Commit Graph

1314 Commits

Author SHA1 Message Date
Steve Howell 57f17ae543 Extract top_left_corner.js.
Here are the functions in top_left_corner:

    get_global_filter_li: pure code move
    update_count_in_dom: simplifed copy of similar function in stream_list.js
    update_dom_with_unread_counts: pure code move, split out from function
       of same name in stream_list.js
    delselect_top_left_corner_items: pure code move
    handle_narrow_activated: pure code move + rename
    handle_narrow_deactivated: pure code move, split out from from function
       of smae name in stream_list.js
2017-08-14 13:03:57 -07:00
rht ea5fef45b5 mypy: Annotate settings.py. 2017-08-14 09:47:28 -07:00
Jack Zhang fc6c2b321b portico: Reimplement /apps routes using pushState. 2017-08-10 10:21:53 -07:00
Jack Zhang 2b6c84a01e urls: Add wildcard to IntegrationView routes after /integrations. 2017-08-10 10:21:53 -07:00
Jack Zhang 63ad7b6769 Rename /integrations/doc API endpoint as /integrations/doc-html. 2017-08-10 10:21:53 -07:00
Greg Price 9cb9e0d687 Revert "mypy: Ensure realm_subdomain is not None in LDAP authenticate()."
I was too hasty in pushing this -- it looks right logically, but it
breaks a test.  May not be hard to fix forward, but reverting now to
unbreak the build in master.

This reverts commit 02acd467b4.
2017-08-09 20:12:27 -07:00
neiljp (Neil Pilgrim) 02acd467b4 mypy: Ensure realm_subdomain is not None in LDAP authenticate(). 2017-08-09 18:04:21 -07:00
Vaida Plankyte cd560a80f2 settings.py: Add GOOGLE_OAUTH2_CLIENT_ID to DEFAULT_SETTINGS.
Allows the command-line help text to appear for Google
authentication, rather than a traceback.
2017-08-07 18:38:06 -07:00
Steve Howell 541156792e Add /mark_all_as_read endpoint.
This change simplifies how we mark all messages as read.  It also
speeds up the backend by taking advantage of our partial index
for unread messages.  We also use a new statsd indicator.
2017-08-04 14:10:46 -07:00
Rishi Gupta 082c3a3c93 portico: Add for-working-groups-and-communities.md. 2017-08-02 00:19:34 -07:00
Rishi Gupta 94f7a5704f portico: Add for/companies. 2017-08-02 00:19:34 -07:00
James Rowan db4a8227ee realm creation: Move DEFAULT_NEW_REALM_STREAMS out of settings. 2017-08-01 22:38:22 -07:00
Steve Howell 3f06f28ad7 sending messages: Extract sent_messages.js.
This commit extract send_messages.js to clean up code related
to the following things:

    * sending data to /json/report_send_time
    * restarting the event loop if events don't arrive on time

The code related to /json/report changes the following ways:

    * We track the state almost completely in the new
      send_messages.js module, with other modules just
      making one-line calls.

    * We no longer send "displayed" times to the servers, since
      we were kind of lying about them anyway.

    * We now explicitly track the state of each single sent
      message in its own object.

    * We now look up data related to the messages by local_id,
      instead of message_id.  The problem with message_id was
      that is was mutable.  Now we use local_id, and we extend
      the local_id concept to messages that don't get rendered
      client side.  We no longer need to react to the
      'message_id_changed' event to change our hash key.

    * The code used to live in many places:
        * various big chunks were scattered among compose.js,
          and those were all moved or reduced to one-line
          calls into the new module
        * echo.js continues to make basically one-line calls,
          but it no longer calls compose.report_as_received(),
          nor does it set the "start" time.
        * message_util.js used to report received events, but
          only when they finally got drawn in the home view;
          this code is gone now

The code related to restarting the event loop if events don't arrive
changes as follows:

    * The timer now gets set up from within
      send_messages.message_state.report_server_ack,
      where we can easily inspect the current state of the
      possibly-still-in-flight message.

    * The code to confirm that an event was received happens now
      in server_events.js, rather than later, so that we don't
      falsely blame the event loop  for a downstream bug.  (Plus
      it's easier to just do it one place.)

This change removes a fair amount of code from our node tests.  Some
of the removal is good stuff related to us completing killing off
unnecessary code.  Other removals are more expediency-driven, and
we should make another sweep at ramping up our coverage on compose.js,
with possibly a little more mocking of the new `send_messages` code
layer, since it's now abstracted better.

There is also some minor cleanup to echo.resend_message() in this
commit.

See #5968 for a detailed breakdown of the changes.
2017-08-01 08:58:56 -07:00
Greg Price 2d534e7397 Remove local_settings.py, as it grows stale with disuse.
This file hasn't reflected the actual configuration of any live
installation for some time, nor been part of any tests or other
mechanism to regularly validate it, so it's naturally fallen
behind as we make changes to the set of settings and typically
don't update this file accordingly.  Just remove it; all the
documentation functions it serves are already served just as
well by prod_settings_template.py and its ample comments.
2017-07-31 21:27:32 -07:00
vbNETonIce 4a5f82bc71 settings: Add default for INLINE_URL_EMBED_PREVIEW.
Tweaked by tabbott to improve the documentation around this setting
and its INLINE_IMAGE_PREVIEW cousin.
2017-07-31 21:11:12 -07:00
Brock Whittaker 8445f886d7 Add ability to pan and zoom lightbox images.
This adds the ability to pan and zoom lightbox images because they
are now converted to <canvas> elements.
2017-07-31 17:03:31 -07:00
Tim Abbott 41f37d0a6f jinja2: Use function interface for render_markdown_path.
Apparently, the filters implementation was doing some sort of strange
caching, where you would need to restart the server in order to
refresh for changes to the markdown content.

We fix this by switching to just calling the render_markdown_path
function from Jinja2.

Fixes #5974.
2017-07-31 14:54:54 -07:00
Tim Abbott a9fa1a5527 api: Migrate /json/messages_in_narrow off legacy API.
This completes the major endpoint migrations to eliminate legacy API
endpoints from Zulip.

There's a few other things that will happen naturally, so I believe
this fixes #611.
2017-07-31 13:08:06 -07:00
Tim Abbott 8003428845 api: Document remaining legacy endpoints. 2017-07-31 13:08:06 -07:00
Tim Abbott ed10ce70d4 invites: Migrate to non-legacy API format.
This has the side effect of making it possible for a bot user to
invite users with its API key, which seems useful.
2017-07-31 13:08:06 -07:00
Tim Abbott 6a50e13156 uploads: Remove legacy /json/upload_file endpoint.
This migrates Zulip to use the equivalent API endpoint that has been
present for a while.
2017-07-31 13:08:06 -07:00
Tim Abbott 1e5aee054b settings: Migrate main settings-change code to API.
This was one of the few major remaining endpoints that were still on
the old-style legacy API.
2017-07-31 13:08:06 -07:00
Jack Zhang c242df042f hotspots: Style hotspots. 2017-07-28 16:34:15 -07:00
vbNETonIce ea72432dca rename in comment: scripts/restart-zulip to scripts/restart-server
found this when trying to follow this comment and the script didn't exist anymore
2017-07-28 10:29:17 -07:00
Vaida Plankyte 26f5f77524 prod_settings_template.py: Update GitHub/Google auth setup docs. 2017-07-27 17:35:14 -07:00
Tim Abbott 53e4d8562b lint: Add a lint check for bare `type: ignore`s. 2017-07-27 16:31:55 -07:00
Steve Howell bc0761b22b Extract topic_data.js.
This new module tracks the recent topic names for any given
stream.

The code was pulled over almost verbatim from stream_data.js,
with minor renames to the function names.

We introduced a minor one-line function called stream_has_topics.
2017-07-27 14:26:22 -07:00
Rishi Gupta 6439603974 prod_settings_template: Add quotes around push notification url. 2017-07-25 17:42:33 -07:00
Greg Price e18baff32c JsonableError: Rename message from `error` to `msg`.
The whole thing is an error, so "message" is a more apt word for the
error message specifically.  We abbreviate that as `msg` in the actual
HTTP responses and in the signatures of `json_error` and friends, so
do the same here.
2017-07-24 16:41:22 -07:00
Rishi Gupta 9782911aca portico: Add initial why zulip page. 2017-07-19 11:53:06 -07:00
Pweaver (Paul Weaver) 01b0ec69d6 Move the webpack stats files to var/ and deploy root.
static/ serves static files which get copied around per deploy. Since
the webpack stats files need a consistent name and change per deploy,
they can't live in static/.

This fixes a bug that preventing downgrading a Zulip server to an old
version.
2017-07-18 15:02:58 -07:00
Rishi Gupta a249822ff5 confirmation: Add validity_in_days to _properties.
Also renames settings.EMAIL_CONFIRMATION_DAYS to
CONFIRMATION_LINK_DEFAULT_VALIDITY_DAYS, and adds a new setting for
invitation links.
2017-07-17 23:18:47 -07:00
Steve Howell 475eb21a5e Revert commits related to client_message_id.
I pushed a bunch of commits that attempted to introduce
the concept of `client_message_id` into our server, as
part of cleaning up our codepaths related to messages you
sent (both for the locally echoed case and for the host
case).

