Commit Graph

28924 Commits

Author SHA1 Message Date
Nolan Darilek 253c034d90 accessibility: Label messages region, and add `aria-live`.
This tells assistive technologies to automatically speak new messages
when they arrive.
2018-11-09 17:32:59 -08:00
Tim Abbott 2c06615909 streams: Fix stream color synchronization.
Previously, when a new stream was created on a client other than the
current one, the browser would first receive the "stream_created"
event, and make up a client-side display color at that time to use in
the "stream settings" view (it doesn't yet know the color that was
selected when the user was actually subscribed, because it doesn't
even know yet that the user is being subscribed to this stream), and
then moments after it'll receive a "susbcribe" event letting the
client know that the user is subscribed (and specifying the color to
use).

However, due to an argument not being passed through properly and a
missing rerender, we were not properly updating either the data
structures or doing a stream colors rerender in order to show the new
color.

This fixes the issue reported in
https://chat.zulip.org/#narrow/stream/48-mobile/subject/stream.20colors/near/660170
2018-11-09 17:04:47 -08:00
Vishnu Ks fe931d9b66 requirements: Upgrade sockjs-tornado to 1.0.6. 2018-11-09 10:17:55 -08:00
Vishnu Ks 349a9fe75a requirements: Upgrade social-auth-app-django to 3.1.0. 2018-11-09 10:17:55 -08:00
Vishnu Ks 6c0dee5471 requirements: Upgrade snakeviz to 1.0.0. 2018-11-09 10:17:55 -08:00
Vishnu Ks 2de33e413f requirements: Upgrade rsa to 4.0. 2018-11-09 10:17:55 -08:00
Vishnu Ks ce4088c9ed requirements: Upgrade python-twitter to 3.5. 2018-11-09 10:17:55 -08:00
Vishnu Ks 502243bb75 requirements: Upgrade python-digital-ocean to 1.14.0. 2018-11-09 10:17:55 -08:00
Vishnu Ks 19db3088df requirements: Upgrade pip to 18.1. 2018-11-09 10:17:55 -08:00
Vishnu Ks f4a81b743e requirements: Upgrade Pillow to 5.3.0. 2018-11-09 10:17:55 -08:00
Vishnu Ks ff253fb1c7 requirements: Upgrade oauth2client to 4.1.3. 2018-11-09 10:17:55 -08:00
Vishnu Ks 6e15d4efc7 requirements: Upgrade Markupsafe to 1.1.0. 2018-11-09 10:17:55 -08:00
Vishnu Ks 90491692b7 requirements: Upgrade imagesize to 1.1.0. 2018-11-09 10:17:55 -08:00
Vishnu Ks c73eb25c83 requirements: Upgrade httpretty to 0.9.6. 2018-11-09 10:17:55 -08:00
Vishnu Ks ed973ebc71 requirements: Upgrade django-two-factor-auth to 1.8.0. 2018-11-09 10:17:55 -08:00
Vishnu Ks d039ef871b requirements: Upgrade disposable-email-domains to 0.0.37. 2018-11-09 10:17:55 -08:00
Vishnu Ks 5ec9eb819b requirements: Upgrade certifi to 2018.10.15. 2018-11-09 10:17:55 -08:00
Vishnu Ks 1789cbea30 requirements: Upgrade beautifulsoup4 to 4.6.3. 2018-11-09 10:17:55 -08:00
Vishnu Ks 70a426c7ce requirements: Upgrade argon2-cffi to 18.3.0. 2018-11-09 10:17:55 -08:00
Vishnu Ks 1d11fc578e requirements: Upgrade albaster to 0.7.12. 2018-11-09 10:17:55 -08:00
Shubham Dhama d5e1e8e5e3 settings: Move deactivate account button under "User settings".
This moves the deactivate account which was previously placed under
"SETTINGS / YOUR ACCOUNT" -> "Deactivate account" to "SETTINGS / YOUR
ACCOUNT" -> "User settings" for making it more visible.
2018-11-08 22:27:22 -08:00
Roman Godov aa3682f9fc api: Add GET /user_groups documentation.
This documents our GET endpoint for interacting with Zulip's user
groups feature.

Fixes #10298.
2018-11-08 22:19:30 -08:00
Tim Abbott 8c8cb725bf api: Clarify slack-format outgoing webhook docs.
The previous discussion was confused about the fact that Slack sends
the outgoing webhook requests, not receives them.
2018-11-08 22:13:15 -08:00
Eeshan Garg 5c8b774628 outgoing-webhooks.md: Document example endpoint responses. 2018-11-08 22:07:56 -08:00
Eeshan Garg 10570d508f tools/lint: Fix JSON lint pattern for spaces after ':'.
Previously, a string ending in "... 😄" was reported as an
error and the linter complained that there should be a space
after the last ':'. This commit changes the pattern so that the
linter only checks for colons that are preceded by an opening
double-quote (").
2018-11-08 22:07:56 -08:00
Tim Abbott 106e5c3ed9 docs: Further document tokenized noreply email addresses.
We should still extend email.html to explain the security issue a bit
more clearly, since the article we link to is super long.
2018-11-08 15:26:21 -08:00
Tim Abbott e88998e6d4 import: Fix buggy handling of avatars in Slack conversion.
This was a pretty nasty error, where we were accidentally accessing
the parent list in this inner loop function.

