Commit Graph

44126 Commits

Author SHA1 Message Date
Mateusz Mandera ddcfd9e2ee rate_limit: Rate limit the /accounts/find/ endpoint.
Closes #19287

This endpoint allows submitting multiple addresses so we need to "weigh"
the rate limit more heavily the more emails are submitted. Clearly e.g.
a request triggering emails to 2 addresses should weigh twice as much as
a request doing that for just 1 address.
2021-08-06 12:17:44 +02:00
Mateusz Mandera 29b3e81dd4 test_external: Assert that requests don't get rate limited too soon.
This assertion was missing in do_test_hit_ratelimits, allowing a test to
pass even if the requests started being blocked sooner than expected.
2021-08-06 12:17:44 +02:00
Mateusz Mandera 0d6bb6d53b test_external: Fix incorrect clear_history() call.
This was missing the domain argument to RateLimitedIPAddr - without it,
this was clearing history on the default domain, which is api_by_ip.
2021-08-06 12:17:44 +02:00
Anders Kaseorg 7f0381d4c7 outgoing_http: Fix type annotations.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-08-05 18:34:38 -05:00
Tim Abbott cde86fbaca send_email: Move logging after dry-run abort.
Previously, the output would make it look like we sent an actual email
to the first user in the dry_run output, which is very confusing.

The `dry_run` code path already prints all the accounts that would
have been emailed at the end, so there's no reason to have this line
before the dry_run check.

Additionally, we move after the `get_connection` check because
failures at that stage shouldn't result in logging an attempt to send
an email.
2021-08-05 10:15:49 -07:00
Tim Abbott 36d15d85e0 send_custom_email: Only send to long_term_idle users. 2021-08-05 10:14:44 -07:00
tushar912 83f6557f43 integrations: Add SonarQube webhook integration.
Fixes #13395.
2021-08-05 09:53:42 -07:00
Anders Kaseorg 3a6d44b691 mention: Simplify init_user_group_data using prefetch_related.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-08-05 09:20:34 -07:00
Anders Kaseorg 806494da06 markdown: Stream and parse incrementally in fetch_open_graph_image.
This way we can stop reading as soon as we get to the body.  Also,
send an Accept header, check that the request was actually successful,
use lxml.etree.iterparse instead of a broken hand-rolled state
machine, and support XHTML, all for negative 28 lines of code.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-08-05 09:17:32 -07:00
Vishnu KS d384ec55e2 support: Don't include app_components css in support page.
Fixes #19499
2021-08-05 08:55:10 -07:00
Priyansh Garg 0a875c1c4c markdown: Fix jpeg extension in `IMAGE_EXTENSIONS`. 2021-08-05 08:54:02 -07:00
Iam-VM 285e10fe2f migrations: Fix possible 0257_fix_has_link_attribute.py failure.
While it should be an invariant that message.rendered_content is never
None for a row saved to the database, it is possible for that
invariant to be violated, likely including due to bugs in previous
versions of data import/export tools.

While it'd be ideal for such messages to be rendered to fix the
invariant, it doesn't make sense for this has_link migration to crash
because of such a corrupted row, so we apply the similar policy we
already have for rendered_content="".
2021-08-04 12:52:45 -07:00
Mateusz Mandera f1d5f3904d cache: Flush realm caches after both pre_delete and post_delete signals.
Fixes #19468.
2021-08-04 12:13:22 -07:00
Steve Howell ea6929457c unread: Add get_read_message_ids() helper.
We only use this is in tests for now, but it will be
helpful to mark messages as unread in an upcoming PR.
2021-08-04 12:06:11 -07:00
Steve Howell 8ac0beefcf refactor: Use named parameters for UnreadTopicCounter.add(). 2021-08-04 12:06:11 -07:00
Steve Howell 09d0652bdd refactor: Use user_ids_string more internally.
We want to avoid passing opaque messages around to
low-level functions that only need certain fields.

