Commit Graph

55522 Commits

Author SHA1 Message Date
Tim Abbott 367afbb5be mailmap: Deduplicate and update a few contributors. 2023-12-09 18:01:27 -08:00
Sahil Batra 198568522a message: Do not include details of inaccessible users in message data.
This commit adds code to not include original details of senders like
name, email and avatar url in the message objects sent through events
and in the response of endpoint used to fetch messages.

This is the last major commit for the project to add support for
limiting guest access to an entire organization.

Fixes #10970.
2023-12-09 17:23:16 -08:00
Tim Abbott 22d59f1132 typing notifications: Increase various time constants.
See https://chat.zulip.org/#narrow/stream/6-frontend/topic/typing.20notifications.20efficiency/near/1664991.

As detailed in that discussion,
`TYPING_STARTED_EXPIRY_PERIOD_MILLISECONDS` and
`TYPING_STARTED_WAIT_PERIOD_MILLISECONDS` are coupled constants, and
the impact of them being large is mainly that if a user closes their
computer or loses network in the middle of typing something (not
exactly a common occasion), then the client will suggest they kept on
typing longer than they in fact did.

There's a substantial decrease in resources consumed by this feature
associated with raising `TYPING_STARTED_WAIT_PERIOD_MILLISECONDS`, so
that at least seems worth doing.

Meanwhile, because TYPING_STOPPED_WAIT_PERIOD_MILLISECONDS measures
how long we should wait before deciding to stop suggesting a user is
still typing if they were previously typing a message but paused doing
so without closing the compose box (example causes being stepping away
from the computer, tabbing to go look something up, or just thinking
for a bit).

On the one hand, even the original 5 seconds is a fairly long time to
pause to think without touching the keyboard; on the other hand,
sitting with text you've written in the compose box is likely still a
quite high intent-to-send-soon state. Increasing this to 12 seconds
seems like a reasonable balance between being too trigger-happy here
here and avoiding someone who left their computer appearing like they
are still typing for a long time afterwards.
2023-12-09 17:05:59 -08:00
Sahil Batra 72aa4b256d message: Do not allow guest to mention inaccessible users. 2023-12-09 16:59:38 -08:00
Tim Abbott ac441b77fa users: Add get_inaccessible_user_ids helper. 2023-12-09 16:59:38 -08:00
Sahil Batra 7e12674e8c static: Make unknown user avatar work on mobile.
Clients like mobile add "-medium.png" to the url to get the
medium avatar if the avatar_url field of user object is set
to some string other than the gravatar URL.

This commit adds a symlink to offer the unknown user avatar at
unknown-user-avatar-medium.png as well so that mobile clients
can correctly render the medium avatars for inaccessible users.

Fixes #28071.
2023-12-09 16:59:38 -08:00
Anders Kaseorg cf16ddd4d6 tornado: Fix autoreload for Tornado 6.4 changes.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-12-09 14:24:45 -08:00
Aman Agrawal a1fa969693 populate_billing_realms: Add temporary fix for MissingDataError.
We need to add proper logs here, which can probably be copied from
test_current_count_for_billed_licenses.
2023-12-09 12:50:05 -08:00
Aman Agrawal 3ff14dc018 gear_menu_popover: Rename billing to plan management for remote billing. 2023-12-09 12:50:05 -08:00
Aman Agrawal ec86114330 stripe: Fix discounts for legacy server with upgrade scheduled.
We simply apply discount to both the plans.

Since the discount is saved in `customer.default_discount` it
will applied now to any future plans as well, even if customer
downgrades and the upgrades again.
2023-12-09 12:50:05 -08:00
Aman Agrawal 121e5ad3dc stripe: Extract function to get next plan for legacy customers. 2023-12-09 12:50:05 -08:00
Aman Agrawal e44f3d448d stripe: Use `next_plan` instead of `new_plan` for legacy upgrades. 2023-12-09 12:50:05 -08:00
Aman Agrawal 5d3eafcdd4 support: Fix error on discount applied on legacy server.
This is for legacy server **not** scheduled for an upgrade.
2023-12-09 12:50:05 -08:00
Aman Agrawal dca7e654ca billing: Enforce min license for plan on upgrade and billing page. 2023-12-09 12:50:05 -08:00
Aman Agrawal 67d4e8456d models: Fix upgrade scheduled legacy org error on support page.
Add `SWITCH_PLAN_TIER_AT_PLAN_END`'s text so that it can render.

