Commit Graph

495 Commits

Author SHA1 Message Date
Umair Khan 8ff2cd3fd7 Only allow proper url for registration.
This commit fixes a bug which occurs when a user tries to bypass the
correct registration url for the completely open domains.
2016-11-02 17:49:30 -07:00
Umair Khan 4cf7040100 subdomains: Use redirect_and_log_into_subdomain for registration.
This fixes a bug where the user who registered a new organization
wasn't correctly logged into that organization.
2016-10-28 11:04:08 -07:00
Umair Khan 26646abe8c Authenticate subdomains using single Google OAuth entry.
Previously, we used to create one Google OAuth callback url entry
per subdomain. This commit allows us to authenticate subdomain users
against a single Google OAuth callback url entry.
2016-10-28 11:04:08 -07:00
Tomasz Kolek 4790316b57 Add user setting option to always send push notifications.
Add option in user's settings for getting mobile push notifications
even if a Zulip browser is online.  Default is False.

Fixes: #1596.
2016-10-25 10:52:29 -07:00
Rishi Gupta b6da450b96 admin.js: Use RealmAlias instead of Realm to show the restricted domains.
Passes the allowed domains for a realm to the frontend, via
page_params.domains. Groundwork for allowing users to add and
remove domains via the admin setting page, rather than via the
realm_alias.py management command.
2016-10-25 10:07:20 -07:00
Brock Whittaker fca61b2031 Add medium size avatars for use on the user's own settings page.
This adds a medium (500px) size avatar thumbnail, that can be
referenced as `{name}-medium.png`.  It is intended to be used on the
user's own settings page, though we may come up with other use cases
for high-resolution avatars in the future.

This will automatically generate and upload the medium avatar images
when a new avatar original is uploaded, and contains a migration
(contributed by Kirill Kanakhin) to ensure all pre-existing avatar
images have a medium avatar.

Note that this implementation does not provide an endpoint for
fetching the medium-size avatar for another user.

[substantially modified by tabbott]
2016-10-25 09:42:14 -07:00
Tim Abbott 8f145e03cf views: split events_register.py from main views file. 2016-10-11 21:27:06 -07:00
Tim Abbott 0c02015541 views: Move one-click unsubscribe to its own file. 2016-10-11 21:27:06 -07:00
Tim Abbott 5b7dfafcac views: Move json_refer_friend to invite.py. 2016-10-11 21:27:06 -07:00
Tim Abbott dd352dd456 views: Move invitation views to their own file. 2016-10-11 21:27:06 -07:00
Tim Abbott 67d9e19ccf views: Split views/auth.py out of core views file. 2016-10-11 21:27:06 -07:00
Rishi Gupta d75731f988 Realm creation flow: Remove invite page.
Previously, we sent users to an "invite your friends" page after they
created an organization. This commit removes that step in the flow and sends
users directly to the home page. We also remove the now-unused
initial_invite_page.html template, initial_invite.js (which pre-filled the
invite emails with characters from literature), and the /invite URL route.
2016-10-11 15:54:05 -07:00
Umair Khan eb7ce73628 Move name_changes_disabled to zerver.models 2016-10-10 09:27:52 -07:00
Umair Khan d0acda4635 Google: Show error on login page for wrong subdomain.
Takes care of Google OAuth.

Fixes: #1871
2016-10-10 08:42:34 -07:00
Umair Khan c23aaa1785 GitHub: Show error on login page for wrong subdomain.
While logging in through GitHub, if the user tries to login
to the wrong subdomain then show an appropriate message.
2016-10-10 08:42:34 -07:00
Rishi Gupta 777fcaa6a0 Add new organization type field to Realm objects.
Adds a new field org_type to Realm.  Defaults for restricted_to_domain
and invite_required are now controlled by org_type at time of realm
creation (see zerver.lib.actions.do_create_realm), rather than at the
database level.  Note that the backend defaults are all
org_type=corporate, since that matches the current assumptions in the
codebase, whereas the frontend default is org_type=community, since if
a user isn't sure they probably want community.

Since we will likely in the future enable/disable various
administrative features based on whether an organization is corporate
or community, we discuss those issues in the realm creation form.
Before we actually implement any such features, we'll want to make
sure users understand what type of organization they are a member of.

