn't required.
2018-04-01 22:19:08 -07:00
Anurag Sharma 1227857de6 hotkeys: Replace C with x for composing PM.
Pressing the 'x' key can now be used to compose a PM.
Pressing the 'C' key displays a modal that shows a deprecation notice.

Fixes #6548.
2018-04-01 16:13:05 -07:00
Shubham Dhama b7aae89029 org settings: Add realm level default time format setting. 2018-03-31 16:23:26 -07:00
Tim Abbott 072bd306ce tests: Add another test for the can_admin_user code path.
This is just a clear version of our validation of this part of Zulip's
security model.
2018-03-31 16:06:56 -07:00
Tim Abbott 3fd8d718f4 websockets: Fix race condition in CSRF token initialization.
It appears that we were not always initializing the Socket object
after `setup.js` had the opportunity to set csrf_token.

This should fix #6961.
2018-03-31 09:29:56 -07:00
Puneeth Chaganti 4ce8f2aaa2 upload: Rename upload_message_image to upload_message_file.
Tweaked by tabbott to also fix a Slack import comment.
2018-03-30 13:38:31 -07:00
Eeshan Garg f839d528d8 decorators: Log custom HTTP headers in webhook requests.
This aids in debugging because many of our Git-based integrations
use custom HTTP headers to indicate the type of event/payload.
2018-03-30 13:37:35 -07:00
Rohitt Vashishtha a3ed83f4e2 markdown: Update bugdown emoticon translation logic to match frontend.
This PR solves some of the parity issues in the emoticon translation
logic. I was unable to find a way of matching only one of the
lookaround groups, so we still have some inconsistency (see
testcase). The approach of having another check while converting just
for this seemed like an inefficient way, so I've left that last change
as it is.
2018-03-29 15:56:24 -07:00
Umair Khan 7885dd4408 profile: Send field types to client side. 2018-03-29 13:09:12 -07:00
Umair Khan f6fb88549f profile: Send operation in the event.
This allows us to show a useful message in the handler when the
event is received.
2018-03-29 13:09:11 -07:00
Tim Abbott 656f882a44 bots: Eliminate NEW_USER_BOT.
This bot was basically a duplicate of NOTIFICATION_BOT for some
specific corner cases, and didn't add much value.  It's better to just
eliminate it, which also removes some ugly corner cases around what
happens if the user account doesn't exist.
2018-03-29 12:01:21 -07:00
Tim Abbott 2bc51931a8 test_fixtures: Add settings files to things that require reprovision.
Since the test database is in part controlled by the Zulip settings
files for testing, these settings files should be included in the list
of files that require populate_db to be rerun.

This issue was found due to changes to internal bots.
2018-03-29 11:53:12 -07:00
Tim Abbott 4570936ac2 models: Fix default value for last_reminder.
This was causing a rather confusing test flake in
test_stream_error_pm_to_bot_owner.  What was happening was that if
this test (which used that code path) ran within 5 minutes of the
populate_db run, it would fail.
2018-03-29 11:53:12 -07:00
Rohitt Vashishtha 115b633551 markdown-tests: Allow ignoring certain fixtures while developing.
Usually, to debug a small change, you have to remove some tests from JSON
because of lack of support for comments in JSON. This commit allows to
ignore some tests by setting `"ignore" : true` in the bugdown fixtures.

Also, since this is only for while developing, the complete test suite will
throw an error if we leave an 'ignored' test in a commit.
2018-03-28 17:35:47 -07:00
Steve Howell 431ede77c6 minor: Clean up how we set flags in events.
This is basically a simple fix, where we consistently set
`flags` to an empty array when we pass it around.  The history
here is that we had kind of a nasty bug from setting it to
`None`, which only showed up in the somewhat obscure circumstance
of somebody subscribing to all stream events in our API.

Fixes #7921
2018-03-28 15:56:03 -07:00
neiljp (Neil Pilgrim) 704c33331c mypy: Add explicit Optional for default=None parameters in export.py. 2018-03-28 12:31:51 -07:00
neiljp (Neil Pilgrim) 090b47ed19 mypy: Add explicit Optional for default=None parameters in various files. 2018-03-28 12:31:51 -07:00
Tim Abbott 9a90c225a6 dialogflow: Fix invalid coding tag in top of file. 2018-03-28 12:28:12 -07:00
Balaji2198 e1eabe286a integrations: Add Gocd webhook integration.
Fixes #38.
2018-03-28 11:08:27 -07:00
Tim Abbott c94deff920 mypy: Remove some now-unnecessary type: ignores. 2018-03-28 10:39:05 -07:00
Rohitt Vashishtha 3c96b04763 emoji: Add translate_emoticons flag in bugdown testcases.
Also switches the default behaviour of the code to not translate the
emoticons. Earlier, the code was testing-aware, and used to translate
when there was no user profile data available(assuming that as a testing
environment).
2018-03-27 17:16:55 -07:00
sinwar 79672fffc6 populate_db: Pre-populate open graph cache to avoid network activity.
This prevents annoying network errors when trying to populate the
database without Internet access.

