Commit Graph

26646 Commits

Author SHA1 Message Date
Tim Abbott 04b0e225c7 unread_ui: Remove now-unnecessary ensure_i18n call. 2018-05-30 09:07:49 -07:00
Tim Abbott b88ec552cf settings_notifications: Remove now-unnecessary ensure_i18n. 2018-05-30 09:06:59 -07:00
Tim Abbott a087b34f12 drafts: Eliminate now-unnecessary ensure_i18n. 2018-05-30 09:06:13 -07:00
Tim Abbott a1f5fe4f92 settings_ui: Remove now-unnecessary ensure_i18n. 2018-05-30 09:05:46 -07:00
Tim Abbott 41b1dcbfe0 settings_org: Eliminate now-unnecessary ensure_i18n. 2018-05-30 09:03:34 -07:00
Tim Abbott 1e6564308f settings_toggle: Remove now-unnecessary ensure_i18n. 2018-05-30 09:02:29 -07:00
Tim Abbott f67d0d3f91 admin: Remove now-unnecessary ensure_i18n. 2018-05-30 09:01:56 -07:00
Tim Abbott 7b2fc95c6a settings: Remove ensure_i18n from display settings. 2018-05-30 09:00:41 -07:00
Shubham Dhama cff40c557b translations: Load translations from page_params.translation_data.
With this commit, we change how we deal with translation for strings.
Previously we used to fetch the translations data after loading which
created a lot of unpleasant race bugs.

So we changed this to use the `translation_data` sent in `page_params`
which is available at load time. The previous fetching can be useful if
we want to change the string to the changed language without reloading
the page but since we ask the user to reload the page after changing
the default language so fetching after loading isn't useful for us and
hence we can add resource only once.

Ultimately, we can remove the i18next plugins too.  We leave the logic
for clearing local storage, patched to fully clear it.

Fixes: #9087.
2018-05-30 08:57:27 -07:00
Tim Abbott 99c6a82b7f i18n: Clean up logic for picking language in app.
We now have a simple algorithm: First, look at the URL path
(e.g. /de/, which is intended to be an override).  Second, look at the
language the user has specified in their settings.
2018-05-30 08:57:26 -07:00
Shubham Dhama 1d9afc7328 i18n: Pass translation data in page_params.
This is a preliminary step to make translation_data available as a
resource to `i18next.init()`.
2018-05-30 08:57:26 -07:00
Robert Hönig 647c63050f botserver: Add outgoing webhook tokens to botserverrc.
The tokens will be used to authorize the server when sending
messages to the Botserver.
2018-05-30 10:00:19 -04:00
Shubham Padia 0ffcb7fccf search: Remove blueslip warnings for invalid emails in 'pm-with' filter.
Fixes #3380.
The blueslip warning mentioned in #3380 were from paths ending at
people.email_list_to_user_ids_string. Some additional blueslip warnings
were raised after using that function.
Although we can put a validation check somewhere in the call stack of
people.email_list_to_user_ids_string, this function itself is used to
validate the operand by the higher order functions, so it wouldn't make
sense to put a validation check before that. Instead, removing the
blueslip warning altogether was chosen.
people.email_list_to_user_ids_string was replaced by
people.reply_to_to_user_ids_string which is a blueslip-free version
of the same. Other blueslip warnings were removed.
2018-05-30 07:49:59 -04:00
Eeshan Garg 9157b217f0 webhooks/jira: Update docs to conform to style guide.
I spend a lot of time on this. One of our users had reported that
this webhook wasn't working at all. So I tested this with a local
ngrok instance and made sure that it was working. I also took this
opportunity to rewrite the docs for this, which were quite outdated.

