Commit Graph

36495 Commits

Author SHA1 Message Date
Tim Abbott 463f1503fc Revert "markdown: Process fenced code blocks in blockquotes."
This reverts commit 7002f98ea1.

This failed tests due to some sort of conflict with a recent
python-markdown upgrade.
2020-05-25 18:13:03 -07:00
Rohitt Vashishtha 7002f98ea1 markdown: Process fenced code blocks in blockquotes.
We handle fenced code blocks in a preprocessor, and > style blockquotes
are parsed in a blockprocessor. Pymarkdown doesn't run the preprocessors
again on any blocks that it is parsing, and is unlikely to accept our
solution upstream; they intend to convert fenced_code to a block parser.

We simply run all the preprocessors on the text again, with the exception
of NormalizeWhitespace which removed delimiters used by HtmlStash to mark
preprocessed html code. To counter this, we subclass NormalizeWhitespace
and use our customized version for when it is called from a blockparser.

Upstream issue: https://github.com/Python-Markdown/markdown/issues/53

Fixes #12800.
2020-05-25 17:35:10 -07:00
arpit551 439f0d3004 install: Ad production support for Zulip on Ubuntu Focal.
Install script now runs on Focal.  Python 2 is now installed via the
`python2` package in Focal.
2020-05-25 16:58:42 -07:00
arpit551 3971824d04 puppet: suppress puppet warnings with ruby 2.7.
Ubuntu Focal comes with ruby 2.7 and the latest puppet
has some issues with it so to suppress puppet
warnings with ruby 2.7 we added  RUBYOPT = "-W0" in
the environment.
2020-05-25 16:56:11 -07:00
YashRE42 669f482b0d icons: Switch from text-o to code-o for view source / edit topics.
This commit replaces fa-file-text-o with fa-file-code-o which is a
better signal for the "view source" action. It also deletes a single
line comment that had suggested the change once we moved into font
awesome 4, which Aditya Bansal <adi.bansal241996@gmail.com> helped
out in doing, first via
91962aa6ab and most recently via
75ae94e459 with several commits in
between.
2020-05-25 16:19:50 -07:00
sahil839 1aebf3cab9 actions: Merge do_change_is_admin and do_change_is_guest.
This commit merges do_change_is_admin and do_change_is_guest to a
single function do_change_user_role which will be used for changing
role of users.

do_change_is_api_super_user is added as a separate function for
changing is_api_super_user field of UserProfile.
2020-05-25 16:17:10 -07:00
Mateusz Mandera b66dc9de50 saml: Support IdP-initiated SSO. 2020-05-25 16:09:30 -07:00
Mateusz Mandera f2d052bff8 tests: Flush session before a simulated cross-domain POST in saml tests.
This is important, because lack of this meant that the POST request in
our tests still had the old session, with various params stored in it.
This mechanism doesn't work in reality in SAML, so the backend uses
redis to store and recover the params from redis. Without flushing the
session, these tests would fail to catch some breakages in the
redis-based mechanism.
2020-05-25 15:53:15 -07:00
sahil839 2af4ef6c6d message_events: Fix live update of message edit history.
This commit adds code to live update the message edit history.
Message edit history is fetched and rendered again if the edit
history modal is open.

This also adds 'data-message-id' attribute to 'message-history'
when opening history modal element which is used for checking
whether the history modal opened is of the message which is
edited.

Fixes #15051.
2020-05-25 15:51:01 -07:00
Sanskar Bajpai 3aa74b67a0 stream_color: Rename the color picker button to confirm.
Tweaked by tabbott to add i18n tags.

Fixes part of #15039.
2020-05-25 15:42:34 -07:00
Mateusz Mandera 13c3eaf086 rate_limit: Restrict tornado backend to explicitly specified domains.
This will protect us in case of some kinds of bugs that could allow
making requests such as password authentication attempts to tornado.
Without restricting the domains to which the in-memory backend can
be applied, such bugs would lead to attackers having multiple times
larger rate limits for these sensitive requests.
2020-05-25 15:40:00 -07:00
Vishnu KS ad99bba121 billing: Add emojis to /upgrade page. 2020-05-24 17:35:17 -07:00
Vishnu KS 8b3eb9a846 landing: Add option to show custom navbar message. 2020-05-24 17:34:03 -07:00
Siddharth Varshney 89539d6fb5 stream-popover: Change design of stream popover.
Extracts the stream name from the list items and display
it in the popover title.
2020-05-24 17:28:51 -07:00
Siddharth Varshney 309ab0eb6f topic-popover: Change design of topic popover.
Extracts the topic name from the list items and display
it in the popover title.

