Commit Graph

1543 Commits

Author SHA1 Message Date
Harshit Bansal 11327fda7c actions.py: Only admins and bot's owner should recieve bot related events.
Modify `bot_owner_user_ids()` to return the user_ids of only
admins and bot owners instead of all the current active users.
This was causing a traceback on the frontend.

Fixes: #3391.
2017-03-25 18:22:15 -07:00
Elliott Jin 98ddb4453e test-backend: Raise zerver/views/home.py test coverage to 100%. 2017-03-25 18:16:16 -07:00
Elliott Jin 1c0d58f897 test-backend: Raise zerver/views/auth.py test coverage to 100%. 2017-03-25 18:16:16 -07:00
K.Kanakhin 234a1f8e61 retention-period: Add retention period to front-end admin organization settings.
- Add message retention period field to organization settings form.
- Add css for retention period field.
- Add convertor to not negative int or to None.
- Add retention period setting processing to back-end.
- Fix tests.

Modified by tabbott to hide the setting, since it doesn't work yet.
The goal of merging this setting code now is to avoid unnecessary
merge conflicts in the future.

Part of #106.
2017-03-25 17:57:18 -07:00
Tim Abbott 004133561b realm_filters: Support ? in URL format strings. 2017-03-25 17:13:34 -07:00
hollywoodno 75d9630258 Add notifications on new logins to Zulip.
This adds helpful email notifications for users who just logged into a
Zulip server, as a security protection against accounts being hacked.

Text tweaked by tabbott.

Fixes #2182.
2017-03-25 16:50:52 -07:00
Tim Abbott 7bcf24d39c test_management_commands: Reset settings.RUNNING_INSIDE_TORNADO.
This fixes a leak of this setting change that resulted from the
unusual way that our Tornado system sets this variable early in the
management command.

Fixes #3685.
2017-03-23 23:56:10 -07:00
Tim Abbott 3617ebfd41 api: Rename get_old_messages to get_messages in the backend.
Fixes #1315.
2017-03-23 23:52:44 -07:00
Tim Abbott a6ae546f59 test_events: Bring zerver/lib/events.py to 100% coverage. 2017-03-23 22:43:10 -07:00
Tim Abbott 0c16cc1c1e test_events: Add a test for do_refer_friend. 2017-03-23 22:43:10 -07:00
Tim Abbott 055a18e71f test_events: Add a test for do_update_embedded_data. 2017-03-23 22:43:10 -07:00
Tim Abbott eb19a25aba events: Fix races in stream creation event and add tests.
This fixes 2 issues:
* Being added to an invite_only stream did not correctly update the
  "streams" key of the initial state.

* Once that's resolved, subscribe_to_stream when called on a
  nonexistant stream would both send a "create" event (from
  create_stream_if_needed) and an "occupy" event (from
  bulk_add_subscriptions).

  The second event should just be suppressed in that case, and this
  implements that suppression.
2017-03-23 22:43:09 -07:00
Tim Abbott 8eb020d190 test_events: Add a test for do_update_muted_topic. 2017-03-23 22:27:39 -07:00
Tim Abbott dbe3ea59aa test_events: Add a failing presence test.
Apparently our presence real-time sync is slightly broken; this test
at least reveals that fact.
2017-03-23 22:27:39 -07:00
Tim Abbott d1760a1bb9 validators: Add check_float validator. 2017-03-23 21:23:41 -07:00
Tim Abbott 12a6913bbf test_events: Add a test for do_update_message_flags. 2017-03-23 21:11:33 -07:00
Tim Abbott 2b905d242d events: Fix timezone realm-time sync and add test. 2017-03-23 19:11:34 -07:00
Tim Abbott 86e3d1effc events: Fix default language realm-time sync and add test.
We previously didn't apply the default language event change
correctly.

Not super important as a bug, since we require the user to reload the
browser for their changes to take effect, but this will save time if
we ever change that.
2017-03-23 19:08:17 -07:00
Tim Abbott 99515c2d34 test_events: Add tests for default streams being None. 2017-03-23 19:04:13 -07:00
Tim Abbott adcf8263d6 tests: Fix passing non-unicode strings to do_set_realm_property.
This fixes test failures on Python 3 caused by
a98bce98c6.
2017-03-23 18:37:12 -07:00
Sarah Stringer 09f66b5c6d actions: Add do_set_realm_property function and migrate to it.
zerver/lib/actions: removed do_set_realm_* functions and added
do_set_realm_property, which takes in a realm object and the name and
value of an attribute to update on that realm.

zerver/tests/test_events.py: refactored realm tests with
do_set_realm_property.

Kept the do_set_realm_authentication_methods and
do_set_realm_message_editing functions because their function
signatures are different.

Addresses part of issue #3854.
2017-03-23 17:52:45 -07:00
Umair Khan 2d4a1f93ff testing: Bring zproject.backends coverage to 100%. 2017-03-23 17:12:58 -07:00
Akash Kothawale 4c2bfae83e get_stream: Throw DoesNotExist if stream is not found.
This makes get_stream match get_realm, get_user_profile_by_email,
etc., in interface, and is more convenient for mypy annotations
because `get_stream` now doesn't return an Optional[Stream].
2017-03-23 15:42:00 -07:00
Tim Abbott 97e844e97c test_notifications: Don't pass a user_profile to client_patch.
This fixes a JSON overflow error when producing URL coverage reports.
2017-03-23 13:08:49 -07:00
Tim Abbott f3af0fe635 reactions: Fix reacting to messages on streams you're not subscribed to.
We use the same strategy Zulip already uses for starred messages,
namely, creating a new UserMessage row with the "historical" flag set
(which basically means Zulip can ignore this row for most purposes
that use UserMessage rows).  The historical flag is ignored, however,
in determining which users' browsers to notify about new reactions,
and thus the user will get to see the reaction appear when they click
a message (and any reactions other users later add, as well!).

There's still something of a race here, in that if some users react to
a message while the user is looking at the unsubscribed stream but
before the user reacts to that message, those reactions will not be
displayed to that user (so counts will be a bit lower, or something).
This race feels small enough to ignore for now.

Fixes #3345.
2017-03-22 20:22:13 -07:00
Tim Abbott 60326ca94c test_events: Add reaction tests. 2017-03-22 20:22:02 -07:00
Tim Abbott 0fec03f8bb test_docs: Fix normal users test text. 2017-03-22 13:14:19 -07:00
sinwar 397e9c109e auth: Separate development login from main login page.
This allows us to enable EmailAuthBackend by default in development
without cluttering the development login experience.

Fixes #3652.
2017-03-22 12:54:30 -07:00
Umair Khan 3c0f341eb7 test_subs.py: Change assert_max_length to assert_length. 2017-03-22 12:07:21 -07:00
Umair Khan ff8ab054da testing: Fix query count for test_bulk_subscribe_MIT.
test_subs.SubscriptionAPITest.test_bulk_subscribe_MIT fails when it is
run individually.
2017-03-22 12:07:06 -07:00
Umair Khan 8431ceace2 testing: Serialize BotTest with upload tests. 2017-03-22 11:59:30 -07:00
Tim Abbott 993276b882 test_upload: Add tests for realm icon URL scheme. 2017-03-21 16:12:04 -07:00
Tim Abbott 8775a22663 avatar: Fix buggy avatar URL scheme with S3 backend.
Also adds tests for the avatar URL scheme.
2017-03-21 16:12:04 -07:00
Ayush Jain bddcfb1c96 Add realm-level settings to control inline image and url preview.
This gives users more control in case they don't want previews,
especially for the "previews of linked websites" feature.

Fixes: #2640.
2017-03-21 15:46:17 -07:00
Steven Ganz 5041d86db0 tests: Add several missing tests to test_events.
This fixes part of #3633.

