Commit Graph

1251 Commits

Author SHA1 Message Date
Ujjawal Modi c8bcb422f5 streams: Rename `can_remove_subscribers_group_id` parameter.
Earlier the API endpoints related to streams accepts and returns a
field `can_remove_subscribers_group_id` which represents the ID
of user_group whose members can remove subscribers from stream.

This commit renames this field to `can_remove_subscribers_group`.
2023-07-25 18:33:04 -07:00
Zixuan James Li 000761ac0c realm_playgrounds: Replace url_prefix with url_template.
Dropping support for url_prefix for RealmPlayground, the server now uses
url_template instead only for playground creation, retrieval and audit
logging upon removal.

This does the necessary handling so that url_template is expanded with
the extracted code.

Fixes #25723.

Signed-off-by: Zixuan James Li <p359101898@gmail.com>
2023-07-24 17:40:59 -07:00
Anders Kaseorg 7746e11486 dependencies: Upgrade JavaScript dependencies.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-07-21 15:58:42 -07:00
Anders Kaseorg 3b12ae18c8 install-transifex-cli: Upgrade transifex-cli from 1.6.7 to 1.6.8.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-07-21 15:58:42 -07:00
Anders Kaseorg b9b4711977 install-shfmt: Upgrade shfmt from 3.6.0 to 3.7.0.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-07-21 15:58:42 -07:00
Anders Kaseorg e890033f76 install-node: Upgrade Node.js from 18.16.0 to 18.17.0.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-07-21 15:58:42 -07:00
Lauryn Menard 1cccdd8103 realm-settings: Make default_code_block_language empty string as default.
Updates the realm field `default_code_block_language` to have a default
value of an empty string instead of None. Also updates the web-app to
check for the empty string and not `null` to indicate no default is set.

This means that both new realms and existing realms that have no default
set will have the same value for this setting: an empty string.

Previously, new realms would have None if no default was set, while realms
that had set and then unset a value for this field would have an empty
string when no default was set.
2023-07-21 18:54:02 +02:00
Lauryn Menard 3255281a83 narrow: Support string and integer encoding of "id" operator.
Expands support for the message ID operand for id" operator to be either
a string or an integer. Previously, this operand was always validated as
a string.
2023-07-20 13:14:20 -07:00
Alex Vandiver 871a668dd2 reactions: Add error code for duplicate addition/removal. 2023-07-19 16:18:31 -07:00
Anders Kaseorg 29bdaaf5b5 requirements: Upgrade Python requirements.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-07-19 16:14:59 -07:00
Sahil Batra 75b61a8261 streams: Send stream creation events when subscribing guests.
We did not send the stream creation events when subscribing
guests to public streams while we do send them when subscribing
non-admin users to private streams.

This commit adds code to send the stream creation events when
subscribing guests to public streams, so the clients can know
that the stream exists and fixes the bug where client tries
to process a subscription add event for a stream which it does
not know about.
2023-07-13 14:04:51 -07:00
Alex Vandiver 76b767b154 version: Update version and changelog after 7.2 release. 2023-07-05 20:27:54 +00:00
Sahil Batra 6b2ca03174 user_groups: Add support to update can_mention_group setting.
This commit adds API support to update can_mention_group setting
of a user group.

Fixes a part of #25927.
2023-06-30 17:28:33 -07:00
Lalit a686c0cc02 docs: Add documentation for delete emoji endpoint.
This endpoint was previously marked as `intentionally_undocumented`
but that was mistake.

Removed `intentionally_undocumented` and added proper documentation
with valid `python_example` for this Endpoint.

Fixes: #24084
2023-06-28 10:23:47 -07:00
Anders Kaseorg 784622ee5d requirements: Upgrade Python requirements. 2023-06-20 16:17:55 -07:00
Lauryn Menard 8be68c8034 api-changelog: Update feature level 189 entry and bump API version.
Revises the API changelog feature level 189 entry for formatting
error and to clarify the text. Also, bumps the API_FEATURE_LEVEL
in `version.py`.

The original pull request for these changes was #25640.
2023-06-20 15:01:43 -04:00
Zixuan James Li 693b3679e3 muted users: Add support to muting bots.
We intentionally disallow muting bots previously upon
a pending design decision in #16915.
This lifts that constraint.

Fixes #22693.
2023-06-13 16:44:12 -07:00
Alex Vandiver e222b53d8a version: Update version and changelog after 7.1 release. 2023-06-13 18:17:04 +00:00
Zixuan Li e39e04c3ce
migration: Add `extra_data_json` for audit log models.
Note that we use the DjangoJSONEncoder so that we have builtin support
for parsing Decimal and datetime.

During this intermediate state, the migration that creates
extra_data_json field has been run. We prepare for running the backfilling
migration that populates extra_data_json from extra_data.

This change implements double-write, which is important to keep the
state of extra data consistent. For most extra_data usage, this is
handled by the overriden `save` method on `AbstractRealmAuditLog`, where
we either generates extra_data_json using orjson.loads or
ast.literal_eval.

While backfilling ensures that old realm audit log entries have
extra_data_json populated, double-write ensures that any new entries
generated will also have extra_data_json set. So that we can then safely
rename extra_data_json to extra_data while ensuring the non-nullable
invariant.

For completeness, we additionally set RealmAuditLog.NEW_VALUE for
the USER_FULL_NAME_CHANGED event. This cannot be handled with the
overridden `save`.

This addresses: https://github.com/zulip/zulip/pull/23116#discussion_r1040277795

Note that extra_data_json at this point is not used yet. So the test
cases do not need to switch to testing extra_data_json. This is later
done after we rename extra_data_json to extra_data.

Double-write for the remote server audit logs is special, because we only
get the dumped bytes from an external source. Luckily, none of the
payload carries extra_data that is not generated using orjson.dumps for
audit logs of event types in SYNC_BILLING_EVENTS. This can be verified
by looking at:

`git grep -A 6 -E "event_type=.*(USER_CREATED|USER_ACTIVATED|USER_DEACTIVATED|USER_REACTIVATED|USER_ROLE_CHANGED|REALM_DEACTIVATED|REALM_REACTIVATED)"`

Therefore, we just need to populate extra_data_json doing an
orjson.loads call after a None-check.

Co-authored-by: Zixuan James Li <p359101898@gmail.com>
2023-06-07 12:14:43 -07:00
Anders Kaseorg 8a2086fb4c dependencies: Upgrade JavaScript dependencies.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-06-05 21:51:26 -07:00
Anders Kaseorg 6ea7b87930 version: Increase DESKTOP_MINIMUM_VERSION, DESKTOP_WARNING_VERSION.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-05-31 13:09:14 -07:00
Tim Abbott 0a7d3d3fe2 Update version following 7.0 release. 2023-05-31 13:04:44 -07:00
Tim Abbott b00ce1bad1 Release Zulip Server 7.0. 2023-05-31 08:48:02 -07:00
Anders Kaseorg e3e2691124 Update version following 7.0-beta3 release.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-05-29 17:14:15 -07:00
Tim Abbott 1af16642d9 Release Zulip Server 7.0-beta3. 2023-05-29 16:35:59 -07:00
Anders Kaseorg 6ca8e853df requirements: Switch to released coverage fix.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-05-29 14:41:20 -07:00
Anders Kaseorg 66501a8eae requirements: Upgrade Python requirements.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-05-26 22:09:18 -07:00
Lauryn Menard 0c09a4fffe scheduled-messages: Add API documentation for new endpoint.
Part of splitting creating and editing scheduled messages.
Final commit. Should be merged with previous commits in series.

Updates the API documentation for the new endpoint for editing
scheduled messages.
2023-05-26 18:05:55 -07:00
Sahil Batra 48e99657ad events: Remove realm_community_topic_editing_limit_seconds.
This commit removes realm_community_topic_editing_limit_seconds
field from register response since topic edit limit is now
controlled by move_messages_within_streams_limit_seconds
setting.
We also remove DEFAULT_COMMUNITY_TOPIC_EDITING_LIMIT_SECONDS
constant since it is no longer used.
2023-05-25 17:26:21 -07:00
Anders Kaseorg fea0ae1a2b requirements: Switch to released jsx-lexer fix (same code).
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-05-23 13:47:36 -07:00
Alex Vandiver e6b1384a05 version: Update version and changelog after 6.2 release. 2023-05-19 16:58:55 -04:00
Anders Kaseorg 271df2c98e requirements: Upgrade coverage.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-05-16 21:57:01 -07:00
Alex Vandiver 3160c3cce0 realm_export: Return export id from POST which create it. 2023-05-16 14:05:01 -07:00
Anders Kaseorg 067a7a3a0f Fix jsx-lexer to avoid breaking Pygments TypeScriptLexer.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-05-15 14:52:32 -07:00
Lauryn Menard 90cc2716f0 scheduled-messages: Update API dicts for `failed` boolean field.
Adds the `failed` boolean from the ScheduledMessage to the API dict
returned by scheduled message events and register response, and by
fetching the user's scheduled messages.

`failed` will only be true when the server has tried to send the
scheduled message and failed due to an error.
2023-05-12 15:48:59 -07:00
Anders Kaseorg 3e6a212ace dependencies: Upgrade JavaScript dependencies.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-05-12 11:12:20 -07:00
Anders Kaseorg b110d88389 requirements: Switch talon fork to a maintained cchardet fork.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-05-11 15:52:37 -07:00
Anders Kaseorg d0481be3e5 requirements: Upgrade Python requirements.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-05-10 19:44:47 -07:00
Sahil Batra 4ca887bade invites: Allow users to invite without specifying any stream to join.
We now allow users to invite without specifying any stream to join.
In such cases, the user would join the default streams, if any, during
the process of account creation after accepting the invite.

It is also fine if there are no default streams and user isn't
subscribed to any stream initially.
2023-05-09 17:05:17 -07:00
Alex Vandiver e2a6a0c440 sentry: Stop importing from `@sentry/tracing`, which is deprecated.
This was deprecated in 7.47.0[^1].

