Commit Graph

4106 Commits

Author SHA1 Message Date
Vishnu Ks 3f9835ed07 docs: Make mark-as-read-bulk use curl example system. 2019-10-15 15:40:44 -07:00
Vishnu Ks f0b099dbc0 docs: Make update-message-flags use curl example system. 2019-10-15 15:40:44 -07:00
Vishnu Ks 19ee518f2e docs: Make get-message-history use curl example system. 2019-10-15 15:40:44 -07:00
Vishnu Ks ed2e89f167 docs: Make delete-message use curl example system. 2019-10-15 15:40:44 -07:00
Vishnu Ks 0dccebbe39 docs: Make update-message use curl example system. 2019-10-15 15:40:44 -07:00
Vishnu KS 9bc3594f75 docs: Make get-raw-message use curl example system. 2019-10-15 15:40:44 -07:00
Rafid Aslam 718b70ec8b Rename `not_subscribed key` to `not_removed` in users/me/subscriptions.
Rename `not_subscibed_key` to `not_removed` in
`users/me/subscriptions` DELETE response.

Fixes #13277.
2019-10-13 10:30:34 +07:00
Vishnu KS 1585ad7bf4 mattermost: Add support for exporting DMs and huddles. 2019-10-10 16:37:03 -07:00
Mateusz Mandera 4dc3ed36c3 auth: Add initial SAML authentication support.
There are a few outstanding issues that we expect to resolve beforce
including this in a release, but this is good checkpoint to merge.

This PR is a collaboration with Tim Abbott.

Fixes #716.
2019-10-10 15:44:34 -07:00
Tim Abbott 1767044c90 docs: Extend moderation guidelines with search advice.
The search query for all messages sent by a given user in all public
streams is pretty useful for moderation of spam purposes.
2019-10-10 14:47:53 -07:00
Vinit Singh 01b19291e7 search: Advertise the ability to search shared history.
When a user performs a search that might contain historical public
streams messages that the user has access to (but doesn't because
we're searching the user's own personal history), we add a notice
above the first search result to let the user know that not all
messages may have been searched.

Fixes #12036.
2019-10-09 15:12:52 -07:00
Tim Abbott bf088519a7 api: Add avatar URL to the GET /profile endpoint.
This endpoint is legacy in a lot of ways, but it seems reasonable that
it should have these data.
2019-09-27 12:07:03 -07:00
Anders Kaseorg dea6889956 templates: Make the Loading… message more robust.
Don’t hide it until both CSS and JS have loaded.

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2019-09-20 10:34:44 -07:00
Anders Kaseorg 46e562f990 bootstrap: Change tooltip html default to false.
Bootstrap v2.2.0^2~40^2~6 changes this default to false, so this is a
prerequisite to upgrading Bootstrap, and it’s also safer.

This closes an HTML injection path via user full names in the emoji
reaction tooltip.  It doesn’t appear to be exploitable for cross-site
scripting because we disallow `>` in full names, and the code happens
to be written such that the next `>` is in a different parser
invocation.

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2019-09-19 20:53:10 -07:00
Anders Kaseorg fbc2de157e templates: Move page_params to a <div> at the bottom of <body>.
In a gigantic realm where we send several MB of `page_params`, it’s
slightly better to have the rest of the `<body>` available to the
browser earlier, so it can show the “Loading…” spinner and start
fetching subresources.

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2019-09-19 12:38:10 -07:00
Mateusz Mandera 935702b6ec auth: Rename any_oauth_backend_enabled to any_social_backend_enabled.
any_oauth_backend_enabled is all about whether we will have extra
buttons on the login/register pages for logging in with some non-native
backends (like Github, Google etc.). And this isn't about specifically
oauth backends, but generally "social" backends - that may not rely
specifically rely on Oauth. This will have more concrete relevance when
SAML authentication is added - which will be a "social" backend,
requiring an additional button, but not Oauth-based.
2019-09-19 12:35:27 -07:00
Rishi Gupta 2646d70cbd emails: Add realm name to footer of missed message emails.
Missed message emails for mentions come from streams and possibly orgs you
don't normally get missed message emails for, so they can be hard to place.
2019-09-17 17:45:59 -07:00
Anders Kaseorg fe7d814e8d team: Move contributors_list into page_params.
This sidesteps tricky escaping issues, and will make it easier to
build a strict Content-Security-Policy.