Cleaned up a bit by tabbott.

Fixes #8289.
2018-03-27 16:42:59 -07:00
Tim Abbott 5404edaf03 tests: Verify database queries for realm administrators.
This number is way too high, because of a recent regression.  Adding a
test here lets us prevent similar regressions in the future and
provides an easy way to be sure if we've fixed the issue.
2018-03-27 11:56:13 -07:00
neiljp (Neil Pilgrim) 07971d3a66 linter: Add check that Optional models are tagged with null=True.
Exclude NullBooleanField explicitly.

Amend one line in models.py found from this linter change.
2018-03-27 10:21:25 -07:00
neiljp (Neil Pilgrim) 7d93f5726c linter: Add check that null=True lines are annotated as Optional.
Also add two missing annotations of this type that were missed
until linted.
2018-03-27 10:21:25 -07:00
neiljp (Neil Pilgrim) 9d26c78ece mypy: Annotate last null=true in models.py; modify mypy.ini exclusions. 2018-03-27 10:21:25 -07:00
neiljp (Neil Pilgrim) 1416c9f0c9 mypy: Broaden model variables with null=True to be Optional. 2018-03-27 10:21:25 -07:00
Umair Khan d1c7a400ee i18n: Ignore var directory.
Previously, makemessages command was also searching var directory for
translatable strings. This commit ignores that directory.

Fixes #8751
2018-03-25 09:08:37 -07:00
neiljp (Neil Pilgrim) ac09687fa2 mypy: Raise in commands/create_user.py if initial_password returns None. 2018-03-25 08:59:08 -07:00
neiljp (Neil Pilgrim) de76297f31 mypy.ini: Move purge_queue exclusion into re-architecting section. 2018-03-25 08:59:08 -07:00
Eeshan Garg 4886d92405 webhooks/pivotal: Check if content == "" before sending a message.
If a message is empty, it means that this event is unsupported, in
which case, we should raise JsonableError.
2018-03-24 13:54:31 -07:00
Eeshan Garg 538746fc65 webhooks: Stop raising an exception if stream does not exist.
webhook-errors.log file is cluttered with Stream.DoesNotExist
errors, which hides the errors that we actually need to see. So,
since check_message already sends the bot_owner a PM if the webhook
bot tries to send a message to a non-existent stream, we can ignore
such exceptions.
2018-03-24 13:50:17 -07:00
Ricky 4b8bd0bc3b webhooks: Add Dialogflow integration.
With minor fixes by eeshangarg!

Fixes #6990
2018-03-24 15:03:35 -02:30
Steve Howell 4f05cefb32 Remove obsolete code for stream subscribe buttons.
In 18e43895ff we replaced
stream subscribe buttons with stream links.  The new feature
has been well tested and well received for over a year now,
so it's safe to remove the older feature at this point.

Older sites will have super old messages that still have the
rendered markup; this commit does not attempt to address those
situations.  Most likely, clicking on an old button in the old
message will either do nothing or look like a message reply.
2018-03-24 12:31:36 -04:00
Aayush Agrawal d32d7a9b4d test_logging_handlers: Mock out `git describe` because can be slow.
This cuts out about 11 calls to `git describe`.  In a nice fast LXC
container following our instructions for development on a Linux host,
this might save "only" about 1.5s; in a dev environment on a Windows
host, the savings have been clocked at 49s, presumably due to an
extremely slow filesystem in the VM.

The tests weren't doing much with this codepath as they were, and
there isn't a lot of value to be gained by testing it anyway; it's
totally non-critical and rarely changes.

[Commit message rewritten by greg.]
2018-03-23 18:24:51 -07:00
Aayush Agrawal 78a4924ecc markdown: Apply both bold and italic for words like ***text***.
Adds rule 'strong_em' to markdown parser to recognize ***{TEXT}***
Fixes #8155.
2018-03-23 15:01:24 -07:00
Tarun Kumar 86eaa553a6 user-groups: Add backend enforcing for new modification settings.
Add function in user-groups.py for getting member ids
for a group.
Update view to enforce checks for modifying user-groups.
Only admins and user group members can modify user-groups.
2018-03-23 14:44:47 -07:00
Greg Price b42a7b1701 digest: Add a server setting, and disable by default.
This feature isn't really ready yet -- the relevance isn't good, so
the emails aren't a great experience.  More work needed; pending that,
just don't send them.

