Commit Graph

50261 Commits

Author SHA1 Message Date
Hemant Umre 2e2b4f5325 stream_settings: Fix Announce stream disables unexpectedly.
While switching from a private stream in the stream editing UI to
the stream creation UI, Announce stream becomes disabled. The state
of Announce stream option should not be affected by where the create
stream UI is opened.

Made the privacy_type selector more specific since it was also
selecting the last opened stream privacy type.

Fixes: #24238.
2023-02-22 11:53:26 -08:00
Alex Vandiver 95abcffb75 log-search: Fix precedence in no-color case. 2023-02-22 11:43:13 -08:00
Lauryn Menard 0019ce639c api-docs: Fix small typos and copy/paste errors in API changelog. 2023-02-22 08:48:22 -08:00
Mateusz Mandera 52515a1560 presence: Tweak and document presence tuning values.
We're changing the ping interval from 50s to 60s, because that's what
the mobile apps have hardcoded currently, and backwards-compatibility
is more important there than the web app's previously hardcoded 50s.

For PRESENCE_PING_INTERVAL_SECS, the previous value hardcoded in both
clients was 140s, selected as "plenty of network/other latency more
than 2 x ACTIVE_PING_INTERVAL_MS". This is a pretty aggressive value;
even a single request being missed or 500ing can result in a user
appearing offline incorrectly. (There's a lag of up to one full ping
interval between when the other client checks in and when you check
in, and so we'll be at almost 2 ping intervals when you issue your
next request that might get an updated connection time from that
user).

To increase failure tolerance, we want to change the offline
threshhold from 2 x ACTIVE_PING_INTERVAL + 20s to 3 x
ACTIVE_PING_INTERVAL + 20s, aka 140s => 200s, to be more robust to
temporary failures causing us to display other users as offline.

Since the mobile apps currently have 140s and 60s hardcoded, it should
be safe to make this particular change; the mobile apps will just
remain more aggressive than the web app in marking users offline until
it uses the new API parameters.

The end result in that Zulip will be slightly less aggressive at
marking other users as offline if they go off the Internet. We will
likely be able to tune ACTIVE_PING_INTERVAL downwards once #16381 and
its follow-ups are completed, because it'll likely make these requests
much cheaper.
2023-02-21 12:10:43 -08:00
Mateusz Mandera 8ef889f392 presence: Use server-provided params in the webapp.
As of the previous commit, the server provides these parameters in
page_params. The defaults match the values hard-coded in the webapp so
far - so get rid of the hard-coded values in favor of taking them from
page_params.
2023-02-21 12:10:43 -08:00
Mateusz Mandera a593089770 presence: Return some presence params in the /register response. 2023-02-21 12:10:43 -08:00
Mateusz Mandera 4ba4305ff9 presence: Change server-side OFFLINE_THRESHOLD_SECS to 140s.
This old 300s value was meaningfully used in 2 places:
1. In the do_change_user_settings presence_enabled codepath when turning
   a user invisible. It doesn't matter there, 140s is just since the
   point is to make clients see this user as offline. And 140s is the
   threshold used by clients (see the presence.js constant).
2. For calculating whether to set "offline" "status" in
   result["presence"]["aggregated"] in get_presence_backend. It's fine
   for this to become 140s, since clients shouldn't be looking at the
   status value anymore anyway and just do their calculation based on
   the timestamps.
2023-02-21 12:10:43 -08:00
Alex Vandiver 38b7ecff68 log-search: Add a --timeline option to show gaps and overlaps. 2023-02-21 11:10:24 -08:00
Alex Vandiver cfd9e56d1a log-search: Do no use color codes if output is not a TTY. 2023-02-21 11:10:24 -08:00
Sahil Batra 33d06af6c2 user_profile: Deduplicate code for showing custom profile fields.
This commit deduplicates template code for showing custom profile
fields in user info popover and full profile modal by extracting
it in a new file and then using that template file to render
the fields in user info popover and full profile modal.

