Template was rendering undefined value of `bot_id` instead of
`user_id`.
Fix this by replacing `bot_id` with `user_id` and changing
template data variable to `data-user-id` to avoid
future confusion.
This makes a few important cleanup changes:
* Using the more standard data-field-id name for the ID value.
* Using $(e.target).closest() rather than `.parent`, which is more
robust to future changes in markup.
We only use this data in a rarely-used settings screen, and it can be
large after years of posting screenshots.
So optimize the performance of / by just loading these data when we
actually visit the page.
This saves about 300ms of runtime for loading the home view for my
user account on chat.zulip.org.
This fixes some minor glitches with buttons:
* Movement of the organization-settings-parent block on the
appearance of widgets.
* Large and odd look of save button.
* Use of fadeIn and fadeOut rather than changing opacity as
opacity don't actually remove them.
When we populate the buddy list or update it for activity, we now
have buddy_data set a faded flag that is rendered in the template.
This avoids some re-rendering overhead and is on the eventual path
to having our widget be more data-oriented (and all rendering happens
"behind" the widget).
We still do direct DOM updates when the compose state changes or
when we get peer subscription events.
Add realm setting to set time limit for message deleitng.
Set default value of message_content_delete_limit_seconds
to 600 seconds(10 min).
Thanks to Shubham Dhama for rebasing and reworking this. Some final
edits also done by Tim Abbott.
Fixes#7344.
Some labels like one for `translate_emoticons` which contains HTML
get escaped because of use of `{{ label }}` syntax, which escapes
the string for XSS security purpose but since labels aren't any
threat to any such security cases, we can use triple curly brackets
`{{{ label }}}` syntax.
Fixes: #9231.
This coverts the "checkbox" for `realm_allow_message_editing` and
"input" for `realm_message_content_edit_limit_seconds` into a
dropdown with the option for custom time limit option.
Following templates are affected: display-settings.handlebars and
ui-settings.handlebars.
There will be no UI change, it is just to make code more readable.
In 7b8da9b we have introduced some other checkmark icons
which aren't necessary as old icons still make sense there.
So removing them as they don't add any extra value.
Fixes: #8995.
Removed the top margin of input-group css
to prevent the double margins. Also fixed the
default-language positioning, and maintained
margin consistency in organization settings.
Fixes#8890.
`@everone` and `@all` will have a megaphone icon from FontAwesome in
place of the avatar.
Also, fix the `composebox_typeahead` tests to account for the images.
Fix#6635.
We make some specific cases of tags use 2 space indents.
The case description:
* A tag with opening tag spread over multiple lines and closing tag
on the same line as of the closing angle bracket of the opening tag.
* A tag with opening tag spread over multiple lines and closing tag
not on the same line as of the closing angle bracket of the opening
tag.
Example:
Case 1:
Not linted:
<button type="button"
class="btn btn-primary btn-small">{{t "Yes" }}</button>
After linting:
<button type="button"
class="btn btn-primary btn-small">{{t "Yes" }}</button>
Case 2:
Before linting:
<div class = "foo"
id = "bar"
role = "whatever">
{{ bla }}
</div>
After linting:
<div class = "foo"
id = "bar"
role = "whatever">
{{ bla }}
</div>
This reverts loader indicator from the new fontawesome
`icon-button-loading` to previous SVG one, this change is only reflected
to those loaders which use `loader.handlebars` template for
loading indication(because there are some indicators like "Save changes"
in org settings which don't use loader.handlebars).
This main problem with this indicator is that it is bit
inconsistent with other places where we use `loader.handlebars` like
loading Zulip icon which appears while fetching old messages.
Introduced a new checkmark icon in the settings page
from entypo ( www.entypo.com ) to make icons more
consistent between user and organization settings.
This commit changes the way the save and discard buttons on the
organization profile, settings and permissions tabs look and fades
them out after a delay. It also cleans up the code a bit in the
settings_org.js file. It introduces changes to the css in
settings.css as well as the template for save-discard buttons.
It also fixes a bug on the user settings whereby if an option
that requires reload is clicked before clicking an option that does
not require reload, the reload message is erased. This could create
an issue where the user is not aware that a reload is required.