There's already a per-realm setting, which doesn't have a control in
the org settings UI but does suppress it in the per-user settings UI.
Piggyback on that to suppress that UI control when the feature is
disabled at the server level too.

Also cut a comment that hasn't really made sense since the logic was
changed months ago -- the comment originally explained why we sent
digests on Tuesday, Wednesday, and Thursday, and doesn't correspond to
why we dialled back to weekly on Tuesdays.
2018-03-23 14:12:01 -07:00
Greg Price 42a641421f digest: Split out tests into their own file.
The digest emails have little in common with the email mirror, beyond
that they both involve email.  Give their tests their own file, with a
corresponding name, so it's easy to find this code's tests.
2018-03-23 14:12:01 -07:00
neiljp (Neil Pilgrim) 2762aabad1 mypy: Add assert for re search being None in appfollow webhook. 2018-03-23 13:07:39 -07:00
neiljp (Neil Pilgrim) 97836c4bac mypy: Remove Optional & Mutable from do_schedule_message.
Removes various mypy errors.
2018-03-23 11:32:00 -07:00
neiljp (Neil Pilgrim) 306f042cf4 mypy: Add Optional to function return in groove integration. 2018-03-23 11:32:00 -07:00
neiljp (Neil Pilgrim) 2079c5e4d7 mypy: Mark Subscription as Optional in lib/streams.py:access_stream*. 2018-03-23 11:32:00 -07:00
neiljp (Neil Pilgrim) d741e0ea01 mypy: Introduce query variable in lib/users.py for clarity.
This also avoids mypy showsing an error.
2018-03-23 11:32:00 -07:00
Eeshan Garg 9286a97c7f webhooks/gitlab: Stop filtering comments when description is null.
We filter out hidden comments out of Issue descriptions but this
breaks when description is null (which is unusual). So this commit
just checks to see if the description is None and if so, not to
filter anything out.
2018-03-23 11:20:21 -07:00
Tim Abbott 62c0d27d1e push_notifications: Handle errors with token reuse.
If an Android token has been used to connect a given device with
multiple Zulip servers, and then is expired, we would 500 in trying to
remove the Zulip-side registration for it, because the code assumed
there was only one such registration.  If a token is no longer valid,
it's invalid for all servers, so the correct fix is to just remove them all.
2018-03-23 11:02:55 -07:00
Tim Abbott f7c563dfcc migrations: Fix 0149_realm_emoji migration for S3 case.
The original migration implementation didn't follow the S3 API correctly.
2018-03-23 10:48:50 -07:00
Tim Abbott fcd265304c message editing: Fix buggy timestamp check.
This somehow got messed up in a final refactoring before merging
91197fa4f1.
2018-03-22 16:26:18 -07:00
Sarah 91197fa4f1 org settings: Add logic for applying allow_community_topic_editing.
Applies the logic to allow community members to edit topics
of others' messages if this setting is True. Otherwise,
only administrators can update the topic of others' messages.

This logic includes a 24-hour time limit for community topic editing.
2018-03-22 16:13:36 -07:00
Sarah f5c2fb8438 org settings: Create backend api for allow_community_topic_editing.
Adds the code for updating the allow_community_topic_editing
setting.
2018-03-22 16:02:27 -07:00
Sarah ecd75ccba6 models: Add allow_community_topic_editing setting. 2018-03-22 16:02:24 -07:00
Jack Weatherilt 8535625341 parse_user_agent: Assert user agent is not None.
This commit asserts that parse_user_agent never returns None. The
RegEx will match any string, so that `match` is never None. This
brings test coverage of lib/user_agent.py to 100%. Changes were also
made in test/test_decorators.py and views/compatibility.py to reflect
that parse_user_agent cannot return None.