[^1]: https://github.com/getsentry/sentry-javascript/releases/tag/7.47.0
2023-05-09 13:16:28 -07:00
Alex Vandiver cadfbcac76 dependencies: Upgrade Sentry libraries. 2023-05-09 13:16:28 -07:00
Lauryn Menard d41f12495d api-docs: Document create/edit scheduled message endpoint and events.
Adds API changelog update for the new endpoint added for creating
or editing scheduled messages, for the events sent for scheduled
messages (add, update, delete), and for the `scheduled_messages`
field in the register response.

Adds a specific API markdown documentation file for the create
or update scheduled messages endpoint, so that the parameters in
the cURL examples are accurate for the type of message (direct or
stream) and action (create or edit).

Bumps the API feature level, adds Changes notes to API documentation
and adds the scheduled message endpoints to the API documentation
sidebar.
2023-04-28 17:25:00 -07:00
Tim Abbott 10b893e1e3 api_docs: Update API docs for presence changes. 2023-04-26 14:26:47 -07:00
Anders Kaseorg b8023da17a dependencies: Upgrade JavaScript dependencies.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-04-25 22:18:48 -07:00
Anders Kaseorg 6c4705a4ef install-node: Upgrade Node.js from 18.15.0 to 18.16.0.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-04-25 22:18:48 -07:00
Anders Kaseorg 03b3c8522d requirements: Upgrade Python requirements.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-04-25 21:20:33 -07:00
Anders Kaseorg 9db3451333 Remove statsd support.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-04-25 19:58:16 -07:00
sbansal1999 a4f05af256 dependencies: Add "minimalistic-assert" and its type definitions. 2023-04-25 09:31:15 -07:00
Lauryn Menard 9880fcb936 narrow: Document new filters `is:dm`, `dm` and `dm-including`.
Documents narrows now have support for new filters for direct messages:
`is:dm`, `dm`, and `dm-including`. Also documents that `is:private`,
`pm-with` and `group-pm-with` are now legacy aliases for these three
new filters respectively.

Note that API documentation references the help center documentation
for search/narrow filters.

Fixes #24806.
2023-04-25 09:07:08 -07:00
Lauryn Menard c848e0ff34 api-version: Bump to feature level 176 for URL templates for linkifiers.
See commit b7bfa5801c for related changes for this API feature
level update.
2023-04-21 08:32:19 -07:00
Zixuan James Li 268f858f39 linkifier: Support URL templates for linkifiers.
This swaps out url_format_string from all of our APIs and replaces it
with url_template. Note that the documentation changes in the following
commits  will be squashed with this commit.

We change the "url_format" key to "url_template" for the
realm_linkifiers events in event_schema, along with updating
LinkifierDict. "url_template" is the name chosen to normalize
mixed usages of "url_format_string" and "url_format" throughout
the backend.

The markdown processor is updated to stop handling the format string
interpolation and delegate the task template expansion to the uri_template
library instead.

This change affects many test cases. We mostly just replace "%(name)s"
with "{name}", "url_format_string" with "url_template" to make sure that
they still pass. There are some test cases dedicated for testing "%"
escaping, which aren't relevant anymore and are subject to removal.
But for now we keep most of them as-is, and make sure that "%" is always
escaped since we do not use it for variable substitution any more.

Since url_format_string is not populated anymore, a migration is created
to remove this field entirely, and make url_template non-nullable since
we will always populate it. Note that it is possible to have
url_template being null after migration 0422 and before 0424, but
in practice, url_template will not be None after backfilling and the
backend now is always setting url_template.

With the removal of url_format_string, RealmFilter model will now be cleaned
with URL template checks, and the old checks for escapes are removed.

We also modified RealmFilter.clean to skip the validation when the
url_template is invalid. This avoids raising mulitple ValidationError's
when calling full_clean on a linkifier. But we might eventually want to
have a more centric approach to data validation instead of having
the same validation in both the clean method and the validator.

Fixes #23124.

Signed-off-by: Zixuan James Li <p359101898@gmail.com>
2023-04-19 12:20:49 -07:00
Zixuan James Li ab53e8d3e6 migrations: Backfill url_template from url format string.
This is implemented by replacing all matches of "%(var_name)s" in a URL
format string with "{var_name}". Since we do want to ensure that the
templates aren't broken after this migration, a RuntimeError is raised
to let the maintainer know that certain linkifier cannot be converted
automatically if it does not pass the uri_template.validate check.

Also, we need to escape "%%", which is used to represent "%" in the old
format string syntax, as well as "{" and "}", which is a part of the
URL template syntax.

Signed-off-by: Zixuan James Li <p359101898@gmail.com>
2023-04-19 12:20:49 -07:00
Zixuan James Li a19c80df43 linkifiers: Add url_template field.
This will later be used to expand matching linkifier patterns.
Making it nullable for now, but we will make it required in
the APIs.

As a part of this transition, we temporarily make url_format_string
nullable as well, which will be later removed. This allows us to
switch to populating url_template without caring about passing
url_format_string.

Note that the validators are imported in the migration because Django
otherwise diffs it and considers the schema to be different, generating
a migration, failing the "tools/test-migrations" test.

Signed-off-by: Zixuan James Li <p359101898@gmail.com>
2023-04-19 12:20:49 -07:00
Zixuan James Li 8b43a50a78 requirements: Add uri-template.
This is later used for supporting RFC 6570 URI Template in place of the
URL format string that we were using for linkifiers.

Signed-off-by: Zixuan James Li <p359101898@gmail.com>
2023-04-19 12:20:49 -07:00
Joelute afbd0a9b43 user_settings: Add web_mark_read_on_scroll_policy field.
This is a backend change that will help support the new
`Mark messages as read on scroll` user setting.
2023-04-18 18:32:02 -07:00
Lauryn Menard 2c043c6242 message-type: Add support for "direct" as value for type parameter.
For endpoints with a `type` parameter to indicate whether the message
is a stream or direct message, `POST /typing` and `POST /messages`,
adds support for passing "direct" as the preferred value for direct
messages, group and 1-on-1.

Maintains support for "private" as a deprecated value to indicate
direct messages.

Fixes #24960.
2023-04-18 12:29:33 -07:00
Alex Vandiver 3f9ed40c62 version: Bump PROVISION_VERSION for previous change.
e536a14b61 left off the required major PROVISION_VERSION bump.
2023-04-17 09:36:11 -07:00
Aman Agrawal a06f3d26d0 scheduled_messages: Add endpoints to fetch and delete them. 2023-04-14 17:38:37 -07:00
Anders Kaseorg 9ed1c79f1b dependencies: Downgrade autosize to 5.0.2 to fix scrollbar regression.
https://chat.zulip.org/#narrow/stream/9-issues/topic/compose.20box.20scrollbars/near/1531138

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-04-11 21:21:34 -04:00
Sahil Batra bd7f728796 message: Don't allow moving messages that have passed the time limit.
We previously allowed moving messages that have passed the time limit
using "change_all" value for "propagate_mode" parameter. This commit
changes the behavior to not allow moving messages (both stream and
topic edit) that have passed the time limit for non-admin and
non-moderator users.
2023-04-11 11:07:23 -07:00
Anders Kaseorg 2c20028aa4 requirements: Upgrade Django to 4.2.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-04-06 17:58:44 -07:00
Anders Kaseorg 30204ed694 dependencies: Upgrade JavaScript dependencies.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-04-04 18:27:11 -07:00
Lauryn Menard e95b784f6e backend-auth: Add user ID to fetch api key responses.
Adds the user ID to the return values for the `/fetch_api_key` and
`/dev_fetch_api_key` endpoints. This saves clients like mobile a
round trip to the server to get the user's unique ID as it is now
returned as part of the log in flow.

Fixes #24980.
2023-04-04 10:54:49 -07:00
Anders Kaseorg 52f7eb4463 dependencies: Upgrade JavaScript dependencies.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-04-04 10:54:01 -07:00
Anders Kaseorg 0d4dcc8583 install-transifex-cli: Upgrade Transifex CLI from 1.6.5 to 1.6.7.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-04-04 00:16:04 -07:00
Anders Kaseorg a881918a05 requirements: Upgrade Python requirements.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-04-03 22:39:21 -07:00
Prakhar Pratyush f012d079c3 user_topics: Add a new endpoint to update visibility_policy.
This commit adds a new endpoint, 'POST /user_topics' which
is used to update the personal preferences for a topic.

Currently, it is used to update the visibility policy of
a user-topic row.
2023-04-03 22:31:49 -07:00
Daniil Fadeev 5c6f842b28 emails: Replace Premailer with CSS-inline.
Primary goal of library replacement is improving execution speed.
This commit should not affect the functionality of the system
or make any changes to it.
2023-04-03 15:15:05 -07:00
Anders Kaseorg 38539c8fed dependencies: Add Zod and typing dependencies.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-03-25 11:18:38 -07:00
Anders Kaseorg 3a27b12a7d dependencies: Switch to pnpm.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-03-20 15:48:29 -07:00
Anders Kaseorg b3f9fdf99a dependencies: Upgrade JavaScript dependencies.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-03-20 15:48:29 -07:00
Anders Kaseorg 70e9fc8b12 postcss: Enable postcss-preset-env.
This gives more comprehensive support of new and future CSS features
that can be transpiled for older browsers.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-03-20 11:26:30 -07:00
Anders Kaseorg 14352547cd install-transifex-cli: Upgrade Transifex CLI from 1.6.4 to 1.6.5.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-03-17 13:11:02 -07:00
Zixuan James Li 24f24d236d cache: Use QuerySetAny for isinstance check.
Previously, `QuerySet` does not support isinstance check since it is
defined to be generic in django-stubs. In a recent update, such check is
possible by using `QuerySetAny`, a non-generic alias of `QuerySet`.