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2019-09-17 16:06:33 -07:00
Anders Kaseorg 7494f1600c templates: Move page_params from an inline script to the <body> dataset.
This sidesteps tricky escaping issues, and will make it easier to
build a strict Content-Security-Policy.

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2019-09-17 16:06:33 -07:00
Anders Kaseorg f1ecd3c18b templates: Defer all script execution.
This allows parsing and resource loading to continue in parallel with
script fetching.  It also means we don’t need to concern ourselves
with explicitly waiting for the DOM to become ready.

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2019-09-17 16:06:33 -07:00
Anders Kaseorg 9b38bcc2a6 templates: Abstract render_bundle behind a Jinja2 macro.
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2019-09-17 16:06:33 -07:00
Tim Abbott 68f6f622a7 open source: Add a more complete "why zulip" explanation.
Also contains a lot of edits from Rishi, including to the content
around Zulip's features and what to highlight there.
2019-09-17 12:40:38 -07:00
Tim Abbott 5452c0b4ac open source: Document some recent and upcoming features. 2019-09-17 12:03:20 -07:00
Alexandra Ciobica 8828ef72fe portico: Add hover styling to `Atlassian migration guide` on /hello.
I changed the element to be  a `p` instead of `div` because the styling
for `a`s inside paragraphs is already there and the element should
anyway be a paragraph.

Fixes part of #12853.
2019-09-17 11:59:22 -07:00
Anders Kaseorg 366dce5d52 confirm_preregistrationuser: Uninline script.
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2019-09-16 17:23:20 -07:00
Anders Kaseorg ed63042480 templates: Replace focusing scripts with autofocus attribute.
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2019-09-16 17:23:20 -07:00
Tim Abbott 6f6c761d80 docs: Further expand documentation on using IDs in narrows.
These docs had a number of typos, and also didn't fully clarify how to
handle lists of integers for `pm-with`.

Also makes some tweaks to the user docs to make this clearer as well.

Fixes #13167.
2019-09-16 17:17:03 -07:00
Rohitt Vashishtha b3df3f2e22 docs/botserver: Document running custom bot modules.
This documents the feature added in
https://github.com/zulip/python-zulip-api/pull/523.
2019-09-03 13:28:01 -07:00
Tim Abbott 73c9450d8a docs: Expand documentation on using IDs in narrows. 2019-08-29 16:17:09 -07:00
Rohitt Vashishtha 6fe99171c3 docs/botserver: Add basic troubleshooting help.
It could be a non trivial task ensuring that the Zulip server can
access the Botserver. These steps examine some of those cases.
2019-08-28 16:08:34 -07:00
Rohitt Vashishtha 7f3ee1b6b1 docs: Fix typo: Heroko -> Heroku. 2019-08-28 15:59:03 -07:00
Rohitt Vashishtha 16227ed23a docs/botserver: Explain how the botserver works.
Understanding the basic model can help people troubleshoot any
errors easily.
2019-08-28 15:59:03 -07:00
Tim Abbott 3999a2db4d api: Document using `pip3 install` for zulip_bots(erver).
We dropped Python 2 support for these a while ago.
2019-08-23 15:51:06 -07:00
Rishi Gupta e058558a52 emails: Send invitation reminder email two days before expiry.
Hopefully this does a better job of spurring people to action, and also
suggests a self-service fix if they don't (i.e. contacting the person that
invited them).
2019-08-23 12:53:11 -07:00
Rishi Gupta 36e0043ed7 emails: Fix typo in invitation.source.html. 2019-08-23 12:53:11 -07:00
Mohit Gupta e5482adec0 search: Add streams:public to search entire history of public streams.
Add ability to search entire message history of all public streams at
once. It includes all subscibed, non subscribed public streams messages
and even historical public stream messages sent before user had joined
an organization or stream.