Choice of org_type (via radio button) has been added to the realm
creation flow and the realm creation management command, and the
open-realm option removed.

The database defaults have not been changed, which allows our testing code
to work unchanged.

[includes some HTML/CSS work by Brock Whittaker to make it look nice]
2016-10-05 17:01:46 -07:00
Tim Abbott c7b7893254 auth: Give nicer subdomain errors when using ZulipDummyBackend.
This improves Google and JWT auth as well as the registration
codepath to log something if the wrong subdomain is encountered.

Ideally, we'd have tests for these, and code to make the Google and JWT
auth cases show a clear error message.
2016-09-27 23:25:07 -07:00
hackerkid ea39fb2556 Add option for hosting each realm on its own subdomain.
This adds support for running a Zulip production server with each
realm on its own unique subdomain, e.g. https://realm_name.example.com.

This patch includes a ton of important features:
* Configuring the Zulip sesion middleware to issue cookier correctly
  for the subdomains case.
* Throwing an error if the user tries to visit an invalid subdomain.
* Runs a portion of the Casper tests with REALMS_HAVE_SUBDOMAINS
  enabled to test the subdomain signup process.
* Updating our integrations documentation to refer to the current subdomain.
* Enforces that users can only login to the subdomain of their realm
  (but does not restrict the API; that will be tightened in a future commit).

Note that toggling settings.REALMS_HAVE_SUBDOMAINS on a live server is
not supported without manual intervention (the main problem will be
adding "subdomain" values for all the existing realms).

[substantially modified by tabbott as part of merging]
2016-09-27 23:24:14 -07:00
Rishi Gupta 4b62ee8f38 initial invite page: Fix email validation when not restricted_to_domain.
We currently do
  var invite_suffix = "{{invite_suffix}}";
in javascript in the initial_invite_page.html template.
This sets invite_suffix to "{{invite_suffix}}" when the template is rendered
without invite_suffix in the params, rather than to "" as intended. This
later causes problems in the invite_email validator in initial_invite.js.
2016-09-23 15:44:28 -07:00
Rishi Gupta de11e7c1b3 Add support for subdomain URIs to /api and /api/endpoints.
To the extent possible, we share code with the already-existing
IntegrationView code path.
2016-09-13 22:31:56 -07:00
Tim Abbott b7ab83c6ec Move api_endpoint_docs to integrations views file. 2016-09-13 21:58:02 -07:00
Tim Abbott ca91605e85 Extract zerver/views/pointer.py. 2016-09-13 17:30:39 -07:00
Tim Abbott 6d8af06e32 Fix Google oauth2 logging to use %s for strings.
This has more consistent results in Python 2 vs. Python 3.
2016-09-13 17:30:39 -07:00
Tim Abbott 8fe7488074 views: Remove extract_json_response hack for python-requests.
Now that we are using a virtualenv for dependencies, we can be
confident we will never be using an old system-installed version of
this library.
2016-09-13 17:08:14 -07:00
Tim Abbott 97dbf1a8f9 Refactor Google auth error handling to be more testable. 2016-09-13 17:08:14 -07:00
Tim Abbott 9bfe879170 google auth: Fix py3 encoding issues for CSRF computations. 2016-09-13 17:08:14 -07:00
Tim Abbott a7fe22f4ec Add Zulip version number to page_params. 2016-09-08 15:29:24 -07:00
Tim Abbott e0432f21f1 Move webathena views to its own file. 2016-08-18 18:26:49 -07:00
Tim Abbott 05d3094420 webathena: Remove hardcoding of zulip.com server. 2016-08-18 18:21:38 -07:00
Brock Whittaker 6936d49202 Live update new avatars across users.
This sends an event when a new avatar is uploaded that refreshes the
avatar for all browser clients without the need to reload the browser.