Signed-off-by: Zixuan James Li <p359101898@gmail.com>
2023-03-17 08:38:20 -07:00
Tim Abbott 93d0a6b1ba version: Add missing API feature level bump.
This should have been done in
042bbf2936.
2023-03-16 14:55:48 -07:00
Anders Kaseorg 96e657a954 install-node: Upgrade Node.js from 18.14.1 to 18.15.0.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-03-16 12:32:28 -07:00
Zixuan James Li 215f776f0e dependencies: Add @types/blueimp-md5.
This is a dependency of people.js. We include the stubs to prepare it
for a conversion to TypeScript.

Signed-off-by: Zixuan James Li <p359101898@gmail.com>
2023-03-16 10:47:12 -07:00
Prakhar Pratyush ae72777c77 user_settings: Automate 'Include realm name in message email subject'.
Currently, there is a checkbox setting for whether to
"Include realm name in subject of message notification emails".

This commit replaces the checkbox setting with a dropdown
having values: Automatic [default], Always, Never.

The Automatic option includes the realm name if, and only if,
there are multiple Zulip realms associated with the user's email.

Tests are added and(or) modified.

Fixes: #19905.
2023-03-14 17:48:57 -07:00
Alex Vandiver 8f8a9f6f04 sentry: Add frontend event monitoring.
Zulip already has integrations for server-side Sentry integration;
however, it has historically used the Zulip-specific `blueslip`
library for monitoring browser-side errors.  However, the latter sends
errors to email, as well optionally to an internal `#errors` stream.
While this is sufficient for low volumes of users, and useful in that
it does not rely on outside services, at higher volumes it is very
difficult to do any analysis or filtering of the errors.  Client-side
errors are exceptionally noisy, with many false positives due to
browser extensions or similar, so determining real real errors from a
stream of un-grouped emails or messages in a stream is quite
difficult.

Add a client-side Javascript sentry integration.  To provide useful
backtraces, this requires extending the pre-deploy hooks to upload the
source-maps to Sentry.  Additional keys are added to the non-public
API of `page_params` to control the DSN, realm identifier, and sample
rates.
2023-03-07 10:51:45 -08:00
Lauryn Menard e9bfdd1bf2 response: Implement ignored parameters with MutableJsonResponse class.
Creates `MutableJsonResponse` as a subclass of Django's `HttpResponse`
that we can modify for ignored parameters in the response content.

Updates responses to include `ignored_parameters_unsupported` in
the response data through `has_request_variables`. Creates unit
test for this implementation in `test_decorators.py`.

The `method` parameter processed in `rest_dispatch` is not in the
`REQ` framework, so for any tests that pass that parameter, assert
for the ignored parameter with a comment.

Updates OpenAPI documentation for `ignored_parameters_unsupported`
being returned in the JSON success response for all endpoints.
Adds detailed documentation in the error handling article, and
links to that page in relevant locations throughout the API docs.

For the majority of endpoints, the documentation does not include
the array in any examples of return values, and instead links to
the error handling page. The exceptions are the three endpoints
that had previously supported this return value. The changes note
and example for these endpoints is also used in the error
handling page.
2023-03-06 10:33:13 -08:00
Anders Kaseorg 087660a87e requirements: Upgrade Python requirements.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-03-05 14:46:28 -08:00
Mateusz Mandera f0f02d05ab send_message_backend: Remove the realm_str API param.
This already became useless in 6e11754642,
as detailed in the API changelog entry here. At this point, we should
eliminate this param and the weird code around it.

This commit also deletes the associated tests added in
6e11754642, since with realm_str removed,
they make no sense anymore (and actually fail with an OpenAPI error due
to using params not used in the API). Hypothetically they could be
translated to use the subdomain= kwarg, but that also doesn't make
sense, since at that point they'd be just testing the case of a user
making an API request on a different subdomain than their current one
and that's just redundant and already tested generally in
test_decorators.
2023-02-28 12:12:15 -08:00
m-e-l-u-h-a-n ab4e6a94c5 user groups: Make name and description optional in group update.
View that handled `PATCH user_groups/<int:user_group_id>` required
both name and description parameters to be passed. Due to this
clients had to pass values for both these parameters even if
one of them was changed.

To resolve this name description parameters to
`PATCH user_groups/<int:user_group_id>` are made optional.
2023-02-26 16:22:24 -08:00
Anders Kaseorg a2ea5e8598 test-js-with-node: Fix source maps for coverage.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-02-24 13:54:29 -08:00
Anders Kaseorg c1675913a2 web: Move web app to ‘web’ directory.
Ever since we started bundling the app with webpack, there’s been less
and less overlap between our ‘static’ directory (files belonging to
the frontend app) and Django’s interpretation of the ‘static’
directory (files served directly to the web).

Split the app out to its own ‘web’ directory outside of ‘static’, and
remove all the custom collectstatic --ignore rules.  This makes it
much clearer what’s actually being served to the web, and what’s being
bundled by webpack.  It also shrinks the release tarball by 3%.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-02-23 16:04:17 -08:00
Mateusz Mandera a593089770 presence: Return some presence params in the /register response. 2023-02-21 12:10:43 -08:00
Anders Kaseorg 64f0dcecb0 install-node: Upgrade Node.js to 18.14.1 security release.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-02-20 12:16:28 -08:00
Sahil Batra 9d1dc20e6e settings: Remove realm-level email_address_visibility setting.
This was replaced by the new user-level version in recent commits.

Fixes #20035.
Fixes #18149.
2023-02-10 17:40:33 -08:00
Anders Kaseorg ec58b6790d install-node: Upgrade Node.js to 18.14.0; manage Yarn with Corepack.
Corepack manages multiple per-project version of Yarn and PNPM, which
means we have to maintain less installation code, and could help us
switch away from Yarn 1 without making the system unusable for
development of other Yarn 1 projects.

https://nodejs.org/api/corepack.html

The Unicode spaces in the timerender test resulted from an ICU
upgrade: https://github.com/nodejs/node/pull/45068.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-02-09 15:50:47 -08:00
Anders Kaseorg 9efbfa22f2 dependencies: Upgrade JavaScript dependencies.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-02-08 17:05:58 -08:00
Sahil Batra 891f83601d message_edit: Use move_messages_between_streams_limit_seconds setting.
This commit adds time restriction on moving messages between streams
using the move_messages_between_streams_limit_seconds setting in the
backend. There is no time limit for admins and moderators.
2023-02-08 12:46:05 -08:00
Sahil Batra 73f11853ec streams: Allow setting can_remove_subscribers_group_id while creating streams.
This commit adds API support to set can_remove_subscribers_group setting
when creating streams.
2023-02-05 14:46:36 -08:00
Anders Kaseorg 81a7c7502f requirements: Upgrade Python requirements.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-02-03 16:36:54 -08:00
Lauryn Menard dbacc00f0f api-docs: Move markdown files to top level directory.
- Updates `.prettierignore` for the new directory.
- Updates any reference to the API documentation directory for
  markdown files to be `api_docs/` instead of `zerver/api/`.
- Removes a reference link from `docs/documentation/api.md` that
  hasn't referenced anything in the text since commit 0542c60.
- Update rendering of API documentation for new directory.
2023-02-02 17:25:40 -08:00
Anders Kaseorg 4eda29bd86 ruff: Fix RUF005 Consider spread instead of concatenation.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-01-26 10:16:30 -08:00
Alex Vandiver 4226026dbc version: Update version and changelog after 6.1 release. 2023-01-23 18:52:47 +00:00
Alex Vandiver cc9b028312 uploads: Set X-Accel-Redirect manually, without using django-sendfile2.
The `django-sendfile2` module unfortunately only supports a single
`SENDFILE` root path -- an invariant which subsequent commits need to
break.  Especially as Zulip only runs with a single webserver, and
thus sendfile backend, the functionality is simple to inline.

It is worth noting that the following headers from the initial Django
response are _preserved_, if present, and sent unmodified to the
client; all other headers are overridden by those supplied by the
internal redirect[^1]:
 - Content-Type
 - Content-Disposition
 - Accept-Ranges
 - Set-Cookie
 - Cache-Control
 - Expires

As such, we explicitly unset the Content-type header to allow nginx to
set it from the static file, but set Content-Disposition and
Cache-Control as we want them to be.

[^1]: https://www.nginx.com/resources/wiki/start/topics/examples/xsendfile/
2023-01-09 18:23:58 -05:00
Anders Kaseorg cd66448311 install-shfmt: Upgrade shfmt to 3.6.0.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-01-04 14:01:34 -08:00
Anders Kaseorg 986bad8f90 install-shellcheck: Upgrade ShellCheck to 0.9.0.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-01-04 14:01:34 -08:00
Anders Kaseorg d4190c36be dependencies: Upgrade JavaScript dependencies.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-01-04 12:30:04 -08:00
Anders Kaseorg d1bb100a2d Upgrade Python requirements.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-01-04 11:08:56 -08:00
Sahil Batra cbdb4e98e5 message_edit: Topic editing permission should not depend on message sender.
This commit changes the topic edit permssions to not depend whether the user
editing the message had sent the message or it was sent by someone else.
We only do backend changes in this commit and frontend changes will be done
in further commits.

