Commit Graph

39026 Commits

Author SHA1 Message Date
Alex Vandiver e2ab7b9e17 webhooks: Update API_KEY_ONLY_WEBHOOK_LOG_PATH to WEBHOOK_LOG_PATH.
The existence of "API_KEY" in this configuration variable is
confusing.  It is fundamentally about webhooks.
2020-09-10 17:47:21 -07:00
Alex Vandiver cf6ebb9c8d webhooks: Rename api_key_only_webhook_view to webhook_view.
There are no other types of webhook views; this is more concise.
2020-09-10 17:47:21 -07:00
Alex Vandiver 8cfacbf8aa webhooks: Update comment about typing the webhook decorator.
The previous link was to "extended callable" types, which are
deprecated in favor of callback protocols.  Unfortunately, defining a
protocol class can't express the typing -- we need some sort of
variadic generics[1].  Specifically, we wish to support hitting the
endpoint with additional parameters; thus, this protocol is
insufficient:

```
class WebhookHandler(Protocol):
    def __call__(request: HttpRequest, api_key: str) -> HttpResponse: ...
```
...since it prohibits additional parameters.  And allowing extra
arguments:
```
class WebhookHandler(Protocol):
    def __call__(request: HttpRequest, api_key: str,
                 *args: object, **kwargs: object) -> HttpResponse: ...
```
...is similarly problematic, since the view handlers do not support
_arbitrary_ keyword arguments.

[1] https://github.com/python/typing/issues/193
2020-09-10 17:47:21 -07:00
Alex Vandiver ea8823742b webhooks: Adjust the name of the unsupported logger.
`zulip.zerver.lib.webhooks.common` was very opaque previously,
especially since none of the logging was actually done from that
module.

Adjust to a more explicit logger name.
2020-09-10 17:47:21 -07:00
Alex Vandiver 482c964dd3 puppet: Logrotate for webhook exceptions. 2020-09-10 17:47:21 -07:00
Alex Vandiver e38051736d puppet: Wrap and sort logrotate config. 2020-09-10 17:47:21 -07:00
Alex Vandiver 9ea9752e0e webhooks: Rename UnexpectedWebhookEventType to UnsupportedWebhookEventType.
Any exception is an "unexpected event", which means talking about
having an "unexpected event logger" or "unexpected event exception" is
confusing.  As the error message in `exceptions.py` already explains,
this is about an _unsupported_ event type.

This also switches the path that these exceptions are written to,
accordingly.
2020-09-10 17:47:21 -07:00
Alex Vandiver 8016769613 webhooks: Move UnexpectedWebhookEventType into zerver.lib.exceptions.
8e10ab282a moved UnexpectedWebhookEventType into
`zerver.lib.exceptions`, but left the import into
`zserver.lib.webhooks.common` so that webhooks could continue to
import the exception from there.

This clutters things and adds complexity; there is no compelling
reason that the exception's source of truth should not move alongside
all other exceptions.
2020-09-10 17:47:21 -07:00
Mateusz Mandera f95dd628bd email: Fix race conditions with concurrent ScheduledEmail handling.
The main race conditions, which actually happened in production was with
concurrent execution of deliver_email and clear_scheduled_emails.
clear_scheduled_emails could delete all email.users in the middle of
deliver_email execution, causing it to pass empty to_user_ids list to
send_email. We mitigate this by getting the list of user ids in a single
query and moving forward with that snapshot, not having to worry about
database data being mutated anymore.

clear_scheduled_emails had potential race conditions with concurrent
execution of itself due to not locking the appropriate rows upon
selecting them for the purpose of potentially deleting them. FOR UPDATE
locks need to be acquired to prevent simultaneous mutation.

Tested manually with some print+sleep debugging to make some races
happen.

fixes #zulip-2k (sentry)
2020-09-09 15:59:01 -07:00
Anders Kaseorg b7b7475672 python: Use standard secrets module to generate random tokens.
There are three functional side effects:

• Correct an insignificant but mathematically offensive bias toward
repeated characters in generate_api_key introduced in commit
47b4283c4b4c70ecde4d3c8de871c90ee2506d87; its entropy is increased
from 190.52864 bits to 190.53428 bits.

• Use the base32 alphabet in confirmation.models.generate_key; its
entropy is reduced from 124.07820 bits to the documented 120 bits, but
now it uses 1 syscall instead of 24.

• Use the base32 alphabet in get_bigbluebutton_url; its entropy is
reduced from 51.69925 bits to 50 bits, but now it uses 1 syscall
instead of 10.

(The base32 alphabet is A-Z 2-7.  We could probably replace all of
these with plain secrets.token_urlsafe, since I expect most callers
can handle the full urlsafe_b64 alphabet A-Z a-z 0-9 - _ without
problems.)