When we deployed this, we had some strange failures involving
double-echoed messages and issues advancing the pointer that appeared
related to #5779.  We didn't get to the bottom of exactly why the PR
caused havoc, but I decided there was a cleaner approach, anyway.
2017-07-14 12:13:35 -07:00
Steve Howell f6d670ae3d Extract sent_messages.js.
This is mostly straightforward moving of code out of compose.js.

The code that was moved currently supports sending time
reports for sent messages, but we intend to grow out the new
module to track more state about sent messages.

The following function names in this commit are new, but their
code was basically pulled over verbatim:

    process_success (was process_send_time)
    set_timer_for_restarting_event_loop
    clear
    initialize

All the code in the new module is covered by previous tests that
had been written for compose.js.  This commit only modifies
a few things to keep those tests.

The new module has 100% node coverage, so we updated `enforce_fully_covered`.
2017-07-13 23:42:27 -04:00
Jack Zhang 6e2f90c8c9 Improve /integrations page load time.
Prior to this commit, 7 megabytes of images (through 253 individual requests)
were heavily slowing down the initial load. With this commit, we load only the
logos (60 or so images).

Documentation and images for the individual integration sub-pages is requested
separately using the /integrations/doc/ endpoint, which returns HTML.
2017-07-13 20:37:09 -07:00
Brock Whittaker 1cf7ee966b help: Redesign /help/ pages to be a single page app.
This redesigns the /help/ page sets to be a single page app that uses
history.pushState to work the same as the old app.

The big new feature is that now we have the index in a nicely designed
left sidebar.
2017-07-13 15:43:44 -07:00
Umair Khan f94e8530ee Django 1.11: Remove jinja2 backend.
Django 1.11 adds the ability to pass context processors in Jinja2
backend. Django also sends template_rendered signal in tests.
These two issues were the reason why we added Jinja2 backend, but
after upgrading to Django 1.11 we can remove it.

We still need jinja2/__init__.py, which modifies the environment,
and jinja2/compressors.py, which adds minify_js compressor.
2017-07-12 17:53:25 -07:00
Aditya Bansal b9bffaa446 pep8: Add compliance with rule E261 to prod_settings_template.py. 2017-07-11 11:55:01 -07:00
Aditya Bansal 5f87a0f8f8 pep8: Add compliance with rule E261 zproject/settings.py. 2017-07-11 11:53:33 -07:00
Aditya Bansal 7c6ad4a770 pep8: Add compliance with rule E261 zproject/dev_settings.py. 2017-07-11 11:53:33 -07:00
Umair Khan 816ead737c jinja2: Support only Django version >= 1.11.
Django started supporting context processors from version 1.11; as
a result of this, we can get rid of some of the code which is now
being taken care of by Django.
2017-07-10 11:32:10 -07:00
Rishi Gupta 0f46fd86dd urls: Rename arguments to accounts/unsubscribe.
type -> email_type to match future work on ScheduledJob.

token -> confirmation_key to match what the other confirmation views urls
call this argument.
2017-07-07 18:56:14 -07:00
Vaida d5517bae36 Delete the old zulip.com "referrals" system.
This system hasn't been in active use for several years, and had some 
problems with it's design.  So it makes sense to just remove it to declutter
the codebase.

Fixes #5655.
2017-07-07 14:59:18 -07:00
Vishnu Ks 9067890120 urls: Use POST for zerver.views.user_settings.set_avatar_backend.
The set_avatar_backend is changed from PUT to POST becuase this
is not idempotent.
2017-07-07 10:31:43 -07:00
Vishnu Ks df5df76961 urls: Use POST for zerver.views.realm_emoji.upload_emoji.
The upload_emoji endpoint is changed from PUT to POST because
this endpoint is not idempotent.
2017-07-07 10:31:43 -07:00
Vishnu Ks cf2dec539f urls: Use POST for zerver.views.realm_icon.upload_icon.
This upload_icon endpoint is changed from PUT to POST becuase
this endpoint is not idempotent.
2017-07-07 10:31:43 -07:00
Rishi Gupta 07a3bb4d35 confirmation: Remove get_link_validity_in_days.
This commit removes the ability to configure different validity durations
for different types of confirmation links. I don't think the extra
configurability was worth the extra complexity, either for the user trying
to understand the settings, or for the developer trying to understand the
code.

The commit replaces all confirmation validity duration settings with a
single setting, settings.EMAIL_CONFIRMATION_DAYS.

The only setting it removes is settings.EMAIL_CHANGE_CONFIRMATION_DAYS,
which was introduced in 5bf83f9 and never advertised in prod_settings.py.
2017-07-07 07:46:31 -04:00
James Rowan 368bd66d8b emails: Refactor send_email functions to take both a sender name and address.
This will allow for customized senders for emails, e.g. 'Zulip Digest' for
digest emails and 'Zulip Missed Messages' for missed message emails.

Also:
* Converts the sender name to always be "Zulip", if the from_email used to
  be settings.NOREPLY_EMAIL_ADDRESS or settings.ZULIP_ADMINISTRATOR.

* Changes the default value of settings.NOREPLY_EMAIL_ADDRESS in the
  prod_setting_template to no longer have a display name. The only use of
  that display name was in the email pathway.
2017-07-04 14:25:01 -07:00
Rishi Gupta dd3dd26f15 prod_settings_template: Update description for FEEDBACK_EMAIL. 2017-07-04 14:25:01 -07:00
Cory Lynch 802ea9abf5 Refactor to delete mousewheel.js.
This old third party library added support
for a "mousewheel" event to detect scrolling.
However, it is not compatible with jQuery 3
and is obsolete now that there is a standard
"wheel" event that accomplishes the same thing.
2017-07-03 11:04:20 -04:00
Pweaver (Paul Weaver) 2c10e7c0db Change from and noreply emails to use EXTERNAL_HOST domain.
This eliminates another mandatory setting from what one needs to
configure to setup a Zulip server.
2017-07-01 08:09:25 -07:00
Rishi Gupta 2012913cc1 prod_settings_template: Update description of NOREPLY_EMAIL_ADDRESS. 2017-06-29 17:54:33 -07:00
Rishi Gupta 85d38bd17b emails: Remove DEFAULT_FROM_EMAIL from prod_settings_template. 2017-06-29 17:54:33 -07:00
Rishi Gupta 577e201df0 emails: Replace DEFAULT_FROM_EMAIL with ZULIP_ADMINISTRATOR.
We're getting rid of DEFAULT_FROM_EMAIL from prod_settings_template, since
we only really need one of {DEFAULT_FROM_EMAIL, ZULIP_ADMINISTRATOR}.
2017-06-29 17:54:33 -07:00
Vishnu Ks 9b7585a436 bots: Make welcome-bot cross realm. 2017-06-25 11:23:45 -04:00
Umair Khan a66b7b7083 Remove Django Guardian dependency.
Guardian adds functionality on top of Django auth system to set
per object permissions. Its problem is that it is has poor performance.
So we decided to remove it in release 1.4.0, but we still kept the
option to revert back to an older version which used Guardian.
See commit 49799440a4 for more details.

This commit is the final piece in the string of commits which move
us towards completely removing guardian from our codebase. The way
we do it as follows:

If you are upgrading from a version <= 1.3.10, you first need to
upgrade to 1.4.x (we recommend 1.4.2). The reason is that we
deprecated Guardian in this version. Once you have upgraded to
1.4.x we can be sure that your Zulip installation doesn't depend
on Guardian and all the data has been successfully migrated away from
Guardian. The second step is to upgrade to latest release which will
not include any reference to Guardian in the codebase. After this
commit migrating directly to the latest release will not work because
in that case Guardian data will not migrate.

The backward incompatible change that this introduces is that
we have squashed all the migrations till version 1.4.0. This was
necessary to remove Guardian because it was needed by the reverse
migration. These migrations were from 0001 to 0028.

Fixes #5420
2017-06-23 08:40:57 -04:00
Greg Price c9e35c459a landing: Write up why open source projects should use Zulip
This isn't very slick, but it should get the main points down,
and it's past time we got something like this up.  Definitely
needs in the future another pass at the text, and also some images
(screenshots, etc.) and styling.
2017-06-22 16:26:50 -07:00
Harshit Bansal c0e4f24a25 webpack: Migrate `common.js` bundle to webpack. 2017-06-22 19:06:32 -04:00
Vaida Plankyte 7577a80fd9 settings.py: Change jinja2 blocks to be stripped of whitespace. 2017-06-22 14:19:33 -04:00
Umair Khan a4afca7b73 ldap: Don't authenticate if realm is None.
Fixes #5431
2017-06-21 10:14:34 -04:00
Harshit Bansal c50b3672c2 webpack: Migrate `signup.js` bundle to webpack static asset pipeline. 2017-06-20 09:45:26 -04:00
Harshit Bansal 3953734a1c webpack: Migrate `stats.js` bundle to webpack static asset pipeline. 2017-06-20 09:45:26 -04:00
Cory Lynch 78de70688e dev: Add URL to preview error 404/5xx pages. 2017-06-14 21:18:45 -07:00
Cory Lynch cb4dadfdcd tools: Create /devtools page for useful dev URLs.
Fixes #5179.
2017-06-14 20:17:56 -07:00
Umair Khan 95fc16d90d Django 1.11: MIDDLEWARE_CLASSES setting is deprecated.
Django provides MiddlewareMixin to upgrade old-style middlewares. See
https://docs.djangoproject.com/en/1.11/topics/http/middleware/#upgrading-middleware
2017-06-13 15:04:04 -07:00
Umair Khan c25e9ad193 Django 1.11: Template now accepts backend in __init__.
This makes our `zproject.jinja2.backend.Template` compatible with
Jinja2. After this change we don't need to override __init__ function
in Template class.