We still need to fix applying a discount to them.
2023-12-09 12:50:05 -08:00
Tim Abbott 01c3c4dd4b template_parser: Handle else/elif with whitespace control. 2023-12-09 12:50:05 -08:00
Anders Kaseorg f86becfc94 remote_server: Send API feature level along with Zulip version.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-12-09 12:01:22 -08:00
Anders Kaseorg 0400614a48 remote_server: Serialize analytics requests with Pydantic.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-12-09 12:01:22 -08:00
Mateusz Mandera abdfdeffe4 remote_billing: Implement confirmation flow for legacy servers.
For the last form (with Full Name and ToS consent field), this pretty
shamelessly re-uses and directly renders the
corporate/remote_realm_billing_finalize_login_confirmation.html
template. That's probably good in terms of re-use, but calls for a
clean-up commit that will generalize the name of this template and the
classes/ids in the HTML.
2023-12-08 23:49:10 -08:00
Mateusz Mandera bba02044f5 confirmation: Rename create_confirmation_link realm_creation arg. 2023-12-08 23:49:10 -08:00
Tim Abbott b4b9f29e21 docs: Tweak mobile push notifications privacy text.
The "nothing else" line is accurate at a high level but more ambigious
than I'd like for sensitive documentation -- we're not trying to make
an extreme claim that we've disabled all forms of short-term logging.
2023-12-08 23:37:21 -08:00
David Rosa 91ddcd4e1d help: Tweak stream/group settings instructions for logged in users.
Adds gear menu instructions for how to navigate to "All streams"
and "All groups".
2023-12-08 23:36:24 -08:00
David Rosa 9bb90b7358 help: Update gear menu icons.
- Documents new gear menu icons.
2023-12-08 23:36:24 -08:00
Tim Abbott f355b76024 zilencer: Only accept SYNCED_BILLING_EVENTS.
I expect we would ignore extra events anyway, but this just makes it
easier to reason about how the system works.
2023-12-08 23:12:29 -08:00
Karl Stolley 9f98e572f1 message_list: Suppress reaction button tooltip with picker open. 2023-12-08 15:58:49 -08:00
Karl Stolley 8f74d4529e message_list: Add separate handler, longer delay on reaction button. 2023-12-08 15:58:49 -08:00
Sayam Samal c2dec1e152 visibility_policy_popover: Set cursor to pointer for the whole option.
The cursor should be a pointer for the whole visibility policy options;
since the whole option is selectable and not just for the anchor tag
within it.
2023-12-08 13:00:12 -08:00
Prakhar Pratyush bf4fdbff12 stripe: Update LicenseLedger for remote realms.
When a remote server uploads statistics, we update the
LicenseLedger using the audit logs uploaded.

We iterate over the RemoteRealmAuditlog data for the concerned
realm starting from the event_time of the last LicenseLedger
created for that customer and update the ledger based on each event.
2023-12-08 12:58:21 -08:00
Prakhar Pratyush ed9b0d330d stripe: Raise 'MissingDataError' while fetching license count.
If the RemoteRealmAuditLog has stale data, it means the server
stopped or never uploaded data. We raise MissingDataError in such
cases when a user action led to calculating licenses count from
stale data.
2023-12-08 12:58:21 -08:00
Prakhar Pratyush 40621478cb zilencer: Add `get_remote_realm_guest_and_non_guest_count`.
We add a 'get_remote_realm_guest_and_non_guest_count'
function that queries 'RemoteRealmAuditLog' to get
the guest and non_guest count for that remote_realm.