Fixes #8859.
2019-08-22 13:40:49 -07:00
Rishi Gupta df44f0276b help: Update search-for-messages with note about historical messages. 2019-08-22 13:17:06 -07:00
Rishi Gupta 02cfb47315 exports: Update wording on settings page, /help and /features. 2019-08-22 13:17:03 -07:00
Alex Dehnert ea670f3d61 docs: remove duplicate "make" in "Writing Bots". 2019-08-21 14:36:08 -07:00
Hemanth V. Alluri d73a37726d bots: Allow incoming webhook bots to be configured via /bots.
Without disturbing the flow of the existing code for configuring
embedded bots too much, we now use the config_options feature to
allow incoming webhook type bot to be configured via. the "/bots"
endpoint of the API.
2019-08-20 17:00:48 -07:00
Mateusz Mandera 26f7dd09ce display_recipient: Eliminate raw_display_recipient from message dicts.
This was used as a helper to construct the final display_recipient when
fetching messages. With the new mechanism of constructing
display_recipient by fetching appropriate users/streams from the
database and cache, this shouldn't be needed anymore.
2019-08-20 12:22:52 -07:00
Vishnu KS f32382f7b7 emails: Show preheader block only if preheader is present. 2019-08-17 11:32:28 -07:00
Vishnu KS ff6dab6883 emails: Remove preheader block from missed message emails. 2019-08-17 11:26:34 -07:00
Alexandra Ciobica 84e0327d10 integrations: Fix arrangement of left sidebar `back to list` button.
I rearranged the elements of the left sidebar in HTML in order to appear
in the order they are displayed and removed the absolute positioning,
because it was not needed if the elements are arranged correctly. I used
`flex` display to arrange them on column.

I removed the styling that positioned the elements absolutely.

Then I tweaked the margins in order to make the elements look good.

Fixes: #12929
2019-08-15 16:12:15 -07:00
Wyatt Hoodes f623540409 data export: Add UI to trigger data export.
This commit serves as the frontend piece for the "public export"
webapp feature.

Fixes: #11930
2019-08-12 18:21:38 -07:00
meiomorphism 1af72a2745 subscriptions: Avoid sending unneeded subscriber information.
The `users/me/subscriptions` endpoint accidentally started returning
subscriber information for each stream.  This is convenient, but
unnecessarily costly for those clients which either don't need it
(most API apps) or already acquire this information via /register
(including Zulip's apps).

This change removes that data set from the default response.  Clients
which had come to rely on it, or would like to rely on it in future,
may still access it via an additional documented API parameter.

Fixes #12917.
2019-08-09 16:03:21 -07:00
Alexandra Ciobica 4c08a840d0 accounts/go: Change class of bottom text to be consistent.
I changed the class of the two bottom texts to use the same styling as
(`/new` and `/complete/github`)
2019-08-08 11:12:51 -07:00
Alexandra Ciobica 2035850d86 create_realm: Add white box to new organization.
Added the `.white-box` in order to be consistent with (`/accounts/go/`,
`/login`). Changed the class of the text under the white box so all the
text under white box uses the same styling.
2019-08-08 11:12:51 -07:00
Alexandra Ciobica eb6c5e1962 auth: Style the GitHub auth email selection page.
I added the `white-box` as it was in the other similar pages
(`/accounts/go`).

In order to be able to style it better, I removed the buttons and added
`div`s instead, then added click handler for submitting the form.

If the email is associated to a Zulip account, the avatar of the account
is displayed and the text `Log in`, otherwize a `+` sign is
displayed and the text `Create new account`.
2019-08-08 11:12:51 -07:00
Alexandra Ciobica e5e45c9a25 auth: Change page title and add description for the list.
I changed the class of the title in order to use the same styling as the
 other similar pages (like `/accounts/go` or `/login`).