Extracted by tabbott from #4162 as ready to merge now.
2017-03-19 23:12:12 -07:00
Tim Abbott ceeb95ebb1 tests: Fix missing test coverage for /json/realm.
In aa880b0419, we used the raw
do_set_realm_description method rather than calling the API, which
meant that the API success path wasn't actually tested.
2017-03-19 22:49:16 -07:00
Tim Abbott 81194df65d test_bots: Add stream is not None asserts. 2017-03-19 22:26:25 -07:00
Tim Abbott 7e5d5b5cce mypy: Clean up repetition in test_realm_aliases.
The assert added in this refactoring addresses a mypy issue with
strict optional since get_realm_by_email_domain might return None.
2017-03-19 22:26:25 -07:00
Tim Abbott 9866124b78 mypy: Fix some new errors flagged by latest mypy master.
Mostly list -> List bugs in annotations.
2017-03-19 21:03:45 -07:00
Sarah Stringer aa880b0419 Add organization description field to realm settings.
This adds an organization description field to the Realm model, as well as
an input field to the organization settings template. Added three tests.
Set the max length of the field to 100 characters.

Fixes #3962.
2017-03-19 14:05:01 -07:00
Tim Abbott 767f57ef03 tests: Remove imports of deleted message_ids. 2017-03-18 20:40:34 -07:00
K.Kanakhin 3e397090e1 user-presence: Add client info to aggregated presence status.
Fixes zulip/zulip-android#454.
2017-03-18 20:36:41 -07:00
Elliott Jin 1138057209 test-backend: Raise zerver/views/registration.py test coverage to 100%. 2017-03-18 18:11:59 -07:00
Elliott Jin 8cfc231d03 tests: Raise zerver/views/registration.py test coverage (part 2). 2017-03-18 18:11:59 -07:00
Jacob Hurwitz 8ab88f5aad Remove hack for old mobile clients
This FIXME was added in 50d229fe11.
Considering it's been more than 4 years, we can probably safely remove
it now.
2017-03-18 18:11:17 -07:00
Elliott Jin fde1aa506b tests: Prevent misuse of assert_in_success_response.
Changing assert_in_success_response to require List[Text] instead of
Iterable[Text] prevents the following misuse:

    self.assert_in_response_success("message", response)

Currently, this will check whether 'm', 'e', 's', 'a', and 'g' separately
appear in the response, which is probably not the intended behavior.  The
correct usage is as follows:

    self.assert_in_response_success(["message"], response)
2017-03-18 15:49:35 -07:00
Susan Salituro a2d948f2e0 test_messages: Add test for invalid markdown format. 2017-03-18 14:35:53 -07:00
dattatreya303 a61ff3e234 Prevent missed-message emails for deleted messages.
This of course only works in the 2 minute window where missed-message
emails are planned, but nonetheless likely avoids common cases of
emailing users with deleted messages.

Fixes: #3873.
2017-03-18 07:51:32 -07:00
Tim Abbott 614391908b typing: Add apply_event handler for typing notifications.
This fixes a crash in the small race condition when loading a browser
window while someone is starting/stopping typing.
2017-03-17 20:01:12 -07:00
Rohitt Vashishtha 202389d4a7 notifications: Fix incorrect advertising in missed-message emails.
Missed-message email replies using the reply-to of
noreply@zulipchat.com shouldn't advertise that "just replying" will
work.

Rebased and commit message rewritten by tabbott.

Fixes #3965.
2017-03-15 22:34:31 -07:00
kunall17 5a1e952cb5 Implemented test's for muting/unmuting a topic 2017-03-15 16:19:00 -07:00
Umair Khan 242d3ffaf4 Add timezone field in UserProfile.
Implements backend of #1506.
2017-03-15 11:18:24 -07:00
Umair Khan 0d296afa54 github: Return '' when name is None. 2017-03-15 11:11:09 -07:00
Raghav Jajodia ef7e15ee00 admin: Add realm option to prevent users from changing their name.
A realm option to prevent users from changing their name is added.
Fixes #3950.
2017-03-14 14:10:08 -07:00
Raghav Jajodia dc48b87765 home.py: Fix bug associated with email_changes_disabled.
On reloading the page after disabling email changes does not check
the "Prevent users from changing their email address".
Adding realm_email_changes_disabled to page_params_core_fields fixes the problem.
2017-03-14 14:10:08 -07:00
Umair Khan cdb07c7005 Fix test_get_old_messages_with_narrow_pm_with.
Fixes #3940.
2017-03-14 09:38:24 -07:00
Maxim Averin b13b660709 zerver: Replace log_event with RealmAuditLog in do_change_user_email.
This replaces the ancient file logging approach for the auditable
password change event with the database audit log.
2017-03-13 22:08:12 -07:00
Maxim Averin fc35982b87 zerver: Replace log_event with RealmAuditLog in do_change_password.
This replaces the ancient file logging approach for the auditable
password change event with the database audit log.
2017-03-13 22:07:14 -07:00
Elliott Jin dae5366949 tests: Raise zerver/views/registration.py test coverage. 2017-03-13 21:59:04 -07:00
Elliott Jin 11ad666397 tests: Fix docstring for test_signup_invalid_name. 2017-03-13 21:59:04 -07:00
Rishi Gupta 098797cd36 Remove page_params.domain. 2017-03-13 14:42:55 -07:00
Rishi Gupta 3aae6cd421 Change if(realm.domain == zulip.com) checks to use Realm.string_id. 2017-03-13 14:17:14 -07:00
Rishi Gupta ef532bbbb1 statsd: Change keys to use Realm.string_id instead of domain. 2017-03-13 09:51:02 -07:00
Rishi Gupta 00f49d4121 views/users.py: Change error message to use Realm.string_id instead of domain. 2017-03-13 09:37:06 -07:00
Rishi Gupta 0559afb928 models: Use Realm.string_id instead of domain in RealmFilter.__unicode__. 2017-03-13 09:27:21 -07:00
Rishi Gupta cc25193faa models: Use Realm.string_id instead of domain in RealmEmoji.__unicode__. 2017-03-13 09:26:26 -07:00
Rishi Gupta a2bfa7793a models: Use string_id instead of domain in Realm.__unicode__. 2017-03-13 09:23:07 -07:00
Raghav Jajodia c17e574211 Remove product_name setting and return to harcoding 'Zulip'.
This removes some confusion in grep for frontend strings with Zulip in
them and also cleans up the code in some places.

Fixes #1602.
2017-03-09 21:48:15 -08:00
Tim Abbott 60296c022c test_messages: Attempt to fix flaky coverage again. 2017-03-09 21:42:22 -08:00
Tim Abbott c2bee5a89b auth: Fix fetch_auth_backends to properly report supported methods.
This fixes 2 related issues:
* We incorrectly would report authentication methods that are
  supported by a server (but have been disabled for a given
  realm/subdomain) as supported.
* We did not return an error with an invalid subdomain on a valid
  Zulip server.
* We did not return an error when requesting auth backends for the
  homepage if SUBDOMAINS_HOMEPAGE is set.

Comes with complete tests.
2017-03-09 21:37:00 -08:00
Amy Liu e5ab3123af Migrate json/set_muted_topics to muting/topics. 2017-03-09 20:52:29 -08:00
Amy Liu 9500c88e32 Migrate legacy url json/bulk_invite_users to invite/bulk_invite. 2017-03-09 20:51:03 -08:00
Umair Khan 32849b80ad Django 1.10: Url pattern doesn't use _callback_str.
Fixes #3941
2017-03-09 00:50:12 -08:00
Tim Abbott ac20872f9d request: Fix unnecessary translation tag for assertion. 2017-03-09 00:38:14 -08:00
Tim Abbott 8bdbcbc371 lint: Fix unnecessarily translated test file strings.
Our linter for translation strings shouldn't check test files, since
then we'll end up translating non-user-facing strings.

