Commit Graph

223 Commits

Author SHA1 Message Date
Eeshan Garg d9958610a4 webhook_decorator: Support notifying bot owner on invalid JSON.
Our webhook-errors.log file is riddled with exceptions that are
logged when a webhook is incorrectly configured to send data in
a non-JSON format. To avoid this, api_key_only_webhook_view
now supports an additional argument, notify_bot_owner_on_invalid_json.
This argument, when True, will send a PM notification to the bot's
owner notifying them of the configuration issue.
2018-11-14 22:35:56 -08:00
Rishi Gupta 7dc021a6b2 billing: Improve error message for require_billing_access. 2018-11-01 14:17:36 -07:00
Vishnu Ks 677f34c2b9 billing: Use require_billing_access decorator in JSON endpoints. 2018-11-01 12:45:29 -07:00
neiljp (Neil Pilgrim) a2767df51d mypy: Enforce strict-optional checking of decorator.py. 2018-10-25 07:24:47 -05:00
Tim Abbott 25b646feaf decorator: Fix error message for accessing deactivated accounts.
The previous message was potentially a lot more ambiguous about
whether this was something about presence.  "Deactivated" makes it
explicit that some action was taken to deactivate the account.
2018-08-09 15:58:31 -07:00
Tim Abbott a124db5f7b decorator: Check for deactivated realm before deactivated user.
Structurally, this is the right order-of-access for data.
2018-08-09 15:57:18 -07:00
Umair Khan bf740f9232 2FA: Add zulip_otp_required decorator.
We need to add this because otp_required doesn't play well with tests.
2018-05-23 15:46:57 -07:00
Umair Khan 0b1e25f453 2FA: Integrate with login feature. 2018-05-23 15:46:57 -07:00
Aditya Bansal 993d50f5ab zerver: Change use of typing.Text to str. 2018-05-12 15:22:39 -07:00
Tim Abbott 508dc5b6ed decorators: Add new decorators for guest users.
These decorators will be part of the process for disabling access to
various features for guest users.

Adding this decorator to the subscribe endpoint breaks the guest users
test we'd just added for the subscribe code path; we address this by
adding a more base-level test on filter_stream_authorization.
2018-05-04 10:25:52 -07:00
Tim Abbott d5946de718 decorator: Add nocoverage comments for rate_limit decorator.
We've already got a bunch of other comments on work we need to do for
this decorator and an open issue that will ensure we at some point
rework this and add tests for it.  In the meantime, I'd like to lock
down the rest of decorator.py at 100% coverage.

Fixes #1000.
2018-04-25 22:37:12 -07:00
Tim Abbott 18e7ef23fc decorator: Add a test to more fully cover require_post.
We also add a nocoverage for what is currently an impossible code
path.
2018-04-25 22:37:09 -07:00
Tim Abbott 2afec13074 decorator: Don't require coverage on @asynchronous @csrf_exempt case.
This line is potentially valuable if we ever do more with this code
path, and doesn't really cost us anything.
2018-04-25 22:36:48 -07:00
Tim Abbott dfb946d84b decorator: Test error cases for authenticated_rest_api_view.
We now have 100% coverage on this important function.
2018-04-25 22:36:48 -07:00
Tim Abbott 2ac67a9c2f decorator: Add nocoverage markings for a few functions. 2018-04-25 22:02:09 -07:00
Tim Abbott e78b11e920 decorator: Move flexible_boolean to github webhook.
We don't really intend to use this hacky function elsewhere in the
codebase, so it's best to move it out of a core file.
2018-04-25 21:59:48 -07:00
Tim Abbott 2fa58fe9ad decorator: Fix exception format for invalid API key.
This exception class was clearly missing the part where `role` gets
stored, which was intended to be inherited from
InvalidZulipServerError.