The loader is also changed to using fa-icon as loading spinner on
user settings and the colors are tweaked a little bit.
(It is a preliminary change for deduplication of org settings template.)
This is done because of some settings like organization-settings
has ids which match the pattern of having a prefix `id_`
before the property name.
For those settings which don't have any prefix, there will be no
effect.
Here obsolete `t` in the label is removed since we do
label translations in JS files.
This splits "Language and notifications" section into "Default user
settings" and "Notifications".
With this, we can easily add other default user settings in the
same place.
Now that we have support for displaying custom profile fields, this
adds administrator-level support for creating them.
Tweaked by tabbott to fix a few small bugs and clean up the commit message.
Fixes#1760.
This wraps each subsection in notification settings in a parent div.
This is done just to make the code more readable and clean.
There will be no UI change.
With this we have the same way to save changes done in org profile
subsection, i.e. show "Save" button beside header of subsection,
add "Discard changes" button for org profile subsection and
show "Save" and "Discard" button only when needed.
Also, there is so much code which become obsolete which is removed
in this commit.
We only have one possible email hint, so there's no reason
to create one for each stream row, especially since we don't
clean them out when we close stream settings.
Also, we remove unnecessary tips regarding modification settings.
Remove 'Only organization administrators can edit these settings'.
Remove 'Anyone in this organization can add user groups'.
Before this commit when we press enter in the text-input field the
first subsection get saved because a click event is triggered for
the first save button (of first subsection) irrespective of the
location of text input field in the whole form which is expected
as a default behavior of the forms.
The simple fix is to make the button of type "button" and override
action of "enter" in an input field.
More info at https://stackoverflow.com/a/12914700/7418550 and
https://stackoverflow.com/a/7060762/7418550
This makes each subsection of org-permissions independent from the
perspective of saving changes.
All the behavior we have for org-settings are also ultimately
reflected here as well like individual "Save" button for each
subsection, "Discard" button for discarding changes done in a
subsection and appearance of this button only when required.
This changes failed status element to use class
`.admin-realm-failed-change-status` rather than id so that we can use
the same code in `save_organization_settings()` in future to refer to
failed-status element of that section.
We restructured template to make org-permissions-template have more
separated subsections and so that we can easily apply event handlers
and selectors to their corresponding subsections (there will
be no change in UI).
(This is similar to 8b54b08)
This will reset the changes done in a subsection to the current ones
in page_params.
It will only appear when there are some user-provided changes to be reset.
With this "Save" button is only shown when there are changes in a
subsection. This means if we changed a setting and reverted it back to
original ones, then, "Save" button will get disappear. Hence, we're shown
"Save" when there are some property changes to send to the server.
This makes each subsection(like "Message feed") independent of changes
done in any other subsection and the save button of each subsection
saves the changes done in that subsection only.
Clicking the cancel button removes all the changes and the user
group returns back to the original state. Saved button is showed
once the changes are saved on blur.
This restructures the organization-settings-admin template into
different subsections. With this, we can easily limit the scope of
event handlers and selectors within their subsection to which
are applied.
There will be no change in UI because of this.
This makes it convenient to mention a stream you're not subscribed to,
which can be useful for communicating about where a topic is
discussed, for example.
Fixes: #5757.
Even if realm admin can access unsubscribed private stream subscribers,
admin can't add subscriber to stream. Hide the option to add subs to
stream in UI.
This will allow realm admins to access subscribers of unsubscribed
private stream. This is a preparatory commit for letting realm admins
remove those users.
This makes the textarea responsive by making the width 100% and
the max-width 500px so that it doesn't get *too* wide.
Please close#8511 when this is merged.
Fixes: #8504.
Previously, stream subscribers were not rendering correctly. Due to
following reasons:
- Subscribers list didn't get initialized
- Subscriber members template add subscriber-list-table DOM element
conditionally, which doesn't handle case if user have access to
subscribers later.
Fix this by cleaning subscriber member template to hide the
elements, instead of conditionally adding DOM elements and
initialize subscribers list even if user can't access subscribers.
