Fixes#396.
We could display an error message, but jumping right to the login page seems
smoother and conveys the same information.
This will discard any message being composed, but preserving it would have
security consequences that we should consider further before implementing that.
Hopefully, users only get logged out by an explicit action, so they can't
complain too much (but see #217).
(imported from commit aaa23ecf46c73e514117ae1010fc44e133f2ba07)
Previously, we were adding those narrowed messages to message_dict the
first time, and thus totally skipping those messages each additional
time you tried to "load old messages" on that narrow.
(imported from commit 77eef376e1165b86e3c599608a1b5089a09d51e0)
In get_display_recipient, the userprofile was selected incorrectly by
user_id instead of the userprofile_id. In production, this hasn't
resulted in a user-visible error because we use MySQL and user ids are
always equal to userprofile ids.
This does happen if you are using SQLite locally and run populate_db,
which adds a bunch of users in parallel in an insufficiently
transactional way.
(imported from commit c25a04b4919e3efdfc6996b03492f7714d9034e8)
This bug affected receiving messages while narrowed. When none of
the messages recieved matched the narrow predicate, we'd try to
render messages and then create a jQuery object out of a bunch of
newlines (the only thing that results from a render of 0 messages).
(imported from commit 81f5aa46fac06fe0e5a14a8757f245f90b5845cc)
This greatly reduces the number of events generated and prevents the
blue flashing on message arrival.
This also necessitated a change in how we looked up message rows to
add the 'next_is_same_sender' class, which led to a further
optimization where we don't have to do as many jQuery selections by
id.
(imported from commit 0bcd5688b483c560b6f3a29c6d36433da600e8ef)
And wire it up to our local copy of codehilite. This fixes highlighting in
fenced code blocks, e.g.
~~~~ .js
var x = function () {
return "hi";
};
~~~~
(imported from commit 0efb0c9b98a3acdf55e18bb1918af7960f3425be)
In particular:
* Taking a list of streams as arguments.
* Using the _backend model so that we can have an API version.
* Considering "not subscribed" to be a non-fatal error.
And of course the corresponding changes to subs.js.
(imported from commit fdb300c6aa6921c2c6b09c22bd1e64405c368809)
One way this can happen is if run-dev.py --test is already running. In that
case the one we launch will die with "Address already in use", and we should
alert the user that test results may not be accurate.
(imported from commit 078091cace2cff777b444668b03f96dc208f22fc)
This should address the catherio/tibbetts feedback of the name
breaking oddly across the middle of their name.
One notable change introduced by this commit is: If your name is very
long, e.g., "Waseemio Daherioian", it gets cut off. (On Firefox, it
gets rendered as "Waseemio Daherioia...", and on Chrome it gets no
ellipsis at all.)
The current behavior is that the long name actually overflows into
the main text area, which I think is worse.
(imported from commit 668cb30bc2326c255b229f4f19f29be473bdc1e8)
The existing code shortens the searchbox each time it receives focus.
Unfortunately, this means that if it receives focus twice in a row, it
shrinks twice in a row. (For some reason, the '/' hotkey does this).
So, instead, make it idempotent -- if we're already shrunk, don't
shrink us again.
(imported from commit 8179963bbd00822d15d92609d89f572d2de7800c)
This is nearly perfect, modulo two things:
1. If you have a search active and you resize the window, the search
box resize doesn't take effect until you exit the search.
2. In super-narrow windows (<380px), the searchbox overshoots
the message area slightly.
I don't regard either as huge issues -- I'll probably fix#1
eventually.
(imported from commit 4900fb9783cc9f447315b0892bd3505f5c31ce15)
This doesn't fully fix the problems related to not syncing
subscriptions to browser clients, but it does fix the instance that
everyone experiences.
(imported from commit be2bc31a7c4443c1678321f1a938496e2632c0d3)
This commit changes APIs and requires and update of all zephyr
mirroring bots to deploy properly.
(imported from commit 2672d2d07269379f7a865644aaeb6796d54183e1)
These tests don't have the same coverage as the json test on the
theory that the backend is shared by the two views and that
differences are mostly on the way into the backend functions.
(imported from commit ddd21135565122dae8cbe90846d1aee7e4a2f56e)
Adding a positional argument caused a problem when
@authenticated_api_view started using @has_request_variables
internally. The 'handler' argument used to be passed through
positionally to the wrapped function, but when using
@has_request_variables, the wrapper inside @authenticated_api_view
had to take additional arguments. The handler argument was then
assigned to one of those parameters instead of being passed through.
(imported from commit 66240bd465c803ddcbf4a603509051fca7381468)
If we don't do this, we get all kinds of nasty shadowing where
references to 'search.whatever' seem to be references to the
HTML input element, rather than our search.js module.
(imported from commit 4e4b562ddf895baea9619316d9fab27ae5e9fc4e)
We have a lot of forged users that have bad fullnames due to
historical versions of our fullname computations; this function will
clean those up.
Also, we have a bunch of users with emails like foo|mit.edu@mit.edu
that were the result of a mirroring bug that we want to get rid of
from autocomplete -- putting them in a useless realm name will do.
(imported from commit 6e305093653ca9d327e9e28491636e99d16cfe1d)
This should fix the problem where only one of pairs of identical
messages sent to two different zephyr classes by bots will make it
over.
(imported from commit 37005417e2e1f737501c9524b95b044eefbfe235)
Fixes a message forgery bug (#335).
This works because Django will not generate a new CSRF token if a valid token
cookie is already present (see django/middleware/csrf.py).