So we fix that, and actually add the opposite lint rule.
2017-03-09 00:37:44 -08:00
Tim Abbott ac138b6e93 templates: Rename landing-nav.html to landing_nav.html. 2017-03-08 17:30:44 -08:00
Tim Abbott 3b59e6c3cc subs: Rename /#subscriptions to /#streams.
Fixes #3653.
2017-03-08 16:57:58 -08:00
Rishi Gupta 3797fa657e Change bot domains to string_id.EXTERNAL_HOST.
Change applies to both subdomains and non-subdomains case, though we use
just the EXTERNAL_HOST in the non-subdomains case if there is only 1 realm.

Fixes #3903.
2017-03-08 16:26:13 -08:00
Elliott Jin 8d936601d3 test-backend: Raise zerver/views/test_upload.py test coverage to 100%. 2017-03-08 11:42:25 -08:00
Tim Abbott 841e81d21e tests: Fix six.moves range import placement. 2017-03-08 11:36:04 -08:00
Tim Abbott cb14b4405c tests: Rename zerver/tests/tests.py to test_users.py. 2017-03-08 03:57:37 -08:00
Tim Abbott 8675be2daf tests: Move ModelTest to test_presence.py. 2017-03-08 03:57:37 -08:00
Tim Abbott ff7e3a2125 tests: Move ExtractedRecipientsTest test to test_messages.py. 2017-03-08 03:57:37 -08:00
Tim Abbott ff598a091c tests: Extract zerver/tests/test_muting.py. 2017-03-08 03:57:37 -08:00
Tim Abbott 352551503c tests: Move UtilsUnitTest test to test_docs.py. 2017-03-08 03:57:37 -08:00
Tim Abbott c0f43ce343 tests: Move PublicURLTest tests to test_urls.py. 2017-03-08 03:57:37 -08:00
Tim Abbott a2ebece9b7 tests: Move login-related tests to test_signup.py. 2017-03-08 03:57:37 -08:00
Tim Abbott 94ed405c69 tests: Extract zerver/tests/test_middleware.py. 2017-03-08 03:57:37 -08:00
Tim Abbott 46362dfcca tests: Move AuthorsPageTest to test_docs.py. 2017-03-08 03:57:37 -08:00
Tim Abbott 881169f08a tests: Move DocPageTest to test_docs.py. 2017-03-08 03:57:37 -08:00
Tim Abbott edbb3fa4ec tests: Rename test_integrations to test_docs. 2017-03-08 03:57:37 -08:00
Tim Abbott 729bcc8b16 tests: Move TestOpenRealms to test_signup.py. 2017-03-08 03:57:37 -08:00
Tim Abbott e8b08d10f0 tests: Extract zerver/tests/test_notifications.py. 2017-03-08 03:57:37 -08:00
Tim Abbott eefd5d4cf6 tests: Move UserChangesTest to test_settings.py. 2017-03-08 03:57:37 -08:00
Tim Abbott 3d98b1cdef tests: Extract zerver/tests/test_queue_worker.py. 2017-03-08 03:57:37 -08:00
Tim Abbott 4e34719563 tests: Extract zerver/tests/test_realm.py. 2017-03-08 03:15:16 -08:00
Tim Abbott b5cca309d6 tests: Extract zerver/tests/test_settings.py. 2017-03-08 03:13:28 -08:00
Tim Abbott 123b4c1877 tests: Extract zerver/tests/test_bots.py. 2017-03-08 03:09:32 -08:00
Tim Abbott 7d9e80599b tests: Extract zerver/tests/test_zephyr.py. 2017-03-08 03:08:30 -08:00
Tim Abbott c66549dee0 tests: Extract zerver/tests/test_home.py. 2017-03-08 03:00:05 -08:00
Tim Abbott 7aa9dc3922 Fix test_templates failure with new landing-nav.html. 2017-03-08 02:53:57 -08:00
Tim Abbott fe237118b0 Rename zerver/lib/session_user.py to sessions.py. 2017-03-08 02:43:35 -08:00
K.Kanakhin 1cb0f8dc41 Add size limit for uploading user avatars and realm icons.
- Add settings parameter for max realm icon size.
- Add settings parameter for max user avatar size.
- Add checking file size to avatar and icon
  uploading views.
- Transfer file size limit parameter to frontend.
- Add tests.
2017-03-07 22:13:01 -08:00
Tim Abbott 6a8dfe1f3f test_messages: Fix nondeterministic coverage issue. 2017-03-07 20:44:55 -08:00
K.Kanakhin 173f34b7aa user-presence: Add `offline` status to aggregated info.
- Add `OFFLINE_THRESHOLD_SECS` settings parameter
  to handle offline period.
- Set aggregated status to offline if user's status
  haven't changed for `OFFLINE_THRESHOLD_SECS` period.
- Add test for offline aggregated status.
2017-03-07 20:09:53 -08:00
K.Kanakhin 2f251dedaf user-presence: Add aggregated status to user presence info.
- Add aggregated status to user presence status dict.
- Add tests for aggregated presence status.
- Fix removing unused keys from status dict
  with aggregated data for user.

Fixes #3692
2017-03-07 20:09:53 -08:00
K.Kanakhin 6a801db1c2 missed-emails-sending: Move email sending to separate queue worker.
- Add new 'missedmessage_email_senders' queue for sending missed messages emails.
- Add the new worker to process 'missedmessage_email_senders' queue.
- Split aggregation missed messages and sending missed messages email
  to separate queue workers.
- Adapt tests for sending missed emails to the new logic.

Fixes #2607
2017-03-07 20:08:40 -08:00
Elliott Jin 3127ebfa3b test-backend: Raise zerver/views/events_register.py test coverage to 100%. 2017-03-07 19:47:16 -08:00
Umair Khan 1f60baba6b Handle social auth exception in auth_complete.
In case of an exception, we log it and return None which results in a
redirect to the login page.
2017-03-07 19:46:40 -08:00
Tim Abbott 393c4d2eaa push: Don't pass a UserProfile into _do_push_to_apns_service. 2017-03-05 18:37:00 -08:00
Tim Abbott 53c9e3b4ca push: Don't pass a full UserProfile into APNsMessage. 2017-03-05 18:37:00 -08:00
Tim Abbott c8bfd568bc push: Pass devices list into send_apple_push_notification. 2017-03-05 18:36:58 -08:00
Tim Abbott 0ddaf5c610 push: Pass reg_ids list into send_android_push_notification.
This refactoring is preparation for being able to forward push
notifications to users on behalf of another Zulip server.