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-09-09 15:52:57 -07:00
Dinesh 56546170cf puppeteer: Save pid of `run-dev.py --test` in var/puppeteer.
Also replaces a reference to casper in a comment related to --test.
2020-09-09 13:38:39 -04:00
Dinesh ad0f0564b1 puppeteer: Rename build_for_prod_or_casper to build_for_prod_or_puppeteer. 2020-09-09 13:38:39 -04:00
Dinesh c64888048f puppeteer: Rename CASPER_TESTS env variable to PUPPETEER_TESTS.
Also modified few comments to match with the changes.
2020-09-09 13:38:39 -04:00
Dinesh f2b3afcd56 puppeteer: Mention about docs and screeshots on failure. 2020-09-09 13:38:39 -04:00
aryanshridhar 42b1ed23a9 reactions_tooltip : Improved responsiveness of tooltip for reactions.
Improved responsiveness of message reactions tooltip .
Added css property for the reaction tooltip in ./static/js/click_handlers.js so that the tooltip doesn't exceed the sidebar .

Adressed a comment in #15364 .
2020-09-09 13:24:04 -04:00
Dinesh cc4f35bfa8 puppeteer: Wait for save button before checking the text.
Found a flake that this caused with runs for the previous fix.
The waitForSelector was in a wrong order.
2020-09-09 13:14:16 -04:00
Dinesh 6dc2547336 puppeteer: wait for visibility before click -- admin test.
Wait for disable_stream_notifications selector to be visible
before clicking as it could cause flakes if the test tries
to click without it being visible.
2020-09-09 13:14:16 -04:00
Dinesh 1f62ba5750 puppeteer: Fix unsaved status selector waitFor timeout.
Added a stronger validation of waiting for text "Verona" to
appear but that didn't really seem to have worked though it
seemed like fixing the flake by passing ~600 runs.
So, change the puppeteer click to a click through evaluate
as we had experiences where page.click() didn't work sometimes.

Though this has passed 1000 runs on CI, I'm not very certain
if this fixed it as this test passed 1000 times with my previous
PR fixing the same flake.
2020-09-09 13:14:16 -04:00
Tim Abbott 7b62d31c32 invite: Set tabindex for 'Generate invite link'. 2020-09-04 13:03:27 -07:00
Abhijeet Prasad Bodas 49fd272d7d invite: Fix compose box focus on clicking (Un)check All in invite window.
Fixes #16077.
2020-09-04 12:58:11 -07:00
Abhijeet Prasad Bodas e5054a3a66 invite: Scroll to top and focus email input after submit in invite.js.
Part of #16077.
2020-09-04 12:58:11 -07:00
Abhijeet Prasad Bodas b570cf1433 invite: Allow submitting invite form with Ctrl+Enter in invite.js.
Part of #16077.
2020-09-04 12:58:11 -07:00
Abhijeet Prasad Bodas 9fc10479fe invite: Focus first input in invite window in invite.js.
Part of #16077.
2020-09-04 12:58:11 -07:00
gr455 a8511bc710 docs: Add alt text to images
Add alt text to images in docs roughly stating the contents of the
image.
2020-09-04 12:56:07 -07:00
Vinit Singh 140d24ca7f compose: Update compose placeholder text if stream name is changed.
Compose box placeholder text for streams currently updates when focus
is shifted to the text area.

With this change, it will also get updated when the stream name is
changed (it already updates if topic names are changed).
2020-09-04 12:45:51 -07:00
Vinit Singh d43b1765d5 compose: Update compose placeholder text if recipients are changed.
Currently, compose box placeholder text for PMs only gets updated
when the focus shifts to it.
With this change, the text is now also updated if recipients are
added or removed.

Fixes #15897.
2020-09-04 12:45:51 -07:00
Vinit Singh c6e278ab5a input_pills: Fix `onPillCreate` to update when adding pills with typehead.
Previously, onPillCreate function was called after the individual
pill object was created.
Now, we call it after creating and adding it to the pill container.
2020-09-04 12:45:51 -07:00
Aman Agrawal be7238afca tooltip: Fix arrow position.
This was one of the regressions from our upgrade to bootstrap 2.3.2.
2020-09-04 10:36:02 -07:00
Aman c114447e11 topic_history: Allow anonymous access in web-public streams.
For web-public streams, clients can access full topic history
without being authenticated. They only need to additionally
send "streams:web-public" narrow with their request like all
the other web-public queries.
2020-09-04 10:17:56 -07:00
Anders Kaseorg 3b301f522b python: Tweak some magic trailing commas to avoid Black bugs.
https://github.com/psf/black/issues/1658
https://github.com/psf/black/issues/1671