With a few changes by Rishi Gupta!
2018-05-29 17:16:52 -07:00
Yashashvi Dave 47aaf4e20a users: Replace duplication with generic func to validate bot id.
This adds a common function `access_bot_by_id` to access bot id within
same realm.  It probably fixes some corner case bugs where we weren't
checking for deactivated bots when regenerating API keys.
2018-05-29 15:47:27 -07:00
Yashashvi Dave 07b63e4886 jquery-form: Remove jquery-form plugin dependency.
Fixes #9430.
2018-05-29 15:44:40 -07:00
Yashashvi Dave b94986b1e1 jquery-form: Remove use of jquery-form from invite-user form. 2018-05-30 03:14:39 +05:30
Yashashvi Dave 3654d4f92d jquery-form: Remove jquery-form use from get-API-key form in user settings. 2018-05-30 03:14:39 +05:30
novokrest 9278cdf75b mercurial: Update mercurial.md documentation. 2018-05-29 11:51:05 -07:00
Tim Abbott 059537e00f irc: Improve the IRC and Matrix documentation.
The big changes here are:
* Making the install instructions easier to copy/paste.
* Adding numbering for the IRc integration.  We probably want to do a
  similar thing with Matrix, too.
2018-05-29 11:24:47 -07:00
Rhea Parekh 1db442acd4 IRC: Add integration documentation. 2018-05-29 10:59:53 -07:00
Rhea Parekh 25e3515d9b Matrix: Add integration documentation. 2018-05-29 10:59:53 -07:00
Tim Abbott 0fabff6dda setup_venv: Clean up VENV_DEPENDENCIES using parsed lsb_release.
This is mostly a cleanup, but it should also save 50ms in the runtime
of create-production-venv.
2018-05-29 10:57:36 -07:00
Raymond Akornor 5d39a0f0fc scripts: Replace calls to lsb release with our own parsing.
This improves the performance of these operations, by saving a ~50ms
Python process startup.  While not a major performance improvement, it
seems worth it, given how often these commands get run.

Fixes #9571.
2018-05-29 10:57:36 -07:00
Shubham Padia 8b8a9be377 upload: Rotate image according to exif data when resizing avatar and emojis.
Fixes the avatar/emoji part of #8177.

Does not address the issue with uploaded images, since we don't do
anything with them.

Also adds 3 images with different orientation exif tags to
test-images.
2018-05-29 10:39:39 -07:00
Tim Abbott 7ccefc3e5d migrations: Remove dependence on PRIVATE_STREAM_HISTORY_FOR_SUBSCRIBERS.
We don't want to keep around a declaration of
PRIVATE_STREAM_HISTORY_FOR_SUBSCRIBERS forever, so we should just move
this to a getattr; if the user has set it on their server, we'll use
the value; otherwise, we just use False.
2018-05-29 07:36:53 -07:00
Robert Hönig afa806a0ce linter: Add rule to favor Botserver over botserver or bot server. 2018-05-29 07:27:36 -07:00
Robert Hönig fe6b46dfa6 docs: Consistently use Botserver instead of botserver or bot server. 2018-05-29 07:27:33 -07:00
Robert Hönig 04d68d2570 code: Rename flaskbotrc to botserverrc. 2018-05-29 10:19:17 +02:00
Tim Abbott 91ec0aba09 auth: Improve interactions between LDAPAuthBackend and EmailAuthBackend.
Previously, if you had LDAPAuthBackend enabled, we basically blocked
any other auth backends from working at all, by requiring the user's
login flow include verifying the user's LDAP password.

We still want to enforce that in the case that the account email
matches LDAP_APPEND_DOMAIN, but there's a reasonable corner case:
Having effectively guest users from outside the LDAP domain.

We don't want to allow creating a Zulip-level password for a user
inside the LDAP domain, so we still verify the LDAP password in that
flow, but if the email is allowed to register (due to invite or
whatever) but is outside the LDAP domain for the organization, we
allow it to create an account and set a password.

For the moment, this solution only covers EmailAuthBackend.  It's
likely that just extending the list of other backends we check for in
the new conditional on `email_auth_backend` would be correct, but we
haven't done any testing for those cases, and with auth code paths,
it's better to disallow than allow untested code paths.

Fixes #9422.
2018-05-28 22:47:47 -07:00
Tim Abbott 3842404cc0 ldap: Don't allow password reset for users in LDAP domain.
This is the analog of the last commit, for the password reset flow.
For these users, they should be managing/changing their password in
the LDAP server.

The error message for users doing the wrong thing here is nonexistent
isn't great, but it should be a rare situation.
2018-05-28 22:47:47 -07:00
Tim Abbott 8119670da1 user_settings: Prevent LDAP users from setting a Zulip password.
Previously, if both EmailAuthBackend and LDAPAuthBackend were enabled,
LDAP users could set a password using EmailAuthBackend and continue to
use that password, even if their LDAP account was later deactivated.