The goal is to remove access to the current server's database from the
send_*_push_notification code paths.
2017-03-05 18:36:07 -08:00
Steve Howell 419a3174f1 Send stream_id in stream/update events. 2017-03-05 15:44:42 -08:00
Steve Howell 0bb1af0fd9 Send stream_id in subscription updates. 2017-03-05 15:26:00 -08:00
Tim Abbott b6f53d6c14 coverage: bring zerver/lib/validator.py to 100% coverage. 2017-03-05 00:53:27 -08:00
Tim Abbott 2f8bb1b1cd coverage: Add test for REST requests to /json API unauthed. 2017-03-05 00:53:27 -08:00
Tim Abbott c8e38aaa55 coverage: Add coverage for OPTIONS HTTP method. 2017-03-05 00:53:26 -08:00
Tim Abbott e95f139308 coverage: bring zerver/lib/response.py to 100% coverage. 2017-03-05 00:53:26 -08:00
Tim Abbott 89decf6ded coverage: bring zerver/lib/request.py to 100% coverage. 2017-03-05 00:53:26 -08:00
Tim Abbott e3cfb256dd coverage: Bring zerver.lib.narrow.py to 100% coverage. 2017-03-05 00:53:26 -08:00
Tim Abbott a53240a47c test_subs: Fix buggy assertion statement. 2017-03-04 23:57:56 -08:00
Tim Abbott 6c12a49d04 test_auth_backends: Remove now-unnecessary compatibility code.
This code was added as part of the Django 1.10 migration to make our
tests work with both Django 1.8 and 1.10.  Now that we're on 1.10,
it's no longer required.
2017-03-04 23:38:46 -08:00
Tim Abbott 39704bac6c test_bugdown: Remove unused common_bugdown_test. 2017-03-04 23:35:46 -08:00
Tim Abbott 1a8bc5f383 coverage: Bring test_decorators to 100% coverage. 2017-03-04 23:34:28 -08:00
Tim Abbott c73c3c52f8 test_email_mirror: Fix TestCommandMTA.
The test didn't actually use the mock, due to an incorrect import
path.
2017-03-04 23:28:48 -08:00
Tim Abbott 6ea3a9cb1d coverage: Bring test_templates.py to 100% coverage. 2017-03-04 23:28:48 -08:00
Tim Abbott 8d9cab2339 test_narrow: Use AssertionError properly. 2017-03-04 23:19:16 -08:00
Tim Abbott d8171b2efc coverage: Bring tests.py to 100% coverage. 2017-03-04 23:17:36 -08:00
Tim Abbott 768307d921 coverage: Bring test_events to 100% coverage. 2017-03-04 23:12:32 -08:00
Tim Abbott d4f0e394e9 test_unread: Bring to 100% test coverage.
This actually fixes a test bug where we weren't actually verifying
whether other users' messages were being marked as read.
2017-03-04 23:09:45 -08:00
Tim Abbott 538570b7c1 test_subs: Bring to 100% test coverage. 2017-03-04 23:07:56 -08:00
Tim Abbott 065651b4fe coverage: Exclude uncovered lines in test_signup. 2017-03-04 23:01:50 -08:00
Philip Skomorokhov 866a7b06b2 upload: Limit total size of files uploaded by a user to 1GB.
Fixes #3884.
2017-03-04 18:08:30 -08:00
Tim Abbott 80232425f4 user_settings: Clean up error messages and tests for email change. 2017-03-04 17:32:48 -08:00
Raghav Jajodia cd2d798498 admin: Added realm option to prevent users from changing their email.
A realm option to prevent users from changing their email address is added.
Fixes #3777.
2017-03-04 17:32:48 -08:00
Raghav Jajodia ec77aa0dfb user_settings: Add auth check before confirm_email_change.
This isn't strictly necessary, but adds a little bit of extra security
to the overall email change flow.
2017-03-04 17:05:25 -08:00
Rishi Gupta 51b7677db7 Add RealmAuditLog table and record user activation/deactivation events.
The RealmAuditLog will make it easier for server admins to replay history.
2017-03-04 16:45:44 -08:00
Raghav Jajodia a3a03bd6a5 mypy: Added Dict, List and Set imports.
Fixed mypy errors associated with the upgrade.
2017-03-04 14:33:44 -08:00
Rishi Gupta 1453a5bfda Change string_id of test zephyr realm from mit to zephyr.
Also changes Realm.is_zephyr_mirror_realm to use string_id=zephyr instead of
domain=mit.edu.
Part of a larger migration away from Realm.domain.
2017-03-04 12:18:01 -08:00
Sourav Badami 4616ee7762 Enable display of emoji as their alt codes in reactions.
This currently only supports this in emoji reactions, not in actual
emoji in message bodies, but it's a great start for people who want a
text-only view.

Tweaked to update the text by tabbott.

Fixes #3169.
2017-03-03 15:19:34 -08:00
Rishi Gupta 28d3af0965 Fix several new errors caught by mypy 0.501.
Clear out a bunch of easy to review errors, so we can focus on the more
complicated ones.
2017-03-03 14:12:52 -08:00
Rishi Gupta 4dc791f393 Clean up timestamps.py and add a test. 2017-03-01 23:03:56 -08:00
Rishi Gupta c388858e53 Fix timezone errors in ScheduledJob and digest creation filters.
datetime.utcnow() is a timezone-naive datetime. The Django ORM interprets it
in the settings.TIME_ZONE timezone (e.g. 'America/New_York' in the
development server). We perhaps haven't noticed errors yet since with
'America/New_York' all it means is that emails are sent 5 hours early, or a
slightly different set of messages are included in the digest.
2017-03-01 22:54:28 -08:00
PhilSk 53f3d84af2 attachment: Add 'size' field tracking size of uploaded files.
This tracking will make it possible in the future to limit the total
size of uploads on a per-user or per-organization basis.

Fixes #3774.
2017-03-01 15:58:21 -08:00
Tim Abbott d90f7c72a3 zephyr: Fix broken postgres regular expression logic and add tests.
Like many rare-case code with new tests, it turns out that the logic
for handling null characters in our Zephyr postgres query escaping
never worked, in multiple ways.  First, it always changed the second
character in s, not the current one being inspected, and second, the
value it replaced it with was no the correct postgres escape of the
null byte.  We fix this and add tests.

This completes the effort to get zerver/views/messages.py to 100%
test coverage.

Fixes #1006.
2017-03-01 10:38:48 -08:00
Tim Abbott bc38870136 preview: Fix adding links in message editing.
When you edit a message to contain links, and URL previews are
enabled, previously we'd throw an exception, because the realm ID
wasn't included in the event.

Also adds a test so that we can have effective test coverage on this
codepath, though this history is actually that I found the bug through
writing this test :).
2017-03-01 10:38:47 -08:00
Tim Abbott d754d257f2 PreviewTestCase: Use the actual queued event.
This makes the test significantly simpler and more faithful, but not
mocking the event put into queue_json_publish.
2017-03-01 10:37:55 -08:00
Tim Abbott b6bf45b0da PreviewTestCase: Factor out open_graph_html variable. 2017-03-01 10:37:50 -08:00
hackerkid b7a6826fda Add support for getting medium size profile images. 2017-03-01 09:57:30 -08:00
Tim Abbott c21365cacf templates: Rename image-overlay.html to lightbox_overlay.html. 2017-03-01 09:03:35 -08:00
Tim Abbott 0712926b84 templates: Rename right-sidebar.html to right_sidebar.html. 2017-03-01 09:02:15 -08:00
Tim Abbott 748ec32349 templates: Rename left-sidebar.html to left_sidebar.html. 2017-03-01 09:00:51 -08:00
Tim Abbott 291cfa3c11 templates: Fix settings-sidebar.html usage. 2017-03-01 08:59:23 -08:00
Igor Tokarev 31dff09efa Support email changes for !avatar syntax.
Significantly modified by tabbott to avoid calling
get_user_profile_by_email in bugdown, and have 100% test coverage of
the views code.

Fixes #2041.
2017-02-28 21:56:04 -08:00
Tim Abbott a1d296b802 report: Use DEVELOPMENT instead of DEBUG setting.
This fixes a weird issue where the following sequences of tests would fail:

test-backend
 zerver.tests.test_messages.PersonalMessagesTest.test_personal_to_self
 zerver.tests.test_report.TestReport.test_report_error
 zerver.tests.test_templates.TemplateTestCase.test_custom_tos_template

It appears that all 3 tests are required for the failure.

While it's not entirely clear what the cause is, a very likely factor
is that settings.DEBUG is special, and so changing it at runtime is
likely to cause weird problems like this.

We fix this by replacing it with settings.DEVELOPMENT, which has the
same value in all environments, but doesn't have this problem of being
a special Django thing.
2017-02-28 21:44:41 -08:00
Elliott Jin 7ed10da4ad test-backend: Raise zerver/views/report.py test coverage to 100%. 2017-02-28 20:06:00 -08:00
Abhijeet Kaur f0121973d2 bug fix: Fix error when admin renames a bot after reactivating it.
Fix administration page javascript issue of TypeError that occurs
due to undefined variable access in static/js/bot_data.js file.
Reactivating a bot was not updating the state in `bot_data`.
Sending an event on reactivating a bot fixes this issue.