If user unsubscribe from private stream, then user can't
access unsubscribed stream members.
After subscription removal, immediately render subscription members
template in case of user can't access stream subscriber.
Only allow realm admins to create stream without subscribing
themselves, restrict non realm admin users.
This new restriction is only for the UI; we don't actually block it at
the backend/API level (one could always create and then remove oneself
anyway).
Restrict users(even realm admins) from creating stream with zero
subscribers only in UI.
In backend, if subscribers are zero, we automatically subscribe
current user to stream.
Add div element to inform user whether stream is successfully
created or not. This will help to inform user in case if current
user is not subscribed to created stream.
For public stream, always show stream preview link.
For private stream, only show stream preview link if user is currently
subscribed or previously subscribed to private stream.
This removes `create-stream-dropdown` class from the template and css
because it is causing irregularity in size of other permissions dropdown
because of `right-margin` and removing it makes all the dropdown
regularly sized.
The former "the-bot-is-being-created" indicator was useless,
since it only edited the value attribute of the "create-bot" button;
that attribute only sets the text of a button when it is initially created.
This commit replaces the old code with a spinning loading indicator,
like the one used for editing bots.
This split notification settings to separate settings for streams,
PM/mention and other notifications settings.
Previously we have to treat them combined, but with this refactor,
we can treat them separately for future changes.
Fixes#8587.
The problem that prompted this PR is that I couldn't select the API
key of a bot in chrome to copy it, but I could on Firefox.
Using the `auto` proerty value to override the `user-select`
property of a parent does not seem to be compatible
with all browsers.
In `recipient-row` template, if conditions to add/hide/show edit
icon for message topic is incorrect.
In some cases, we only want to just hide the edit icon, but icon
should be in DOM, cause in future if organization settings are
changed we want to show edit icon in message row.
If user can edit topic of message, surely add edit icon element to
DOM regardless of user is allowed to edit or not. If user is
allowed to edit then show edit icon otherwise hide edit icon element.
This makes it easier for users to tell how Zulip ended up with an
avatar for them without them uploading one: through the Gravatar
service used across many Wordpress blogs.
Fixes#8225.
In stream deactivation modal, make "stream_name" a template variable,
rather than patching stream name to modal header in javascript.
Add tests for deactivation stream modal.
This replaces the cumbersome system we had for giving users feedback
on settings state changes in the display settings UI.
We expect this new system to be what we will attempt to migrate other
settings widgets to match over the coming weeks and months. It also
provides the opportunity to significant refactor away a lot of the
code duplication in settings_display.js.
Thanks to Brock Whittaker for redoing the styling and improving the
code simplicity.
Fixes#7622.
Add `translate_emoticons` to `prop_types` and `expected_keys`.
Furthermore, create a emoji-translating Markdown inline pattern.
Also use a JavaScript version of `translate_emoticons` and then use
this function during Markdown previews and as a preprocessor. This
is only needed for previews, because usually emoticon translation
happens on the backend after sending.
Add tests for emoticon translation, a settings UI, and a /help/ page
as well.
Tweaked by tabbott to fix various test failurse as well as how this
handles whitespace, requiring emoticons to not have adjacent
characters.
Fixes#1768.
No need to have separate click handler for user_popovers and
message_info_popovers as the same user-id can be extracted similarly
from the target of both the click events.
Another refactor, `sender_info_popover` was confusing as it doesn't
fix into the context of rightbar user popovers so changed it to
`info_popover_actions` since that section of popovers contains popover
actions.
Hotkey reminders in user popovers( i.e. `@` and `R`) should be present
only for sender info popovers, hence for user-mention and user-presence
popovers it will show no such reminders.
Fixes: #8313.
We were using underscore as a delimiter in `emoji_id` in emoji picker
but since `emoji_type` also contains underscores, it seems wrong to
use underscore as a delimiter. This commit switches `emoji_id` to use
comma as a delimiter instead of underscore.
In active user section, while editing user's full name,
if we press enter it reloads the whole page, rather than
submitting the form.
Change button type of user-name-form to submit.
Currently, an error message on active user setting is showing at
the row of edited user profile in user-profiles-list-table.