Add a seperator between normal user and admin only options.
2020-05-24 17:28:50 -07:00
Dinesh 288921d425 auth: Log when a user tries to login with deactivated account.
Helps to see if users are often trying to login with deactived
accounts.
A use case: Trackdown whether any deactivated bot users are still
trying to access the API.

This implementation adds a new key `inactive_user_id`
to `return_data` in the function `is_user_active` which
check if a `user_profile` is active. This reduces the effort
of getting `user_id` just before logging.

Modified tests for line coverage.
2020-05-24 17:27:19 -07:00
Aman Agrawal 91c7ea2275 test_reactions: Cache stores reactions data after formatting.
Reactions data should always be formatted before it saved in cache,
otherwise clients receive malformed data.

This is followup on a53daa6f8c
2020-05-24 17:03:30 -07:00
Mateusz Mandera dac4a7a70b saml: Figure out the idp from SAMLResponse.
Instead of plumbing the idp to /complete/saml/ through redis, it's much
more natural to just figure it out from the SAMLResponse, because the
information is there.
This is also a preparatory step for adding IdP-initiated sign in, for
which it is important for /complete/saml/ to be able to figure out which
IdP the request is coming from.
2020-05-24 16:40:28 -07:00
Mateusz Mandera c74f8363e2 saml: Gracefully handle bad SAMLResponses. 2020-05-24 16:40:28 -07:00
Pragati Agrawal d333d82693 stream settings: Move the "Saving" widget to "Personal settings" block.
Rather than showing the "Saving" widget beside stream name, it's more
intuitive to have it in personal settings section because it's the only
section which uses `settings_ui.do_settings_change` function and we follow
having a separate "Saving" widget for each section everywhere.
2020-05-24 16:32:36 -07:00
Pragati Agrawal 55db6ed1e3 stream settings: Fix "Saving" widget for Muted streams.
"Saving" widget was working for all personal stream settings but "Mute
notifications". This was because the change to the "Mute" property follows
a slightly different path.
2020-05-24 16:32:36 -07:00
Pragati Agrawal f7a886d821 stream settings: Add label for `regular_subscription_settings`.
Added the label for `regular_subscription_settings` as "Personal settings".
2020-05-24 16:32:36 -07:00
Pragati Agrawal ce23892aec stream settings: Move stream-email-box from regular_subscription_settings.
`stream-email-box` doesn't fit into `regular_subscription_settings` div,
therefore moved `stream-email-box` out of it.
2020-05-24 16:32:36 -07:00
Pragati Agrawal 441f9f43e7 templates: Extract help link widget.
This block of html is used at many places so it's a good idea to create a
template for it.
2020-05-24 16:32:36 -07:00
Tim Abbott a53daa6f8c message: Fix malformed reaction data.
After a message was reset in our caches cache via message editing or
adding/removing a reaction, we were sending corrupt data to the cache
because build_message_dict (and thus build_dict_from_raw_db_row) was
improperly being called before sewing in the reaction data.

As a result, we were sending raw database data in the reaction
dictionaries, rather than the reformatted version expected by the API.

Bug introduced in 2a4c62a326.

Fixing this correctly required moving the rendering_realm_id logic one
step higher in the call chain, which is a useful refactoring anyway
(since we're no longer passing a `Message` object down)
2020-05-21 14:09:53 -07:00
Tim Abbott c192461c1b docs: Fix setup-advanced git clone instructions.
This should help ensure everyone uses the SSH key approach for Git
authentication; the HTTPS one is basically unusable as one has to
provide one's GitHub password after every command.
2020-05-21 13:05:59 -07:00
Tim Abbott 1058c08623 narrow: Fix a typo in the then_select_id comment. 2020-05-21 12:41:55 -07:00
Rohitt Vashishtha 648307ef33 rendered_markdown: Add rendering functions for timestamps.
This code generates the timestamp string to be shown to the user
from the given timestamp in unix format using moment.js.