Fixes: #2840
2017-02-28 16:10:53 -08:00
Tim Abbott e86ed89986 page_params: scope presence_disabled in realm. 2017-02-28 14:58:53 -08:00
Tim Abbott 85caa87492 tests: Fix test_doc_endpoints with reformatted HTML. 2017-02-28 14:45:03 -08:00
K.Kanakhin d9b10727fa server-version: Add server version to api endpoints.
- Add server version to `fetch_initial_state_data`.
- Add server version to register event queue api endpoint.
- Add server version to `get_auth_backends` api endpoint.
- Change source for server version in `home` endpoint.
- Fix tests.

Fixes #3663
2017-02-28 14:22:01 -08:00
Umair Khan 802de53ede backend: Handle GitHub authentication failure.
In case of AuthFailed exception return None.
2017-02-28 09:55:37 -08:00
K.Kanakhin 23706a3c9e Add server error response for failed handlebars template compilation.
- Add stamp file creation for the failed templates compilation.
- Add error response to `home` route if stamp file exists. It appears
  just for the development environment.
- Add jinja2 template for failed handlebars templates compilation error.

Fixes #3650.
2017-02-28 09:44:08 -08:00
Elliott Jin 11ba94f11a test-backend: Raise zerver/views/integrations.py test coverage to 100%. 2017-02-28 09:31:06 -08:00
Harshit Bansal 9d5be410af page_params: Modify `bot_list` to hold active as well as inactive bots.
Modify the `bot_list` to hold all the bots owned by an user
irrespective of whether the bot is active or inactive. Also
include the `is_active` field in `active_bot_dict_fields` to
distinguish between inactive and active bots.
2017-02-26 23:56:51 -08:00
Harshit Bansal 8b11deedb3 views/users.py: Allow changing bot's owner.
Modify the `patch_bot_backend()` route to support
changing the bot owner.
2017-02-26 21:39:22 -08:00
Elliott Jin 6bdefb92e9 test-backend: Raise zerver/views/zephyr.py test coverage to 100%. 2017-02-26 20:54:25 -08:00
Elliott Jin f3cd3e8b8d test-backend: Raise zerver/views/invite.py test coverage to 100%. 2017-02-26 16:15:25 -08:00
Elliott Jin cebc67f9b0 test-backend: Raise zerver/views/unsubscribe.py test coverage to 100%. 2017-02-26 16:13:35 -08:00
Tim Abbott 4ea997493b events: Normalize realm_icon events to be standard.
This lets us save on semi-duplicate code, both in server_events.js and
in zerver/lib/events.py, and makes our event structure a bit more
predictable.
2017-02-26 12:16:07 -08:00
K.Kanakhin 257bb40698 realm-icon: Add realm icon feature.
- Add realm icon fields to realm model.
- Add migration for new realm model's field.
- Add views for icon uploading and deleting.
- Add routes for realm icons views.
- Add JS widget for realm icon upload setting.
- Add realm icon upload to administration
  organization setting.
- Add tests for realm icons.

Fixes #3660.
2017-02-26 12:16:07 -08:00
Tim Abbott c5ed119f89 upload: Rename BadImageError exception to not mention avatars.
This is preparation for using that function to decode realm icons as
well.
2017-02-26 12:16:07 -08:00
Elliott Jin f038cd47d9 test-backend: Raise zerver/views/realm.py test coverage to 100%. 2017-02-25 18:18:29 -08:00
Umair Khan 5bf83f9e0a change-email: Implement confirmation flow.
This adds to Zulip support for a user changing their own email
address.

It's backed by a huge amount of work by Steve Howell on making email
changes actually work from a UI perspective.

Fixes #734.
2017-02-23 03:15:17 -08:00
Sampriti Panda 1929cc5190 Implement persistent drafts functionality
* Created a drafts modal to display/restore/delete drafts
* Created a Draft model to support storing draft data in localstorage
* Removed existing restore-draft functionality
* Added casper and node tests for drafts functionality

Fixes #1717.
2017-02-23 02:58:23 -08:00
Tim Abbott ff37524db6 messages: Add test coverage for IRC mirroring code path. 2017-02-22 20:51:25 -08:00
Tim Abbott 8875deff47 test_messages: Add a message edit permissions test. 2017-02-22 20:51:25 -08:00
Tim Abbott f20ade041a messages: Add test coverage for is_search code path. 2017-02-22 20:51:25 -08:00
Tim Abbott a079bcdce1 get_old_messages: Add LARGER_THAN_MAX_MESSAGE_ID constant. 2017-02-22 20:50:15 -08:00
Tim Abbott ff65b6b842 get_old_messages: Remove unnecessary >= max_message_id query. 2017-02-22 20:47:48 -08:00
Tim Abbott 05e7ab3a5a test_narrow: Fix use_first_unread_anchor tests requesting 0 before/after. 2017-02-22 20:47:48 -08:00
Tim Abbott 6f0410774c sqlalchemy: Fix most sqlalchemy deprecation warnings.
Fixes #2732.
2017-02-22 20:47:48 -08:00
Tim Abbott 66f016edbb zephyr: Fix zerver_message tables scans due to regex in queries.
This arguably regresses the Zephyr experience, in that we no longer
consider 'foo.d.d.d.d.d' to be something that gets narrowed in with
the rest, but that's a pretty rare use case anyway.

In practice, using that many '.d's anyway only happens a few times a
year.
2017-02-22 20:47:46 -08:00
Steve Howell fa31ad35c9 Fix display of changed avatars in old messages (page_params).
Our client code will now receive avatar_url in
page_params.people_list during page load, so it will be
able to use more current urls for old messages (the client
already had some logic for that and was just missing the
data).

We also add avatar_url to the realm_user/add event.

When we change the avatar, we make sure to always send a
realm_user/update event (even for bots).

We also needed to add avatar_version and
avatar_source to our active users cache.
2017-02-22 07:57:03 -08:00
Steve Howell 9d5a631650 Add test_change_avatar_fields().
This adds a temporary, insignificant change to apply_events().
2017-02-22 07:57:03 -08:00
Tim Abbott 160891381a test_events: Add comments for do_test_subscribe_events. 2017-02-22 00:34:12 -08:00
Ayush Jain 455c1919fc Add customizable invite-new-user text.
This makes life a lot easier for people inviting users to a new Zulip
organization, since they can give some form of context now.

Modified by tabbott to clean up CSS, backend code flow, and improve
the formatting of the emails.

Fixes: #1409.
2017-02-21 22:35:01 -08:00
Tim Abbott 353f969992 test_events: Add missing print_function py3 import. 2017-02-21 14:26:31 -08:00
Steve Howell 192805903d Make events test more robust for apply_events calls.
We now make tests that call EventsRegisterTest.do_test()
explicitly specify whether calls to apply_events() would
change the state of initially fetched data.  Generally
these tests exist to test that logic (as well as verifying
schemas of events), so if they stop testing that logic, it
is usually a broken test.

Some tests are exempted from the check here, because I think
they don't really change state--such as updating messages or
notifications.  You can set state_change_expected to False
for those tests.

For all the tests that deal with flipping boolean flags, I
set their value to False before calling do_test twice now.

For the authentication backends, I mock the settings so that
more backends are "supported" and therefore part of the event
and the fetched state.

Finally, for the bot tests, I make sure to use a bot the user
can access.
2017-02-21 11:43:09 -08:00
Tim Abbott dc0f6413f3 events: Fix include_subscribers=False race conditions.
The original include_subscribers implementation did not correctly
update the apply_events code path to avoid adding 'subscribers' dicts
to things.  This corrects that oversight.
2017-02-20 11:07:09 -08:00
Steve Howell 96fc6f2372 Remove deactivated streams from the DefaultStream model.
If a stream is deactivated, we now remove it from the
DefaultStream model on the back end.
2017-02-19 18:06:20 -08:00
Kartik Maji 1a697b6e02 Add frontend to show message edit history.
Fixes #268.