Previously, we always allowed topic edits when the user themseleves had
sent the message not considering the edit_topic_policy and the 3-day time
limit. But now we consider all messages as same and editing is allowed only
according to edit_topic_policy setting and the time limit of 3 days in
addition for users who are not admins or moderators.
2022-12-13 23:11:50 -08:00
Anders Kaseorg 89e954451b install-node: Upgrade Node.js from 18.10.0 to 18.12.1.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-12-07 09:55:05 -08:00
Anders Kaseorg 8b6bd961e6 dependencies: Upgrade JavaScript dependencies.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-12-07 09:55:05 -08:00
Anders Kaseorg 7ccc24d9fe requirements: Upgrade Python requirements.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-12-04 22:11:24 -08:00
Aman Agrawal 3bec50267a text-field-edit: Upgrade dependency.
This version has the improved code for `replace` function which
will allow us to replace text without selecting it.
2022-11-27 13:32:02 -08:00
Tim Abbott 88873138ac Update version following 6.0 release. 2022-11-17 16:42:36 -08:00
Tim Abbott f0e5f69c01 Release Zulip Server 6.0. 2022-11-17 11:44:45 -08:00
Anders Kaseorg ee2cb855f0 message_fetch: Add include_anchor parameter.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-11-16 21:13:44 -08:00
Anders Kaseorg e4f1c10b87 requirements: Remove isort.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-11-16 09:29:11 -08:00
Anders Kaseorg 3442bf2843 requirements: Upgrade Ruff.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-11-16 09:29:11 -08:00
Alex Vandiver c4e5ddd67f version: Update version and changelog after 5.7 release. 2022-11-16 16:03:05 +00:00
Anders Kaseorg 55342efd33 scim: Upgrade django-scim2; remove request.user monkey patching.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-11-05 15:13:50 -07:00
Anders Kaseorg d717b38704 dependencies: Upgrade JavaScript dependencies.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-11-03 14:48:40 -07:00
Anders Kaseorg b9dfa23666 requirements: Upgrade Python requirements.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-11-03 14:08:58 -07:00
Anders Kaseorg adffad384c lint: Replace pycodestyle and pyflakes with ruff.
https://github.com/charliermarsh/ruff

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-11-03 12:10:15 -07:00
Anders Kaseorg 683a6b0411 dependencies: Upgrade Prettier to 3.0.0-alpha.4.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-11-02 16:50:37 -07:00
Mateusz Mandera 6e336ef6f6 delete_topic: Use the same timeout pattern as /mark_all_as_read.
We don't want to use the nginx 502 timeout as an API pattern. In
/mark_all_as_read we've already figured out how we want to handle this
instead.
2022-11-02 16:50:06 -04:00
Mateusz Mandera a410f6b241 do_mark_all_as_read: Split up the work into batches.
Fixes #15403.
2022-10-27 16:59:54 -07:00
Julia Bichler 4bb381fc80 message_edit: Support sending notifications with topic changes.
Previously we did not send notification for topic-only edits.
Now, we add backend support for sending notification to topic-only
edits as well.

We would add support for this in webapp in further commits since
message edit UI will be updated as well. We just make sure that no
notifications are sent when editing topic using pencil icon in
message header.

We also change the API default for moving a topic to only notify the
new location, not the old one; this matches the current defaults in
the web UI.

Includes many tests.

We also update the puppeteer tests to test only content edit as
we are going to change the UI to not allow topic editing from
message edit UI. Also fixing the existing tests to pass while
doing topic edits is somewhat complex as notification message
is also sent to new topic by default.

Fixes #21712.

Co-authored-by: Aman Agrawal <amanagr@zulip.com>
Co-authored-by: Tim Abbott <tabbott@zulip.com>
2022-10-11 11:35:41 -07:00
Anders Kaseorg 762a2d8da4 dependencies: Upgrade JavaScript dependencies.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-10-11 10:50:57 -07:00
Anders Kaseorg 748ad53f83 dependencies: Remove formdata-node, node-fetch.
Node.js 18 has these built in.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-10-11 10:50:57 -07:00
Anders Kaseorg afccebc1ee install-node: Upgrade Node.js from 16.17.0 to 18.10.0.
Although Node.js 18 is not the active LTS release for another 3 weeks,
the Node.js 16 end-of-life date was moved forward to September 2023,
(https://nodejs.org/en/blog/announcements/nodejs16-eol/), so it seems
prudent to switch now.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-10-11 10:50:57 -07:00
Anders Kaseorg 3417bb4c28 requirements: Upgrade Python requirements.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-10-07 10:03:51 -07:00
Anders Kaseorg 133c8b16ed requirements: Upgrade openapi-core.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-10-07 10:03:51 -07:00
Sahil Batra 2bf70fe4db custom_profile_field: Add "Pronouns" custom field type.
This commit adds "Pronouns" custom profile field type. We also
add "Pronouns" type field in the development environment
2022-10-06 17:56:26 -07:00
Anders Kaseorg 92ad4455ed requirements: Upgrade Django to 4.1.
zerver/migrations/0240_usermessage_migrate_bigint_id_into_id.py needs
to be updated to account for Django 4.1 creating AutoField as an
identity column rather than a serial column.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-10-06 15:59:07 -07:00
PIG208 df18bbbd48 requirements: Add django-stubs and configure plugin.
Note that django_stubs_ext is required to be placed within common.in
because we need the monkeypatched types in runtime; django-stubs
itself is for type checking only.

In the future, we would like to pin to a release instead of a git
revision, but several patches we've contributed upstream have not
appeared in a release yet.

We also remove the type annotation for RealmAuditLog.event_last_message_id
here instead of earlier because type checking fails otherwise.

Fixes #11560.
2022-10-05 16:15:56 -07:00
Tim Abbott a37ab51621 version: Bump PROVISION_VERSION for emoji updates. 2022-10-04 15:32:31 -07:00
Sahil Batra 04693b6ac1 message_edit: Send only changed settings in event data and api response.
Previously, we included all three message edit related settings
("allow_message_editing", "message_content_edit_limit_seconds" and
"edit_topic_policy") in the event data and api response irrespective
of which of these settings were changed. Now, we only include changed
settings and separate events are sent for each setting if more than
one of them is changed.

Note that the previous typed in event_schema.py for
`message_content_edit_limit_seconds` incorrectly did not allow `None`
as a value, which is used to encode no limit.
2022-09-28 11:47:40 -07:00
Aman Agrawal b84722de01 events: Clean up logic for spectator events_register parameters.
Unfortunately, doing so requires forking common API documentation
text, since we're not making any changes to other endpoints that don't
allow unauthenticated requests at all.

Follow-up on #21995.
2022-09-27 16:12:59 -07:00
Lauryn Menard b2e0b5187d api-docs: Document `away` as deprecated way to access presence_enabled.
Updates API documentation and changelog for user status `away`
now being a deprecated way to access a user's `presence_enabled`
setting for clients supporting older servers.

Final step in making user status `away` a deprecated way to access
`presence_enabled` for clients supporting older servers.

Part of transitioning from 'unavailable' user status feature to
'invisible mode' user presence feature.
2022-09-23 12:27:54 -07:00
Mateusz Mandera 940830055b delete_in_topic: Split up the deletion into batches.
Fixes #22821.

As explained in the comment in the code:

Topics can be large enough that this request will inevitably time out.
In such a case, it's good for some progress to be accomplished, so that
full deletion can be achieved by repeating the request. For that purpose,
we delete messages in atomic batches, committing after each batch.

The additional perk is that the ordering of messages should prevent some
hypothetical deadlocks - ref #19054
2022-09-22 15:01:43 -07:00
yogesh sirsat 543f36b7da custom_profile_fields: Add "display_in_profile_summary" field in model.
To allow `custom_profile_field` to display in user profile popover,
added new boolean field "display_in_profile_summary" in its model class.

In `custom_profile_fields.py`, functions are edited as per conditions,
like currently we can display max 2 `custom_profile_fields` except
`LONG_TEXT` and `USER` type fields.

Default external account custom profile fields made updatable for only
this new field, as previous they were not updatable.

Fixes part of: #21215
2022-09-20 17:03:57 -07:00
yogesh sirsat 180a9cbdcb stream_bots: Allow bot owners to unsubscribe their bots from streams.
Users who owns bots can unsubscribe their bots from streams.

Fixes part of: #21402
2022-09-16 17:51:34 -07:00
Lauryn Menard eb377a8872 read_receipts: Exclude muted users from read receipts.
Removes IDs of users who have muted or been muted by the current
user from the list of user IDs returned by the read receipts
endpoint.

Fixes #22909.
2022-09-16 16:19:54 -07:00
Tim Abbott d5d2647c1b openapi: Update API feature level permission changes. 2022-09-16 15:27:52 -07:00
Sahil Batra b9248c75f4 stream: Add do_change_can_remove_subscribers_group and field to objects.
This commit adds do_change_can_remove_subscriber_group function for
changing can_remove_subscribers_group field of a stream. We also add
can_remove_subscribers_group_id field to stream and subscription
objects.

This function will be helpful for writing tests in next commit.
We would add API and UI support to change this setting in further
commits.
2022-09-14 16:03:11 -07:00
Raghav Luthra 4dad9fa158 user_settings: Add user setting to control the user list style.
Added a user_list_style personal user setting to the bottom of
Settings > Display settings > Theme section which controls the look
of the right sidebar user list.

The radio button UI includes a preview of what the styles look like.

The setting is intended to eventually have 3 possible values: COMPACT,
WITH_STATUS and WITH_AVATAR; the final value is not yet implemented.

Co-authored-by: Tim Abbott <tabbott@zulip.com>
2022-09-09 16:30:54 -07:00
Anders Kaseorg 143a3350fa dependencies: Upgrade JavaScript dependencies.
jQuery is held at 3.6.0 due to
https://github.com/jquery/jquery/issues/5105.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-09-06 15:02:29 -07:00
Anders Kaseorg 5e4cec56cb install-node: Upgrade Node.js from 16.16.0 to 16.17.0.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-09-06 15:02:29 -07:00
Anders Kaseorg 854bb66b0d version: Bump PROVISION_VERSION for Python requirements upgrade.
Commit a8d640a5d6 (#22823) lost its
PROVISION_VERSION bump when rebased on #22807.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-08-31 13:05:43 -07:00
Mateusz Mandera 43107fcdc3 scim: Upgrade scim2-filter-parser to 0.4.0 to fix case-sensitivity.
userName lookups are supposed to be case-insensitive per the SCIM2 RFC
and this was fixed upstream in
https://github.com/15five/scim2-filter-parser/pull/31
and included in 0.4.0 release.
2022-08-29 10:35:29 -07:00
evykassirer efee77b41f emoji: Add which emoji are supported to the /register call.
Fixes #21037.