The only reason we now need to create our own Template class is that
we need to send template_rendered signals.

We need our own Jinja2 class because we need to maintain backward
compatibility with Django 1.10 and we need inject `debug` parameter.
2017-06-13 15:04:04 -07:00
Pweaver (Paul Weaver) 28874cf26f webpack: Add --minify option to run-dev.py for to test minification. 2017-06-13 12:45:40 -07:00
Mehanig 1e5ce918e3 webpack: Move app_debug.js to webpack bundle. 2017-06-13 12:45:40 -07:00
Mehanig 04626acd5a webpack: Move zxcvbn.js to webpack bundle. 2017-06-13 12:45:39 -07:00
Mehanig ae29d4b8d2 webpack: Move landing-page.js to webpack bundle. 2017-06-13 12:36:55 -07:00
Mehanig 2c6f2fb93a webpack: Move activity js to webpack. 2017-06-13 12:36:51 -07:00
Pweaver (Paul Weaver) 5c07125994 Enable EmailAuthBackend by default to simplify a production install.
This should save a step from the installation process in the common
case.
2017-06-12 21:53:35 -07:00
Rafid Aslam 4f482834b4 deps: Upgrade and move `perfect-scrollbar` from `static/third` to `npm`.
- Remove `perfect-scrollbar` from `static/third` and fetch it from npm.
- Upgrade `perfect-scrollbar` to 0.7.1.
- Bump up the `PROVISION_VERSION` to 5.6.

Changed `wheelSpeed` in "static/js/scroll_bar.js" to 0.5, because when it
20, the scrollbar scrolls very fast.

Changed 'wheelSpeed' in "static/js/emoji_picker.js" from 25 to 0.68
(based on tabbott's testing of scrolling through the emoji list).

Part of #1709.
2017-06-11 10:15:48 -07:00
Cory Lynch 6219128d87 dev: Add /emails/ URL for testing email templates.
Fixes #5270.
2017-06-09 16:21:49 -07:00
Cory Lynch 6653e19e3a Add URL for viewing node coverage data on dev server.
Running test-js-with-node --coverage now provides a URL
to view the output data on the web.

Fixes #5177.
2017-06-09 16:17:30 -07:00
Mehanig 8c0e500d6b webpack: Migrate api and katex js files to Webpack bundler.
This also injects the dev webpack sockets to katex, since that's part
of the main web app bundle.
2017-06-09 12:33:52 -07:00
Rishi Gupta 769c5ab105 emails: Send password reset emails through zerver.lib.send_email.
Previously, the password reset email behaved differently from all the other
email Zulip sends.
2017-06-06 23:22:22 -07:00
Rishi Gupta 15e5814c27 emails: Prevent subject lines and plaintext emails from being HTML-escaped.
Adds a new template engine with autoescape=False, and uses the new engine to
render subject lines and plaintext emails.
2017-06-06 23:22:22 -07:00
Rishi Gupta 4d67ce8051 settings.py: Make template engine settings easier to duplicate.
No functional changes.
2017-06-06 23:22:22 -07:00
Greg Price 04b363f3a2 apps: Redirect /apps -> zulipchat.com/apps, except on upstream itself.
This page describes software the user will get from upstream for
their own devices, independent of what's on the server they're
using.  So it should live in a place maintained together with
that other software, rather than be distributed and versioned
with the server.

The use of ZILENCER_ENABLED to tell the difference is rather a hack
but is currently how we do this in the small handful of similar
spots; see #5245.

Fixes #5234.
2017-06-06 11:21:20 -07:00
Aditya Bansal feb663ffb6 pep8: Add compliance with rule E261 backends.py. 2017-06-04 09:18:22 -07:00
Cory Lynch 5d7828096e Split out server_events_dispatch.js from server_events.js. 2017-06-02 16:49:18 -07:00
Tim Abbott 4da9383f2d dev_urls: Add comments documenting sections. 2017-06-02 12:44:32 -07:00
Akhil 64f2b51496 typeahead: Add pm_conversations module.
In pm_conversations.js, added function to make a user a PM partner and
another function to check if a user is a PM partner. A PM partner is
someone with whom the user has been in a PM with.
2017-06-01 08:05:37 +00:00
Akhil f04da3d52e typeahead: Add recent_senders module.
In recent_senders module, added a data structure to hold timestamps of
users' latest message in a topic. Also added a function to compare 2
users based on above timestamp. Added a function to process messages for
the data structure and a call in add_message_metadata. Also added node
tests for insertion of data into recent_senders.senders.
2017-06-01 08:05:37 +00:00
K.Kanakhin 2434f2d96c messages: Add support for admins deleting messages.
This makes it possible for Zulip administrators to delete messages.
This is primarily intended for use in deleting early test messages,
but it can solve other problems as well.

Later we'll want to play with the permissions model for this, but for
now, the goal is just to integrate the feature.

Note that it saves the deleted messages for some time using the same
approach as Zulip's message retention policy feature.

Fixes #135.
2017-05-29 21:59:38 -07:00
Rohitt Vashishtha 2d73e03e37 ui-refactor: Rename modals.js to overlays.js.
Fixed #4702.
2017-05-29 11:24:46 -07:00
Pweaver (Paul Weaver) cb311e99d8 Change backend tests to use a webpack stats stub file. 2017-05-25 16:15:32 -07:00
Mehanig 3f5d0e69fb Build and handle jsfiles using webpack instead of django-pipeline.
Also renames bundle.js to translations.js.
2017-05-24 18:38:03 -07:00
umkay ccc70445d6 mypy: Fix strict-optional errors for test files.
Fix mypy --strict-optional errors in zerver/tests
2017-05-24 12:43:28 -07:00
Umair Khan 603b60940d github: Access private emails.
Previously our scope setting only allowed us access to
publicly listed email addresss. This commit changes that
to get access to private email addresses as well.

Fixes: #4937.
2017-05-24 08:24:26 -07:00
Eklavya Sharma 13ee26019f zproject/backends.py: Check for None before use.
Check if the dict 'return_data' is None before setting attributes
on it.
2017-05-23 21:56:50 -07:00
Eklavya Sharma cc1937c8d5 mypy: Use Optional with strings where required. 2017-05-23 21:56:50 -07:00
Eeshan Garg baff121115 app_filters: Render HTML to render Jinja2 syntax within Markdown macros.
If a Markdown macro contains Jinja2 template code, it isn't rendered
because render_markdown_path calls template.render on the including
.md file before the macro has been included. And then the including
.md file is converted to HTML. Therefore, the template code within
a Markdown macro (if any) never gets rendered and is returned as it is.

Now, after the source .md file is converted to HTML,
render_markdown_path renders the resulting HTML so that any template
code within included macros (if any) is finally rendered.
2017-05-22 18:19:14 -07:00
Tim Abbott a2f5d133e8 docs: Document the push notification forwarding service. 2017-05-18 13:39:58 -07:00
Tim Abbott 040067b2a2 invite: Remove obsolete bulk_invite_users endpoint. 2017-05-17 17:30:15 -07:00
Tim Abbott 9d63a5ab3a push_notification: Delete obsolete DBX_IOS_APP_ID code.
I'm not sure that this was ever actually used, but it's definitely
just clutter for Zulip today.
2017-05-16 12:26:55 -07:00
Eeshan Garg 10dcc99983 zerver/decorators: Log all exceptions raised in api_key_only_webhook_view.
Fixes #4742.
2017-05-13 14:53:47 -07:00
Tim Abbott ab3f55408d settings: Document how to set EXTERNAL_HOST to include a port number.
Also, make sure that ALLOWED_HOSTS is correct in the case that a port
number is included.
2017-05-12 14:27:29 -07:00
Brock Whittaker 6e7305f784 js: Implement DynamicText class.
This implements the DynamicText class for resizing of text to fit the
parent node.
2017-05-11 17:23:53 -07:00
Umair Khan dc2a9a4c5b github: Add sign up button on registration page. 2017-05-10 17:49:08 -07:00
Tim Abbott 5019b53492 auth: Pass is_signup option around. 2017-05-10 17:20:34 -07:00
Tim Abbott c21d336bfe css: Use the Zulip static asset pipeline for emoji sprite sheet CSS.
This should be a nonfunctional change in most cases; the main benefit
should be preventing caching issues if/when our sprite sheets change.
2017-05-09 19:45:57 -07:00
Tim Abbott 2d97db3518 streams: Add endpoint for modifying properties of a single stream.
This is likely to be the more common endpoint for API clients like the
mobile apps to interact with when modifying streams.
2017-05-09 13:42:34 -07:00
kunall17 e087bc24f8 streams: Migrate stream property changes to new REST endpoint.
This is one of the last major endpoints that were still done in the
pre-REST style.

While we're at it, we change the endpoint to expect a stream ID, not a
stream name.
2017-05-09 13:39:23 -07:00
Steve Howell 0a0f567aeb Split out markdown.js from echo.js.
The new module handles markdown rendering.