This fixes an unnecessary 500 error in the push notifications bouncer.
2018-04-25 21:44:31 -07:00
Eeshan Garg 8158342ad3 decorators: Log webhook error payloads in authenticated_rest_api_view.
This completes the effort to ensure that all of our webhooks that do
parsing of the third-party message format log something that we can
use to debug cases where we're not parsing the payloads correctly.
2018-04-23 14:14:42 -07:00
Shubham Dhama b26c38bc47 analytics: Make stats of all realms accessible to server admins.
In this commit:
Two new URLs are added, to make all realms accessible for server
admins. One is for the stats page itself and another for getting
chart data i.e. chart data API requests.
For the above two new URLs corresponding two view functions are
added.
2018-04-18 11:06:50 -07:00
Shubham Dhama 40dc48a033 decorator: Add decorator for checking whether user is server admin.
This is just variabnt of `require_server_admin` for JSON/api views.
2018-04-18 11:01:46 -07:00
Tim Abbott 5ddf2614f0 uploads: Add new way of querying for mobile uploads endpoint.
This extends the /user_uploads API endpoint to support passing the
authentication credentials via the URL, not the HTTP_AUTHORIZATION
headers.  This is an important workaround for the fact that React
Native's Webview system doesn't support setting HTTP_AUTHORIZATION;
the app will be responsible for rewriting URLs for uploaded files
directly to add this parameter.
2018-04-13 17:51:45 -07:00
Eeshan Garg f839d528d8 decorators: Log custom HTTP headers in webhook requests.
This aids in debugging because many of our Git-based integrations
use custom HTTP headers to indicate the type of event/payload.
2018-03-30 13:37:35 -07:00
Tim Abbott 209c813424 decorator: Improve error message for a deactivated organization. 2018-03-16 16:59:02 -07:00
Tim Abbott 34e165c100 webhooks: Fix passing client string to authenticated webhook API views.
This fixes a regression in 93678e89cd
and a4979410f9, where the webhooks using
authenticated_rest_api_view were migrated to a new model that didn't
include setting a custom Client string for the webhook.

When restoring these webhooks' client strings, we also fix places
where the client string was not capitalized the same was as the
product's name.
2018-03-16 15:43:19 -07:00
neiljp (Neil Pilgrim) 88046f815a mypy: Rewrite zulip_login_required annotations in terms of ViewFuncT. 2018-03-15 14:33:56 -07:00
neiljp (Neil Pilgrim) 8edb47e212 mypy: Fully use ViewFuncT in decorators.py; remove WrappedViewFuncT.
Many declarations were previously annotated with
Callable[..., HttpResponse]; this is equivalent to ViewFuncT, so here we
switch to it.

To enable this migration, the WrappedViewFuncT alias is removed; this is
equivalent to the simple & legible Callable[[ViewFuncT], ViewFuncT], so
for relatively no space change, a clearer return type is possible.
2018-03-15 14:33:56 -07:00
neiljp (Neil Pilgrim) 80a7c16baf minor: Remove unused WrapperT from zerver/decorator.py. 2018-03-15 14:33:28 -07:00
neiljp (Neil Pilgrim) 3dbe772b50 mypy: Migrate some Callable[..., HttpResponse] to ViewFuncT in decorator.py. 2018-03-15 14:33:27 -07:00
neiljp (Neil Pilgrim) 17937175ac mypy: Centralize ViewFuncT definition into new file zerver/lib/types.py.
Originally was going to centralize this in zerver/lib/request.pyi, but this
file is not visible at run-time, being only a stub. The matching request.py
file seemed inappropriate, as it doesn't actually use ViewFuncT.
2018-03-15 14:16:40 -07:00
Tim Abbott e2a6541133 i18n: Fix use of 'realm administrator' in translated strings.
These are user-facing and thus should refer to being an "organization
administrator".
2018-03-07 17:15:29 -08:00
Eeshan Garg 75ce1261c1 webhooks/github: Log payloads that aren't handled properly.
Webhook functions wrapped by the decorator:

@authenticated_api_view(is_webhook=True)

now log payloads that cause exceptions to webhook-errors.log.

Note that authenticated_api_view is only used by webhooks/github
and not anywhere else.
2018-03-03 15:30:36 -08:00
Eeshan Garg 5069683cad decorators: Refactor the webhook_logger code.
Just to make the code a bit cleaner and to be able to reuse the
same logging code in other decorator functions.
2018-03-02 11:56:20 -08:00
Dennis Ludl 895a675f4c decorators: Fix email check in access_user_by_api_key case insensitive.
In Zulip, email addresses should always be treated as
case-insensitive; this code path incorrectly assumed the email input
by the user had the correct case.

Discussed in:

https://chat.zulip.org/#narrow/stream/issues/subject/Mobile.20Apps.3A.20Sometimes.20don't.20load.20data/near/461062

Commit message tweaked by tabbott.
2018-01-23 10:04:03 -08:00
Xavier Cooney 5b2819645e mypy: Use Python 3 type syntax in decorator.py. 2017-12-26 08:29:30 -05:00
Greg Price b830b446f1 logging: Reduce `create_logger` to new `log_to_file`.
The name `create_logger` suggests something much bigger than what this
function actually does -- the logger doesn't any more or less exist
after the function is called than before.  Its one real function is to
send logs to a specific file.