This sets us up to handle mark-as-unread messages
that aren't necessarily full messages.
2021-08-04 12:06:11 -07:00
Steve Howell f7e5847b5c unread: Avoid use of opaque message.
We only care about ~8 fields from a Zulip message
when we're tracking unread counts. For example, we
don't care about the "content" field. This also sets
us up to pull up the "display_recipient" logic in an
upcoming commit.
2021-08-04 12:06:11 -07:00
Steve Howell 80edf7456c unread: Extract process_unread_message.
This will facilitate adding mark-as-unread events in
the (hopefully near) future.
2021-08-04 12:06:11 -07:00
Steve Howell 1901e980c9 node tests: Test direct mentions.
This never got tested despite 100% line coverage, due to
a boolean expression.
2021-08-04 12:06:11 -07:00
Aman Agrawal 49901e9eca portico: Flip some svgs to face text. 2021-08-04 12:02:18 -07:00
Aman Agrawal eaf037c1d1 for-companies: Apply css from plans page.
Some of the narrow width css was not being applied which used
to result in weird behavior.
2021-08-04 12:02:18 -07:00
Aman Agrawal 6835fe0eeb for-companies: Add margin to `.feature-end` text.
Avoids text sticking to border on narrow screens.
2021-08-04 11:57:19 -07:00
Anders Kaseorg 905de1fdba email_notifications: Build HTML elements correctly.
correct_parser(f"incorrectly {generated} <html> string") is still
incorrect.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-08-04 11:29:20 -07:00
Anders Kaseorg 1a3e3f9072 mypy: Add lxml-stubs.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-08-04 11:29:20 -07:00
Anders Kaseorg 19424146d4 email_notifications: Fix make_emoji_img_elem type.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-08-04 11:29:20 -07:00
Alex Vandiver c9bb2c16cc restart-server: Add a --skip-tornado.
Tornado restarts are the most user-visible; provide a means to restart
everything but them, for changes which are known to not affect
Tornado.
2021-08-04 10:57:53 -07:00
Tim Abbott 1685d207c8 api docs: Fix API documentation bugs issues with last commit.
* Actually bump API_FEATURE_LEVEL.
* Document changes in the endpoint documentation as well.
* Use standard linking/wording approach in API changelog.
2021-08-04 10:55:03 -07:00
Tim Abbott 0b0a672397 api docs: Remove unexpected syntax from api changelog. 2021-08-04 09:35:04 -07:00
Steve Howell 45f6c8d27f page load: Remove sender_ids in unread messages for streams. 2021-08-04 11:44:00 -04:00
Anders Kaseorg a9501772c1 ci: Do not run CodeQL on Dependabot push events.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-08-04 02:34:21 -07:00
Riken Shah d2a15f613f user_info_popover: Fix status emoji showing even if it's not set.
This happened because we had not put a condition in
our template to handle the above situation.
2021-08-04 01:11:06 -07:00
Riken Shah 53e9fdf8e2 set_user_status: Increase the selected emoji size a bit. 2021-08-04 01:11:06 -07:00
Riken Shah e5b216fc64 compose: Update status text in placeholder instantly after it's updated.
When compose box is opened to self and the user
updates the status, it should instantly update the status
text in a placeholder.
2021-08-04 01:11:06 -07:00
Alya Abbott b679148788 portico: Revamp /for/companies.
We rework the landing page for companies in the same way we've
recently revamped the landing pages for other use cases.

This implementation unfortunately duplicates a lot of content from
/plans; we should clean that up at some point.
2021-08-03 21:54:38 -07:00
Aman Agrawal f965ed4013 portico: Resize companies hero image to speed up loading time. 2021-08-03 21:54:38 -07:00
Alya Abbott 01208c36ea portico: Add more help page links to /for/x pages. 2021-08-03 21:54:38 -07:00
Aman Agrawal ae902ec421 urls: Add attribution page.
This records images we used from Creative Commons sources.