That configuration wasn't supported at all before, so this doesn't fix
a pre-existing security issue, but now that we're making that a valid
configuration, we need to cover this case.
2018-05-28 22:47:47 -07:00
Sampriti Panda 250015a5d5 pgroonga: Fix issues with HTML escaping in queries. 2018-05-28 16:53:30 -07:00
Steve Howell 0bc272fc86 hotkeys: Fix very recent regression with down key.
In 1f72647a5a I accidentally
flipped a condition that made the down key "recenter" on
the "normal" case, not in the "is-at-end" case.

This commit undoes that regression, which probably only
affected czo for a weekend, and makes the logic a bit
more clear.
2018-05-28 16:49:57 -07:00
Steve Howell 26e1fca7ed Add message_list.is_at_end() helper. 2018-05-28 16:49:57 -07:00
Tim Abbott bf9012a559 message: Do future-proofing for public streams with private history.
This should have no effect for now, but it'll make things a bit
simpler in case we make future changes to support public streams
without history public to subscribers (and other organization
members).
2018-05-28 12:25:57 -07:00
Shubham Dhama b410aeb897 message: Limit message access for guest users.
Tweaked by tabbott to interact correctly with the
history_public_to_subscribers feature.
2018-05-28 12:20:32 -07:00
Rhea Parekh 66e3fc4042 import: Clean up the management command.
Significantly tweaked by tabbott because:
* Argparse was already handling the early checks
* Splitting the bottom loop into two loops means we validate all the
input before trying to run actual import code on anything.
* The argparse documentation was confusing about whether the paths
  should be files or directories.
2018-05-28 11:54:04 -07:00
Shubham Padia 88b4a9f2d7 pm_list: Do not expand pm_list for invalid emails in `pm-with`. 2018-05-28 11:29:54 -07:00
Shubham Padia d9b0ab2ae7 narrow: Show non-existing user message for invalid emails.
Also adds people.is_valid_bulk_emails_for_compose and refactors
narrow_state.set_compose_defaults to use it.
2018-05-28 10:45:42 -07:00
Shubham Padia 2ce7ef73e8 compose: Add tests for compose_actions.on_narrow. 2018-05-28 10:45:42 -07:00
Shubham Padia 6ea6f5e0af search: Do not open compose box if invalid recipient present in `pm-with`.
If atleast one of the private_message_recipients is invalid, compose
box will not be opened.
Thanks to Aastha Gupta <aastha.gupta4104@gmail.com> for some preliminary
work on this.
2018-05-28 10:45:42 -07:00
Robert Hönig 497cd4a1f9 outgoing webhooks: Change default URL in all tests.
This reflects the changes to the default URL publicly
displayed to the user. It also changes the default
URL of the default test server outgoing webhook, which
prevented the test server flaskbotrc from working out
of the box.
2018-05-28 10:40:44 -07:00
Yago González c25855f703 api docs: Fix broken link. 2018-05-28 10:39:25 -07:00
Vishnu Ks 97e143e987 requirements: Upgrade Django to 1.11.13. 2018-05-28 09:06:10 -07:00
Tim Abbott 2f571f9a45 webpack: Move font and pygments CSS to common.css.
First, it's silly that these weren't in common.css in the first place,
since that meant these were a bunch of duplicated code, but
additionally, that meant that these weren't available on the
`/activity` page (or other pages that don't include the portico styles).

Fixes #9561.
2018-05-27 23:19:40 -07:00
Yashashvi Dave 40029a0753 user profile: Improve format of date type of custom fields in popover.
In user profile popover, date type of custom fields values are
not showing in correct format as "date_joined" value.
Fix this using moment.js to render date type of fields
in correct format.
2018-05-27 23:01:22 -07:00
Yashashvi Dave a68ff22aed custom fields: Improve date picker popover for date type fields. 2018-05-27 23:01:22 -07:00
Yashashvi Dave b5cf73ae0c custom fields: Add UI for user type of custom fields. 2018-05-27 23:01:22 -07:00
Yashashvi Dave e82c879b85 custom fields: Add user type of custom fields.
Fixes #8878
2018-05-27 23:01:21 -07:00