This appears to have been introduced as a refactoring bug in
7822ef38c2.
2018-11-08 15:03:39 -08:00
Roger Souza 6179bba2bd emails: Add one-click unsubscribe link to new login emails.
Fixes: #10547.
2018-11-08 14:39:33 -08:00
Tim Abbott 17be6e9165 confirmation: Move one_click_unsubscribe_link out of notifications.py.
This helps prevent a problematic import sequence when we start using
it from signals.py.
2018-11-08 14:39:33 -08:00
Nolan Darilek 33c2bbf0f1 accessibility: Make another reactions button semi-accessible. 2018-11-08 14:10:48 -08:00
Nolan Darilek 95781c913d accessibility: Hide non-actionable profile image from screen readers. 2018-11-08 14:10:11 -08:00
Nolan Darilek bec0336092 accessibility: Add navigation roles for sidebars. 2018-11-08 14:04:51 -08:00
Steve Howell cd4d447d90 Minor: change message.subject -> message.topic_name().
This also allows us to lock down
push_notifications.py from using "subject"
in the future.
2018-11-08 16:34:30 +00:00
Steve Howell ff9a6c5ced minor: Rename subject -> topic_name in bugdown. 2018-11-08 16:21:14 +00:00
Steve Howell 70c16ddbcc lint: Prevent "subject" more aggressively.
We now prevent adding "subject" to any code in
zerver/lib, unless you specifically exempt it.

The new set called `FILES_WITH_LEGACY_SUJECT`
is also has comments that give a roadmap of what
to fix.
2018-11-08 15:33:36 +00:00
Steve Howell e802be0fde Remove "subject" in notifications.py.
These last few are all pretty safe.
2018-11-08 15:12:10 +00:00
Steve Howell 39dc5f2691 Rename recipient_subject to bucket.
The various vars here that had recipient_subject
in the name now have either bucket or bucket_tup
there.

The shorter names are a bit easier to read, and the
original names were misleading for the PM case.

This was basically two search/replaces, and we have
good test coverage here, so it's pretty low risk
despite the messy diff.
2018-11-08 14:59:09 +00:00
Steve Howell 226a2826b5 Remove "subject" from zerver/lib/message.py.
We also lock this down file in the linter, so
that you can no longer introduce "subject"
to `message.py`.
2018-11-08 14:45:16 +00:00
Steve Howell 592dd290b2 Avoid "subject" in MessageDict. 2018-11-08 14:33:44 +00:00
Steve Howell 881e046c37 minor: Use TOPIC_NAME constant for "subject" event. 2018-11-08 14:01:45 +00:00
Rishi Gupta 2e89ffb0e2 billing: Make it easier to access /billing in tests. 2018-11-07 22:18:54 -05:00
Rishi Gupta 9b6b842f00 billing: Merge test_billing_home into test_initial_upgrade. 2018-11-07 22:18:54 -05:00
Tim Abbott 0e2f360177 security: Remove discussion of how other SaaS providers work.
While from my anecdotal experience, it is accurate that at many SaaS
providers, dozens or even hundreds of engineers have access to
production infrastructure, the "essentially all" statement isn't true
(not sure how that got added), and in any case, there aren't great
public sources we can cite to educate folks who might think Silicon
Valley startup practices are better than they actually are.
2018-11-07 16:14:29 -08:00
Steve Howell d05f731c1c Eliminate the use of arguments.db_data.
We now attach zulip_db_data to the markdown engines
for classes that need it.  This was the last remaining
global we had, so we remove `arguments.py` here.
2018-11-07 10:44:49 -08:00
Steve Howell b66304e167 refactor: Pass db_data down to helpers.
This mostly preps for the next commit.
2018-11-07 10:44:49 -08:00
Steve Howell fa6f642c9c refactor: Remove global argument.current_realm. 2018-11-07 10:44:48 -08:00
Steve Howell e1113c7011 refactor: Remove the global arguments.current_message.
The Markdown processor makes it fairly simple for
the helper classes to access the `md` engine.  We
now write `_md_engine.zulip_message` to avoid having
the current message in the global namespace.

Note that we do reuse engines for multiple messages,
but each engine is specific to a realm.  And we therefore
avoid even the theoretical possibility of leaking message
data between realms.
2018-11-07 10:44:48 -08:00
Steve Howell ab24cc2535 minor: Pass in arguments.current_message to helpers. 2018-11-07 10:44:48 -08:00
Steve Howell c26768ea63 bugdown: Import nl2br and tables extensions "normally".
This makes us consistent with how we import codehilite.

Using Python's normal import mechanism avoids some overhead
with Markdown having to parse dotted notation.

These modules are tiny, so they shouldn't impact startup
too much.  Also, by explicitly importing them, we avoid
the pitfall of having a sucessful startup and a broken
renderer.
2018-11-07 10:44:48 -08:00
Steve Howell c8a2081526 bugdown: Break out helper functions for extending bugdown.
These will make profiling a lot easier, and you
can also quickly disable features.  The overhead
of these function calls is dwarfed by other concerns.
2018-11-07 10:44:47 -08:00