We register ZulipRemoteUserBackend as an external_authentication_method
to make it show up in the corresponding field in the /server_settings
endpoint.
This also allows rendering its login button together with
Google/Github/etc. leading to us being able to get rid of some of the
code that was handling it as a special case - the js code for plumbing
the "next" value and the special {% if only_sso %} block in login.html.
An additional consequence of the login.html change is that now the
backend will have it button rendered even if it isn't the only backend
enabled on the server.
This commit was originally automatically generated using `tools/lint
--only=eslint --fix`. It was then modified by tabbott to contain only
changes to a set of files that are unlikely to result in significant
merge conflicts with any open pull request, excluding about 20 files.
His plan is to merge the remaining changes with more precise care,
potentially involving merging parts of conflicting pull requests
before running the `eslint --fix` operation.
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
With webpack, variables declared in each file are already file-local
(Global variables need to be explicitly exported), so these IIFEs are
no longer needed.
Signed-off-by: Anders Kaseorg <andersk@mit.edu>
This is a simple and small commit which will alphabetically order the
entries of the fixtures dropdown menu in the "integrations developer
panel" devtool.
This sidesteps tricky escaping issues, and will make it easier to
build a strict Content-Security-Policy.
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
While refactoring, I tested all the rules and removed the CSS that was
not needed or duplicated.
I removed the `$("#integration-list-link").css('display', 'block');` and
moved it to css because there is no case in which the back link is
hidden.
I rearranged the elements of the left sidebar in HTML in order to appear
in the order they are displayed and removed the absolute positioning,
because it was not needed if the elements are arranged correctly. I used
`flex` display to arrange them on column.
I removed the styling that positioned the elements absolutely.
Then I tweaked the margins in order to make the elements look good.
Fixes: #12929
I added the `white-box` as it was in the other similar pages
(`/accounts/go`).
In order to be able to style it better, I removed the buttons and added
`div`s instead, then added click handler for submitting the form.
If the email is associated to a Zulip account, the avatar of the account
is displayed and the text `Log in`, otherwize a `+` sign is
displayed and the text `Create new account`.
For .start-button, Bootstrap carousel already supports <button
data-target> as a valid alternative to <button href>. For
.call-to-action, the margin is decreased to exactly offset the lack of
margin collapsing with display: inline-block. There should be no
visual change.
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
This replaces the two custom Google authentication backends originally
written in 2012 with using the shared python-social-auth codebase that
we already use for the GitHub authentication backend. These are:
* GoogleMobileOauth2Backend, the ancient code path for mobile
authentication last used by the EOL original Zulip Android app.
* The `finish_google_oauth2` code path in zerver/views/auth.py, which
was the webapp (and modern mobile app) Google authentication code
path.
This change doesn't fix any known bugs; its main benefit is that we
get to remove hundreds of lines of security-sensitive semi-duplicated
code, replacing it with a widely trusted, high quality third-party
library.
We were doing the seemingly innocent
.toggle(version_info.show_instructions) to show the instructions if
and only if show_instructions was true. However, our data structures
that should have been false didn't set a value, and `.toggle` with no
arguments just flips the state, rather than unconditionally hiding.
We added custom event handlers on anchor tags to show transitions
when switching between pages, a behaviour we have since removes in
commit a0dacea811.
Our approach didn't respect the target attribute for links and other
defaults that browsers offer with links.
We can now safely remove the event handler and restore the default
behavior of anchor tags.
Pasting a generated password into the password box triggers neither a
change event (until the password box is unfocused) nor a keyup event.
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
Now that we have a system for storing HTTP headers for each integration, we
should fix the send_all button. Previously, it used the same user entered
custom HTTP header (from the GUI) for all of the fixtures, but now we
automatically determine the header with the new system instead.
Now that we store HTTP headers in a way that is easy to retreive
by specifying the integration name and fixture name, we should
use it to pre-load the "Custom HTTP Headers" field in the
integrations dev panel.
Change the display from `block` to `flex` in order to be able to
arrange the elements as wanted. Reset the css of the header elements
only for the description view. Add `font-size: 1.2em` because the font
doesn't need resizing in this case, it needs resizing only when the
title is in the box.
Removed the `padding-bottom` from the `nav` on mobile because it
overlaps the new header and you cannot click the back button from the
integrations.
Fixes: #12365.