Instead, show error message on top of setting page.
Tweaked by tabbott to also remove the HTML element.
This adds button under "Organization profile" settings, which
deactivates the organization and sends an "event" to all the
active user and log out them.
Fixes: #8212.
This removes some options when a user clicks on their own profile, and
replaces them with an option to edit their own profile settings.
Front end test adjusted because it was testing an option that does not
appear if a user clicks on their own profile.
Fixes#5075.
This adds a click handler to `.user-group-mention` which works in a
fashion that is quite similar to `.user-mention`. It generates and
displays a popover.
The popover has a list of members, their online status (if they are
not bots) or their bot status if they are bots (it's not clear whether
ultimately bots should be able to be members of usergroups, but I'm
able to add one, so I thought it would be worth supporting).
The popover's `UL` element has max-height and overflow-y atttributes
so large groups will grow a scrollbar.
Fixes#8300.
This reverts commit 8e2d9b8f68.
This adds the arrows back to the recipient bars because even though
it's not our end state, it looks better than the boxy design that we
had in between.
In this commit we add support for some tags which are also called
void-elements according to
http://w3c.github.io/html/syntax.html#void-elements to be parsed by
our template parser and get tagged as singleton_html_tags.
Fixes: #8387.
It catches the `UserProfile.DoesNotExist` exception and
hence prevent internal server error.
Also remove option to select empty bot owner.
Fixes: #8334.
This is done by rewriting JS manipulations of the DOM tree
in the bot-settings.handlebars template. Dead code involving
the affected JS variables is removed.
This is the first step in cleaning up the bot edit code.
Since the bot edit form appears dynamically, we remove
it from the static HTML scaffold, of which settings_sidebar
is a part of.
The last bit of #8059 (merged as b875fe07) didn't get merged, so just adding
it as a followup.
The "Other notification settings" section will also eventually house the
"pick your notification sound" setting, which is why it isn't called "Other
email settings" or similar.
Users having only account in one realm will not be distracted by realm
name in subject lines of every email. Users who have multiple
accounts in realms can turn this setting on and receive a
corresponding realm name in email's subject.
Tweaked by tabbott to rebase and address a few small issues.
Fixes#5489.
In password modal, submit button's data-dismiss property should be
removed, as on data-dismiss we flush all data of form fields,
which results in passing empty string to json request.
We already flush all data of fields after compeletion of request.
This makes this UI widget more consistent with its neighbors.
tabbott: This introduces a bug with how the `full_name_field` HTML is
managed; it should be done via the `server_events.js` handler.
- When password fields are cleared, update password strength bar.
- On data dismiss, clear password fields.
- Exclude forgot-password div from focus.
- On enter key, modal should be submitted not dismissed.
- Change password btn text from "Change password" to "*****"
We'll replace this primarily with per-realm quotas (plus the simple
per-file limit of settings.MAX_FILE_UPLOAD_SIZE, 25 MiB by default).
We do want per-user quotas too, but they'll need some more management
apparatus around them so an admin has a practical way to set them
differently for different users. And the error handling in this
existing code is rather confused. Just clear this feature out
entirely for now; then we'll build the per-realm version more cleanly,
and then we can later add back per-realm quotas modelled after that.
The migration to actually remove the field is in a subsequent commit.
Based in part on work by Vishnu Ks (hackerkid).
This is done by using a bot's ID instead of email in
the handler methods for bot_data.bots and bot_data.services,
and updating all code paths involved.
Previoulsy, we display "0 subscribers" if user can't access stream's
subscribers. Replace subscriber count with lock icon in case of
unsubscribed private stream, in "All stream" list.
Display warning, saying "You can not access private stream subscribers,
in which you aren't subscribed", if user can not access subscribers;
instead of showing zero subscriber to stream.
On the "Organization settings" page, we had two Save buttons
for admins that had identical markup. This was confusing for
people reading the code. Now the two buttons have different
markup and individual, targeted click handlers (albeit still
calling the same function to do most of the work).
