This would have made reactivations hard, and doesn't really buy us much
additional security.
During deactivation, all a user's current sessions are deactivated and
they are marked as not active. This prevents them from logging in via
the web UI, and makes their API key unusable.
Randomizing their password is probably gratuitious, especially as we
start to allow authorized end-users to deactivate others.
(imported from commit c63d23816da0452a1df821f2fa6c1db2761733da)
Prior to this commit, populate_db would crash if you had ever deactivated
a user in your development instance's message log.
(imported from commit 227b2c0226a46ef5680443d3dbf62a13ce961e64)
This reduces roundtrips hopefully and will provide a friendlier error
message than what would otherwise be produced by Django.
(imported from commit 034aeef00043e3bf059583770f6c08c4f73ceeb5)
This allows us to inform users that the reason they are unable to log in
is because their account has been deactivated. This message (generated by
Django) is only shown when the correct credentials are used and is_active
is False.
(imported from commit 754a4c9af6ec05e8f18cf183bc08b67bacdeb3e0)
Previously we rested on the safety of randomised API keys to ensure that
deactivated users could not use the product. Here, we add an explicit check
to prevent that.
(imported from commit e32f355fb35b898d43503b96efb291f795aac881)
Deleted in 064c159, but it's still used. For some reason, nginx still
serves it on staging and prod despite it being deleted from git.
(imported from commit 11d6d29f974caca6c75d36f273674d3084ad9182)
Fixes the JS traceback "'null' is not an object" introduced in b67e52d.
Testing: Receive a message when narrowed to a different subject, with
the window focused.
(imported from commit 54b9e7924a2bf66ba5cc9799fc3687a084496465)
Fixes the JS traceback "Selected message id not in MessageList"
introduced by b67e52d
Testing:
* Narrow to a subject and send a PM
* Narrow to a PM recipient and send a stream message
* Narrow to a subject and send a stream message to a different subject
(imported from commit 1171c3f97813dc7db891042906762be8afb2a1b5)
This reverts commit f8fbf70c8502370a78159e24f3cf9589fb9d384f, since
we're waiting on some Firefox and no-hover fixes.
(imported from commit 6b13f5bb9d907303ab311afd7da584bc06538c91)
(The dead code made sense in the very early phases of sketching out
the feature, but it's no longer executed.)
(imported from commit 464145f227ddb25f0554bbbade0b0e3e0e399bc3)
This is slightly inconsistent, but keeps the unread count from decreasing
when narrowing and un-narrowing.
(imported from commit 185e8653c31a312c166e784b335ae7ae7e9b78e9)
Previously we added code which prevented us from serving custom fonts to
Humbug Desktop user agents due to concerns QtWebKit bugs with
@font-face.
On OS X, we use the system WebKit so we don't have this bug. In fact,
the aformentioned change caused us to have no custom fonts at all on Mac
systems!
Here we fix this by resuming the serving of such fonts to Macs.
(imported from commit b222e9dd721914d17aed8341244cfb5c71149a12)
I tried 30px at first, but I think a slightly bigger avatar helps
fill out the table a bit. It should be easier to tweek these in
CSS now, although Allen agrees with me that the tabular display
may be short lived when we add edit/delete features.
(imported from commit b4d69cddf63fa122374e20731a5755e7dec86304)