This commit does not change the design or behavior and they are
same as before.
2023-02-21 10:19:47 -08:00
Alex Vandiver bd6b215cdc sentry: Fix accidental blockquote by escaping >. 2023-02-21 09:59:13 -08:00
Alex Vandiver ab9cab51de reset: Tag "forgot password" text for translation. 2023-02-21 09:16:22 -08:00
Abhijeet Prasad Bodas 6e001d0672 user topic: Remove unnecessary check for double addition of muted topic.
This makes use of the new case insensitive UNIQUE index added in the
earlier commit. With that index present, we can now rely solely on the
database to correctly identify duplicates and throw integrity errors as
required.
2023-02-20 21:04:13 -08:00
Abhijeet Prasad Bodas 80bf6b0777 user topic: Add case insensitive UNIQUE constraint.
This will allow us to rely on the database to detect duplicate
`UserTopic`s (with the same `topic_name` with different cases)
and thus correctly throw IntegrityErrors when expected.
This is also important from a correctness point of view, since as
of now, when checking if topic is muted or requesting the backend for
muting a topic, the frontend does not check for case insensitivity.

There might exist duplicate UserTopics (in a case insensitive sense)
which need are removed before creating the new index.
The migration was tested manually using `./manage.py shell`.
2023-02-20 21:04:13 -08:00
Abhijeet Prasad Bodas 9fde88796a mute user: Remove unnecessary check for double muting.
In 141b0c4, we added code to handle races caused by duplicate muting
requests. That code can also handle the non-race condition, so we don't
require the first check.
2023-02-20 21:04:13 -08:00
Sahil Batra ca70089842 settings: Fix disabled select elements in modal.
The background-color and opacity is same for all
select elements in modals and settings in disabled
state, but due to the background of modal being
bright enough, the select element in modals would
not look disabled.

One possible solution could have been to set
"opacity: 1" but that changes opacity for text too
and makes it darker which is not the case for other
select elements.

So instead made the background slightly darker for
select elements inside the modal using hsla property.
It might not be exact same as the other select elements,
but it is still better than the previous behavior.

For role element in bot edit form, we used to set
opacity to 1 to fix this bug, and this commit removes
it as we have fixed it for all modals in general
2023-02-20 16:28:41 -08:00
Sahil Batra 1c055f402d settings: Add bootstrap-focus-style to select elements.
The class "bootstrap-focus-style" was not added to some
select elements in modals and this commit adds those.
2023-02-20 16:28:41 -08:00
Sahil Batra 27d2ac1e37 settings: Remove some duplicate CSS.
Since we added settings_select class to select elements
in both stream settings and user or realm settings in
previous commits, we can have common CSS defined at only
one place.
2023-02-20 16:28:41 -08:00
Sahil Batra c6ff8f0551 modals: Add modal_select class to select elements.
This commit adds modal_select class to select elements in
modals, such that we can add CSS using this class and not
using "select" as selector so that we can easily add a
select element in future with different CSS if needed.
2023-02-20 16:28:41 -08:00
Sahil Batra 6bd650bc9f stream_settings: Add settings_select class to select elements.
This commit adds settings_select class to select elements in
stream settings, such that we can add CSS using this class and
not using "select" as selector so that we can easily add a select
element in future with different CSS if needed.
2023-02-20 16:28:41 -08:00
Sahil Batra 1afc730da7 settings: Add settings_select class to select elements.
This commit adds settings_select class to select elements in
user and organization settings, such that we can add CSS
using this class and not using "select" as selector so that
we can easily add a select element in future with different
CSS if needed.
2023-02-20 16:28:41 -08:00
Sahil Singh 183f5016a1 settings: Indicate character limit on restoring long draft messages.
Currently, when restoring drafts with long
messages no character limit or the compose
banner is shown.

