Commit Graph

1389 Commits

Author SHA1 Message Date
Vishnu Ks 9e8de244e8 users: Use get_user in patch_bot_backend view. 2017-07-18 17:14:05 -07:00
Vishnu Ks 0d6e92d946 messages: Use get_user_including_cross_realm in create_mirrored_message_users. 2017-07-18 17:14:05 -07:00
Vishnu Ks 9ebf5090d2 messages: Use get_user_including_cross_realm in by_group_pm_with function. 2017-07-18 17:14:05 -07:00
Vishnu Ks fc8b6f69bd messages: Use get_user_including_cross_realm in by_pm_with function. 2017-07-18 17:14:05 -07:00
Vishnu Ks 7b78224c42 messages: Use get_user_including_cross_realm in by_sender function. 2017-07-18 17:14:05 -07:00
Vishnu Ks d99032e896 views: Add user_realm attribute to class NarrowBuilder. 2017-07-18 17:14:05 -07:00
Vishnu Ks 479945a1d5 views: Remove unused imports from messages.py. 2017-07-18 17:14:05 -07:00
Rishi Gupta 5d168c90f9 confirmation: Remove ConfirmationManager.
Also adds Confirmation.type, and cleans up the rest of Confirmation to look
more like the model definitions in zerver.

In the migration, all existing confirmations adopt the type
USER_REGISTRATION, to be conservative. In a few commits, different
confirmation types will have different validity periods, and
USER_REGISTRATION will have the shortest default.
2017-07-17 23:18:47 -07:00
Rishi Gupta 0f4b71b766 confirmation: Liberate get_link_for_object from ConfirmationManager. 2017-07-17 23:18:47 -07:00
Rishi Gupta 3b97262647 confirmation: Liberate confirm from ConfirmationManager. 2017-07-17 23:18:47 -07:00
Rishi Gupta 3bc74113ad utils: Cast generate_random_token to str.
Having this be Text is forcing various URLs, emails, etc to be type
annotated as Text.
2017-07-17 23:18:47 -07:00
Tim Abbott 1a51bcd2df actions: Record acting_user for subscriptions RealmAuditLog entries.
In most cases, we do have the data for which other user was
responsible for subscribing the target user to new streams.

The main case where we don't is when the user is created and gets the
default streams.
2017-07-17 17:23:41 -07:00
Rishi Gupta 36dbb76516 emails: Rename clear_followup_emails_queue. 2017-07-17 16:05:38 -07:00
Rishi Gupta 5b3e6af2e5 emails: Remove only emails of the correct type when clearing queue. 2017-07-17 16:05:38 -07:00
Rishi Gupta f51bd898dc notifications: Change clear_followup_emails_queue to take a user_id. 2017-07-17 16:05:38 -07:00
Vishnu Ks dd58406f03 users: Use get_user_including_cross_realm in avatar view. 2017-07-17 14:51:35 -07:00
Vishnu Ks d5c65a806b users: Decorate avatar view with zulip_login_required.
This will make it possible in the future to have multiple users on a
server witht he same email address.
2017-07-17 14:51:18 -07:00
Vishnu Ks f9245e26d9 Make user_id, realm_id mandatory in _get_unversioned_avatar_url. 2017-07-17 21:01:30 +00:00
Rishi Gupta f1aaf4cc33 emails: Remove the display_email function.
No longer needed, since this now only appears in build_email.
2017-07-16 16:56:39 -07:00
Rishi Gupta 154d37afd2 emails: Add to_user_id argument to send_email.
Both the queue processor and ScheduledJob emails need to sometimes pass a
to_user_id and sometimes pass a to_email, and it's more convenient to just
have one function that they can call that can handle either.

Also removes the now redundant send_email_to_user.
2017-07-16 16:56:39 -07:00
neiljp (Neil Pilgrim) 8611a2cafa tidying: Combine multiple 'import typing' lines onto one line. 2017-07-16 16:43:21 -07:00
Durga Akhil Mundroy 146dfa6f0b org-permissions: Add allow_edit_history organiztion setting.
This new setting controls whether or not users are allowed to see the
edit history in a Zulip organization.  It controls access through 2
key mechanisms:

* For long-ago edited messages, get_messages removes the edit history
  content from messages it sends to clients.