Changed the related test.
2019-08-08 11:12:51 -07:00
Tim Abbott 0db9afe605 api docs: Update link to a currently running requestbin site. 2019-08-08 11:04:16 -07:00
Anders Kaseorg 0962393933 cleanup: Delete trailing newlines.
Delete trailing newlines from all files, except
tools/ci/success-http-headers.txt and tools/setup/dev-motd, where they
are significant, and static/third, where we want to stay close to
upstream.

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2019-08-06 23:29:11 -07:00
Anders Kaseorg becef760bf cleanup: Delete leading newlines.
Previous cleanups (mostly the removals of Python __future__ imports)
were done in a way that introduced leading newlines.  Delete leading
newlines from all files, except static/assets/zulip-emoji/NOTICE,
which is a verbatim copy of the Apache 2.0 license.

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2019-08-06 23:29:11 -07:00
Hemanth V. Alluri ac69717604 openapi: Migrate /messages to use the new cURL example system.
Now that we can create cURL examples based on the OpenAPI
documentation. We can begin using simple one line tags in
the documentation instead of manually creating cURL examples.

Fixes part of #12878.
2019-08-05 21:27:24 -07:00
Hemanth V. Alluri 748192d58c openapi: Replace add-subscriptions from TEST_FUNCTIONS.
Migrate the add-subscriptions line to the OpenAPI equivalent.
2019-08-05 21:06:19 -07:00
Hemanth V. Alluri 14c0a387cf openapi: Remove /users/me from pending endpoints.
This commit progress our efforts to reduce pending_endpoints
as well as to migrate away from templates/zerver/api/fixtures
and towards our OpenAPI documentation.

Similar to commit d62b75fc.
2019-08-05 21:06:19 -07:00
Rishi Gupta 08c2cc5883 help: Add external account to add-custom-profile-fields. 2019-08-05 20:59:47 -07:00
Rishi Gupta 0c94f27f13 help: Update docs for email integration.
Also fixes a CSS bug where some styling was incorrectly being applied to
.tip and .keyboard-tip but not .warn.
2019-08-05 17:33:05 -07:00
Rishi Gupta 8167b5b645 email: Remove special integration doc behavior when gateway not set.
The current code looks like it's trying to redirect /integrations/doc/email
to /integrations when EMAIL_GATEWAY_PATTERN is not set.

I think it doesn't currently do this. The test for that pathway has a bug:
self.get_doc('integrations/doc-html/email', subdomain='zulip') needs a
leading slash, and putting the slash back in results in the test failing.