We fix this by adding a check for text
overflow whenever any draft is restored.
2023-02-20 16:23:08 -08:00
Aman Agrawal 845e873c44 narrow_state: Add function to check if message feed is visible.
We directly check if message feed is visible in the code instead
of indirectly checking so via recent topics. This helps read the
code clearly and would be helpful with the upcoming inbox view.
2023-02-20 13:08:42 -08:00
Aman Agrawal cc96be2bf9 recent_conversation: Delegate profile click handling to `body`.
`#recent_topics_table` may not be present in the DOM when
this click handler is initialized which can cause this
it to not work, delegating it to body ensures it will always work.
2023-02-20 13:04:13 -08:00
Aman Agrawal 4debef64e7 recent_conversation: Move click handlers out to an initialize function.
We are moving in the direction of removing click_handlers library.
2023-02-20 13:04:13 -08:00
Aman Agrawal 6e6fb47e20 muted_topics_ui: Extract mute_or_unmuted_topics. 2023-02-20 13:04:13 -08:00
Lauryn Menard 06dd6f8254 message-send: Deduplicate check of `settings.MAX_MESSAGE_LENGTH`.
Removes the initial check in `_internal_prep_message` of the length
of the message content because the `check_message` in the try block
will call `normalize_body` on the message content string, which
does a more robust check of the message content (empty string, null
bytes, length). If the message content length exceeds the value of
`settings.MAX_MESSAGE_LENGTH`, then it is truncated based on that
value. Updates associated backend test for these changes.

The removed length check would truncate the message content with a
hard coded value instead of using the value for
`settings.MAX_MESSAGE_LENGTH`.

Also, removes an extraneous comment about removing null bytes. If
there are null bytes in the message content, then `normalize_body`
will raise an error.

Note that the previous check had intentionally reduced any message over
the 10000 character limit to 3900 characters, with the code in
question dating to 2012's 100df7e349.

The 3900 character truncating rule was implemented for incoming emails
with the email gateway, and predated other features to help with
overly long messages (better stripping of email footers via Talon,
introduced in f1f48f305e, and
condensing, introduced in c92d664b44).
While we could preserve that logic if desired, it likely is no longer
a necessary or useful variation from our usual truncation rules.
2023-02-20 12:55:15 -08:00
Alex Vandiver 93e78ea72f spectators: Save a redirect to /register/. 2023-02-20 12:21:33 -08:00
Anders Kaseorg 64f0dcecb0 install-node: Upgrade Node.js to 18.14.1 security release.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-02-20 12:16:28 -08:00
Anders Kaseorg 99f1d08786 styles: Hoist @keyframes to top level.
This has always been in the global namespace.  Pretending that it’s
scoped when it isn’t and giving it a short name will lead to
confusion.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-02-20 12:10:18 -08:00
Anders Kaseorg f99cff0735 styles: Fix flatpickr dark theme in automatic mode.
Flatpickr had been unconditionally using the light theme in automatic
color scheme mode; this fixes it to follow the system preference like
the rest of the app.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-02-20 12:09:52 -08:00
Alex Vandiver d3403dde86 rabbitmq: Add a RABBITMQ_PORT setting. 2023-02-20 12:04:25 -08:00
Lauryn Menard 0463b0df7b api-docs: Update content parameter for `max_message_length`.
Updates the descriptions of content parameters (optional and
required) to note that the maximum size of the message content
should be based on the `max_message_length` value returned by
the register endpoint.

Previously these descriptions had a hardcoded value of 10000
bytes as the maximum message size.

Also, updates the description of `max_message_length` to clarify
that the value represents Unicode code points.
2023-02-20 12:03:12 -08:00
Lauryn Menard b25cba16a7 tests: Remove ignored parameter from `authenticated_json_view` test.
The password parameter being passed in the `_do_test` helper
function for `TestAuthenticatedJsonPostViewDecorator` tests was
being ignored, as the user needs to be logged in. Removes the
parameter from the helper function and updates the success test
to use `assert_json_success` instead of just checking the status
code.

Also adds a test case for when a user is not logged in to confirm
that it returns an UnauthorizedError.
2023-02-20 11:56:00 -08:00
Alex Vandiver 8998aa00cd Revert "create_user: Use transaction.atomic decorator for do_create_user."
This reverts commit 851d68e0fc.

That commit widened how long the transaction is open, which made it
much more likely that after the user was created in the transaction,
and the memcached caches were flushed, some other request will fill
the `get_realm_user_dicts` cache with data which did not include the
new user (because it had not been committed yet).