Modified significantly by tabbott to:
* improve code cleanliness / repetition
* add missing translation tags
* move code into message_edit.js
* correspond with the new backend.
* not display the option for messages only topic-edited
2017-02-19 17:41:06 -08:00
Tim Abbott 98894eb759 edit_history: Reverse the order of edit history list. 2017-02-19 16:47:07 -08:00
Tim Abbott eadd6fb3c6 message_edit: Include an initial entry in view output.
This makes it super easy for frontend code using this view code to
produce a nice display of the history.

This also fixes an off-by-one error with the timestamps.
2017-02-19 16:46:47 -08:00
Tim Abbott 515340ed00 Add message edit history backend with tests.
Based on work by Kartik Maji in #1204.

This has a few significant changes from the original version:
* We correctly handle filling in data for topic edits
* Has a complete test suite verifying correctness of the logic
* Currently, it doesn't include a special "start" entry

Things we may want to further change include:
* Adding a special "start" entry.
* Reversing the order of the history data returned for clarity.
2017-02-19 16:13:35 -08:00
Tim Abbott 498f6782a2 EditMessageEdit: Add complete test of edit history. 2017-02-19 16:13:35 -08:00
Tim Abbott 976868cf01 message_edit: Store which user edited a given message.
This is important for, in the future, being able to display who edited
the topic of a message if that wasn't the person who originally sent
the message.
2017-02-19 16:13:04 -08:00
Tim Abbott 32bfebeb7a mypy: Fix inconsistencies in use of *args/**kwargs. 2017-02-18 18:39:44 -08:00
Tim Abbott 473c0ee1fe mypy: Remove now-unused type: ignores. 2017-02-18 17:01:01 -08:00
Tim Abbott b30fb37037 Fix URL routing for users with email addresses starting with "me".
Our URL routing previously attempting to segment the /users/ endpoint
namespace into /me (affecting yourself) or /username@domain (affecting
other users) by regular expressions incorrectly, specifically in the
case of email addresses starting with `me`.  This prevented various
admin actions like removing a user as an organization administrator.
2017-02-18 15:26:04 -08:00
Tim Abbott 6ba1cd797b Fix regression in whitespace stripping at the start of messages.
This fixes a regression in 4060a97656,
which incorrectly stripped whitespace at the start of messages as
well.

Fixes #3719.
2017-02-18 14:47:28 -08:00
Steve Howell b9ec2545bb Simplify and speed up stream deactivation.
This is a fairly risky, invasive change that speeds up
stream deactivation by no longer sending subscription/remove
events for individual subscribers to all of the clients who
care about a stream.  Instead, we let the client handle the
stream deactivation on a coarser level.

The back end changes here are pretty straightforward.

On the front end we handle stream deactivations by removing the
stream (as needed) from the streams sidebar and/or the stream
settings page.  We also remove the stream from the internal data
structures.

There may be some edge cases where live updates don't handle
everything, such as if you are about to compose a message to a
stream that has been deactivated.  These should be rare, as admins
generally deactivate streams that have been dormant, and they
should be recoverable either by getting proper error handling when
you try to send to the stream or via reload.
2017-02-17 15:53:22 -08:00
Umair Khan a9bc625dda testing: Serialize test_upload.
This commit makes test_upload tests compatible with parallel model.
2017-02-17 12:40:39 -08:00
Umair Khan b7d22e3308 testing: Isolate test_patch_bot_avatar.
This commit changes test_patch_bot_avatar to upload avatars to a
different directory so that there is no race condition when tests are
run in parallel mode.
2017-02-17 12:18:43 -08:00
Harshit Bansal 21dccaedd1 test_events.py: Add a test for the `do_change_realm_alias()` function. 2017-02-17 11:55:15 -08:00
Steve Howell ad24133b94 Have functions in lib/avatar.py use avatar versions.
In some cases here we simplify things by calling avatar_url()
instead of get_avatar_url(), when we have a user_profile record
handy.  For other cases we pass in an extra avatar_version
parameter to get_avatar_url(), including from avatar_url().
2017-02-17 10:19:56 -08:00
Adarsh S 3c2c0c67b9 Bump user_profile.avatar_version when we change avatars.
We have a field called user_profile.avatar_version that will
track avatar versions and be used tactically in avatar urls
to get browsers to refresh their caches (in future commits).

This commit bumps the avatar version when we update avatars.

We do this in do_change_avatar_fields(), which was
do_change_avatar_source() before this change.

Adarsh did the initial work here, and Steve Howell (showell) also
made changes.
2017-02-17 10:19:56 -08:00
paxapy 9a5179c460 Add support for managing and deleting attachments.
Modified substantially by tabbott to fix tons of issues.

Fixes #454.
2017-02-16 23:44:44 -08:00
Tim Abbott d564a76f8e alert_words: Consistently clean whitespace for alert words.
This fixes some gaps in handling of whitespace in alert words.
2017-02-16 21:06:18 -08:00
Steve Howell 5f2e320fee Fix test_valid_api_key_if_user_is_on_wrong_subdomain.
This test would fail if settings.RUNNING_INSIDE_TORNADO
was True, which seemed to happen due to other tests changing
that setting, although I did not fully investigate.
2017-02-15 14:57:01 -08:00
Steve Howell d406d34fe0 Use user_id in admin_user_list.handlebars.
For our user administration, we now primarily work with user ids
that get put into data-user-id attributes.  We still put emails in the
tags to make our Casper tests easy to maintain.

This requires a minor change to the back end to pass down user ids
for the /users endpoint (in get_members_backend).
2017-02-14 23:07:44 -08:00
Umair Khan 6db4879f9c testing: Clear cache in queries_captured.
This results in a more deterministic result when we count queries.
2017-02-13 14:24:48 -08:00
Tim Abbott 4060a97656 messages: Strip trailing whitespace in message contents.
I dug into why we never did this before, and it turns out we did, but
using `$.trim()` (which removes leading whitespace as well!).  When
removing the `$.trim()` usage.

Fixes #3294.
2017-02-11 23:01:22 -08:00
Tim Abbott 680d30adc2 docs: Add comments linking to new events doc. 2017-02-11 16:59:28 -08:00
Tommy Ip c7e33c6c9f optimization: Use Python to test management commands.
The original test was written in shell script which launches a new
django instance for every tests. By doing it in Python, we avoid
the overhead and reduce the test time to <1 second.

Fixes #3620.
2017-02-11 13:48:16 -08:00
Tim Abbott 1c0f65cbec mypy: Fix some incorrect optional tags. 2017-02-10 23:53:44 -08:00
Tim Abbott 71af0f7e2e Add endpoint to fetch presence data for a single user.
This is an experimental API subject to its data format being changed.

Fixes #3638.
2017-02-10 23:52:56 -08:00
saisrivathsa b867ac3496 Extract zerver/lib/events.py from actions.py with event registration.
This moves do_events_register, fetch_initial_state_data and friends to
a new file.

Modified significantly by tabbott for correctness and to remove unused
imports.

Fixes #3635.
2017-02-10 16:50:43 -08:00
Brock Whittaker 1143ed7219 redesign: Change /#settings and /#administration to an overlay.
This also adds a box-shadow to the #deactivate_self_modal so that it
looks similar to the old backdrop.
2017-02-09 23:35:10 -08:00
Harshit Bansal 8ae54ddb99 actions.py: `restricted_to_domain` should be False if there are no aliases.
Having `restricted_to_domain` set to True if there are no more aliases
left means the user is either confused or forgot to set it to False. It
should be set to False automatically when the last alias is deleted.
2017-02-08 22:14:43 -08:00
Harshit Bansal 7d10cbc32b Add RealmAlias.allow_subdomains to model, frontend, and API.
Includes a database migration.