Improves: #7089.
Fixes: #8779.
2018-03-22 14:29:29 -07:00
Alena Volkova 4accf06cda webhooks/front: Update text and remove screenshots. 2018-03-22 16:25:30 -04:00
Alena Volkova 9ae0cc0a18 webhooks/front: Remove numbers from fixture names. 2018-03-22 16:25:29 -04:00
Alena Volkova 05386f262a webhooks/front: Use a separate function for each event. 2018-03-22 16:25:29 -04:00
Alena Volkova 428e5057f5 webhooks/front: Eliminate unnecessary error handling. 2018-03-22 16:25:29 -04:00
Greg Price e44a8b8de9 logging: Add a setting to aid manual testing of error-notif changes.
This is nicer than the "For manual testing ..." comment. :-)
Also as a proper setting we can have it control some logging I
added locally while testing my recent changes to pika logging.
2018-03-21 18:03:05 -07:00
Greg Price fe0f1edddb settings: Fix double negative in LOGGING_NOT_DISABLED.
Saying "not disabled" just makes it more work to read than it needs to
be -- instead say ENABLED.
2018-03-21 18:03:05 -07:00
Greg Price 73559e5320 queue: Suppress error mail from brief rabbitmq downtimes.
Details in comment.  Together with a few previous commits, this should
completely eliminate sending error mail to admins when the RabbitMQ
server is simply restarted and comes back up normally.
2018-03-21 18:03:05 -07:00
Jack Weatherilt d857f26cd3 refactoring: Remove unused assignment on ensure_stream.
There were two instances of `ensure_stream` being called and assigned to
a variable with the variable not being used elsewhere. pyflakes picked
up on this (where it didn't in the previous version likely due to tuple
unpacking), so the the variable assignment has been replaced with a call
to `ensure_stream`.
2018-03-21 16:47:52 -07:00
Jack Weatherilt 3396cfc2ef refactoring: Replaced occurences of create_stream_if_needed.
Issue #2088 asked for a wrapper to be created for
`create_stream_if_needed` (called `ensure_stream`) for the 25 times that
`create_stream_if_needed` is called and ignores whether the stream was
created. This commit replaces relevant occurences of
`create_stream_if_needed` with `ensure_stream`, including imports.

The changes weren't significant enough to add any tests or do any
additional manual testing.

The refactoring intended to make the API easier to use in most cases.
The majority of uses of `create_stream_if_needed` ignored the second
parameter.

Fixes: #2088.
2018-03-21 16:47:36 -07:00
YJDave 11c995b70f custom profile data: Send event to active user on update.
On update of custom profile fields, send an event to all
active users of realm.
2018-03-21 16:08:12 -07:00
YJDave 6f1955a78a zerver/tests/test_events: Fix `test_custom_profile_fields_events` tests. 2018-03-21 16:05:31 -07:00
YJDave 6ac687790c populate_db: Remove the `test_suite` check for custom profile fields.
To ensure that we have some basic data for custom profile settings,
in the `populate_db` data set, remove `options['test_suite']` check
for adding intial custom profile data.
2018-03-21 16:05:31 -07:00
Aditya Bansal 2a2df0ef5e auth: Make redirects to next work for REMOTE_USER based Apache SSO.
It's possible that this won't work with some versions of the
third-party backend, but tabbott has tested carefully that it does
work correctly with the Apache basic auth backend in our test
environment.
2018-03-21 14:01:05 -07:00
Aditya Bansal b62bdde303 login_redirects: Make redirects to narrows from login page work. 2018-03-21 13:35:44 -07:00
Aditya Bansal 1e48dac8f3 auth.py: Make redirects to 'next' url work for google and github.
In this commit we start to support redirects to urls supplied as a
'next' param for the following two backends:
* GoogleOAuth2 based backend.
* GitHubAuthBackend.
2018-03-21 13:35:44 -07:00
Aditya Bansal 9a100b1f55 auth.py: Make redirects to 'next' url work for dev environment.
This makes these redirects work for the local authentication
backend.
2018-03-21 13:35:44 -07:00
Aditya Bansal 1d4e4d0411 test_auth_backends: Add next='' in data dicts for subdomain login tests. 2018-03-21 13:35:44 -07:00
Harshit Bansal 64372690f9 emoji: Fix the filtering condition in `check_emoji_admin()`.
This commit fixes an unreported bug which if hadn't been fixed would
have caused errors while deactivating realm emojis in some corner
cases.
2018-03-20 22:24:44 -07:00
Harshit Bansal a49655e0d4 emoji: Migrate realm emoji to be addressed by `id` rather than `name`.
This commit migrates realm emoji to be addressed by their `id` rather
than their name. This fixes a long standing issue which was causing
an error on uploading an emoji with same name as a deactivated realm
emoji.

Fixes: #6977.
2018-03-20 22:24:44 -07:00
Tim Abbott b94a24ffe3 reactions: Fix buggy migration for realm emoji.
The original implementation of this migration had a highly unfortunate
bug that would result in it deleting all reactions to realm emoji on
the server; we missed this in review, so essentially all historical
realm emoji reactions on chat.zulip.org were lost :(.