* For newly edited messages, clients are responsible for checking the
  setting and not saving the edit history data.  Since the webapp was
  the only client displaying it before this change, this just required
  some changes in message_events.js.

Significantly modified by tabbott to fix some logic bugs and add a
test.
2017-07-16 10:10:06 -07:00
Vaida Plankyte 28ea174ed9 backend: Implement high contrast mode display setting. 2017-07-14 14:53:24 -07:00
Steve Howell 475eb21a5e Revert commits related to client_message_id.
I pushed a bunch of commits that attempted to introduce
the concept of `client_message_id` into our server, as
part of cleaning up our codepaths related to messages you
sent (both for the locally echoed case and for the host
case).

When we deployed this, we had some strange failures involving
double-echoed messages and issues advancing the pointer that appeared
related to #5779.  We didn't get to the bottom of exactly why the PR
caused havoc, but I decided there was a cleaner approach, anyway.
2017-07-14 12:13:35 -07:00
Steve Howell 8fbb55df85 Introduce client_message_id on the server.
We are deprecating local_id/local_message_id on the Python server.
Instead of the server knowing about the client's implementation of
local id, with the message id = 9999.01 scheme, we just send the
server an opaque id to send back to us.

This commit changes the name from local_id -> client_message_id,
but it doesn't change the actual values passed yet.

The goal for client_key in future commits will be to:
    * Have it for all messages, not just locally rendered messages
    * Not have it overlap with server-side message ids.

The history behind local_id having numbers like 9999.01 is that
they are actually interim message ids and the numerical value is
used for rendering the message list when we do client-side rendering.
2017-07-13 23:42:27 -04:00
Jack Zhang 6e2f90c8c9 Improve /integrations page load time.
Prior to this commit, 7 megabytes of images (through 253 individual requests)
were heavily slowing down the initial load. With this commit, we load only the
logos (60 or so images).

Documentation and images for the individual integration sub-pages is requested
separately using the /integrations/doc/ endpoint, which returns HTML.
2017-07-13 20:37:09 -07:00
Rishi Gupta cca573421d test_emails: Add email_base_{default,message} to ignore list. 2017-07-13 19:17:53 -07:00
James Rowan 0369a9f3bf emails: Make change in email notification come from 'Zulip Account Security.' 2017-07-13 14:50:36 -07:00
neiljp (Neil Pilgrim) 07255d49d5 mypy: Add check for parse_user_agent returning None in compatibility.py. 2017-07-08 10:49:42 -07:00
Rishi Gupta 0f46fd86dd urls: Rename arguments to accounts/unsubscribe.
type -> email_type to match future work on ScheduledJob.

token -> confirmation_key to match what the other confirmation views urls
call this argument.
2017-07-07 18:56:14 -07:00
Rishi Gupta 11a4cffba0 confirmation: Add explicit host in call to get_link_for_object in auth.py. 2017-07-07 18:56:14 -07:00
Rishi Gupta 8fed9eeb75 confirmation: Make host a required argument in get_link_for_object.
Removes some lines of test from test_email_change.py. The relevant code path
was never utilized by the code itself, just by the tests.
2017-07-07 18:53:00 -07:00
Rishi Gupta c72a5f2efe confirmation: Call get_link_for_object with host=unused when host unused. 2017-07-07 18:53:00 -07:00
Vaida d5517bae36 Delete the old zulip.com "referrals" system.
This system hasn't been in active use for several years, and had some 
problems with it's design.  So it makes sense to just remove it to declutter
the codebase.