The code left behind in echo.js does local-echo kind of things
like reifying message ids.
2017-05-09 11:06:10 -07:00
Steve Howell 70d4ac93ce Add modals.info_overlay_open().
This also removes ui_state.js, since its last function
is now replaced by modals.info_overlay_open().
2017-05-09 09:19:27 -07:00
Mahim Goyal 6464514ca9 Break compose.js and drafts.js dependency. 2017-05-08 14:43:49 -07:00
Aditya Bansal 2820eb5a54 pep8: Add compliance with rule E261 to wsgi.py. 2017-05-07 23:21:50 -07:00
Aditya Bansal 462786e8b0 pep8: Add compliance with rule E261 to local_settings.py. 2017-05-07 23:21:50 -07:00
Rishi Gupta 962b56efbd settings: Change example NOREPLY_EMAIL_ADDRESS to have a display name.
We used to use constructions like
from_email = "Zulip <%s>" % (settings.NOREPLY_EMAIL_ADDRESS,)
but no longer do. All references to settings.NOREPLY_EMAIL_ADDRESS in the
codebase now do not append a display name.
2017-05-05 14:38:25 -07:00
Rishi Gupta e46cbaffa2 email: Remove Mandrill pathways and dependency.
Everything it was doing (send_future_email) can now be done using
ScheduledJob.
2017-05-05 14:38:23 -07:00
Rishi Gupta 92dd76822f email: Move and rename password reset templates. 2017-05-03 23:26:14 -07:00
Tim Abbott 51260b7536 auth: Add new route to get server settings.
Specifically, this makes easily available to the desktop and mobile
apps data on the server's configuration, including important details
like the realm icon, name, and description.

It deprecates /api/v1/get_auth_backends.
2017-05-03 16:40:14 -07:00
Tim Abbott 84008b9c37 context_processors: Rename confusingly named add_settings context.
Also document this.
2017-05-01 15:47:58 -07:00
K.Kanakhin f13d6a18eb realm-emoji: Add realm emoji uploading instead url providing.
- Add file_name field to `RealmEmoji` model and migration.
- Add emoji upload supporting to Upload backends.
- Add uploaded file processing to emoji views.
- Use emoji source url as based for display url.
- Change emoji form for image uploading.
- Fix back-end tests.
- Fix front-end tests.
- Add tests for emoji uploading.

Fixes #1134
2017-05-01 14:50:20 -07:00
Jack Zhang f8b3ce7d15 emoji: Move all emoji picker logic/events into emoji_picker module.
Added emoji_picker.js to static asset pipeline.
2017-04-30 14:13:36 -07:00
Cory Lynch 0965c43238 Add typeahead for syntax highlighting languages.
Modified composebox_typeahead.js to recognize the triple backtick
and tilde for code blocks, and added appropriate typeahead functions
in that file and in typeahead_helper.js.

Additionally, a new file pygments_data.js contains a dictionary of
the supported languages, mapping to relative popularity
rankings. These rankings determine the order of sort of the
languages in the typeahead.

This JavaScript file is actually in static/generated/pygments_data.js, as it
is generated by a Python script, tools/build_pymgents_data.py. This is
so that if Pygments adds support for new languages, the JavaScript file
will be updated appropriately. This python script uses a set of popularity
rankings defined in lang.json.

Corresponding unit tests were also added.

Fixes #4111.
2017-04-28 17:22:59 -07:00
Brock Whittaker 7afbc9ddd6 Redesign login and registration pages.
This completes a major redesign of the Zulip login and registration
pages, making them look much more slick and modern.

Major features include:
* Display of the realm name, description and icon on the login page
  and registration pages in the subdomains case.
* Much slicker looking buttons and input fields.
* A new overall style for the exterior of these portico pages.
2017-04-26 18:04:05 -07:00
Steve Howell 8eb86335b9 Extract narrow_state.js.
Despite the length of this commit, it is a very straightforward
moving of code from narrow.js -> narrow_state.js, and then
everything else is just s/narrow.foo()/narrow_state.foo()/
(with a few tiny cleanups to remove some code duplication
in certain callers).

The only new functions are simple setter/getters that
encapsulate the current_filter variable:

    narrow_state.reset_current_filter()
    narrow_state.set_current_filter()
    narrow_state.get_current_filter()

We removed narrow.predicate() as part of this, since it was dead
code.

Also, we removed the shim for narrow_state.set_compose_defaults(),
and since that was the last shim, we removed shim.js from the app.
2017-04-25 09:57:32 -07:00
Steve Howell 7326971380 Extract stream_edit.js.
This code makes the right pane work in "Manage Streams" when
you are editing a stream subscription.  It handles basic
functionality (submitting forms, etc.), live updates, and
showing the pane as needed.

Most of the code here was simply moved from subs.js, but some
functions were pulled out of larger functions:

    live update:
        add_me_to_member_list
        update_stream_name
        update_stream_description

    collapse/show:
        collapse
        show_sub

We also now export subs.show_subs_pane.

We eventually want stream_edit not to call into subs.js, and
this should be fairly easy--we just need to move some shared
methods to a new module.
2017-04-25 09:57:32 -07:00
Steve Howell ca2aea8d01 Extract stream_create.js.
This new modules handles the UI to create streams.  It mostly moves
code from subs.js.

It introduces an API around what used to be called meta.stream_created:

    reset_created_stream()
    set_name()
    get_name()

It only partially moves new_stream_clicked().
2017-04-25 09:57:32 -07:00
K.Kanakhin e3e52e7284 email-mirror: Move postfix email mirror integration to separate script.
This fixes a performance problem where we were previously starting up
a full Django process (~0.7s even on a fast machine) every time a new
email came in, potentially allowing users to accidentally DoS a Zulip
server.  Now, we just post over HTTPS, allowing the existing thread
pool support to do its job.

- Add script wrapper to communicate postfix pipe with django web server
  over HTTP(S). It uses shared_secret authentication mode.
- Add django view to process messages from email mirror server.
- Clean management command `email-mirror`. Left just functional
  for cron email processing.
- Add routes for new tornado view.
- Change pipe script in master process postfix config template
  based on updated script.
- Add tests.

Tweaked by tabbott to adjust the directory and set better defaults.

Fixes #2421.
2017-04-24 21:24:23 -07:00
Steve Howell 5ae284dcb1 Add topic_generator.js to the app. 2017-04-22 11:46:47 -07:00
Shayan Toqraee 534c951ec4 Add rtl.js library for detecting direction of text.
This comes complete with some documentation and node tests, and is a
key step towards implementing RTL support in Zulip.
2017-04-22 11:25:54 -07:00
Tim Abbott 55bea73035 Revert "github: Call the appropriate authenticate."
This reverts commit ab260731a9.

The overridden authenticate method was buggy.
2017-04-19 10:06:00 -07:00
Steve Howell 9591b3a95b Extract stream_sort.js. 2017-04-19 09:16:37 -07:00
Tim Abbott cddee49e75 Add support infrastructure for push notification bouncer service.
This is an incomplete cleaned-up continuation of Lisa Neigut's push
notification bouncer work.  It supports registration and
deregistration of individual push tokens with a central push
notification bouncer server.

It still is missing a few things before we can complete this effort:
* A registration form for server admins to configure their server for
  this service, with tests.
* Code (and tests) for actually bouncing the notifications.
2017-04-18 23:03:06 -07:00
Tim Abbott 55a9101573 settings: Add support for ZULIP_ORG secrets.
These can be used to authenticate the current Zulip server to
zulip.org.
2017-04-18 23:00:10 -07:00
Umair Khan cf3b6c6ca9 profile: Support custom profile data.
Implements backend for #1760.
2017-04-18 15:20:59 -07:00
Steve Howell 70b7d4c00b Extract compose_state.js.
This is mostly just moving methods out of compose.js.

The variable `is_composing_message`, which isn't a boolean, has
been renamed to `message_type`, and there are new functions
set_message_type() and get_message_type() that wrap it.

This commit removes some shims related to the global variable
`compose_state`; now, `compose_state` is a typical global
variable with a 1:1 relationship with the module by the same
name.

The new module has 100% line coverage, most of it coming
via the tests on compose_actions.js.  (The methods here are
super simple, so it's a good thing that the tests are somewhat
integrated with a higher layer.)
2017-04-18 12:26:58 -07:00
Umair Khan ab260731a9 github: Call the appropriate authenticate.
This commit makes sure that GitHubAuthBackend will only authenticate
using its own authenticate method. This is done by adding a new
Python Social Auth strategy which instead of calling authenticate
method of Django, calls the authenticate of the backend directly.

The problem this commit solves is that while authenticating through
GitHub backend, we were ending up getting authenticated through
ZulipDummyBackend. This might happen because the default strategy used
by Python Social Auth calls the authenticate method of Django which
iterates over all the backends and tries the authenticate methods
which match with the function arguments. The new strategy this commit
adds calls the authenticate method of GitHub backend directly which
makes sense because we already know that we want to authenticate with
GithHub.

The actual problem of why we are ending up on ZulipDummyBackend is
still a mystery because the function arguments passed to its
authenticate method are different. It shouldn't be called.
2017-04-17 21:03:08 -07:00
Steve Howell 22e21cddcb admin/settings: Lazy-load Organization sections.
We now wait to load Organization sections until you
click on the section (or virtually click by using arrow
keys).

Some of the sections are coupled in terms of their setup,
so some sections will already be loaded if you had clicked
on a related section.
2017-04-17 20:55:42 -07:00
Brock Whittaker 9576d5caef frontend: Implement list_render class.
This implements a list_render closure class that allows for
progressive, responsive rendering of long, scrollable lists, with
filtering support.