(imported from commit 23222cb0bb62ae8a2f8ac7fb3f24bbc866103454)
These were lists of pairs because we were going to repeat keys, but that didn't
work anyway.
(imported from commit 687b3f7b8a2821d057719c725f1f39db3992ae5c)
This was causing Zephyr mirroring to break because
create_mirrored_message_users was returning False due to the
same_realm_email check failing.
(imported from commit e6a63160f34ec056461038650b5f8027718e6c63)
Previously we bypassed the big buttons on the left bar and clicked on
the anchor tag inside the compose box. This bypassed the
compose.start() call.
(imported from commit 2b627825596c8d3c21441e58db895b8e488e624b)
Personals are now just private messages between two people (which
sometimes manifests as a private message with one recipient). The
new message type on the send path is 'private'. Note that the receive
path still has 'personal' and 'huddle' message types.
(imported from commit 97a438ef5c0b3db4eb3e6db674ea38a081265dd3)
It now takes an anchor message id, a number of messages before, and a
number of messages after. The result always contains the anchor
message.
(imported from commit 84d070dc8091161c86d4bbeafbdc299493890a2a)
We need a deterministic order for the client test suite, and it seems like a
good idea generally.
(imported from commit cc8fc555611f2d2f1b21e63ce6860d446baa3410)
We had this problem where clicking a hyperlink bubbles up and causes a
click on the message, which causes the composebox to open.
We "fixed" this by setting cancelBubble (or, even better, calling
stopPropagation()).
Unfortunately, on Firefox, this fix breaks Ctrl-click and Shift-click,
because those are (apparently) implemented by adding an event listener
on link clicks, and stopPropagation prevents them from being called.
We instead work around this by handling this case in the click handler
of the parent element. (This allows the normal URL click AND Firefox's
bound event handlers for Ctrl and Shift to run.)
This resolves Trac #374.
(imported from commit 16fb3aa6fc582f1fba5009812e0b1178ce7c5bb7)
Mixing these two in this file is bound to lead to a world of hurt (and
has, historically). At some point I'd like to do this across the
entire codebase.
(imported from commit 9ff029597587f9c37a0bd9f32c25a769aa1a7a20)
This makes the "handle hotkeys" code path a lot simpler, and also
fixes the "copy not working" issue we were seeing on Firefox 17.
(imported from commit 8ab96d12895da2876f60da58f373372612f4ba32)
So, in Firefox, $(window).width() does not include the width of the
scrollbar. However, the CSS media-query max-width DOES include the
width of the scrollbar -- so the Bootstrap change and our change do
not happen at the same time.
window.innerWidth does take into account the width of the scrollbar,
though, and seems to have reasonable cross-browser support, so we use
that instead.
(If we wanted to be slicker, we could use a media query a la
https://developer.mozilla.org/en-US/docs/DOM/window.matchMedia ,
but that's not supported in IE <10.)
This resolves Trac #35.
(imported from commit ca35321c02d5e79e4f9c439a662805c016a333ed)
Old browsers might not have the global JSON object, so we may have to
include something like https://github.com/douglascrockford/JSON-js
for old browsers in the future.
(imported from commit e30a291d1212f2a00b543551b3a77082c7406eec)
This was causing our tests to fail and would have also
affected API users not using our Python bindings
(imported from commit 2d81496892e9042e328279edea94be8ee4d21c1b)
return_messages_immediately's return value is not returned, so the
argument validation in @has_request_variables didn't work correctly.
@has_request_variables would return a json_error, but
send_with_safety_check expects a dict.
(imported from commit 86b6bccb7861dbf523c06b606b87374e339059a4)
The original check has become too broad now that we have more buttons,
and specifically this lets you use the search hotkey to start a new
search after you've been searching up and down.
(imported from commit 0e691ff55ff9d4be8d406d1eb47fc2062758d28b)
This change substantially increases the number of view functions where
the API and JSON versions are actually identical code.
(imported from commit 2eee55a8943cf9a684bec2ba1f6d7afcb2b91948)
Functions with the @has_request_variables decorator can have some of
their arguments extracted from the HTTP request. For each such
argument, its default value should be an instance of the POST class.
The arguments to the POST constructor control the request variable
name that the function parameter should be populated from (it
defaults to the same as the parameter name), whether the value should
be converted before being passed, and whether a default value should
be supplied if the parameter is missing from the request.
(imported from commit ba1c25d73ba3980e44abec1458e6496807fcdaa4)
No need for an 'if' if we're just returning a boolean. And using
QuerySet.exists() should be a little more efficient.
(imported from commit 69ec3cc9f2fe904ec40ea3b8a8687a06cd03f3f3)
login_required_api_view is misleadingly named. It accepts neither a Django
login session nor login credentials (username / password). The intent here is
authentication, whether stateful (login) or stateless (API key).
(imported from commit 7e9be552168396b399116737655bd7267fd5c1a3)
Within 'except', 'raise' re-raises the current exception. But outside, it produces
TypeError: exceptions must be old-style classes or derived from BaseException, not NoneType
which is pretty confusing as a generic "something has gone wrong" exception.
(imported from commit 9fcd003a952b82df67726c26161dced079978a32)
We've had multiple requests from MIT zephyr users to allow
non-alphanumeric stream names, and we haven't decided what we want to
allow, so for now allow everything.
Note that the web client and mirror script limit stream names to 30
characters, which is our database limit.
(imported from commit 2acb5ee04e5ee7c40031ac831e12d09d04bbb2e6)
Keegan McAllister
Luke Faraone
Waseem Daher
Tim Abbott
Jessica McKellar
Zev Benjamin
Jeff Arnold