This is part of fixing #19371. To bulk-add new emoji regularly,
mobile needs to know which servers support which emoji.
`staticfiles_storage.url` generates a unique URL with a hash
based on the file content, which lets mobile know if it needs
to update its locally stored data.
2022-08-26 17:58:31 -07:00
Tim Abbott 5d3e4d3e56 version: Update version and changelog after 5.6 release. 2022-08-24 16:36:50 -07:00
Anders Kaseorg d4923a12e1 node_tests: Use a spec-compliant FormData implementation.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-08-18 08:53:55 -07:00
Lauryn Menard 885c3d6593 subscriptions: Send update events for `is_muted` property.
In Zulip 2.1.0, the `is_muted` stream subscription property was
added and replaced the `in_home_view` property. But the server has
still only been sending subscription update events with the
`in_home_view` property.

Updates `do_change_subscription_property` to send a subscription
update event for both `is_muted` and `in_home_view`, so that
clients can fully migrate away from using `in_home_view` allowing
us to eventually remove it completely.
2022-08-16 16:50:51 -07:00
Sahil Batra a1f40ccda5 message_edit: Make zero invalid value for message_content_edit_time_limit_seconds.
This commit changes the code to consider zero as an invalid value for
message_content_edit_time_limit_seconds. Now to represent the setting that
user can edit the message anytime, the setting value will be "None" in
database and "unlimited" will be passed to API from clients.
2022-08-12 18:09:53 -07:00
Dinesh 48d2783559 read_receipts: Add support for displaying read receipts.
Adds an API endpoint for accessing read receipts for other users, as
well as a modal UI for displaying that information.

Enables the previously merged privacy settings UI for managing whether
a user makes read receipts data available to other users.

Documentation is pending, and we'll likely want to link to the
documentation with help_settings_link once it is complete.

Fixes #3618.

Co-authored-by: Tim Abbott <tabbott@zulip.com>
2022-08-12 13:16:35 -07:00
Sahil Batra 13e0311ef3 realm: Add support to change enable_read_receipts setting.
This commit adds support to change enable_read_receipts
setting through API and also adds the field to response
of "/register" endpoint so that the setting value
is available to clients.
2022-08-12 17:10:03 +05:30
Zixuan James Li b5f1134172 requirements: Upgrade types-stripe to 3.5.1.
This includes the change from 28fde2ee27.
Only a minor bump is required because it has no effect on type
checking yet before django-stubs gets integrated.

Signed-off-by: Zixuan James Li <p359101898@gmail.com>
2022-08-10 16:29:04 -07:00
Sahil Batra 3e6463804e streams: Allow changing history access without is_private parameter.
We now allow changing access to history of the stream by only passing
"history_public_to_subscribers" parameter. Previously, "is_private"
parameter was also required to change history_public_to_subscribers
otherwise the request was silently ignored.

We also raise error when only history_public_to_subscribers parameter
is passed with value False without "is_private: True" for a public
or web-public stream since we do not allow public streams with
protected history.
2022-08-09 17:05:38 -07:00
Julia Bichler 0a278c39d2 settings: Send email after deactivating user.
This adds a feature where an admin can choose to send an email
with custom content to an user after they deactivated them.

Fixes #18943.
2022-08-06 21:41:53 -07:00
Kartik Srivastava 1291e7000b user_topic: Add user_topic event.
We now send a new user_topic event while muting and unmuting topics.
fetch_initial_state_data now returns an additional user_topics array to
the client that will maintain the user-topic relationship data.
This will support any future addition of new features to modify the
relationship between a user-topic pair.

This commit adds the relevent backend code and schema for the new
event.
2022-08-04 17:44:00 -07:00
Anders Kaseorg 27eed09a84 dependencies: Upgrade JavaScript dependencies.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-08-04 13:52:06 -07:00
Anders Kaseorg 7da1586cbf install-node: Upgrade Node.js from 16.15.1 to 16.16.0.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-08-04 13:51:51 -07:00
Anders Kaseorg 74f7b6e4fd requirements: Upgrade Python requirements.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-07-30 06:46:34 -07:00
Anders Kaseorg b945aa3443 python: Use a real parser for email addresses.
Now that we can assume Python 3.6+, we can use the
email.headerregistry module to replace hacky manual email address
parsing.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-07-29 15:47:33 -07:00
Matt Keller 9ce900f2b4 version: Update version after 5.5 release. 2022-07-21 19:30:30 -07:00
Anders Kaseorg 412e90f601 provision: Avoid distutils; keep PROVISION_VERSION as a tuple.
distutils is deprecated in Python 3.10 and will be removed in Python
3.12.  We don’t need a full-powered version parser for this anyway.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-07-20 22:03:30 -07:00
Sahil Batra 093a74bd54 models: Remove "role" field from Subscription.
This commit removes "role" field from subscription
objects since we are not moving forward with stream
administrator concept and instead working on new
permssions model as per #19525.
2022-07-13 17:07:44 -07:00
Anders Kaseorg 81892df176 requirements: Upgrade to Django 4.0.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-07-13 16:07:17 -07:00
Alex Vandiver 760420b3bb version: Update version and changelog after 5.4 release. 2022-07-12 06:23:28 +00:00
Anders Kaseorg 3bc1356f39 dependencies: Upgrade JavaScript dependencies.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-07-06 17:23:16 -07:00
Anders Kaseorg e4e51b0eb4 install-shfmt: Upgrade shfmt from 3.5.0 to 3.5.1.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-07-06 17:23:16 -07:00
Anders Kaseorg 463fe515b8 install-yarn: Upgrade Yarn from 1.22.18 to 1.22.19.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-07-06 17:23:16 -07:00
Anders Kaseorg feff1d0411 requirements: Upgrade Python requirements.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-07-05 17:54:17 -07:00
Anders Kaseorg 76f4123f42 mypy: Add types-zxcvbn.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-07-05 15:55:17 -07:00
Anders Kaseorg dc33a0ae67 markdown: Rewrite include plugin without markdown-include.
markdown-include is GPL licensed.

Also, rewrite it as a block processor, so that it works correctly
inside indented blocks.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-06-26 17:36:31 -07:00
Alex Vandiver 9ad74739aa version: Update version and changelog after 5.3 release. 2022-06-21 20:48:24 +00:00
Anders Kaseorg 2e9d5193b4 dependencies: Upgrade JavaScript dependencies.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-06-02 12:03:49 -07:00
Anders Kaseorg 79842fd228 install-shfmt: Upgrade shfmt from 3.4.3 to 3.5.0.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-06-02 12:03:49 -07:00
Anders Kaseorg 61c9740bbd install-yarn: Upgrade Yarn from 1.22.17 to 1.22.18.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-06-02 12:03:49 -07:00
Anders Kaseorg 2007c75061 install-node: Upgrade Node.js from 16.14.1 to 16.15.1.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-06-02 12:03:49 -07:00
Aman Agrawal 59e676b1f5 gear_menu: Allow spectators to select their default language.
Set the default_language as cookie and reload the page so that
the spectator can immediately see the language change in effect.

We can reload the page forcefully for spectators since there is
no chance of any work being lost. It is possible that the spectator
may lose the selected message on doing so.

This requires a new dependency, to be able to set cookies from
frontend JavaScript.

Fixes #21961
2022-06-01 17:08:00 -07:00
Anders Kaseorg 9ee636e920 requirements: Upgrade Python requirements.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-06-01 16:01:54 -07:00
Anders Kaseorg ecb900bd03 requirements: Update zulint with multiline pattern support.
https://github.com/zulip/zulint/pull/28

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-06-01 14:34:58 -07:00
Sahil Batra ce34b585a5 streams: Add endpoint "GET /streams/{stream_id}" to get stream by id.
Fixes #22082.
2022-05-23 15:14:04 -07:00
Sahil Batra 1c0ece73f2 version: Update API_FEATURE_LEVEL.
This was missed in the original commit dfd7902c7.
2022-05-23 15:08:07 -07:00
Somesh Ranjan 0b1f8c05e3 org_settings: Add backend support to change bot role.
This commit attempts to add the backend support by extending the
/json/bots/{bot_id}/ url support to accept the role field as a
parameter. This was previously already possible via
`/json/users/{user_id}`, so this change just simplifies client
implementation.
2022-05-10 14:09:57 -07:00
Alex Vandiver a45f92edb5 requirements: Add boto3-stubs for more AWS libraries. 2022-05-06 17:49:00 -07:00
Lauryn Menard 44c9b788f9 settings: Add realm setting for Zulip communities directory.
Adds `want_advertise_in_communities_directory` to the realm model
to track organizations that give permission to be listed on such
a site / directory on zulip.com.

Adds a checkbox to the organization profile admin for
organizations to give permission to be advertised in the
Zulip communities directory.

Adds a help center article about the Zulip communities directory
and uses a shared intro documentation file to create sections in
the articles on creating an organization profile and moderating
open organizations.

Co-authored-by: Alya Abbott <alya@zulip.com>
2022-05-04 11:13:28 -07:00
Anders Kaseorg 1ac8673989 dependencies: Upgrade JavaScript dependencies.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-05-04 09:56:07 -07:00
Alex Vandiver 625ff57450 version: Update version and changelog after 5.2 release. 2022-05-03 18:00:01 -07:00
Anders Kaseorg f29553d809 requirements: Upgrade Python requirements.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-05-03 10:10:06 -07:00
Anders Kaseorg 7acb642fa5 requirements: Upgrade to Tornado 6.
Fixes #8913.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-05-02 17:41:49 -07:00
Anders Kaseorg 52b9c59875 requirements: Upgrade asgiref.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-05-02 17:41:49 -07:00
Anders Kaseorg a543dcc8e3 Remove Debian 10 support.
As a consequence:

• Bump minimum supported Python version to 3.8.
• Move Vagrant environment to Ubuntu 20.04, which has Python 3.8.
• Move CI frontend tests to Ubuntu 20.04.
• Move production build test to Ubuntu 20.04.
• Move 3.4 upgrade test to Ubuntu 20.04.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-04-26 16:32:02 -07:00
Lauryn Menard d2207d4ad5 backend: Add `org_type` to realm settings updates and events.
`org_type` already exists as a field in the Realm model and is
used when organizations are created / updated in Zulip Cloud,
via the `/analytics/support` view.