It isn't used, at present.
2017-04-14 14:52:50 -07:00
Steve Howell dd0c50f0df Extract compose_actions.js.
This module extracts these two functions that get called by
several other modules:

    start()
    cancel()

It is a little bit arbitrary which functions got pulled over
with them, but it's generally functions that would have only
been called via start/cancel.

There are two goals for splitting out this code.  The first
goal is simply to make `compose.js` have fewer responsibilities.
The second goal is to help break up circular dependencies.
The extraction of this module does more to clarify
dependencies than actually break them.  The methods start()
and cancel() had actually been shimmed in an earlier commit,
and now they no longer have a shim.

Besides start/cancel, most of the functions here are only
exported to facilitate test stubbing.  An exception is
decorate_stream_bar(), which is currently called from
ui_init.js.  We probably should move the "blur" handler out
of there, but cleaning up ui_init.js is a project for another
day.

It may seem slightly odd that this commit doesn't pull over
finish() into this module, but finish() would bring in the
whole send-message codepath.  You can think of it like this:

* compose_actions basically just populates the compose box
* compose.finish() makes the compose box do its real job,
  which is to send a message
2017-04-14 13:09:19 -07:00
hackerkid 2a0a84b229 Add moment.js third-party module via npm.
This is needed for timezone manipulations.  We may be able to replace
XDate with it in the future as well.
2017-04-14 10:22:06 -07:00
Umair Khan a507a47778 testing: Use zulip_test_template for backend.
Instead of zulip_test, use zulip_test_template for backend DB. This
makes sure that the DB used by backend tests is different from the
DB, which will be zulip_test, used by Casper tests.
2017-04-14 10:23:31 +05:00
Steve Howell 6b549248e8 Extract settings_filters.js. 2017-04-13 10:39:39 -07:00
Steve Howell 3e37f64f71 Extract settings_streams.js. 2017-04-13 10:39:39 -07:00
Steve Howell 70afb59cff Extract settings_users.js.
This affects three admin sections:

    * Users
    * Deactivated users
    * Bots
2017-04-13 10:39:39 -07:00
Steve Howell 0fc7b9907f Extract settings_org.js (and fix live updates).
This is mostly moving code, but we do add short-circuit logic
for some live-updating methods here.

Note that this affects two different sections of the admin app:

    * Organization settings
    * Authentication methods

We really want to move to one module per section, but there is some
legacy coupling that makes this difficult for now.
2017-04-13 10:39:39 -07:00
Steve Howell a3b44148af Extract settings_emoji.js. 2017-04-13 10:39:39 -07:00
K.Kanakhin 4891a8d850 Add default response for `terms` and `privacy` endpoints.
- Add setting for `privacy policy` template defining.
- Configure default templates for `privacy policy` and
  `terms of service` pages.
- Add route for privacy page.
- Remove condition for showing `privacy` and `terms` pages.
- Add `privacy_policy` setting to context processor.
- Add documentaion part for `privacy` and `terms` templates
  configuration.
- Add tests.

Fixes #3686.
2017-04-12 14:09:14 -07:00
Tim Abbott 79ad174ad3 settings: logging configuration to consistently email errors.
This fixes 2 issues:
* Some exceptions were not being properly emailed to admins.

* A bug in the parens placement in the default Zulip handlers list
  resulted in the console/file handlers being accidentally excluded if
  !ERROR_REPORTING.

Fixes #4127.
2017-04-12 11:17:57 -07:00
Steve Howell 06f9c28fd2 settings: Lazy-load settings sections.
For the settings UI, we now wait until a user goes to a particular
settings section before calling the appropriate function to set
up the section (which usually involves setting up click handlers
and populating initial data).
2017-04-07 15:20:12 -07:00
Steve Howell 7f17fc020f Extract settings_bots.js. 2017-04-07 15:20:12 -07:00
Steve Howell f37ce1eeb1 Extract settings_lab.js. 2017-04-06 11:28:36 -07:00
Steve Howell 89128a2272 Extract settings_muting.js. 2017-04-06 11:28:36 -07:00
Steve Howell 1f38884b27 Extract settings_notifications.js. 2017-04-06 11:28:36 -07:00
Steve Howell fa143d4582 Extract settings_display.js 2017-04-06 11:28:36 -07:00
Steve Howell 47bdecdc4f Extract settings_account.js.
This code handles the settings pane for "Your account," which
has email/name/password/avatar/etc.
2017-04-06 11:28:36 -07:00
Steve Howell 4bbd73a9a2 Extract list_util.js for navigating lists.
The code here used to live in hotkey.js.  Its complicated calling
protocol made it difficult to unit test.  We are also trying to
slim down hotkey.js.

Our arrow navigation for things like `#stream_filters` has always
been kind of awkward, since it's difficult to get the focus to
their list items.  This commit does nothing to fix that yet.
2017-04-05 11:53:52 -07:00
Umair Khan 8e87ba439d github: Go to registration if email is invalid. 2017-04-04 18:03:33 -07:00
Umair Khan c5218fb584 github: Pass proper parameters to authenticate.
Django tries to authenticate against all backends one by one.
The authenticate() function of GitHub backend used to take
*args and **kwargs arguments due to which it could be called
against any set of arguments. Django uses arguments to
differentiate authenticate() methods.
2017-04-04 18:03:33 -07:00
Steve Howell 2718bd0b5d Extract presence.js to track presence info.
Most of this code was simply moved from activity.js with some
minor renaming of functions like set_presence_info -> set_info.

Some functions were slightly nontrivial extractions:

    is_not_offline:
        came from activity.huddle_fraction_present

    get_status/get_mobile:
        simple getters

    set_user_status:
        partial extraction from activity.set_user_status

    last_active_date:
        pulled out of admin.js code

We also fixed activity.filter_and_sort to take user_ids.
2017-04-04 15:57:10 -07:00
Harshit Bansal b40a8ea20b views/realm_aliases.py: `realm_alias` migration.
* Rename `views/realm_aliases.py` to `views/realm_domains.py`.

* Remove any occurrences of `alias`.
2017-04-04 15:48:03 -07:00
Brock Whittaker 34f9ccb87c alerts: Change sidebar alerts to be at top of the screen.
This changes the alerts to be individual boxes that slide down from
the top of the screen for a better UI experience.
2017-04-03 16:22:05 -07:00
Steve Howell 2d52463b61 Extract ui_report.js.
This moves the implementations of error/report/message from
ui.js to ui_report.js.  They had been shimmed before, so calling
modules still use the same names to call the functions, but we
no longer need the shims.
2017-04-03 07:13:25 -07:00
Rohitt Vashishtha c7b40e76ac css: Make thirdparty-fonts.css load before Zulip stylesheets. 2017-03-29 21:18:43 -07:00
Amy Liu 6f061beb46 hotspots: Add backend support for tutorial hotspots.
This commit adds the backend support for a new style of tutorial which
allows for highlighting of multiple areas of the page with hotspots that
disappear when clicked by the user.
2017-03-29 11:34:32 -07:00
Tim Abbott 1a17b11788 logging_handlers: Add tests for main error reporting code path. 2017-03-26 13:10:43 -07:00
Tim Abbott 5672618b82 css: Extract popovers.css. 2017-03-25 20:14:17 -07:00
hollywoodno 75d9630258 Add notifications on new logins to Zulip.
This adds helpful email notifications for users who just logged into a
Zulip server, as a security protection against accounts being hacked.

Text tweaked by tabbott.

Fixes #2182.
2017-03-25 16:50:52 -07:00
Umair Khan f7860bca48 backends.py: Don't pass mutable default arguments.
Values of mutable default arguments are shared across all function
invocations. See
https://pythonconquerstheuniverse.wordpress.com/2012/02/15/mutable-default-arguments/
for further details.
2017-03-24 10:59:32 -07:00
Tim Abbott 3617ebfd41 api: Rename get_old_messages to get_messages in the backend.
Fixes #1315.
2017-03-23 23:52:44 -07:00
Umair Khan 2dc2a6b705 github: Redirect to login page if invalid email. 2017-03-23 17:12:58 -07:00
Umair Khan 30c1e2245e github: Add docstrings to functions.
Docstring added to:
* auth_complete
* do_auth
2017-03-23 17:12:58 -07:00
Umair Khan 029a4e5696 backends.py: Update comment in process_do_auth. 2017-03-23 17:12:58 -07:00
Tim Abbott 06492738b5 dev: Expose coverage and built documentation to web.
This makes it much more convenient for developers to access coverage
and built developer documentation.
2017-03-23 13:10:06 -07:00
Tim Abbott d39b2e116b settings: Disable password strength checking in development. 2017-03-22 13:14:20 -07:00
sinwar 397e9c109e auth: Separate development login from main login page.
This allows us to enable EmailAuthBackend by default in development
without cluttering the development login experience.

Fixes #3652.
2017-03-22 12:54:30 -07:00
Raghav Jajodia 9707c74f33 message_edit: Added copy to clipboard button.
A copy-to-clipboard button is added over message-edit textarea.
Closes #3239.
2017-03-22 11:00:18 -07:00
Steve Howell 4fb8339954 Extract typing_events.js. 2017-03-22 07:29:42 -07:00
Steve Howell 642be6ad18 Revamp state tracking for outbound typing indicators.
This change moves most of the logic related to starting and
stopping outbound typing indicators to a new module called
typing_status.js that is heavily unit tested.

While this was in some sense a rewrite, the logic was mostly
inspired by the existing code.