This redirection is not really desired behavior -- better is to
unconditionally show that the email integration exists, and just point the
user to https://zulip.readthedocs.io/en/latest/production/email-gateway.html
(this is done in a child commit).
2019-08-05 17:33:05 -07:00
Rishi Gupta bc220aefdf help: Document topic links. 2019-08-02 16:33:27 -07:00
Vishnu KS 216403768d emails: Remove body tag from email_base_message.
Presence of body tag in missed_message results in
gmail not hiding footer in mobile app.
2019-08-02 13:54:32 +05:30
Vishnu Ks 6110f495df slack_import: Support importing pms. 2019-07-30 14:46:14 -07:00
Tim Abbott 8c9dd6198f api docs: Use Help Center syntax for restricted endpoints. 2019-07-29 16:17:54 -07:00
Hemanth V. Alluri c85640d6b1 docs: Fix cURL example in get-user-groups.md.
The issue here was that the endpoint was documented as being
contactable by bots when in reality we have a require_member_or_admin
decorator on the endpoint. So bots and guests cannot contact it.
2019-07-29 16:09:11 -07:00
Hemanth V. Alluri b2a3d289b0 docs: Fix cURL example in get-stream-id.md by adding a missing '\'. 2019-07-29 16:07:58 -07:00
Hemanth V. Alluri e9cc69297f docs: Fix cURL example in get-stream-id.md by using the -G argument. 2019-07-29 16:07:58 -07:00
Hemanth V. Alluri 12dce4b940 api_docs/get-messages: Fix the cURL example.
The issue with the previous example was that it sent the data as
POST variables. This corrected example appropriately encodes data
(with URL encoding) and sends it as GET variables.
2019-07-29 16:07:01 -07:00
Alexandra Ciobica 8b78eca759 portico: Fix the `history` photo description.
The `overflow: auto;` from the `.markdown` class hides the description
of the picture. I moved the description outside the div with the
`markdown` class.
2019-07-25 15:04:09 -07:00
Alexandra Ciobica 85f6c7e638 portico: Add `.markdown` class to integrations page.
This addition was made so I can deduplicate the selectors like this one:
 `.markdown ol > li, .portico-landing.integrations ol > li `and move the
  `.markdown` CSS in another file (in a further commit).
2019-07-25 15:04:09 -07:00
Alexandra Ciobica 62a1e988f7 portico: Add `.markdown` class to `why-zulip` pages. 2019-07-25 15:04:09 -07:00
Vinit Singh f25f83cc66 docs: Fix a typo in security documentation. 2019-07-25 14:53:08 -07:00
Anders Kaseorg a97a2612bb integrations: Get logo URLs from staticfiles.
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2019-07-24 17:40:31 -07:00
Anders Kaseorg 82828bdba4 HTML validation: Remove invalid <button href> attribute.
For .start-button, Bootstrap carousel already supports <button
data-target> as a valid alternative to <button href>.  For
.call-to-action, the margin is decreased to exactly offset the lack of
margin collapsing with display: inline-block.  There should be no
visual change.

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2019-07-23 16:16:22 -07:00
Tim Abbott 47d80977ac plans: Make usable in the development environment for testing. 2019-07-22 17:43:43 -07:00
Cynthia Lin e37f529e6a portico: Add and use .button class for links requiring button styling.
Buttons cannot be nested in anchor links because that is invalid HTML.
To make links look like buttons, create a .button class that inherits
styling from buttons and apply them to the necessary links.

Fixes #6126.
2019-07-22 17:28:38 -07:00
Mateusz Mandera be0a024355 integration docs: Document new email integration behaviors.
Tweaked by tabbott for cleaner, more precise English.
2019-07-22 15:52:08 -07:00
Harshit Bansal bf14a0af4d auth: Migrate google auth to python-social-auth.
This replaces the two custom Google authentication backends originally
written in 2012 with using the shared python-social-auth codebase that
we already use for the GitHub authentication backend.  These are:

* GoogleMobileOauth2Backend, the ancient code path for mobile
  authentication last used by the EOL original Zulip Android app.

* The `finish_google_oauth2` code path in zerver/views/auth.py, which
  was the webapp (and modern mobile app) Google authentication code
  path.

This change doesn't fix any known bugs; its main benefit is that we
get to remove hundreds of lines of security-sensitive semi-duplicated
code, replacing it with a widely trusted, high quality third-party
library.
2019-07-21 20:51:34 -07:00
Tim Abbott 202e2cabc3 api: Fix typo in URL for remove-subscriptions. 2019-07-21 18:41:29 -07:00
Hemanth V. Alluri d62b75fc4c openapi: Remove /users/me/subscriptions from pending_endpoints.
In commit 7c71e98, we added a special exception for the
/users/me/subscriptions endpoint in the automatic validation test.
By adding some extra documentation, we now remove this extra code,
as well as the endpoint from the list of pending endpoints.
2019-07-21 18:39:53 -07:00
Rishi Gupta 1a6f8cdf17 emails: Remove unsubscribe link from missed message emails.
This allows the footer to be two lines long instead of three.
2019-07-21 15:10:48 -07:00
Anders Kaseorg 51edc4bf4c portico: Fix link to localhost:9991.
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2019-07-18 11:56:15 -07:00
Anders Kaseorg 71b20aa7e2 HTML validation: Fix login page HTML errors.
"http://localhost:9981/accounts/find/":121.29-121.53: error: The value of the “for” attribute of the “label” element must be the ID of a non-hidden form control.
"http://localhost:9981/login/":168.41-168.94: error: An “img” element must have an “alt” attribute, except under certain conditions. For details, consult guidance on providing text alternatives for images.