Fixes: #1359.
2016-08-18 15:32:29 -07:00
Tim Abbott c5fb6dfcb8 TOS: Fix forcing users to double-accept terms of service. 2016-08-17 22:19:53 -07:00
Tim Abbott 5cad3f5707 handlebars: Add server_uri and realm_uri to page_params. 2016-08-13 16:27:36 -07:00
Tim Abbott 4fbb8c3eee templates: Add new context variables to all templates.
This adds a few new helpful context variables that we can use to
compute URLs in all of our templates:
* external_uri_scheme: http(s)://
* server_uri: The base URL for the server's canonical name
* realm_uri: The base URL for the user's realm

This is preparatory work for making realm_uri != server_uri when we
add support for subdomains.
2016-08-13 16:27:35 -07:00
Rishi Gupta 708b416ca1 Terms of Service: Fix corner cases around new users being created.
This fixes a few bugs in 7910a6e134,
related to automatically created user accounts.
2016-08-13 00:19:54 -07:00
Rishi Gupta 7910a6e134 Terms of Service: Add ability to update TOS and have users re-sign.
Most directly useful for the migration to zulipchat.com.

Creates a new field in UserProfile to store the tos_version, as well as two
new settings TOS_VERSION and FIRST_TIME_TOS_TEMPLATE. We check for a version
mismatch between what the user has signed and the current
settings.TOS_VERSION whenever the user hits the home page, and redirect them
if needed.

Note that accounts_accept_terms.html and
zerver.views.accounts_accept_terms were unused before this commit
(they date from c327446537)
2016-08-11 23:37:48 -07:00
Umair Khan af9f308f0e Send double columned language list in page_params. 2016-08-10 16:19:28 -07:00
Umair Khan 73e5289736 Add default_language_name in page_params. 2016-08-10 16:19:28 -07:00
Rag Sagar 2fef36f15a Add realm-level default language setting.
Adds a new field default language in the zerver_realm model.
This realm level default language will be used as default language
for newly created users. Realm level default language can be
changed from the administration page.

Fixes #1372.
2016-08-09 17:38:29 -07:00
Rag Sagar 5771e2eb25 Move i18n functions from zerver/views/__init__.py to zerver/lib/i18n.py 2016-08-09 16:10:24 -07:00
Umair Khan fe812a89bf mypy: Type of remote_username should be text_type. 2016-08-09 09:19:24 -07:00
Umair Khan 00eab4e526 Annotate zerver/views/__init__.py. 2016-08-08 15:15:29 -07:00
Tim Abbott 6264ff7039 Add new Zulip realm import/export tool.
The previous export tool would only work properly for small realms,
and was missing a number of important features:
* Export of avatars and uploads from S3
* Export of presence data, activity data, etc.
* Faithful export/import of timestamps
* Parallel export of messages
* Not OOM killing for large realms

The new tool runs as a pair of documented management commands, and
solves all of those problems.

Also we add a new management command for exporting the data of an
individual user.
2016-08-08 14:58:18 -07:00
Tim Abbott 54a6bdc3ad views: Fix mypy annotations in get_invitee_emails_set.
Apparently this buggy annotation slipped through into master.
2016-08-05 15:04:16 -07:00
Tomasz Kolek 64b5d0ce64 Add support for inviting emails in "name" <email> format.
Often, users will copy email addresses with a name (rather than pure
email addresses) into the Zulip "invite users" UI.  Previously, that
would throw an error.

This change also adds a get_invitee_emails_set function for parsing
emails content and a test suite for this new feature.

Fixes: #1419.
2016-08-05 14:48:04 -07:00
Tim Abbott 4ddc567c50 views/__init__: Add missing annotations. 2016-08-04 15:57:03 -07:00
Tim Abbott 0689485666 Add lint check for malformed type annotations missing :.
Also fix the 2 annotations that weren't being checked because of this.
2016-08-04 15:53:23 -07:00
Rag Sagar b9f2397073 Add validation and tests for default language setting. 2016-07-31 17:44:10 -07:00
Umair Khan 7531d9679b Sort language dropdown list. 2016-07-29 11:58:41 -07:00
Umair Khan 0aa72cb347 Point registration to correct url.
While logging through GitHub if the realm of the user doesn't
exist then we are redirected to registration page but the action
points to the complete url of the GitHub oAuth overflow.
2016-07-28 15:27:22 -07:00
Tim Abbott df525ad1c5 Remove old MitUser model and related code.
The MitUser model caused a constant series of little problems for
users with mit.edu email addresses trying to sign up for different
Zulip servers.

The new implementation just uses conditionals on the realm object when
selecting the confirmation template to use.
2016-07-26 20:30:12 -07:00