This change does fix one known bug, which is that when we
were changing recipients before (while typing was active), we
were not stopping and starting typing indicators.  This was
a fairly minor bug, since usually users leave the compose
box to change recipients, and we would do stop/start under
that scenario.  Now we also handle the case where the user
does not leave the compose box to change recipients.
2017-03-22 07:01:20 -07:00
Steve Howell 67a2094ed1 Add typing_data.js, which can track users who are typing.
(A subsequent commit will actually integrate this into the app.)
2017-03-21 17:24:40 -07:00
Yago González 34a9e1ae11 markdown: Add TeX typesetting support.
Co-authored-by: Reid Barton <rwbarton@gmail.com>

Fixes #2056.
2017-03-21 16:40:00 -07:00
adnrs96 a91012bd70 Move thirdparty-fonts.css from static/styles to static/third. 2017-03-21 13:40:05 -07:00
Tim Abbott 5b0ff2a69a mypy: Fix some strict-optional related issues. 2017-03-19 22:26:25 -07:00
Steve Howell fd856d728c Extract message_util.js 2017-03-19 21:03:45 -07:00
Steve Howell 8d3d70984d Extract message_events.js. 2017-03-19 21:03:45 -07:00
Steve Howell 1114c8bf62 Extract message_fetch.js. 2017-03-19 21:03:45 -07:00
wangjames 12eeb27442 js dependencies: Extract ui_state.js.
The function home_tab_obscured used to be in the ui_state
namespace via a shim, but now we have an actual module for
it.
2017-03-19 14:11:50 -07:00
Steve Howell d026344b37 Extract js/ui_util.js. 2017-03-19 11:05:45 -07:00
Steve Howell 1d7d6869c9 Extract stream_events.js 2017-03-19 10:56:09 -07:00
Steve Howell cfd1e8cbc3 Extract stream_muting.js. 2017-03-19 10:56:09 -07:00
Steve Howell ab34b5ee9f Extract ui_init.js. 2017-03-19 10:56:09 -07:00
Rishi Gupta 19d8d16126 js dependencies: Split hash_util.js from hashchange.js. 2017-03-18 20:40:34 -07:00
Steve Howell 35d38d62f3 Add shim.js w/narrow_state global. 2017-03-18 15:52:50 -07:00
Tim Abbott f67e9a7e5e CSS: Rename #overlay to #lightbox_overlay. 2017-03-18 13:54:11 -07:00
Tim Abbott ed90879602 js: Extract lightbox.js from ui.js. 2017-03-18 13:54:11 -07:00
Steve Howell a51caceea5 refactor: Extract unread_ops.js
This module mostly contains the mark_* functions that
update the server with info about unread counts.
2017-03-18 10:35:52 -07:00
Arpith Siromoney e073220e21 Add typing notifications front end.
Send typing notification events when user types in the compose box.
Listen for these events and display a notification.

Sending notifications: Notifications are throttled, so that start
notifications are sent every 10 seconds of active typing, and stop
notifications are sent 5 seconds after active typing stops or when the
compose box is closed.

Displaying notifications:
When a typing notification is received, if the current narrow is private
messages or is: pm-with and the user is not the sender,
"Othello is typing..." is displayed underneath the last message. This notification is
removed after 15 seconds. If another notification is received during this period, the
expiration is extended. When a stop notification is received the notification is removed.

Internally, a list of users currently typing is maintained for each
conversation (in a dict). When an event is received the list (for the appropriate
conversation) is updated and the notifications template is re-rendered
based on the narrow information. This template is also re-rendered when
the narrow changes.

Significantly modified by tabbott for clarity.

Fixes #150.
2017-03-17 20:45:07 -07:00
Tim Abbott 25488b550f casper: Fix issues with server autoreloading on save.
This fixes an issue where if you saved a Python file (even just
changing whitespace) while casper tests were running, the Tornado
server being used would restart, triggering a confusing error like
this:

ReferenceError: Can't find variable: $
Traceback:
  undefined:2
  :4
Suite explicitly interrupted without any message given.
2017-03-17 20:45:07 -07:00
Umair Khan 4442703011 jinja2: No need for custom render_to_response.
Django 1.10 has changed the implementation of this function to
match our custom implementation; in addition to this, we prefer
render().

Fixes #1914 via #4093.
2017-03-17 13:57:34 -07:00
kunall17 a908bb1898 Implemented API routes for muting/unmuting a topic 2017-03-15 16:19:00 -07:00
Brock Whittaker b0e5aeb313 Consolidate JavaScript modal closing in modals.js.
This consolidates all actions to close modals into modals.js and
triggers the correct cleaning/collapsing function dependent on what the
data-overlay attribute is labeled as.

It also ensures these all have an e.stopPropagation().

Fixes #4029.
2017-03-15 12:27:44 -07:00
K.Kanakhin f77c5fc086 settings: Extend `DATA_UPLOAD_MAX_MEMORY_SIZE` from default value.
- In django 1.10 was added `DATA_UPLOAD_MAX_MEMORY_SIZE` parameter,
  which controls max size of uploading files. By default it is 2.5MB.
2017-03-15 12:15:27 -07:00
Umair Khan 0d296afa54 github: Return '' when name is None. 2017-03-15 11:11:09 -07:00
Umair Khan e44e58f6d5 logging: Skip log records originated in site packages.
This fixes the huge exception we get in our logs from django.template
logger. This exception is a known bug in Django, see
https://code.djangoproject.com/ticket/26886

Fixes #3974
2017-03-15 11:07:31 -07:00
Rishi Gupta 4627ff1b4b zproject: Change comments to refer to Realm.string_id instead of domain. 2017-03-14 17:17:42 -07:00
Tim Abbott 5e39ccd642 js: Rename viewport.js to message_viewport.js.
This fixes the mobile web experience for Chrome on iOS.

Apparently, Chrome-on-iOS silently has a `viewport` module that
overrides and user-defined module by that name, causing all of our
code that accesses the viewport module to not work on that platform.
We fix this by renaming it.
2017-03-10 14:59:59 -08:00
Amy Liu e5ab3123af Migrate json/set_muted_topics to muting/topics. 2017-03-09 20:52:29 -08:00
Amy Liu 9500c88e32 Migrate legacy url json/bulk_invite_users to invite/bulk_invite. 2017-03-09 20:51:03 -08:00
Tim Abbott 84eb427c63 lint: Fix settings.py linewrapping. 2017-03-08 01:15:24 -08:00
Brock Whittaker 3b55519b11 Redesign "/features/" page in portico.
This redesigns the features page to incorporate the new landing nav,
CSS animations, and general styling of the product page set.
2017-03-07 23:25:39 -08:00
K.Kanakhin 1cb0f8dc41 Add size limit for uploading user avatars and realm icons.
- Add settings parameter for max realm icon size.
- Add settings parameter for max user avatar size.
- Add checking file size to avatar and icon
  uploading views.
- Transfer file size limit parameter to frontend.
- Add tests.
2017-03-07 22:13:01 -08:00
K.Kanakhin 173f34b7aa user-presence: Add `offline` status to aggregated info.
- Add `OFFLINE_THRESHOLD_SECS` settings parameter
  to handle offline period.
- Set aggregated status to offline if user's status
  haven't changed for `OFFLINE_THRESHOLD_SECS` period.
- Add test for offline aggregated status.
2017-03-07 20:09:53 -08:00
Umair Khan 1f60baba6b Handle social auth exception in auth_complete.
In case of an exception, we log it and return None which results in a
redirect to the login page.
2017-03-07 19:46:40 -08:00
Raghav Jajodia d52e08a25c analytics: Add a "Last updated" to the bottom of the stats page.
Fixes #3857.
2017-03-07 16:02:27 -08:00
Tim Abbott dcb14ec58e jinja2: Fix mypy confusion caused by weird six import. 2017-03-06 22:24:07 -08:00
Tim Abbott e1c1f96f9e zilencer: Eliminate submit_feedback indirection. 2017-03-06 00:01:57 -08:00
Tim Abbott 9a08ef5545 zilencer: Remove FEEDBACK_TARGET forwarding logic.
This feature hardcoded zulip.com, and never really made much sense
("feedback" should generally go to the local server administrator, not
to the Zulip development community).
2017-03-06 00:01:57 -08:00
Steve Howell 8e2e406404 refactor: Extract stream_popover.js.
This module handles the popovers in the stream list--one for
stream actions and another for topic-specific actions.

The extraction was mostly straightforward, but I did move some
of the code related to the color picker to be more consistent
with how I organized the other click handlers.
2017-03-05 15:44:43 -08:00
Rafid Aslam 33129059f4 deps: Upgrade and move `handlebars` from `static/third` to `npm`.
- Remove `handlebars.runtime.js` from static/third and fetch it from npm
- Upgrade `handlebars` to 3.0.3.

I change the test since there is a patch about line, written in
handlebars'
v2.0.0-beta.1 release note:
"Lines containing only block statements and whitespace are now removed."