This function is used in 'RemoteRealmBillingSession'
to calculate the current count of billed licenses.
2023-12-08 12:58:21 -08:00
Prakhar Pratyush bd99e37910 stripe: Use get_remote_server_guest...count for billing licenses count.
Use 'get_remote_server_guest_and_non_guest_count' function
for the current count of billing licenses in
RemoteServerBillingSession.
2023-12-08 12:58:21 -08:00
Aman Agrawal 111df40e05 context_processors: Add common context to be used in corporate pages.
Context is only available for functions inside corporate app.
2023-12-08 12:26:12 -08:00
Aman Agrawal c5bfdaaeeb push_notifications: Return after receiving an error. 2023-12-08 12:25:46 -08:00
Aman Agrawal 3d25c7372a stripe: Remove unused context parameter. 2023-12-08 11:24:15 -08:00
Aman Agrawal 12dec4234e billing: Minor adjustments across the billing system.
* Reformat "This is a legacy plan" notice on billing page.
* Add a link to the plan name on upgrade page title.
* Tweak discount style on billing page.
* Add line break to server login page title.
* Match server login page title and tab title.
2023-12-08 11:24:15 -08:00
Aman Agrawal 76d9aff5a6 sponsorship: Allow remote orgs to request a plan type.
Sponsorship and billing pages modified to reflect the correctly
requested sponsorship plan name.
Add a line break before "Contact Zulip support".
2023-12-08 11:24:15 -08:00
Aman Agrawal c49fc8c6fe populate_billing_realms: Delete existing remote realms.
Running script multiple times created multiple `RemoteRealm`
objects resulting in processing error.
2023-12-08 11:24:15 -08:00
Tim Abbott 0f163cedbc corporate: Tighten coverage checks in decorator.py. 2023-12-08 09:48:15 -08:00
Alex Vandiver 579bdc18f8 tornado: Consistently clear handler, via on_finish.
initialize() is called on every request, and stored the
`RequestHandler` (and thus `HTTPServerRequest`) in a global shared
dict.  However, the object is only removed from that structure if the
request was successful.  This means that failed requests (such as 405
Method Not Allowed) leaked `RequestHandler`s and
`HTTPServerRequest`s.

Move the cleanup to `on_finish`, which is called at the close of all
requests, async and not, successful or not.
2023-12-08 09:23:30 -08:00
Alex Vandiver 4989221b9e nginx: Limit the methods that we proxy to Tornado.
While the Tornado server supports POST requests, those are only used
by internal endpoints.  We only support OPTIONS, GET, and DELETE
methods from clients, so filter everything else out at the nginx
level.

We set `Accepts` header on both `OPTIONS` requests and 405 responses,
and the CORS headers on `OPTIONS` requests.
2023-12-08 09:23:30 -08:00
Alex Vandiver 8eccb3af20 tornado: Stop supporting HEAD requests.
These are not part of the API, and lead to moderately confusing
behaviour -- they block (or not) requested, but of course send no
actual data in the body.
2023-12-08 09:23:30 -08:00
Alex Vandiver 875622fe57 tornado: Set an explicit SUPPORTED_METHODS. 2023-12-08 09:23:30 -08:00
Alex Vandiver 0109658238 event_queue: Switch finish_current_handler to early-abort via return. 2023-12-08 09:23:30 -08:00
Aman Agrawal 9ab5f65cc4 stripe: Handle schedule change audit log type for remote realm/server.
This seems to have been accidentally skipped when adding
audit logs for free trials when changing billing schedule.
2023-12-08 09:21:18 -08:00
Aman Agrawal 134a05ff5e billing: Hide license management fields for free trial states.
* For free trial, don't show number of licenses for current billing period.
* For free trial scheduled to downgrade, don't show number of
  licenses for next billing period.
2023-12-08 09:21:18 -08:00
Aman Agrawal 9594e635cd populate_billing_realms: Simulate 2 months free trial.
Makes the billing page for realms on free trial more realistic.
2023-12-08 09:21:18 -08:00
Sahil Batra 2639408171 scheduled_message: Fix editing msg scheduled to inaccessible stream.
We now pass empty string as stream name instead of undefined when
passing the narrow operands to make sure we show an invalid narrow
instead of error. We do same thing for drafts.

We also need to add a check to make sure narrow_state.stream_sub
is defined before accessing stream_id field in the code to filter
scheduled messages for a narrow.
2023-12-08 08:48:32 -08:00
Sahil Batra 386cef1b7e user_pill: Do not show deactivated for inaccessible users.
This commit adds code to consider inaccessible users as active
for user pills as we do not have any information about whether
they are active or not. We do not want to incorrectly show
"deactivated" for inaccessible users.
2023-12-07 19:34:07 -08:00
Sahil Batra 75ceba6600 markdown: Do not show mention pills for inaccessible users.
This commit adds code to not show mention pills for inaccessible
users while local echoing the message and in the drafts UI.
2023-12-07 19:34:07 -08:00
Sahil Batra 55fd312379 typing_events: Do not show typing notifications for inaccessible users.
This commit adds code to not show typing notifications for inaccessible
users as the user would not have any information even if we show them
as the name shown would be "Unknown user".
2023-12-07 19:34:07 -08:00