Fixes #5655.
2017-07-07 14:59:18 -07:00
Vishnu Ks 92e7255217 page_params: Include password min length and quality.
The change password form http://localhost:9991/#settings/your-account
don't have data-min-length and data-min-quality attributes. The
account_settings.handlebar which has the change password form is
rendered client side. So we have to pass the value of min length
and quality in page params to set the data-min-length and
data-min-quality attributes.
2017-07-07 14:48:06 -07:00
neiljp (Neil Pilgrim) f1a8148242 mypy: Set remote_username parameter to Optional[Text] based on a test. 2017-07-07 10:56:33 -07:00
Tim Abbott d6e0960ca2 push_notifications: Fix mypy annotation logic around push tokens.
I'm not 100% confident this is long-term correct, but at least it's
consistent.
2017-07-07 10:54:37 -07:00
Tim Abbott eaa33cce73 push_notifications: Validate format of APNS tokens.
This fixes a bug where we would previously not validate the format of
APNS tokens before writing them to the database, which could lead to
exceptions in the push notifications system if a buggy mobile app
submitted invalid format tokens.
2017-07-07 10:28:36 -07:00
Jack Zhang cb3e930159 integrations: Extend integrations classes with categories.
For now, all integrations are temporarily under the category
'analytics'. Real categorizations should be added prior to
deployment.
2017-07-06 13:04:43 -07:00
James Rowan 0951666cbb emails: Confirmation emails should come from the NOREPLY address.
This prevents users from accidentally sending a confirmation link
specific to their account to their Zulip administrator if they reply
to the invitation, invitation reminder, account confirmation, or new
email confirmation emails.
2017-07-05 15:18:33 -07:00
Vaida Plankyte c88530366e user_settings.py: Use the singular 'they' pronoun. 2017-07-05 09:27:44 -07:00
James Rowan d88e7308bf emails: Add a FromAddress class to control access to certain settings emails.
No change in behavior.

Also makes the first step towards converting all uses of
settings.ZULIP_ADMINISTRATOR and settings.NOREPLY_EMAIL_ADDRESS to
FromAddress.*.

Once everything is converted, it will be easier to ensure that future
development doesn't break backwards compatibility with the old style of
settings emails.
2017-07-04 14:25:01 -07:00
James Rowan 368bd66d8b emails: Refactor send_email functions to take both a sender name and address.
This will allow for customized senders for emails, e.g. 'Zulip Digest' for
digest emails and 'Zulip Missed Messages' for missed message emails.

Also:
* Converts the sender name to always be "Zulip", if the from_email used to
  be settings.NOREPLY_EMAIL_ADDRESS or settings.ZULIP_ADMINISTRATOR.

* Changes the default value of settings.NOREPLY_EMAIL_ADDRESS in the
  prod_setting_template to no longer have a display name. The only use of
  that display name was in the email pathway.
2017-07-04 14:25:01 -07:00
Franziska von der Goltz 98847937f4 realm: add mandatory topic setting on org level.
Lets organizations require users to specify a topic the discussion.

Fixes: #5164.
2017-07-04 14:09:21 -07:00
Greg Price 7b526b3946 narrow: Add comments explaining how we limit to legitimately-visible results.
Two wrinkles here:

* It's actually a little subtle why `ok_to_include_history` is
  correct; in particular, it's not true that a term `stream:foo` will
  always limit the query to the stream `foo`.  For this, add an
  explanatory comment backed up by an assert.

* The TODO comment in `messages_in_narrow_backend` about assuming this
  is a search, I'm pretty sure doesn't matter; it seems to only be
  saying that we return the set of fields we would for a search.
  They're harmless to send, and in any case it doesn't appear to be
  true anymore that the client only calls this for a search: the
  `can_apply_locally` function also causes narrows with `has:` to go
  to the server.  So just take that comment out.
2017-06-30 11:47:40 -04:00
Greg Price 7785a1046b narrow: Describe the key security invariant of NarrowBuilder.
(After writing the term "invariant" a few times in these comments and
now this commit message, my inner mathematician reminds me that this
property is properly termed a "monovariant" -- something does change,
but it changes only in one direction.  Pretty sure saying "invariant"
communicates better here, though.)
2017-06-30 11:47:40 -04:00
Rishi Gupta 577e201df0 emails: Replace DEFAULT_FROM_EMAIL with ZULIP_ADMINISTRATOR.
We're getting rid of DEFAULT_FROM_EMAIL from prod_settings_template, since
we only really need one of {DEFAULT_FROM_EMAIL, ZULIP_ADMINISTRATOR}.
2017-06-29 17:54:33 -07:00
Rishi Gupta bf996f91ba deactivated.html: Use support_email instead of custom context variable. 2017-06-29 11:20:32 -07:00
Umair Khan dc78a7888f login_or_register_remote_user: Send login emails for mobile.
Fixes #5389
2017-06-26 16:14:14 -07:00
Umair Khan 34a91be9a2 api_fetch_api_key: Send new login emails for mobile. 2017-06-26 16:14:14 -07:00