Extends the `PATCH /realm` view to be able update `org_type` as
other realm / organization settings are updated, but using the
special log / action that was created for the analytics view.

Adds a field to the `realm op: update` / `realm op: update_dict`
events, which also means an event is now sent when and if the
`org_type` is updated via the analytics view. This is similar
to how updates to an organization's `plan_type` trigger events.

Adds `realm_org_type` as a realm setting fetched from the
`POST /register` endpoint.
2022-04-26 16:29:12 -07:00
Sahil Batra 37793434f7 user_groups: Add API endpoint to get subgroups of a user group. 2022-04-25 10:24:03 -07:00
Sahil Batra 61365fbe21 invites: Use expiration time in minutes instead of days.
This commit changes the invite API to accept invitation
expiration time in minutes since we are going to add a
custom option in further commits which would allow a user
to set expiration time in minutes, hours and weeks as well.
2022-04-20 13:31:37 -07:00
Raghav Luthra 22a5d008c1 user_settings: Add a setting to display names of users who reacted.
Added a setting to the bottom of Settings > Display settings > Theme section
to display the reacting users on a message when numnber of reactions are
small.

This is a preparatory commit for #20980.
2022-04-19 17:30:16 -07:00
Tim Abbott 2ad60b0cda version: Update link to blog post for 5.0 release. 2022-04-04 11:58:10 -07:00
Alex Vandiver 104e11c4fd version: Update version and changelog after 5.1 release. 2022-04-01 23:17:11 -07:00
Tim Abbott 12e8f0f5ea version: Update version following 5.0 release. 2022-03-29 08:36:41 -07:00
Tim Abbott d308c694ba Release Zulip Server 5.0. 2022-03-29 08:13:34 -07:00
Anders Kaseorg 548dd5a402 requirements: Upgrade Python requirements.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-03-24 19:16:52 -07:00
Anders Kaseorg b0217d0ec6 password_quality: Switch zxcvbn to zxcvbn-ts.
zxcvbn has had no releases since 2017.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-03-17 15:24:46 -07:00
Anders Kaseorg 7aa03e9d2a dependencies: Upgrade JavaScript dependencies.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-03-17 15:24:46 -07:00
Anders Kaseorg 7d4b02738d install-node: Upgrade Node.js from 16.14.0 to 16.14.1.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-03-17 15:24:46 -07:00
Anders Kaseorg 4b712b49ef eslint: Enable eslint-plugin-no-jquery.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-03-16 12:52:07 -07:00
Anders Kaseorg f21842e920 requirements: Upgrade Python requirements.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-03-16 10:43:23 -07:00
Suyash Vardhan Mathur 20a97bdb05 events: Add functionality to mark messages as unread.
Co-authored-by: Steve Howell <showell@zulip.com>
Co-authored-by: Tim Abbott <tabbott@zulip.com>

This commit adds the backend functionality to
mark messages as unread through update_message_flags
with `unread` flag and `remove` operation.

We also manage incoming events in the webapp.

Tweaked by tabbott to simplify the implementation and add an API
feature level update to the documentation.

This commit was originally drafted by showell, and showell
also finalized the changes.  Many thanks to Suyash here for
the main work here, which was to get all the tests and
documentation work moving forward.
2022-03-15 18:00:35 -07:00
Alex Vandiver f77204be14 version: Update version and changelog after 4.11 release. 2022-03-15 14:24:53 -07:00
Aman Agrawal 82837304ec api: Send full message in GET /messages/{message_id} response.
Previously, this URL just returned the `raw_content` field. It seems
cleanest to just make it a single-message variant of GET /messages,
deprecating the only format.
2022-03-11 10:25:22 -08:00
Steve Howell 8e05a9fcf7 unread: Replace sender_id with other_user_id.
Note that we still send sender_id for legacy mobile
clients.
2022-03-10 13:33:21 -08:00
Lauryn Menard 072051f81e api: Add additional fields to `edit_history` entries.
Since we've changed the database to contain these new fields, we just
need to stop dropping them in the API code.

This also changes the public API to match the database format again
by removing `prev_subject` from edit history API.

Adds an API changelog feature update for the renamed `prev_subject`
field (to `prev_topic`) and new fields (`topic` and `stream`)
in the message `edit_history`.

Also, documents said `edit_history` in the `MessagesBase` schema
in the api documentation, which is used by the `/get-messages`,
`/get-events` and `/zulip-outgoing-webhooks` endpoints.

Fixes #21076.

Co-authored-by: Lauryn Menard <lauryn.menard@gmail.com>
2022-03-04 10:25:48 -08:00
Anders Kaseorg bdcd9da7e9 dependencies: Upgrade JavaScript dependencies.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-03-01 23:09:46 -08:00
Anders Kaseorg bff2741499 install-shfmt: Upgrade shfmt from 3.4.2 to 3.4.3.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-03-01 23:09:46 -08:00
Anders Kaseorg 60e943b92e install-node: Upgrade Node.js from 16.13.2 to 16.14.0.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-03-01 23:09:46 -08:00
Anders Kaseorg 75c182cb2a requirements: Upgrade MyST-Parser.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-02-28 16:28:31 -08:00
Alex Vandiver 2e435d2e9a version: Update version and changelog after 4.10 release. 2022-02-25 14:10:20 -08:00
Sahil Batra 392b17da5f invite: Add backend support for "Never expires" option.
The database value for expiry_date is None for the invite
that will never expire and the clients send -1 as value
in the API similar to the message retention setting.

Also, when passing invite_expire_in_days as an argument
in various functions, invite_expire_in_days is passed as
-1 for "Never expires" option since invite_expire_in_days
is an optional argument in some functions and thus we cannot
pass "None" value.
2022-02-24 16:32:19 -08:00
Austin Riba 7d3bbe03ac lightbox: Swap panzoom library to anvaka/panzoom.
This PR changes the library used for panning and zooming in the lightbox
module from timmywil/panzoom to avanka/panzoom.

The original (timmywil) version of the library contains a bug where if
you have a high resolution touchpad and Firefox and you zoom in and out
repeatedly on an image, the image may drift. avanka/panzoom does not
appear to display this behavior.

Restores the behaviour from before 5f83bc5cfe, where clicking
outside the image closes the lightbox, primarily by way of swapping
out the panzoom library.

Fixes: #21163.
2022-02-23 12:12:04 -08:00
evykassirer 8c3ff92964 populate_db: Add timezones for some test users.
After failing to notice a place where we wanted to hide timezone
information, we decided to add timezones to some of the test
users, so that we can better consider the effects of timezones
when manually testing.

Testing:

* ran populate_db and confirmed users had timezones in the UI
* updated test_populate_db.py
2022-02-22 11:14:58 -08:00
Lauryn Menard 8e1f62af89 api: Include realm_web_public_access_enabled in get-server-settings.
Adds `realm_web_public_access_enabled` as a realm-specific server
setting potentially returned by the `/get-server-settings` endpoint
so that clients that support browsing of web-public stream content
without an account can generate a login page that supports that
type of access.
2022-02-22 10:11:11 -08:00
Anders Kaseorg 4d858b874e python: Upgrade Python requirements.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-02-18 18:03:13 -08:00
Anders Kaseorg 1629d6bfb3 python: Reformat with Black 22 (stable).
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-02-18 18:03:13 -08:00
Anders Kaseorg 961633fcec timezone: List only canonical timezone identifiers.
For aliases that will no longer be listed, see the third column of

grep '^L ' zulip-py3-venv/lib/python3.*/site-packages/pytz/zoneinfo/tzdata.zi

Time zones previously set to an alias will be canonicalized on demand.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-02-11 17:38:57 -08:00
Mateusz Mandera a1fa2a8cf5 scim: Upgrade to django-scim2 0.17.1.
The new release adds the commit:
20ac22b96d

Which allows us to get rid of the entire ugly override that was needed
to do this commit's job in our code. What we do here in this commit:
* Use django-scim2 0.17.1
* Revert the relevant parts of f5a65846a8
* Adjust the expected error message in test_exception_details_not_revealed_to_client
  since the message thrown by django-scim2 in this release is slightly
  different.

We do not have to add anything to set EXPOSE_SCIM_EXCEPTIONS, since
django-scim2 uses False as the default, which is what we want - and we
have the aforementioned test verifying that indeed information doesn't
get revealed to the SCIM client.
2022-02-04 15:43:45 -08:00
Austin Riba 5f83bc5cfe lightbox: Replace lightbox_canvas with PanZoom library.
This PR changes how the Pan & Zoom feature of images displayed in the
attachment lightbox are handled.

The existing method of using a canvas element is replaced by the Panzoom
library (timmywil/panzoom). This library is lightweight and has 0
transitive dependencies.

This fixes #20759 where the issue is that the viewport of a zoomed image
was not expanding to fill the available space on the page. Switching to
this new library also solves several other UX issues:

    * Images are no longer blurred when in Pan & Zoom mode.
    * The zoom behavior itself uses focal point zooming: zooming occurs
      where the cursor is on the image instead of at the center of the
      image, reducing the need for extra panning.
    * CSS transitions are used for a more visually pleasing experience
      when switching images, toggling zoom off, etc.
    * The library has the potential to open other file types which
      leaves that option open for us in the future.
2022-02-04 14:58:36 -08:00
Mateusz Mandera c0f7158378 push_notifications: Include stream_id in the notification data.
Closes #18067.
Previous only the stream name was sent, which is an unstable stream
identifier.
2022-01-29 17:37:48 -08:00
Lauryn Menard aaa627229e api: Update `update_message` event required fields.
Makes `edit_timestamp` and `user_id` required fields for all
`update_message` events.