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2019-07-18 11:56:15 -07:00
Vishnu Ks e32ee53fa3 emails: Improve wording of why you are getting this email.
Also remove <br> tag from missed_message text message.
2019-07-17 17:50:18 -07:00
Vishnu Ks 3a6fc09a4d emails: Make sender name go in-line with message body.
Making sender name go in-line with message body only if
the html starts with <p> tag since it won't look good
if the message starts with a code snippet, ul, etc.
If message starts with p tag we can safely assume that
it can go in-line with sender name.
2019-07-17 17:50:04 -07:00
Anders Kaseorg 5ec2e4add4 home: Remove handler for old compile-handlebars-templates error file.
As of commit 8c199fd44c (#12667) this
file is no longer generated.  Handlebars compile errors are raised as
webpack errors.

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2019-07-17 16:03:35 -07:00
Puneeth Chaganti a138d8e95c templates: Update open graph metadata for some portico pages.
Closes #12580
2019-07-11 14:23:25 -07:00
Vishnu Ks db6439ca57 emails: Remove cheers section from missed_message email. 2019-07-11 11:33:31 -07:00
Hemanth V. Alluri ffd2bccd4e openapi: Standardize URL format to use {var_name} syntax.
The previous code for the validator test was fairly messy due to
checking for both formats of the openapi url, one with
<variable_name> and the other with {variable_name}. To eliminate
this, we have standardized the format and restricted it to
{variable_name} as per the official format at:
https://swagger.io/docs/specification/describing-parameters.
2019-07-11 11:01:40 -07:00
Rishi Gupta fe59c31e85 portico: Add link for accessibility on /features. 2019-07-10 22:59:14 -07:00
Rishi Gupta 8b729cc5fb portico: Add links from /features to /help.
I left out the top section ("Beautiful messaging") because the styling would
have to be different.
2019-07-10 17:39:27 -07:00
Mateusz Mandera addcf78af5 emails: Update link to email mirror docs in missed_message emails. 2019-07-10 13:33:25 -07:00
Rishi Gupta 90ff757f78 settings: Add some clarification around user groups. 2019-07-10 12:26:38 -07:00
Rishi Gupta a3fca01922 activity: Add links to /stats and /activity in /activity/support. 2019-07-09 17:20:17 -07:00
Yashashvi Dave fa5d6bb2d6 org settings: Display deactivated-user section to all.
Fixes #12290
2019-07-09 13:07:35 -07:00
Vishnu Ks 3c464d9d63 emails: Show realm_str inside bracket in subject. 2019-07-09 11:59:39 -07:00
Vishnu Ks d23bcfa948 emails: Mention why user is getting stream message notification. 2019-07-09 11:59:38 -07:00
Vishnu Ks c4d28777ec emails: Include stream topic details in missed message subject. 2019-07-09 11:51:20 -07:00
Yashashvi Dave d3e83483c8 static/js/common: Add `Ctrl` key mapping to `Cmd` for MacOS. 2019-07-08 20:07:49 -07:00
Vinit Singh 3cc790420a docs: Update docs to reflect the use of Ubuntu bionic in development. 2019-07-08 13:25:54 -07:00
Anders Kaseorg 5e97e58df3 webhooks/freshdesk/doc.md: Remove unescape_rendered_html kludge.
This reverts commit f476ec7fac (#10312)
and replaces it with a proper fix using Jinja2 raw blocks.

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2019-07-03 15:05:45 -07:00