Fixes part of #1709.
2017-03-04 21:49:02 -08:00
Tim Abbott bd0d6bb9d2 docs: Add discussion of VFL to front-end-build-process.md.
Also, link to this from various Python files where relevant.
2017-03-04 21:14:17 -08:00
Tim Abbott 899b59e9d6 dev_settings: Fix linter error in recent mypy work. 2017-03-04 15:34:09 -08:00
Tim Abbott 75e81253f2 mypy: Work around several new mypy bugs in 0.501. 2017-03-04 15:33:39 -08:00
Raghav Jajodia a3a03bd6a5 mypy: Added Dict, List and Set imports.
Fixed mypy errors associated with the upgrade.
2017-03-04 14:33:44 -08:00
Rishi Gupta 66371009e2 Set settings.TIME_ZONE to UTC.
If there are weird time-based regressions in the next couple of days, it's
probably due to this.
2017-03-03 19:00:02 -08:00
Rishi Gupta 28d3af0965 Fix several new errors caught by mypy 0.501.
Clear out a bunch of easy to review errors, so we can focus on the more
complicated ones.
2017-03-03 14:12:52 -08:00
hackerkid b7a6826fda Add support for getting medium size profile images. 2017-03-01 09:57:30 -08:00
Igor Tokarev 31dff09efa Support email changes for !avatar syntax.
Significantly modified by tabbott to avoid calling
get_user_profile_by_email in bugdown, and have 100% test coverage of
the views code.

Fixes #2041.
2017-02-28 21:56:04 -08:00
Umair Khan 802de53ede backend: Handle GitHub authentication failure.
In case of AuthFailed exception return None.
2017-02-28 09:55:37 -08:00
K.Kanakhin 257bb40698 realm-icon: Add realm icon feature.
- Add realm icon fields to realm model.
- Add migration for new realm model's field.
- Add views for icon uploading and deleting.
- Add routes for realm icons views.
- Add JS widget for realm icon upload setting.
- Add realm icon upload to administration
  organization setting.
- Add tests for realm icons.

Fixes #3660.
2017-02-26 12:16:07 -08:00
Tim Abbott 20b655016d js: Move admin.js further down the list.
This makes it reasonable for it to depend on libraries like widgets.js.
2017-02-26 12:16:07 -08:00
K.Kanakhin 9ce218154e realm-icon: Move upload widget to separate file.
This makes it possible to use the upload widget in the realm icon
organization settings on frontend.
2017-02-26 12:15:41 -08:00
Umair Khan 5bf83f9e0a change-email: Implement confirmation flow.
This adds to Zulip support for a user changing their own email
address.

It's backed by a huge amount of work by Steve Howell on making email
changes actually work from a UI perspective.

Fixes #734.
2017-02-23 03:15:17 -08:00
Sampriti Panda 1929cc5190 Implement persistent drafts functionality
* Created a drafts modal to display/restore/delete drafts
* Created a Draft model to support storing draft data in localstorage
* Removed existing restore-draft functionality
* Added casper and node tests for drafts functionality

Fixes #1717.
2017-02-23 02:58:23 -08:00
sinwar 483a351d44 Upgrade to argon password hasher.
The Argon2 password hasher is the currently recommended password
hasher for Django.

Fixes #3362.
2017-02-22 23:29:12 -08:00
Tim Abbott cf444203c4 docs: Update email configuration documentation.
Fixes #2958.
2017-02-22 22:26:43 -08:00
Tim Abbott d2f9152c43 settings: Make it possible to override EMAIL_BACKEND.
Fixes #3699.
2017-02-22 22:26:43 -08:00
Tim Abbott 8c1285924e prod_settings_template: Move email configuration up.
This reflects the fact that you definitely need to configure this, but
you don't have to configure any of the auth backends, really.
2017-02-22 22:26:43 -08:00
Tim Abbott 7964408633 prod_settings_template: Move ALLOWED_HOSTS up and clarify. 2017-02-22 22:26:43 -08:00
Tim Abbott 53686fc5ac zproject: Delete config for old Django templates.
This configuration was effectively never used for anything.
2017-02-22 00:01:33 -08:00
Tim Abbott 1cbc86499e events_register: Eliminate unnecessary api_events_register wrapper. 2017-02-20 11:07:09 -08:00
Tim Abbott 515340ed00 Add message edit history backend with tests.
Based on work by Kartik Maji in #1204.

This has a few significant changes from the original version:
* We correctly handle filling in data for topic edits
* Has a complete test suite verifying correctness of the logic
* Currently, it doesn't include a special "start" entry

Things we may want to further change include:
* Adding a special "start" entry.
* Reversing the order of the history data returned for clarity.
2017-02-19 16:13:35 -08:00
Tim Abbott b30fb37037 Fix URL routing for users with email addresses starting with "me".
Our URL routing previously attempting to segment the /users/ endpoint
namespace into /me (affecting yourself) or /username@domain (affecting
other users) by regular expressions incorrectly, specifically in the
case of email addresses starting with `me`.  This prevented various
admin actions like removing a user as an organization administrator.
2017-02-18 15:26:04 -08:00
Tim Abbott 2dc553df0a settings: Fix logging settings for Casper tests.
Previously the casper server.log files basically only had tracebacks;
this should help a lot with debuggability of Casper issues.
2017-02-17 15:18:45 -08:00
Umair Khan 555d5b4dc6 database: Use new name of PostGresql backend. 2017-02-17 12:18:43 -08:00
Feorlen 61d4dbddb8 Set a default value of None for EMAIL_HOST in DEFAULT_SETTINGS.
Fixes #3669
2017-02-17 08:02:03 -08:00
Feorlen 1973360d17 Update comment to suggest Mailgun for EmailAuthBackend SMTP. 2017-02-17 08:02:03 -08:00
paxapy 9a5179c460 Add support for managing and deleting attachments.
Modified substantially by tabbott to fix tons of issues.

Fixes #454.
2017-02-16 23:44:44 -08:00
Umair Khan c49789778c testing: Use LocMemCache for backend testing.
LocMemCache is not compatible with frontend tests so we only use it
for backend tests. To do that we change the cache backend within
`not CASPER_TESTS` if block.
2017-02-14 21:32:13 -08:00
Umair Khan 5440bc81b2 logging: Add django.template logger. 2017-02-14 21:20:43 -08:00
Tim Abbott bb5d81281c mypy: Upgrade to new package name and version 0.571.
Fixes #3448.
2017-02-10 23:53:44 -08:00
Tim Abbott 71af0f7e2e Add endpoint to fetch presence data for a single user.
This is an experimental API subject to its data format being changed.

Fixes #3638.
2017-02-10 23:52:56 -08:00
Umair Khan ef0d2a4bb5 logging: Use django.server to filter 200 and 304.
Previously, we were monkey patching the runserver command
in zerver/management/commands/rundjango.py for this.
2017-02-10 15:55:17 -08:00
brockwhittaker 47a3ce2d35 Seperate information overlay CSS into own file.
This takes the information overlay CSS and moves it from zulip.css to
informational-overlays.css to help separate out isolated components.
2017-02-10 15:18:41 -08:00
Harshit Bansal 7d10cbc32b Add RealmAlias.allow_subdomains to model, frontend, and API.
Includes a database migration.

Fixes #1868.
2017-02-08 22:03:27 -08:00
Tim Abbott 84b18f865a users: Verify full names explicitly in account registration.
I believe this completes the project of ensuring that our recent work
on limiting what characters can appears in users' full names covers
the entire codebase.
2017-02-07 20:20:32 -08:00
Rishi Gupta 3c692684a0 analytics: Move stats.js out of portico/.
stats.js is a logged-in view.
2017-02-07 15:35:43 -08:00
Rishi Gupta 27055bdd49 analytics: Use plotly-basic.js instead of plotly.js.
It's 600kb (minified) instead of 1.8mb.
2017-02-06 21:14:24 -08:00
Tim Abbott babb6aaa47 settings: Stop serving zxcvbn from node_modules/.
Now that we have the minified_source_filenames feature, we don't need
to serve zxcvbn from node_modules/ directly to avoid re-minifying it.

Moving this this allows us to stop shipping the (duplicate)
node_modules directory in release tarballs, which will save many
megabytes of unnecessary increase in our release tarball size.
2017-02-06 17:21:34 -08:00
Tim Abbott 12e7be585d i18n: Fix compilemessages processing extra files in production.
In a Zulip production environment, STATIC_ROOT points to the shared
directory that static assets are served from, and so the
compilemessages management command was trying to process every
historical version in there.
2017-02-03 17:17:23 -08:00
Tim Abbott 21f09dcab7 docs: Make it harder to screw up our manage.py commands. 2017-02-03 12:57:50 -08:00
Tim Abbott fa02dfdff4 mobile: Add an endpoint for checking compatibility. 2017-02-03 09:55:34 -08:00
Tim Abbott 70e75508ba settings: Include analytics in default distribution.
This moves the analytics module from being a default-off module that
is somewhat difficult to install to being a default part of the
Zulip distribution (both tarballs and what is enabled by default).
2017-02-02 16:23:24 -08:00
umkay 76f3d02590 analytics: Add cron job to run analytics jobs.
This adds a cron job to update the Zulip analytics counts, complete
with locking etc.

Substantially tweaked by tabbott.
2017-02-01 17:02:46 -08:00
Amy Liu 0a39e354dc analytics: Add graphs of usage statistics on /stats.
This adds a frontend for the analytics system we've had for a few
months, showing several graphs of the data in Zulip.

There's a ton more that we can do with this tooling, but this initial
version is enough to provide users with a pretty good experience.