So, pull out that logic to an appropriately-named function just for
it.  We already use `logging.getLogger` in a number of places to
simply get a logger by name, and the old `create_logger` callsites can
do the same.
2017-12-12 17:17:08 -08:00
Greg Price b6491fd52a logging: Eliminate log_level from create_logger.
Because calls to `create_logger` generally run after settings are
configured, these would override what we have in `settings.LOGGING` --
which in particular defeated any attempt to set log levels in
`test_settings.py`.  Move all of these settings to the same place in
`settings.py`, so they can be overridden in a uniform way.
2017-12-12 17:17:08 -08:00
rht a1cc720860 zerver: Use Python 3 syntax for typing.
Tweaked by tabbott to fix some minor whitespace errors.
2017-11-28 16:49:36 -08:00
Steve Howell da2744812f Don't use force_bytes() in decorator.py.
In python3 base64.b64decode() can take an ASCII string, and any
legit data will be ASCII.  If you pass in non-ASCII data, the
function will properly throw a ValueError (verified in python3 shell).

	>>> s = '안녕하세요'
	>>> import base64
	>>> base64.b64decode(s)
	Traceback (most recent call last):
	  File "/srv/zulip-py3-venv/lib/python3.4/base64.py", line 37, in _bytes_from_decode_data
		return s.encode('ascii')
	UnicodeEncodeError: 'ascii' codec can't encode characters in position 0-4: ordinal not in range(128)

	During handling of the above exception, another exception occurred:

	Traceback (most recent call last):
	  File "<stdin>", line 1, in <module>
	  File "/srv/zulip-py3-venv/lib/python3.4/base64.py", line 83, in b64decode
		s = _bytes_from_decode_data(s)
	  File "/srv/zulip-py3-venv/lib/python3.4/base64.py", line 39, in _bytes_from_decode_data
		raise ValueError('string argument should contain only ASCII characters')
	ValueError: string argument should contain only ASCII characters
2017-11-09 10:43:19 -08:00
neiljp (Neil Pilgrim) 790cd5e7c8 mypy: Specify generic type parameters in cachify decorator.
Use of the decorator in event_queue.py suggests concrete return type,
for application of copy() function.
2017-11-08 12:40:40 -08:00
rht ec5120e807 refactor: Remove six.moves.zip import. 2017-11-07 10:46:42 -08:00
rht 19bd335cbb Change urllib import to be Python 3-specific. 2017-11-07 10:46:42 -08:00
Steve Howell 5be13fb066 Add cachify decorator. 2017-11-07 10:36:02 -08:00
rht 8990b1046d zerver: Remove inheritance from object. 2017-11-06 08:53:48 -08:00
Greg Price 6b9d294873 auth: Set user_activity `query` nicely for several auth views.
This gets used when we call `process_client`, which we generally do at
some kind of login; and in particular, we do in the shared auth
codepath `login_or_register_remote_user`.  Add a decorator to make it
easy, and use it on the various views that wind up there.

In particular, this ensures that the `query` is some reasonable
constant corresponding to the view, as intended.  When not set, we
fall back in `update_user_activity` on the URL path, but in particular
for `log_into_subdomain` that can now contain a bunch of
request-specific data, which makes it (a) not aggregate properly, and
(b) not even fit in the `CHARACTER VARYING(50)` database field we've
allotted it.
2017-11-04 19:27:00 -07:00
Greg Price b2d35872ed decorator: Set the user_activity query in another case.
Now that this is a little less mysterious-looking to do,
let's do it in this spot too.
2017-11-04 19:27:00 -07:00
Greg Price 1a540241a9 require_server_admin: Cut a redundant bit of request-mutation.
The only place this attribute is used is in `update_user_activity`,
called only in `process_client`, which won't happen if we end up
returning a redirect just below.  If we don't, we go and call
`add_logging_data` just after, which takes care of this already.
2017-11-04 19:27:00 -07:00
Greg Price b871aa9622 user_activity: Allow passing the `query` more directly.
This won't work for all call paths without deeper refactoring,
but for at least some paths we can make this more direct -- function
arguments, rather than mutating a request attribute -- so it's easier
to see how the data is flowing.
2017-11-04 19:27:00 -07:00
neiljp (Neil Pilgrim) 63335fd8c5 mypy: Correct return_success_on_head_request typing.
Also switch to python3 type annotations.
2017-10-29 17:10:13 -07:00
neiljp (Neil Pilgrim) 0781237b1f mypy: Improve typing to profile.py & remove FuncT from decorator.py.
FuncT was unused in decorator.py, and only imported into profile.py.
The @profiled decorator is now more strongly typed on return-type.
Annotations were converted to python3 format.
2017-10-29 17:10:13 -07:00
neiljp (Neil Pilgrim) 1cc0a3cc67 mypy: Improve constraint on return types in statsd_increment decorator. 2017-10-29 17:10:13 -07:00