We also render the timestamp in a pill.
2020-05-21 12:37:37 -07:00
Rohitt Vashishtha 44afcb8d64 rendered_markdown: Add comment explaining the use of this module. 2020-05-21 12:37:34 -07:00
Rohitt Vashishtha 2efe9f7942 rendered_markdown: Add tests for emoji.
This brings test coverage for rendered_markdown to 100%.
2020-05-21 12:37:32 -07:00
Rohitt Vashishtha 0cbb05c5bc rendered_markdown: Add tests for stream-links. 2020-05-21 12:37:30 -07:00
Rohitt Vashishtha 0c260e014a rendered_markdown: Add tests for user-group-mention. 2020-05-21 12:37:26 -07:00
Rohitt Vashishtha 1a454e2137 rendered_markdown: Add tests for user-mention.
We also add a hacky jquery array creator because zjquery doesn't
support $().each() yet.
2020-05-21 12:37:23 -07:00
Rohitt Vashishtha 84b2952606 zjquery: Support empty find results. 2020-05-21 12:32:52 -07:00
Rohitt Vashishtha bb579742a2 markdown: Move helper function to rendered_markdown.js. 2020-05-21 12:32:52 -07:00
Rohitt Vashishtha fa9431c0a4 markdown: Extract rendered_markdown.js to update dynamic elements.
Previously, we handled this code only in message_list_view.js.
Now we support rendering stream descriptions and some dynamic
elements can be rendered in them, so we extract this new module
and use it in both the places.
2020-05-21 12:32:52 -07:00
Hemanth V. Alluri ab03659095 webhooks/github: Provide more detailed info for unexpected events.
Signed-off-by: Hemanth V. Alluri <hdrive1999@gmail.com>
2020-05-21 12:31:43 -07:00
Rohitt Vashishtha 88367a129c markdown: Disable tex and latex for math rendering.
We now parse tex and latex as regular languages, highlighting them
with pygments. We only allow 'math' to trigger latex rendering,
which is in line with the documentation.
2020-05-21 12:30:27 -07:00
Mateusz Mandera e2262b0b64 queue_processors: Log time spent getting data for url in embed_links. 2020-05-21 12:13:46 -07:00
Tim Abbott e59a2a23c3 portico: Fix a few issues with /for/research. 2020-05-20 17:57:22 -07:00
Tim Abbott ef1cdf87ce portico: Add first a quote to /for/research.
We'll add more later, at which point we'll need to add the carousel
widget, but this is the first one that came in.
2020-05-20 17:47:01 -07:00
Tim Abbott 39be75e06d portico: Add draft /for/research page.
Currently unlinked as this is pretty rough and needs feedback.
2020-05-20 17:20:27 -07:00
Siddharth Varshney ad723f1ab4 settings: Fix settings sidebar list bug. 2020-05-20 14:37:11 -07:00
Rohitt Vashishtha 52c25a9301 markdown-timestamp: Use data-timestamp attribute.
This commit shifts our timestamp syntax to be of the form:

    <span class="timestamp data-timestamp="123456"></span>

since value is not a valid attribute of span elements.
2020-05-20 14:28:08 -07:00
Rohitt Vashishtha b062e8332f markdown: Add timestamp syntax to markdown processors.
This adds support for syntax like: !time(Jun 7 2017, 6:30 PM) so that
everyone sees the time in their own local timezone. This can be used
when scheduling online meetings, etc.

This adds some hardcoded values for timezones, because of there
being no sureshot way of determining the timezone easily. However,
since the main way of using the feature should be a typeahead for
entering the time, this shouldn't be cause of much concern.

Fixes #5176.
2020-05-20 14:23:55 -07:00
Rohitt Vashishtha 22537602d2 minor: Update comment in feature_flags.
The earlier version of the comment implied that we want to remove
the features and not the flags that hide those features.
2020-05-20 13:51:54 -07:00
Tim Abbott 220620e7cf sharding: Add basic sharding configuration for Tornado.
This allows straight-forward configuration of realm-based Tornado
sharding through simply editing /etc/zulip/zulip.conf to configure
shards and running scripts/refresh-sharding-and-restart.

Co-Author-By: Mateusz Mandera <mateusz.mandera@zulip.com>
2020-05-20 13:47:20 -07:00
Tim Abbott cdd3b7efbc tornado: Configure upstreams for TORNADO_PROCESSES. 2020-05-20 13:43:48 -07:00
Dinesh 2711619376 redis_utils: Extend `put_dict_in_redis` to accept token as param.
This extends `put_dict_in_redis` to take token as an argument
and return that with the as a `key` with following key format.

Also, edit regex for token to include uppercase letters as
a token sent during apple authentication contains uppercase
letters.

Useful for Adding "Sign in with Apple" support.
2020-05-20 13:30:44 -07:00
orientor c7a2c48bb7 openapi: Add tests for checking presence of various attributes.
The swagger validator is a basic tool to check whether our
openapi specification file follows the basic syntax. But to ensure
that our zulip.yaml file is not only syntactically compatible but
also describes our API well, we need to add custom tests. This
commit currently checks whether each endpoint has an `operationId`
and a valid tag. It also makes it easier to check for custom rules
in the future.
2020-05-20 13:10:58 -07:00