Fixes #1868.
2017-02-08 22:03:27 -08:00
Rishi Gupta a16c48f0c4 actions.py: Change do_remove_realm_alias to take a RealmAlias.
Ensures that this function doesn't throw an error / prevents putting in an
incorrect realm or domain argument.
2017-02-08 21:15:28 -08:00
Tim Abbott 84b18f865a users: Verify full names explicitly in account registration.
I believe this completes the project of ensuring that our recent work
on limiting what characters can appears in users' full names covers
the entire codebase.
2017-02-07 20:20:32 -08:00
Ritwik Srinivas 74b68f6bbc Adds banned characters in name function
Disallows you from putting the characters @, *, `, and > and " in
your name. Added test cases similar to the MAX_NAME_LENGTH check

Copied initial code from:
https://github.com/zulip/zulip/pull/2473
2017-02-07 19:31:14 -08:00
Eklavya Sharma 0badbbf0e2 Type annotate a variable to prevent future errors.
In zerver.tests.test_decorators.test_check_dict, the variable
'keys' has to be explicitly annotated to pass mypy 0.4.7.
See https://github.com/python/mypy/issues/2777 for more info.
2017-02-06 22:34:01 -08:00
Steve Howell 6e2189f134 bugdown: Disable link previews when bots send messages.
We do not use `get_link_embed_data` for messsages sent by
bots, as bots often repeat the same URL over and over again
and are generally either text-focused or have their own
mechanisms to provide preview content.

Fixes #2968.
2017-02-03 17:08:23 -08:00
Tim Abbott a889346c9f Remove zh_CN old Django name for Chinese. 2017-02-03 14:29:03 -08:00
Tim Abbott fa02dfdff4 mobile: Add an endpoint for checking compatibility. 2017-02-03 09:55:34 -08:00
Steve Howell 5b8cc03c61 bugdown: Restore data-user-email to user mention spans.
(The commit q7ef4e40258280e202325c9295579c93fb948b replaced
data-user-email with data-user-id, but we still need to
support data-user-email for old clients like non-updated
androids and we still want to start the migration forward
to data-user-id.)
2017-02-02 12:32:18 -08:00
Steve Howell 5ec4ed0d5c bug fix: Allow renaming streams to different cases.
Before this change, you could not rename a stream
from "denmark" to "Denmark".
2017-02-01 14:20:46 -08:00
Tomasz Kolek 11a1f1d72b Add support for old Jira API's version to Jira integration. 2017-01-31 15:17:12 -08:00
Tim Abbott d7dd158197 test_signup: Fix test failures due to emacs backup files. 2017-01-30 11:55:50 -08:00
Tim Abbott 87337e0d1f test_realm_aliases: Edit new realm alias test for subdomains. 2017-01-30 11:55:50 -08:00
Harshit Bansal 9bbe0efd77 realm_aliases: Add a test for adding an alias which is already claimed.
Fixes: #3514.
2017-01-30 11:55:50 -08:00
Tim Abbott 1bbf0f9a98 streams: Consider stream name validation logic. 2017-01-29 22:07:14 -08:00
Tim Abbott d14037c82e streams: Fix misplaced import. 2017-01-29 22:07:14 -08:00
Tim Abbott 700089f386 bugdown: Fix need for Internet in test_inline_dropbox_bad. 2017-01-29 22:07:14 -08:00
Tim Abbott 32f778636b streams: Add tests for do_rename_stream error paths. 2017-01-29 20:27:00 -08:00
Tim Abbott 01daa3e91a test_helpers: Move get_subscription out of actions.py.
It's no longer used by anything other than test code.
2017-01-29 20:27:00 -08:00
Tim Abbott a3f3f5b7bc remove_default_stream: use access_stream_by_name. 2017-01-29 20:27:00 -08:00
Tim Abbott 19eaa92059 add_default_stream: use access_stream_by_name. 2017-01-29 20:27:00 -08:00
Tim Abbott de3f539f58 do_change_stream_description: Accept a stream as argument. 2017-01-29 20:27:00 -08:00
Tim Abbott 2dc90e8ebd rename_stream: Pass a stream object to do_rename_stream. 2017-01-29 20:27:00 -08:00
Tim Abbott 4ad1fadab0 streams: Create and use do_change_stream_invite_only. 2017-01-29 20:26:59 -08:00
Tim Abbott c74ddb74e9 do_make_stream_private: Accept a stream object, not a name. 2017-01-29 20:26:59 -08:00
Tim Abbott e137787d1a users: Use access_stream_by_name to access streams.
This simplifies the code somewhat and adds greater consistency of
error messages.
2017-01-29 20:26:59 -08:00
Tim Abbott bb86bba20d stream_exists_backend: Use access_stream_by_name. 2017-01-29 20:26:59 -08:00
Tim Abbott e57e2ee9f1 get_subscribers_backend: Use access_stream_by_id. 2017-01-29 20:26:59 -08:00
Tim Abbott 0d980b7cef json_get_stream_id: Use access_stream_by_name. 2017-01-29 20:26:59 -08:00
Tim Abbott 6685885741 deactivate_stream_backend: Use access_stream_by_id. 2017-01-29 20:26:58 -08:00
Tim Abbott 826cc80c9e update_stream_backend: Use access_stream_by_id. 2017-01-29 20:26:58 -08:00
Tim Abbott 2cf223470d streams: Eliminate get_subscription_or_die helper function. 2017-01-29 20:26:58 -08:00
Tim Abbott 0af34ee710 streams: Add zerver/lib/streams.py library for security checks.
The goal of this library is to make it a lot easier to prevent bugs
like CVE-2017-0881 by having all of our views logic for fetching a
stream go through a couple carefully tested code paths.
2017-01-29 20:26:58 -08:00
Tim Abbott 7ecda1ac8e streams: Fix autosubscribe security bug (CVE-2017-0881).
A bug in Zulip's implementation of the "stream exists" endpoint meant
that any user of a Zulip server could subscribe to an invite-only
stream without needing to be invited by using the "autosubscribe"
argument.

Thanks to Rafid Aslam for discovering this issue.
2017-01-29 15:30:59 -08:00
Tim Abbott bd6f71580e docs: Remove obsolete terms-enterprise page.
This was documentation for the old zulip.com enterprise service that
no longer exists.
2017-01-28 18:12:19 -08:00
Yago González 7fe090f902 translations: Improve some poorly-worded strings. 2017-01-28 18:04:17 -08:00
Tim Abbott 5d6f42d136 tests: Fix missing type annotation for events list. 2017-01-28 17:51:46 -08:00
Tim Abbott 153418de38 subs: Send create event to new subscribers of invite-only streams.
This fixes a regression introduced by our migration to track
subscribers for all public streams, where now users who are added to
an invite-only stream were receiving a mark_subscribed event
for a stream their browser didn't know existed, causing an exception.

To fix this, we now send a stream create event to the browser just
before the user receives the notification that it was added to the
invite-only stream.
2017-01-28 17:12:16 -08:00
Tim Abbott f665980079 test_subs: Add some additional asserts. 2017-01-28 17:11:39 -08:00
avisrivastava254084 762b84710e auth: Redirect users to home from /login if already logged in.
This makes various links in Zulip work a bit more reasonably for
already-logged-in users.

Fixes #3316.
2017-01-28 16:10:19 -08:00
Raghav Jajodia c8451097be tests: Replace Stream.objects.get() with get_stream().
This should have a slight perf benefit from using caching, and also in
some cases cleans up the code a bit.

Fixes #3284.
2017-01-27 15:04:13 -08:00
Tim Abbott 0dd5d6cea0 errors: Separate browser error reporting from backend. 2017-01-27 10:27:41 -08:00
Steve Howell 4be2d6577d Add a new community realm to our test databases.
The realm with string_id of "simple" just has three users
named alice, bob, and cindy for now.  It is useful for testing
scenarios where realms don't have special zulip.com exception
handling.
2017-01-26 19:25:34 -08:00
Harshit Bansal b4186fdfdd views/realm_aliases.py: Use domain instead of id as handle for RealmAlias.
We need to make the change for the API, and the next commit introduces a
unique_together constraint on (realm, domain) anyway.
2017-01-26 17:24:25 -08:00
Harshit Bansal 06cc306d00 Add stricter domain validation and improve error messages. 2017-01-26 17:24:25 -08:00
Tomasz Kolek 7de45951e2 Make webhooks as separate modules with view and tests.
Create python packege for every webhook with view.py and tests.py
2017-01-25 23:14:19 -08:00
Harshit Bansal 8c428dc130 Fix `ZulipLDAPAuthBackend` not to rely on user's email domain.
In case realms have subdomains and the user hasn't been populated
yet in the Django User model, `ZulipLDAPAuthBackend` should not
rely on user's email domain to determine in which realm it should
be created in.