A selector like `$('.elem1 .elem2:first')` selects the first descendant
with class name `.elem2` under `.elem1`. This is the same as saying
`$('.elem1 .elem2').first()`. See example here:
https://jsbin.com/bohehesari/edit?html,js,output
We were using these hollowed out arrows characters (⇽ , ⇾) in a few
places, these were inconsistent with the solid up and down arrow
characters (↑ , ↓) we use otherwise. This commit replaces them
everywhere in the codebase.
All the inline javascript code present in email_log.html(which is
rendered when the user visits "/emails" in development mode) is
transferred to a new file: email_log.js in portico/ directory.
Fixes#11608.
This commit removes inline javascript code present in
accounts_send_confirm.html and moves it to signup.js. This page is
rendered when the "/accounts/send_confirm" endpoint is visited. An
empty div element is added in accounts_send_confirm.html with
unique data-page-id attribute to make it more easy to find in which
page we are, while working with the javascript code.
This commit removes inline javascript code present in reset_confirm.html
and moves it to signup.js. The reset_confirm.html page is rendered when
the user visits "/accounts/password/reset" confirmation page. An empty
div element is added in reset_confirm.html with unique data-page-id
attribute to make it more easy to find in which page we are, while
working with the javascript code.
This commit removes inline javascript code present in reset.html and
moves it to signup.js. The reset.html page is rendered when the user
visits "/accounts/password/reset". An empty div element is added in
reset.html with unique data-page-id attribute to make it more easy
to find in which page we are, while working with the javascript code.
A new javascript file "dev-login.js" is created in static/js/portico/
and the inline javascipt code present in dev_login.html is transferred
to that file. An empty div element is added in dev_login.html with
unique data-page-id attribute to make it more easy to find in which
page we are, while working with the javascript code.
This commit removes inline javascript code present in create_realm.html
and moves it to signup.js. The create_realm.html page is rendered when
the user visits "/new". An empty div element is added in
create_realm.html with unique data-page-id attribute to make it more easy
to find in which page we are, while working with the javascript code.
This commit removes inline javascript code present in
accounts_home.html and moves it to signup.js. The accounts_home.html
page is rendered when the user visits "/register". An empty div
element is added in accounts_home.html with unique data-page-id
attribute to make it more easy to find in which page we are, while
working with the javascript code.
This commit removes inline javascript code present in login.html and
moves it to signup.js. An empty div element is added in login.html
with unique data-page-id attribute to make it more easy to find in
which page we are, while working with the javascript code.
This allows user to download the latest version of android apk from
the apps/android.
This will help the users who use Android without Google Play to
download the app and install it with ease.
To implement this I added a Download APK link on the apps.html page
which always points to the latest released version.
Fixes part of #11647.
This commit fixes a bug that caused:
1: A valid full name on an onboarding form to be cleared after an
invalid submission.
2: Incorrectly cleared name populated from LDAP which was janky from
UX perspective.
Ideally we should disable name change for LDAP as next login
will overwrite any changes but I think that can be done in a
separate PR.
Fixes: #10867.
If branch for showing the profile details would
not have executed if the subdomain was root ("").
The check was changed to check for select input
instead of checking for subdomain.
Apparently, we didn't have one of these, and thus had a moderate
number of generally very old violations in the codebase. Fix this and
clear the ones that exist..
Now, we correctly avoid calling various password quality/strength
functions in the registration flow in the event that there isn't a
password form on the current page.
Before, some code wasn't inside a block at all, while other code was
using an incorrect check (an empty jQuery object is not falsey).
The overall result was that this would often crash on certain
pages/flows, stopping JS execution and causing various secondary
problems.
This code brings the focus to the first input field with errors rather
than just the first input field present in the form after the sign up
form is rendered again after invalid data is submitted.
Note from tabbott: This still doesn't handle the ToS checkbox being
the source of the error, but that's an independent issue.
Fixes#10869.
Positioning using flexbox makes life much easier for everyone. With
this change we make positioning of icon relative to the label in the
dropdown menu much easier to do and alter if required. We now no
longer need to fiddle with tedious pixel measurements for placing the
icon in the right place.
As a result of this commit we had to change a click event binding
back to be associated with .dropdown-toggle class rather than being
associated with the h3, i because of the re-arrangement of the
dropdown configs.