If a user creation request lost this race, the user would, upon first
request to `/`, get a blank page and a Javascript error:

    Unknown user_id in get_by_user_id: 12345

...where 12345 was their own user-id.  This error would persist until
the cache expired (in 7 days) or something else expunged it.

Reverting this does not prevent the race, as the post_save hook's call
to flush_user_profile is still in a transaction (and has been since
168f241ff0), and thus leaves the potential race window open.
However, it much shortens the potential window of opportunity, and is
a reasonable short-term stopgap.
2023-02-17 21:20:52 -05:00
Alex Vandiver 7feda75c5f populate_db: Temporarily remove post-delete signal on AlertWord.
The post-delete signal on AlertWord clears the realm cache; when it is
called repeatedly, this results in re-fetching the realm object O(n)
times, where n scales by number of users in the database.

Disconnect this cache-clearing signal before removing the AlertWord
entries, and reconnect it afterwards.  This is not thread-safe, but
this section is single-threaded.  It is also probably unnecessary to
re-connect the signal, as rest of `./manage.py populate_db` does not
delete AlertWord objects, but cleanliness dictates doing the
re-connection.

This drops the time to repeatedly run:
    python3 ./manage.py populate_db --num-messages=0 --extra-users=1000

...from 47 seconds to 36 seconds.
2023-02-17 13:59:11 -08:00
Anders Kaseorg 7cafbefdef ci: Reduce production suite tarball retention from 14 days to 1.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-02-16 10:15:11 -05:00
Anders Kaseorg bf7d3124ab openapi: Correct “we-public” typo.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-02-15 15:21:54 -08:00
Alex Vandiver 0d42abe1a8 puppet: wal-g is a tarball with a single file, not a directory.
5db55c38dc switched from `ensure => present` to the more specific
`ensure => directory` on the premise that tarballs would result in
more than one file being copied out of them.  However, we only extract
a single file from the wal-g tarball, and install it at the output
path.  The new rule attempts to replace it with an empty directory
after extraction.

Switch back to `ensure => present` for the tarball codepath.
2023-02-14 18:18:36 -05:00
Alex Vandiver f8a16fb9af model: Handle parsed user-agents longer than 30 characters.
The Client.name field is only 30 characters long, but there is no
limit to the length of parsed User-Agent value which we may attempt to
store in it.  This can cause requests with long user-agents to 500
when the creation of the Client row fails.

Truncate the name at 30 characters for the cache key, and passing
`name` to `get_or_create`.
2023-02-14 14:58:15 -08:00
Alex Vandiver 6f8ce2d00a hooks: Fix shebang line to use /usr/bin/env bash. 2023-02-14 17:28:58 -05:00
Alex Vandiver 044ccdb334 chat.zulip.org: Enable Sentry hook. 2023-02-14 17:20:35 -05:00
Alex Vandiver 63de600451 backends: Use staticfilesfor social auth logos. 2023-02-14 17:17:06 -05:00
Alex Vandiver 3559bf416d settings: Allow customization of STATIC_URL.
Some requests will still be to `/static/`, either at the realm's
domain, or at the root domain.
2023-02-14 17:17:06 -05:00
Alex Vandiver dd21e472e7 subdomains: Extend tests for for same-host when STATIC_URL has domain. 2023-02-14 17:17:06 -05:00
Alex Vandiver a1967a7f2d markdown: Rewrite /static/ images to use staticfiles_storage.url. 2023-02-14 17:17:06 -05:00
Alex Vandiver ccecc8eb84 markdown: Comment why we do not hash or use STATIC_URL for :zulip:. 2023-02-14 17:17:06 -05:00
Alex Vandiver 6806bec2e9 email_notifications: Use stable, unhashed, URLs for emoji in emails. 2023-02-14 17:17:06 -05:00
Alex Vandiver 72ac38eff8 send_email: Use STATIC_URL as base for images in emails. 2023-02-14 17:17:06 -05:00
Alex Vandiver e31767dda4 settings: Make DEFAULT_LOGO_URI/DEFAULT_AVATAR_URI use staticfiles. 2023-02-14 17:17:06 -05:00