Adds `rendering_only` as another required field to signal if
events are only updating the rendered content of the message,
which is currently the case for adding inline url previews.

Updates `test_event.py` so that `do_update_message` and
`do_update_embedded_data` refer to the same testing schema
for `update_message` events, and therefore reflect the same
required fields for the `update_message` event.

The OpenAPI definition for `update_message` events is also
updated to reflect the required field and descriptions of
various properties are updated for the addition of the
`rendering_only` property.
2022-01-26 13:11:26 -08:00
Anders Kaseorg 0cc4b180b7 requirements: Downgrade libcst.
The new version is a native extension and is missing binary wheels for
64-bit ARM.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-01-25 19:43:03 -08:00
Alex Vandiver 7ec2a2cde7 version: Update version and changelog after 4.9 release. 2022-01-24 18:46:46 -08:00
Anders Kaseorg 48024097c4 install-shfmt: Upgrade shfmt from 3.4.1 to 3.4.2.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-01-24 15:55:38 -08:00
Anders Kaseorg 21548ff7c0 install-node: Upgrade Node.js from 16.13.1 to 16.13.2.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-01-24 15:55:38 -08:00
Anders Kaseorg a9dea6ee2d dependencies: Upgrade JavaScript dependencies.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-01-24 15:55:38 -08:00
Anders Kaseorg 4922632601 mypy: Add types-beautifulsoup4.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-01-23 23:39:40 -08:00
Anders Kaseorg 8d9fe9cfb0 mypy: Add types-stripe.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-01-23 22:47:30 -08:00
Anders Kaseorg 2612f57d51 requirements: Upgrade Python requirements.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-01-23 22:14:17 -08:00
Anders Kaseorg a58a71ef43 Remove Ubuntu 18.04 support.
As a consequence:

• Bump minimum supported Python version to 3.7.
• Move Vagrant environment to Debian 10, which has Python 3.7.
• Move CI frontend tests to Debian 10.
• Move production build test to Debian 10.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-01-21 17:26:14 -08:00
Joe Eli McIlvain 2004f94082 requirements: Update pygments to 2.11.1.
Updating from pygments 2.10.x to 2.11.x brings new lexers,
including the new Savi lexer which is needed by the Savi community
in our Zulip chat at https://savi.zulipchat.com/.
2022-01-05 14:49:51 -08:00
Steve Howell c04a8097f3 mypy: Add EmojiInfo type.
We now serialize still_url as None for non-animated emojis,
instead of omitting the field. The webapp does proper checks
for falsiness here.  The mobile app does not yet use the field
(to my knowledge).

We bump the API version here. More discussion here:

https://chat.zulip.org/#narrow/stream/378-api-design/topic/still_url/near/1302573
2021-12-30 11:28:14 -08:00
Anders Kaseorg 80e4d5436d requirements: Upgrade Python requirements.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-12-29 16:48:47 -08:00
Anders Kaseorg bc69f213a0 requirements: Upgrade Python requirements.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-12-28 09:31:55 -08:00
Lauryn Menard 3b72da8a7c api: Include `stream_id` field for all edits to stream messages.
Updates the `update_message` event type to always include a `stream_id`
field when the message being edited is a stream message. This change
aligns with the current definition of the `\get-events` endpoint
in the OpenAPI documentation.
2021-12-16 11:01:31 -08:00
Aman Agrawal 7fc191d816 yarn: Add package which allows creating css mixins. 2021-12-09 18:15:18 -08:00
Anders Kaseorg c5a8894dfb install-shfmt: Upgrade shfmt from 3.4.0 to 3.4.1.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-12-03 14:33:53 -08:00
Anders Kaseorg befb56f905 install-shellcheck: Upgrade ShellCheck from 0.7.2 to 0.8.0.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-12-03 14:33:53 -08:00
Anders Kaseorg 2e5af073b7 install-node: Upgrade Node.js from 16.13.0 to 16.13.1.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-12-03 14:33:53 -08:00
Anders Kaseorg 381b6577a8 dependencies: Upgrade JavaScript dependencies.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-12-03 14:33:53 -08:00
Anders Kaseorg 5344e86c57 requirements: Upgrade Python requirements.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-12-02 08:16:20 -08:00
Alex Vandiver 54d037f24a version: Update version and changelog after 4.8 release. 2021-12-01 23:42:11 +00:00
Anders Kaseorg 513848a9d2 requirements: Install Gitlint from PyPI again.
In https://github.com/jorisroovers/gitlint/pull/246 I split the
gitlint package into gitlint and gitlint-core, where the latter avoids
pinning exact versions of its requirements so we can use it again.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-11-29 13:35:58 -08:00
Lauryn Menard 7713b371a5 api: Migrate `/update-subscription-settings` response value.
Migrates the `/update-subscription-settings` api endpoint to the
`ignored_parameters_unsupported` model, which is also currently used
by `/update-settings` and `update-realm-user-settings-defaults`.

This change is a step towards preparing for an eventual migration to
have all endpoints return an `ignored_parameters_unsupported` block.

Previously the `/update-subscription-settings` endpoint returned a
copy of the data object sent in the request.

Fixes #15307.
2021-11-26 22:25:53 -08:00
Sahil Batra 2c1a87166c register: Pass settings.WEB_PUBLIC_STREAMS_ENABLED to clients.
This commit adds 'server_web_public_streams_enabled' field to
the register response to pass settings.WEB_PUBLIC_STREAMS_ENABLED
to clients.
2021-11-23 10:48:20 -08:00
Aman Agrawal 2a922409aa realm: Add option to enable/disable spectator login.
We restrict access of messages from web public streams if
anonymous login is disabled via `enable_spectator_access`.

Display of `Anonymous login` button is now controlled by
the value of `enable_spectator_access`.

Admins can toggle `enable_spectator_access` via org settings in UI.
2021-11-18 12:55:12 -08:00
Mateusz Mandera 0abbb87155 auth: Include user_id in the params returned at the end of mobile flow.
The user id is a very useful piece of information that the mobile
client should have access to - instead of only getting the email. This
makes it much simpler to impleent clients that might be robust to
changes in email address.
2021-11-16 12:12:59 -08:00
Alex Vandiver 49ad188449 rate_limit: Add a flag to lump all TOR exit node IPs together.
TOR users are legitimate users of the system; however, that system can
also be used for abuse -- specifically, by evading IP-based
rate-limiting.

For the purposes of IP-based rate-limiting, add a
RATE_LIMIT_TOR_TOGETHER flag, defaulting to false, which lumps all
requests from TOR exit nodes into the same bucket.  This may allow a
TOR user to deny other TOR users access to the find-my-account and
new-realm endpoints, but this is a low cost for cutting off a
significant potential abuse vector.

If enabled, the list of TOR exit nodes is fetched from their public
endpoint once per hour, via a cron job, and cached on disk.  Django
processes load this data from disk, and cache it in memcached.
Requests are spared from the burden of checking disk on failure via a
circuitbreaker, which trips of there are two failures in a row, and
only begins trying again after 10 minutes.
2021-11-16 11:42:00 -08:00
Aman Agrawal 6ce4561004 package: Upgrade tippy to fix false warnings.
This was an error from tippy which showed false warnings
on importing `delegate`.

See https://github.com/atomiks/tippyjs/pull/1006 for more
details.
2021-11-10 08:57:22 -08:00
Anders Kaseorg a3445dac95 install-shfmt: Upgrade shfmt from 3.3.1 to 3.4.0.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-11-05 17:34:13 -07:00
Anders Kaseorg 8df6eccd42 dependencies: Upgrade JavaScript dependencies.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-11-05 17:34:13 -07:00
Anders Kaseorg f2a443a736 install-node: Upgrade Node.js from 14.18.1 to 16.13.0.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-11-05 17:34:13 -07:00
Anders Kaseorg 069d6ced69 requirements: Upgrade Python requirements.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-11-02 16:30:42 -07:00
Eeshan Garg fd0ce28029 requirements: Ensure that importlib-metadata installs on > py3.8.
In #20012, it was discovered that since our `zulip_bots` package
requires `importlib-metadata >= 3.6; python_version < "3.10"`
whereas the server requires
`importlib-metadata==4.8.1 ; python_version < "3.8". This results
in `importlib-metadata` not being installed on Python 3.8 and
Python 3.9. This commit resolves that discrepancy.

Thanks to Anders Kaseorg (@andersk) for reporting this bug!
2021-11-02 16:02:22 -07:00
Lauryn Menard 73710e1cf0 user_settings: Add option to disable escape key navigation to default view.
Add `escape_navigates_to_default_view` as a bool setting in
UserBaseSettings model and implement it as a checkbox that toggles
the hotkey implementation of escape to the default view in the
advanced user display settings.

With /help/ documentation edits from Alya Abbott.

Fixes #20043.
2021-10-29 18:15:30 -07:00
Anders Kaseorg 8b2db48da5 dependencies: Downgrade webpack to avoid caching bug.
https://github.com/webpack/webpack/issues/14514

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-10-29 16:31:02 -07:00
rht a3a71487b0 CI: Add Codespell linter.
This tool helps catch common typos in code and documentation, which is
particularly useful for our many contributors who are not native
English speakers.

The config is based on the codespell that I ran in
https://github.com/zulip/zulip/pull/18535.
2021-10-27 16:49:30 -07:00
Ganesh Pawar 1e8bfa710e dialog_widget: Migrate modal to Micromodal.
Also removed the `danger_submit_button` config option
from the dialog_widget since it isn't needed in the new modals.
2021-10-26 18:20:17 -07:00
Eeshan Garg 0485aece4e pypi: Upgrade python-zulip-api packages to version 0.8.1. 2021-10-20 10:25:19 -07:00
Gaurav Pandey 1c1a1e2cad api: Remove encoding of string in update_user endpoint.
* Remove unnecessary json_validator for full_name parameter.
* Update frontend to pass the right parameter.
* Update documentation and note the change.