Here we just fix the behaviour of angle icon which is present
in the integration categories dropdown. It used to change direction
from down to right only if "All" options from the dropdown was
selected (which is also the initial and default option). This behaviour
was pretty inconsistent and looked odd. Rather than having a direction
changing icon here, it migth be just better to stick with just the
down facing angle arrow. Arrow direction in general represents in
which direction the dropdown is gonna open up (in addition to the
fact that a dropdown exits here).
We make the integration categories dropdown gradually slide down/up
rather than appearing instantenously. I believe this gives a better
look to the dropdown and how it behaves.
We also fiddle a bit with the code relating to angle icon in the
dropdown. Basically though its behaviour was already buggy and
will be addressed in an upcoming commit, we try to maintain whatever
behaviour it had before introduction of the annimation effect.
The issue here was that if we opened up integrations page in
responsive mode (so the integrations category sidebar turns into a
dropdown) and click a few centimeters outside the actual dropdown
or perhaps the dropdown menu when its open, it is possible to toggle
or select a integration category.
What this essentially means is that clicking in blank area outside
visible boundaries of dropdown menu its possible to interact with it.
Fix: We change elements on which the click event is tied to and
adjust a bit of CSS for relevant elements so things look as they
used to but function in correct or better manner.
What is the buggy behaviour?
Before this commit if you were to open the integrations docs page
in a smaller window so that the integrations categories sidebar
changed into a dropdown (so that our page is responsive to
screen size), one would notice that selecting a category from the
dropdown menu didn't make dropdown to auto collapse. This feels very
uncomfortable from users prespective since an ugly dropdown with all
the categories sticking around uncollapsed kind of defeats the purpose
of having a dropdown.
Fix: We make the categories dropdown toggle/auto collapse upon
selection of a category.
This code prevents the password bar from being incorrectly clear after
the sign up form is rendered again after invalid data is submitted
(generally due to forgetting to agree to ToS).
Fixes#10868.
Instead of rendering tabs upfront, initialize them to a `Loading…`
indicator and then render them when clicked.
Use a `rendered_tabs` object to cache rendered HTML strings instead of
re-loading a tab (e.g. if it is selected, another tab is selected, and
then it is selected again).
These repositories (`zulip-ios-legacy` and `zulip-android`) are
deprecated, and as such should not have their own tabs, but still
should be included in the total contributions count.
Currently, if you access an article link with an anchor link that isn't
featured in the sidebar, the main article won't be highlighted. Thus, we
exclude the anchor link hash from the article-searching selector if
the full article pathname wasn't found.
When you hover above the navbar, the cursor focuses on the page
body and scrolls the entire page, breaking the positioning of the
fixed sidebar and page content.
We disable scrolling on the body but allow the sidebar and Markdown
content page elements to be scrolled to fix this bug.
Fixes#9822.
fuzzysearch matched query if the query letters appeared in sequence.
Here we use the extracted phrase_match to match query with the prefixes
of words.
Whenever a link is clicked, the page link changes, and the content
of the `.markdown .content` node updates, preventing the old
listener to catch any future anchor link clicks.
We attach the listener to the document instead and only activate
it when the target element is a proper anchor link heading.
Fixes#9767.
Set the initial visibility of the page content to hidden via
the stylesheet, and allow any data fetching and rendering to
complete before making content visible.
Adjust the conditional logic within `render` to first check for
the case in which a user goes to a doc link, the case in which
we asynchronously fetch data prior making content visible.
Fixes#9577.
We should only open the default article heading which is "Guides",
if the user is on the index page i.e. /help/. For non index pages
we don't need to open this heading.
This commit adds a minor improvment in clicking
the left sidebar behaviour. So if you click on
an article heading then other opened headings will
be closed automatically. This makes the toggle
experience better.
Anders Kaseorg
Mateusz Mandera
Hemanth V. Alluri
Alexandra Ciobica
Akash Nimare
Harshit Bansal
Tim Abbott
Rohitt Vashishtha
Yashashvi Dave
Thomas Ip
YashRE42
Kanishk Kakar
Abhinav Singh
theredcap
Adarsh Patel
Vaibhav
Vishnu Ks
Aditya Bansal
Eeshan Garg
Marco Burstein
Cynthia Lin
Abhigyan Khaund
Anders Kaseorg
Shubham Padia
Jack Zhang
Akash Nimare
Shubham Dhama