Fixes: #2227.
2017-01-25 15:24:49 -08:00
Tim Abbott 4e171ce787 lint: Clean up E126 PEP-8 rule. 2017-01-23 22:06:13 -08:00
Tim Abbott d6e38e2a5c lint: Clean up E123 PEP-8 rule. 2017-01-23 21:34:26 -08:00
Tim Abbott 9cc83f87fc lint: Clean up E241 PEP-8 rule. 2017-01-23 21:21:14 -08:00
Tim Abbott d96f392147 lint: Clean up E741 PEP-8 rule. 2017-01-23 21:07:04 -08:00
Tim Abbott e9158dd520 lint: Clean up E121 PEP-8 rule. 2017-01-23 21:02:39 -08:00
Tim Abbott df3d6aee5d lint: Clean up E114 PEP-8 lint rule. 2017-01-23 20:52:58 -08:00
Tim Abbott 22d1aa396b lint: Clean up W503 PEP-8 warning. 2017-01-23 20:50:04 -08:00
Steve Howell 1137ef4e40 Mark up mention buttons with data-user-id on the backend.
We use data-user-id now in the buttons for at-mentions when
we render messages.  A previous commit already made the front
end support this new style.
2017-01-21 21:45:12 -08:00
Tim Abbott 5d52f1ec17 bugdown: Move realm_filters_key logic out of callers.
This gets rid of the confusing duplicate realm_filters_key and
message_realm arguments that previously were passed to bugdown.
2017-01-21 21:37:57 -08:00
Sampriti Panda 34a4a1378d bugdown: Use specified realm, not sender realm, for rendering.
This changes bugdown to use the realm passed in by the caller (if any)
for rendering, fixing a problem where bots such as the notification
bot would have their messages rendering using the admin realm's
settings, not the settings of the realm their messages are being sent
into.

Also adds a test for the notification bot case.

Fixes #3215.
2017-01-21 21:37:57 -08:00
Tim Abbott 01e0acb282 render_incoming_message: Require a realm object. 2017-01-21 21:37:57 -08:00
sinwar b0efa58eb4 requirements: Upgrade python-social-auth to latest version
Fixes #3403
2017-01-21 21:22:59 +05:30
Tomasz Kolek cc13104780 Add Zapier integration. 2017-01-20 10:43:18 -08:00
Umair Khan 9fecbcecf5 subdomains: Don't show login page on root aliases. 2017-01-17 15:29:24 -08:00
Umair Khan d8db94bab8 TestLoginPage: Fix a confusingly named test.
Change name from test_login_page_with_subdomains to
test_login_page_wrong_subdomain_error.
2017-01-17 15:29:07 -08:00
Robert Hönig 789ae8648a Add wrapper and log file output for provisioning.
Before this commit, provisioning was done by executing provision.py,
which printed the log directly to stdout, making debugging harder.
This commit creates a wrapper bash script 'provision' in tools, which
calls 'zulip/scripts/tools/provision_vm.py' (the new location of
provision.py) and prints all the output to
'zulip/var/log/zulip/zulip_provision.log' via 'tee'.
Travis tests and docs have been modified accordingly.
2017-01-17 14:23:28 -08:00
Tommy Ip c407919db3 Add /authors page.
Contributor visualization showing the avatar, user name and number
of commits for each contributors. The JSON data would be updated
upon deployment, triggered by the `update-prod-static` script.
2017-01-17 13:35:55 -08:00
Tim Abbott 89212d9985 emoji: Remove unnecessary duplicate regular expression from urls.py.
Whether the emoji is valid is already being checked elsewhere, and
this duplicate regular expression makes it harder to understand what's
going on with Zulip's validation of emoji.
2017-01-16 23:54:58 -08:00
Tim Abbott 121b926962 emoji: Fix 500 trying to remove nonexisting realm emoji. 2017-01-16 23:48:07 -08:00
Tim Abbott f3b9abee14 Convert realm emoji upload to use PUT properly. 2017-01-16 23:45:12 -08:00
Tim Abbott 19b89eb050 bugdown: Rename realm_id to realm_filters_key.
This should substantially improve the clarity of the code, since
inside bugdown, this is only being used as a hash key that happens to
usually be a realm ID, not used as a Realm ID.
2017-01-16 21:48:55 -08:00
Bojidar Marinov df00ad3e84 search: Prevent crashes with multiple search operators.
Fixes #3071.
2017-01-16 19:42:49 -08:00
Tim Abbott d5f718a3e7 Rename 'Manage Streams' to 'Manage streams'. 2017-01-16 18:00:10 -08:00
Sampriti Panda 196cf4367b urls: Move /messages/render to POST endpoint 2017-01-13 16:11:51 -08:00
Rafid Aslam d3ee53bdef Move endpoints to use stream_id instead of stream_name in their URLs
- Change `stream_name` into `stream_id` on some API endpoints that use
`stream_name` in their URLs to prevent confusion of `views` selection.

For example:
If the stream name is "foo/members", the URL would be trigger
"^streams/(?P<stream_name>.*)/members$" and it would be confusing because
we intend to use the endpoint with "^streams/(?P<stream_name>.*)$" regex.

All stream-related endpoints now use stream id instead of stream name,
except for a single endpoint that lets you convert stream names to stream ids.

See https://github.com/zulip/zulip/issues/2930#issuecomment-269576231

- Add `get_stream_id()` method to Zulip API client, and change
`get_subscribers()` method to comply with the new stream API
(replace `stream_name` with `stream_id`).

Fixes #2930.
2017-01-12 15:23:31 -08:00
Rafid Aslam 156eefacc2 API: Add `json/get_stream_id` endpoint
Add `json/get_stream_id` endpoint, used to convert `stream_name`
into `stream_id`.
2017-01-12 15:23:31 -08:00
Tomasz Kolek 053feb947c Change way of handling comments event in jira integration. 2017-01-12 14:54:32 -08:00
Tomasz Kolek 9a60220c37 Refactor jira integration.
Remove events that don't exist.
Move handling issue events to separate function.
Make formatting strings using format function.
Change camelCase variable name convetion to using underscores.
Make unknown events error more clear.
Add issue_event_type_name param to all fixtures.
2017-01-12 14:54:32 -08:00
Rishi Gupta 5d10124830 test-signup: Change failed signup test to be on an open realm.
Previously, test_failed_signup_due_to_restricted_domain used a realm with
restricted domains, but also with invite_required = True. We didn't have a
test that tested for a failed signup in an open realm with restricted
domain, so edited test_failed_signup_due_to_restricted_domain to test for
that.
2017-01-11 15:26:47 -08:00
Tomasz Kolek e6ab93a4c4 Fix Bitbucket2 integration fulfilled event type.
The "merged" event type was apparently renamed to "fulfilled".
2017-01-11 14:18:07 -08:00
Tomasz Kolek f0cc6d8029 Adjust Taiga integration to new payloads format.
Update all payloads.
Remove move task between User stories events.
Update code to handle new payload format.

Fixes: #2318.
2017-01-11 14:17:44 -08:00
Rishi Gupta 494c1a2b55 Remove unnecessary uses of Realm.domain in zerver/tests. 2017-01-09 11:26:08 -08:00
Tim Abbott f3b5683e77 views: Rename __init__.py to zerver.views.registration.
This completes the cleanup process of eliminating functions in the
root zerver/views/__init__.py module.
2017-01-08 16:21:15 -08:00