We both correct the problem, and also add logging of the deleted rows
that would help should anything be deleted erroneously.
2018-03-20 21:50:47 -07:00
Greg Price 3b3154527f queue: Don't blow up when a connection closes quickly. 2018-03-20 16:49:05 -07:00
Greg Price 9dcc436766 queue: Fix __init__ logic so heartbeat choice works fully.
Because the base class's __init__ calls `_connect`, when we set the
value after that call has already returned, our new value only takes
effect if the first connection fails and we have to reconnect.
Make it take effect from the beginning.
2018-03-20 16:49:05 -07:00
Greg Price 5edc26a0df queue: Cut disused, broken parameter to `_connect`.
This parameter isn't used anywhere.  A good thing, because if it were,
the code would immediately raise an exception -- `self._on_open_cbs`
hasn't been initialized yet when we first call `_connect`, from the
base class's `__init__`.

So, just cut it.  If we later need something like this, it's easy to
add a working version then.
2018-03-20 16:49:05 -07:00
Tim Abbott 51018e12f5 message_edit: Remove obsolete block for diff highlighting.
We disabled the original "colorized HTML edit-history" feature way
back in 2013 in c51056ff8e.

That original feature involved showing what had been edited inline in
message bodies, so one could easily see what had been changed.

That old feature has since been replaced with the "view edit history"
menu option, and we're unlikely to ever want the old feature back.
So, we can just remove its code.  There's a few supporting variables
that were created to help implement this; we can clean those up and
simplify the `update_message` code now that this feature is fully
removed.
2018-03-20 15:22:53 -07:00
Rhea Parekh d0355f52cb slack importer: Show when files are being downloaded. 2018-03-20 14:42:26 -07:00
Rhea Parekh e7291148e8 slack importer: Add '/me' in content for specific subtypes. 2018-03-20 14:42:26 -07:00
Nikhil Kumar Mishra f29a1918f3 hotspots: Add ALWAYS_SEND_ALL_HOTSPOTS in dev_settings.
Replace the local variable SEND_ALL from get_next_hotspots.
Add unit test for the same.
2018-03-19 10:39:43 -07:00
Nikhil Kumar Mishra a5472ddee7 initial_password: Add unit test for INITIAL_PASSWORD_SALT = None. 2018-03-19 10:36:26 -07:00
Nikhil Kumar Mishra 9e17692d94 markdown: Add unit test for render_tex.
Test for invalid path of Katex.
2018-03-19 10:36:26 -07:00
Nikhil Kumar Mishra 1579f8cb4b messages: Add unit test for get_raw_unread_data.
Add test with 2 messages to the same group PM thread.
2018-03-19 10:36:26 -07:00
Nikhil Kumar Mishra 3b4ff4f75c markdown: Clean render_markdown.
Remove Message is None and not None case as the
render_message_backend passes a fake Message object.
2018-03-19 10:36:26 -07:00
Nikhil Kumar Mishra 70ccc30465 management command: Add unit test for MultipleObjectsReturned case.
Verify error on using get_user if server has multiple users with that email.
2018-03-18 22:50:03 -07:00
Harshit Bansal 646700b144 emoji: Start using `get_active_emoji()` in `emoji_name_to_emoji_code()`. 2018-03-18 19:34:02 -07:00
Harshit Bansal 23c8da205c models: Extract 'get_realm_emoji_dicts()'. 2018-03-18 19:34:02 -07:00
neiljp (Neil Pilgrim) f2e8fff221 ifttt: Support topic as preferred alternative to subject.
Fixes #8698.
2018-03-18 19:19:44 -07:00
neiljp (Neil Pilgrim) 2a2549ce9d zapier: Support topic as preferred alternative to subject. 2018-03-18 19:18:34 -07:00
Eeshan Garg 8fbd8c68f4 webhooks: Update macros to specify custom topics and default PMs.
These changes are the result of migrating to
check_send_webhook_message.
2018-03-18 10:53:45 -07:00
Eeshan Garg 857569cbf7 webhooks/teamcity: Use check_send_webhook_message.
For a personal build, the teamcity webhook still sends a private
message using check_send_private_message since a personal build
should never trigger a public notification.

For a non-personal build, check_send_webhook_message is used,
which can either send a PM or a stream message based on whether
a stream is specified in the webhook URL or not.
2018-03-18 10:44:09 -07:00
Eeshan Garg 3dafbfa5f4 webhooks/beeminder: Use check_send_webhook_message and update docs.
We now only give users two options, to specify a stream and receive
public notifications for their goals, or to leave it out and receive
PMs and thus, keep their goals private. This simplifies the docs!
2018-03-18 10:44:09 -07:00