It's something of a placeholder for a nicer page.
2021-08-03 21:54:38 -07:00
Alex Vandiver 4dd289cb9d puppet: Enable prometheus monitoring of supervisord.
To be able to read the UNIX socket, this requires running
node_exporter as zulip, not as prometheus.
2021-08-03 21:47:02 -07:00
Alex Vandiver aa940bce72 puppet: Disable hwmon collector, which does nothing on cloud hosts. 2021-08-03 21:47:02 -07:00
Aman Agrawal 649df3570f plans: Redesign compare table. 2021-08-03 17:00:46 -07:00
Anders Kaseorg 42fa62e563 Revert "time_widget: Make the generated time string more readable."
This reverts commit 1965584eec.

This syntax has a bad interaction with table syntax and needs to be
rethought.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-08-03 16:45:31 -07:00
Gaurav Pandey 75bfdadf8c populate_db: Generate resolved topics for testing.
To try to match normal workflow, some streams have many resolved
topics and others have few.
2021-08-03 16:42:09 -07:00
Alex Vandiver 23a355df0f puppet: Move backup time earlier, from 10am to 7pm America/Los_Angeles.
This is less likely to overlap with common evening deploy times.
2021-08-03 18:32:45 -05:00
Priyansh Garg 4815f6e28b data_import: Make slack bot emails unique.
Slack bot emails generated by us can be duplicate for two bots.
If such a case occur, append a counter to the email to make it
unique.

For maintaining the counter of duplicate emails and the final
email assigned to each bot, a class based approach is used with
static variables and static (class) methods. This keeps all the
data related to slack bot emails at the same place and easily
accessible from anywhere inside the module (without defining any
class object and passing it around).

Fixes: #16793
2021-08-03 16:18:14 -07:00
ericluoliu c618d7d87c UI: Fix x button alignment in feedback widget. 2021-08-03 16:15:25 -07:00
Lefteris Kyriazanos 2b70e88fda integrations: Add basic open collective integration.
Add basic open collective integration for the user donation
event.
Fixes #18319
2021-08-03 16:09:33 -07:00
Alex Vandiver e94b6afb00 nagios: Remove broken check_email_deliverer_* checks and related code.
These checks suffer from a couple notable problems:
 - They are only enabled on staging hosts -- where they should never
   be run.  Since ef6d0ec5ca, these supervisor processes are only
   run on one host, and never on the staging host.
 - They run as the `nagios` user, which does not have appropriate
   permissions, and thus the checks always fail.  Specifically,
   `nagios` does not have permissions to run `supervisorctl`, since
   the socket is owned by the `zulip` user, and mode 0700; and the
   `nagios` user does not have permission to access Zulip secrets to
   run `./manage.py print_email_delivery_backlog`.

Rather than rewrite these checks to run on a cron as zulip, and check
those file contents as the nagios user, drop these checks -- they can
be rewritten at a later point, or replaced with Prometheus alerting,
and currently serve only to cause always-failing Nagios checks, which
normalizes alert failures.

Leave the files installed if they currently exist, rather than
cluttering puppet with `ensure => absent`; they do no harm if they are
left installed.
2021-08-03 16:07:13 -07:00
Eeshan Garg 6383b38915 landing_page: Decrease margin around the call-to-action section.
The call-to-action ("Experience Zulip today!") section on our
landing page has a lot of superfluous margin around it that takes
up a lot of space. This commit decreases that margin as a part of
our efforts to restructure the bottom nav in general.
2021-08-03 15:17:07 -07:00
Eeshan Garg 967db85201 landing_page: Restructure bottom navigation.
We recently added a lot of new pages to our top navigation and
restructured top-navigation in general. This commit updates the
footer to reflect the recent changes to our top navigation.
2021-08-03 15:17:07 -07:00
Alya Abbott 720b034095 portico: Add footnotes regarding /for/education pricing. 2021-08-03 15:16:27 -07:00