Fixes #2052.
2017-01-31 22:18:54 -08:00
Tim Abbott eeeffa8704 urls: Review useless stream_exists_backend endpoints.
The actual function was overcomplicated and was designed to check
whether a stream existed by name, not by ID, so there was no value in
having it be used for checking if a stream existed by ID.
2017-01-29 20:26:59 -08:00
Rishi Gupta 6b3abce541 build_emoji: Generate emoji names and codepoints from emoji_map.
Replaces the hardcoded list of emoji_names and unicode_emoji_names in
static/js/emoji.js with a list generated from emoji_map.json, both to get
the list out of version control and so we can start modifying it for our
autocomplete. This does not change the contents of emoji_names. It sorts and
removes duplicates from unicode_emoji_names (causes no change in behavior,
since unicode_emoji_names is only used as if it were a set).
2017-01-28 17:05:32 -08:00
Tim Abbott 0dd5d6cea0 errors: Separate browser error reporting from backend. 2017-01-27 10:27:41 -08:00
Harshit Bansal b4186fdfdd views/realm_aliases.py: Use domain instead of id as handle for RealmAlias.
We need to make the change for the API, and the next commit introduces a
unique_together constraint on (realm, domain) anyway.
2017-01-26 17:24:25 -08:00
Tim Abbott b52f606c3a Revert "deps: Upgrade and move `jquery-mousewheel` from `static/third` to `npm`"
Apparently, the updated version of this has a serious scrolling
performance problem in the left sidebar that basically makes scrolling
in that area unusable.

This reverts commit b683b2d3c3.
2017-01-26 13:42:00 -08:00
Tomasz Kolek 6e6cbeb89d Split webhooks doc and move to particular directories. 2017-01-26 11:56:45 -08:00
Tomasz Kolek 7de45951e2 Make webhooks as separate modules with view and tests.
Create python packege for every webhook with view.py and tests.py
2017-01-25 23:14:19 -08:00
Harshit Bansal 8c428dc130 Fix `ZulipLDAPAuthBackend` not to rely on user's email domain.
In case realms have subdomains and the user hasn't been populated
yet in the Django User model, `ZulipLDAPAuthBackend` should not
rely on user's email domain to determine in which realm it should
be created in.

Fixes: #2227.
2017-01-25 15:24:49 -08:00
Tim Abbott 4e171ce787 lint: Clean up E126 PEP-8 rule. 2017-01-23 22:06:13 -08:00
Tim Abbott d6e38e2a5c lint: Clean up E123 PEP-8 rule. 2017-01-23 21:34:26 -08:00
Tim Abbott 9cc83f87fc lint: Clean up E241 PEP-8 rule. 2017-01-23 21:21:14 -08:00
Tim Abbott e9158dd520 lint: Clean up E121 PEP-8 rule. 2017-01-23 21:02:39 -08:00
Tim Abbott 22d1aa396b lint: Clean up W503 PEP-8 warning. 2017-01-23 20:50:04 -08:00
Tim Abbott b3df1ddeb1 edit: Remove duplicate update_message_backend endpoint. 2017-01-23 17:22:42 -08:00
Tim Abbott 46ab7762e7 edit: Eliminate unnecessary json_update_message wrapper. 2017-01-23 17:22:42 -08:00
Steve Howell 4eb1a8f07d Extract user_events.js.
This moves people.update() to user_events.person().

We now also use user_id as the key for finding person
objects in people.js (instead of email).
2017-01-21 21:45:12 -08:00
sinwar b0efa58eb4 requirements: Upgrade python-social-auth to latest version
Fixes #3403
2017-01-21 21:22:59 +05:30
Rafid Aslam b683b2d3c3 deps: Upgrade and move `jquery-mousewheel` from `static/third` to `npm`
- Remove `jquery-mousewheel` from `static/third` and fetch it from npm.
- Upgrade `jquery-mousewheel` to 3.1.6.
- Bump up the `PROVISION_VERSION` to 4.5.
- Change some js code to comply with this `jquery-mousewheel` version.

Part of #1709.
2017-01-19 17:24:53 -08:00
Rafid Aslam 10a8c3d2ae deps: Move `xdate` from `static/third` to `npm`
- Remove `xdate` from `static/third` and fetch it from `npm`.
- Bump up the `PROVISION_VERSION` to 4.3.

Part of #1709.
2017-01-19 17:07:55 -08:00
Rafid Aslam 84e802422e deps: Upgrade and move `underscore.js` from `static/third` to `npm`
- Remove `underscore.js` from `static/third` and fetch it from `npm`.
- Upgrade `underscore.js` to 1.8.3.
- Bump up the `PROVISION_VERSION` to 4.2.

Part of #1709
2017-01-19 17:07:45 -08:00
Rafid Aslam 911fcd3831 deps: Upgrade and move `codepointat` from `static/third` to `npm`
- Remove `codepointat` from `static/third` and fetch it from `npm`.
- Upgrade `codepointat` to 0.2.0.
- Bump up the `PROVISION_VERSION` to 4.1.

Part of #1709.
2017-01-19 17:07:32 -08:00
Rafid Aslam 8ac81d2722 deps: Upgrade and move `winchan.js` from `static/third` to `npm`
- Remove `winchan.js` from `static/third` and fetch it from `npm`.
- Upgrade `winchan` to 0.2.0.
- Bump up the `PROVISION_VERSION` to 4.0.

Part of #1709.
2017-01-19 17:07:21 -08:00
Tim Abbott 1a536f381c lint: Fix some PEP-8 lint errors. 2017-01-19 16:42:50 -08:00
Tim Abbott 286f640194 minify: Clean up unnecessary tuple/list complexity. 2017-01-19 14:51:16 -08:00
Tommy Ip 23a7685fa5 deps: Add option to skip minifying Javascript files.
Plotly.js take around 20 seconds to minify with the Closure
compiler so it is taken out.

Fixes #3076.
2017-01-19 14:31:38 -08:00
Tim Abbott 287b84d113 auth: Improve configuration/documentation for password strength.
Followup to #3190.
2017-01-17 20:52:52 -08:00
Tommy Ip c407919db3 Add /authors page.
Contributor visualization showing the avatar, user name and number
of commits for each contributors. The JSON data would be updated
upon deployment, triggered by the `update-prod-static` script.
2017-01-17 13:35:55 -08:00
Tim Abbott 89212d9985 emoji: Remove unnecessary duplicate regular expression from urls.py.
Whether the emoji is valid is already being checked elsewhere, and
this duplicate regular expression makes it harder to understand what's
going on with Zulip's validation of emoji.
2017-01-16 23:54:58 -08:00
Tim Abbott f3b9abee14 Convert realm emoji upload to use PUT properly. 2017-01-16 23:45:12 -08:00
Sampriti Panda 196cf4367b urls: Move /messages/render to POST endpoint 2017-01-13 16:11:51 -08:00
Rafid Aslam d3ee53bdef Move endpoints to use stream_id instead of stream_name in their URLs
- Change `stream_name` into `stream_id` on some API endpoints that use
`stream_name` in their URLs to prevent confusion of `views` selection.

For example:
If the stream name is "foo/members", the URL would be trigger
"^streams/(?P<stream_name>.*)/members$" and it would be confusing because
we intend to use the endpoint with "^streams/(?P<stream_name>.*)$" regex.

All stream-related endpoints now use stream id instead of stream name,
except for a single endpoint that lets you convert stream names to stream ids.

See https://github.com/zulip/zulip/issues/2930#issuecomment-269576231

- Add `get_stream_id()` method to Zulip API client, and change
`get_subscribers()` method to comply with the new stream API
(replace `stream_name` with `stream_id`).

Fixes #2930.
2017-01-12 15:23:31 -08:00
Rafid Aslam 156eefacc2 API: Add `json/get_stream_id` endpoint
Add `json/get_stream_id` endpoint, used to convert `stream_name`
into `stream_id`.
2017-01-12 15:23:31 -08:00
Tim Abbott da84ff3746 backends: Fix some slightly confusing error messages. 2017-01-11 18:08:29 -08:00
JefftheBest1 71d34e91bd Fixed typos in backends.py 2017-01-12 13:05:50 +11:00
Tim Abbott 007d4becfd Revert "update-sockjs: Update sockjs from version 0.3.4 to 1.1.1."
This reverts commit 7bf10ec74f.

Apparently, SockJS 1.1.1 is broken with the browser used in our legacy
desktop app, resulting in messages being silently not sent.
2017-01-10 11:46:15 -08:00
Bojidar Marinov 786dd0fca4 auth: Make min password length and strength configurable.
This adds some configuration options to settings.py, namely
PASSWORD_MIN_LENGTH and PASSWORD_MIN_QUALITY, which control
when the frontend validator invalidates the password.

Closes #2628
2017-01-10 04:55:41 -08:00
Tim Abbott f3b5683e77 views: Rename __init__.py to zerver.views.registration.
This completes the cleanup process of eliminating functions in the
root zerver/views/__init__.py module.
2017-01-08 16:21:15 -08:00
Tim Abbott 48f1b4e1ab views: Extract zerver.views.muting. 2017-01-08 16:21:15 -08:00
Tim Abbott 7beff88f5f views: Extract zerver/views/home.py.
This is a significant piece of the remaining effort required to
eliminate the catch-all zerver/views/__init__.py.
2017-01-08 16:21:15 -08:00
Rishi Gupta 38c2dc8790 Change settings.SYSTEM_ONLY_REALMS to use Realm.string_id. 2017-01-06 19:45:08 -08:00
Tim Abbott c65820618f settings: Set an intelligent default for ALLOWED_HOSTS. 2017-01-06 14:46:47 -08:00