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-09-03 17:51:09 -07:00
Anders Kaseorg f91d287447 python: Pre-fix a few spots for better Black formatting.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-09-03 17:51:09 -07:00
Anders Kaseorg c67ea05423 computed_settings: Simplify LDAP and SSO conditionals.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-09-03 17:51:09 -07:00
Anders Kaseorg bb4fc3c4c7 python: Prefer --flag=option over --flag option.
For less inflation by Black.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-09-03 17:51:09 -07:00
Anders Kaseorg bef46dab3c python: Prefer kwargs form of dict.update.
For less inflation by Black.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-09-03 17:51:09 -07:00
Anders Kaseorg 75c59a820d python: Convert subprocess.Popen.communicate to run or check_output.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-09-03 17:42:35 -07:00
Vishnu KS 6bbcb622e1 onboarding: Move send_welcome_bot_response to onboarding. 2020-09-03 17:41:08 -07:00
Tim Abbott f6376d57e4 docs: Tweak descriptions of zulip-devel-announce and friends. 2020-09-03 17:39:16 -07:00
Thomas Güttler 7089f8c04d docs: Hyperlink to zulip-devel-announce added.
This way it is a bit simpler for users to find the page to subscribe.
2020-09-03 17:39:16 -07:00
Alex Vandiver 70e8cc5783 tests: Add more tests around exception handling.
This verifies that we actually do enqueue a record when there is an
error on non-staging.  With the previous commit, it verifies that that
data serializes correctly.
2020-09-03 17:34:31 -07:00
Alex Vandiver 69a7944c48 tests: Extract a helper to run tests for each bot type. 2020-09-03 17:34:31 -07:00
Alex Vandiver b1cac67c31 tests: Check JSON serializability of test data with mock_queue_publish. 2020-09-03 17:34:31 -07:00
Alex Vandiver 660c2e5383 tests: Add a mock to verify that queue_json_publish is valid JSON.
See also #16121.  However, that does not address the tests that
stub out the call to queue_json_publish itself.
2020-09-03 17:34:31 -07:00
Alex Vandiver 3d24571cad sentry: Send user identifiers, but strip PII.
By default, the Django Sentry integration provides the email address
and username of pulled from the auth layer.  This is potentially PII,
and not data that we wish to store.  Enable sending user data at all,
by setting `send_default_pii=True`, but strip the username and
email (which are the same, in Zulip) before sending.  Users will be
identified in Sentry only by their IP address, user ID, realm, and
role.
2020-09-03 17:32:16 -07:00
Alex Vandiver 012113c542 models: Force the translated role into a translated string.
The return type of `ugettext_lazy('...')` (aliased as `_`) is a
promise, which is only forced into a string when it is dealt with in
string context.  This `django.utils.functional.lazy.__proxy__` object
is not entirely transparent, however -- it cannot be serialized by
`orjson`, and `isinstance(x, str) == False`, which can lead to
surprising action-at-a-distance.

In the two places which will serialize the role value (either into
Zulip's own error reporting queue, or Sentry's), force the return
value.  Failure to do this results in errors being dropped
mostly-silently, as they cannot be serialized and enqueued by the
error reporter logger, which has no recourse but to just log a
warning; see previous commit.

When we do this forcing, explicitly override the language to be the
realm default.  Failure to provide this override would translate the
role into the role in the language of the _request_, yielding varying
results.
2020-09-03 17:26:54 -07:00
Alex Vandiver 2f350c614b sentry: Capture exceptions that happen during AdminNotifyHandler.
AdminNotifyHandler is used to notify admins of errors; it is a
critical piece of logic.  Failures in reporting errors will compound,
since its `except Exception` clauses cannot generate logging at the
`error` or `exception` level, as that would be recursive.  It must
settle for logging at the `warning` level, and hope that admins are
vigilant to the logging there.

Increase the chances of being notified of failures in this logger, by
bubbling up those exceptions to Sentry, which is an orthogonal
reporting stack.
2020-09-03 17:26:54 -07:00
Anders Kaseorg 9edcafb7a0 setup_venv: Add missing comma in COMMON_YUM_VENV_DEPENDENCIES.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-09-03 17:25:54 -07:00
Anders Kaseorg 9e66d80861 circleci: Replace process substitution with pipe to close a race.
Bash process substitution does not wait for the substituted process.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-09-03 16:19:49 -07:00
Anders Kaseorg bb5a963086 soft_deactivate_users: Elide default=[] for users argument.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-09-03 16:17:14 -07:00
Anders Kaseorg ddcf8dd8bc create_user: Use None as default for --password, --password-file.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-09-03 16:17:14 -07:00
Anders Kaseorg 37028d5abf zulip-export: Specify --stream argument as required.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-09-03 16:17:14 -07:00