Fixes #18409.
2021-10-18 19:03:43 -07:00
Tim Abbott 37d977f8f1 dependencies: Upgrade python-zulip-api. 2021-10-18 19:03:43 -07:00
Anders Kaseorg 2bb4410698 dependencies: Upgrade JavaScript dependencies.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-10-17 07:15:09 -07:00
Anders Kaseorg 291087d70c install-yarn: Upgrade Yarn from 1.22.11 to 1.22.17.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-10-17 07:15:09 -07:00
Anders Kaseorg 7df96b78c6 install-node: Upgrade Node.js from 14.17.6 to 14.18.1.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-10-17 07:15:09 -07:00
Anders Kaseorg 79681135cb requirements: Upgrade Python requirements.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-10-16 12:25:43 -07:00
Mateusz Mandera 73a6f2a1a7 auth: Add support for using SCIM for account management. 2021-10-14 12:29:10 -07:00
Sahil Batra 44499fe22c dependencies: Add django-cte dependency.
This commit adds django-cte as dependency
which will be used for querying recursive
group membership.

Extracted this commit from #19866.

Co-authored-by: Anders Kaseorg <anders@zulip.com>
2021-10-12 13:57:20 -07:00
Dinesh 6d2b8f5ca9 user_settings: Add settings to configure sending typing notifications.
Note: These are not functional in enabling/disabling sending of
typing notifications with this commit.

Refactored the privacy settings update to keep the code less
duplicated along with making the addition of new settings easier.
2021-10-07 17:39:21 -07:00
Eeshan Garg 29b354346b update_realm: Allow demo orgs to be converted to regular orgs.
This commit adds support to the `PATCH /realm` endpoint for
converting a demo organization to a regular organization.

This is a part of #19523.
2021-10-07 14:43:03 -07:00
Sahil Batra ab0d852fd5 register: Add can_create_web_public_streams to register response. 2021-10-05 10:10:32 -07:00
Alex Vandiver 3922b171a8 version: Update version and changelog after 4.7 release. 2021-10-04 21:52:52 +00:00
Alex Vandiver 9f2df658f0 requirements: Add google-re2, a drop-in replacement for re using re2.
re2[1] compiles (strictly) regular expressions to deterministic finite
automata, which guarantees linear-time behavior; `google-re2` is a
drop-in replacement for the `re` module which uses re2 under the hood.

[1]: https://github.com/google/re2/
2021-10-04 16:59:54 +00:00
Ganesh Pawar fa928d5cd1 streams: Split setting for stream creation policy.
Users wanted a feature where they could specify
which users can create public streams and which users can
create private streams.

This splits stream creation code into two parts,
public and private stream creation.

Fixes #17009.
2021-10-01 10:26:42 -07:00
sahil839 909a3cde76 realm: Replace allow_message_deleting with delete_own_message_policy.
This commit replaces 'allow_message_deleting' boolean setting
with an integer setting 'delete_own_message_policy'. We have a
separate dropdown now for deciding which user-roles can delete
messages sent by themselves and the time-limit setting droddown
is different.

This new setting has two options - everyone and admins only. Other
options including moderators will be added further.

We also remove the "Never" option from the original time-limit
dropdown, as admins are always allowed to delete message. This
never option resembled the case of only admins being allowed to
delete but this state is now resembled by setting the dropdown
to "admins only" and we also disable the time-limit dropdown in
this case as admins are allowed to delete irrespective of limit.

Note, this setting is only for deleting messages sent by the
deleting user themselves, and only admins are allowed to delete
messages sent by others as before.
2021-09-30 14:59:31 -07:00
sahil839 b13bfa09c5 message: Make zero invalid value for message_content_delete_limit_seconds.
We make zero invalid value for message_content_delete_limit_seconds and
for handling the case of "Allow to delete message any time", the API-level
value of message_content_delete_limit_seconds is "anytime" and "None"
as the DB-level value. We also use these values for message retention
setting, so it helps maintain consistency.
2021-09-30 14:45:39 -07:00
Tim Abbott 10c47b5d6c version: Update version and changelog after 4.6 release. 2021-09-23 16:19:57 -07:00
Sahil Batra c233ee9935 settings: Migrate twenty_four_hour_time setting to RealmUserDefault.
This commit removes the existing default_twenty_four_hour_time field in
Realm table which was used to set the twenty_four_hour_time setting of
new user on joining and instead we now use the twenty_four_hour_time
field of RealmUserDefault table for the same.

With some tweaks by tabbott to clarify the documentation.
2021-09-23 10:44:42 -07:00
Eeshan Garg 4118c4a56b find_team: Send one email per email address, not per organization.
With changes to the copy for these emails by tabbott.

Fixes #19659.
2021-09-21 15:56:50 -07:00
Aman Agrawal 6a78112940 subscribe: Allow web public stream creation via the API.
User can now create web public stream via the /subscribe API.
So, when a web public stream present in the API request does not
exist, it will be created now by specifying the is_web_public
parameter. The parameter would have been ignored without this
commit.
2021-09-21 11:20:36 -07:00
Anders Kaseorg 6a1a665f11 requirements: Upgrade Python requirements.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-09-17 17:05:18 -07:00
Anders Kaseorg 5ab90c541c requirements: Install gitlint from its Debian package.
gitlint has a bunch of pinned requirements that hold back important
upgrades and conflict with other packages’ requirements.  The gitlint
author has rejected proposals to unpin them because it might increase
the amount of maintenance he needs to do
(https://github.com/jorisroovers/gitlint/pull/133).  That decision is
his to make, but _somebody_ needs to do the maintenance, so we
delegate it to Debian and Ubuntu.  If that means using a significantly
older version of gitlint, that’s a tradeoff we need to make to keep
the rest of our requirements current.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-09-17 17:05:18 -07:00
Anders Kaseorg 79b88b79bb webpack: Upgrade to Webpack 5.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-09-14 17:02:03 -07:00
Rohitt Vashishtha ddcea9c64b postcss: Cleanly import flatpickr dark theme.
We add postcss-import for night_mode.css only. This plugin inlines
the imports of external files, instead of letting the file go via
our usual webpack toolchain.

We do this so that we can use the postcss-prefixwrap plugin to scope
the third-party CSS properly and use it inside our night-mode class.

Fixes #10607.

[anders@zulip.com: Replace postcss-wrap with postcss-prefixwrap.]

Co-authored-by: Anders Kaseorg <anders@zulip.com>
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-09-13 17:12:49 -07:00
Anders Kaseorg 9bed17e0ab install-node: Upgrade Node.js from 14.17.5 to 14.17.6.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-09-13 10:12:43 -07:00
Anders Kaseorg dadacc38a8 dependencies: Upgrade JavaScript dependencies.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-09-13 10:12:43 -07:00
Anders Kaseorg 04075201a0 dependencies: Upgrade webpack-dev-server to 4.2.0.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-09-13 10:12:43 -07:00
Riken Shah 8c31e6f96e emoji: Add backend changes to support still image for animated emojis.
Now, when we add a custom animated emoji to the realm
we also save a still image of it (1st frame of the gif). So
we can avoid showing an animated emoji every time.
2021-09-12 07:13:04 +00:00
Anders Kaseorg b7b4c033a5 check-openapi: Use yaml library for better error messages.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-09-10 10:39:25 -07:00
Sahil Batra 693d58265e realm: Add 'PATCH /realm/user_settings_defaults' endpoint.
The realm-level default value of settngs for new users will
be updated using this endpoint.
2021-09-09 10:55:18 -07:00
Sahil Batra 17087cf06f actions: Add do_set_realm_user_default_setting.
This commit adds do_set_realm_user_default_setting which
will be used to change the realm-level defaults of settings
for new users.

We also add a new event type "realm_user_settings_defaults"
for these settings and a "realm_user_settings_default" object
in '/register' response containing all the realm-level default
settings.
2021-09-09 10:38:38 -07:00
Eeshan Garg f0ea002d94 events: Add demo_organization_scheduled_deletion_date to /register.
This commit adds `demo_organization_scheduled_deletion_date` to
the `realm` section of the `/register` response so that it is
available to clients when enabled.

This is a part of #19523.
2021-09-07 17:40:33 -07:00
Aman Agrawal 1347ee98ee compose: Extract function to format text in compose_ui.
Along with the extraction, we do some simplifications of inserting
text in compose too. This same function can now be used in
compose formatting popover too.

We use "text-field-edit", which has good cross-browser `undo` /
`redo` support, to do the text replace for us instead of writing
that logic ourselves.
2021-09-07 14:57:17 -07:00
Anders Kaseorg 817146c28b python: Upgrade SQLAlchemy from 1.3.24 to 1.4.23.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-08-31 06:47:39 -07:00
Mateusz Mandera 78297efefd ldap: Use a workaround instead of forking django-auth-ldap.
Till now, we've been forking django-auth-ldap at
https://github.com/zulip/django-auth-ldap to put the
LDAPReverseEmailSearch feature in it, hoping to get it merged
upstream in https://github.com/django-auth-ldap/django-auth-ldap/pull/150

The efforts to get it merged have stalled for now however and we don't
want to be on the fork forever, so this commit puts the email search
feature as a clumsy workaround inside our codebase and switches to using
the latest upstream release instead of the fork.
2021-08-28 23:11:09 -07:00
Alex Vandiver 710a92f48c tools: Add a tool to upload release tarballs to S3. 2021-08-26 17:21:31 -07:00
Anders Kaseorg 019bd848ca requirements: Upgrade Python requirements.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-08-24 07:51:48 -07:00
Anders Kaseorg cea9fe5f13 dependencies: Upgrade JavaScript dependencies.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-08-23 14:30:02 -07:00
Anders Kaseorg ad480a8b54 install-shfmt: Upgrade shfmt from 3.3.0 to 3.3.1.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-08-23 12:34:05 -07:00