The context of this fix is that I was debugging a
Casper flake where our Casper tests were essentially clicking
on the same button twice. Depending on the timing,
the second button click could cause a "No changes saved!"
behavior that confused the Casper test. It is unclear whether
Casper was clicking both buttons here (in which case this fix
is necessary) or the same button twice (in which case this fix
just removes a nasty red herring for debugging).
The code still has the flaw that both buttons basically submit
the same data to the server, despite the appearance on the page
that there are two forms. The best fix for that is probably
just to move the Language/Notifications stuff to another
panel. I wanted to avoid touching this code altogether, but
the minor modifications here were necessary to improve the
Capser testing situation.
This adds UI fields in the bot settings for specifying
configuration values like API keys for a bot. The names
and placeholder values for each bot's config fields are
fetched from the bot's <bot>.conf template file in the
zulip_bots package. This also adds giphy and followup
as embedded bots.
For public stream, always show subscription option.
For private stream, if user is subscribed display unsubscribe option.
If user is not subscribe, do not display subscription option.
Only show edit option for stream name and description if user is admin and
either stream is public or stream is private and admin is subscribed to
private stream.
As per backend restrictions for editing stream name/description.
This commit adds a setting to limit creation of generic bots
to admins for realms that want that restriction. (Generic
bots, apart from being considered spammy on some realms,
have less locked down permissions than webhook bots).
Fixes#7066.
We no longer have a special UI setting and model
field ("emoji_alt_code") for saying users want text-only
emojis. We now instead make "text" be a fifth choice
for "emojiset".
Fixes#7406
We now do all of the main logic for starring/unstarring
a message in `message_flags.toggle_starred`:
* mark the message as read (just in case)
* update the UI (i.e. the green star in the message)
* update the server
The calling code in both the click handler and the hotkey
handler remains simple--they just handle minor details like
finding the message and clearing popovers.
For updating the server, we now call the new
`send_flag_update` helper.
And we continue to delegate some of the logic to
`ui.update_starred`, but we remove some code there that's
now pushed up to `message_flags.toggle_starred`.
This change should be mostly transparent to users, but it
does remove some inconsistent behaviors between the click
handler and the hotkey handler. Before this change, the
click handler was more aggressive about updating the UI
and marking the message as read. For people using the "*"
key to star/unstar, they probably would only have noticed
different behavior on a slow connection or in an edge
case scenario where only half of the message was onscreen.
More importantly, by simplifying how we talk to the server,
this eliminated up to a one-second lag due to the debounce
logic in the batch_updater code. The complicated debounce
logic is only really needed for batch-updating "read"
messages, and it was overkill and sluggish for starring
messages.
Last but not least, we add defensive code for the local
echo case. (Users have to wait till the message gets acked
to star it.)
Wait until the server acks a message before we enable
the message popover menu. This prevents a whole class
of bugs related to re-drawing the message and changing
the message id, and it also makes room for a little
spinner in the future.
Users with decent internet connections will generally
get server responses before they can click on the
chevron or hit esc/i, anyway.
Trying to collapse a locally echoed message is a rare
thing to do, and it was buggy before this due to races
between the server acking the original message and the
user flipping the collapsed flag.
We now calculate `should_display_collapse` and
`should_display_uncollapse` in the JS code and simplify
the template by eliminating all the inline if/else
logic.
(Note that we are about to disable the message menu
altogether for locally echoed messages, so this change
is partly future-proofing for when we put the menu
back for more innocuous commands.)
Adds type "embedded bot" to bot creation menu. Lets
users select a bot to run from a list of bots.
Currently, this list is hard-coded into the backend.
Currently, users are warned when mentioning @all and @everyone, but not
when posting on the #announce stream. Confirm with users that they want
to send their message on #announce if over 60 people are going to be
notified.
Fixes#6928.
Audible notifications is a confusing term, especially since it could
plausibly mean audible notifications on your phone.
Mobile push notifications is also not great, since most people don't know
what push notifications are.
I removed "receive" from stream settings strings since I think it isn't
necessary, and so that the strings (and translations) would be the same as
what's on the settings pages.
We made this change because users often unnecessarily click "Home"
first in their use of Zulip, because it seems appealing. While "All
messages" isn't quite precise (it doesn't include muted streams), it
does describe relatively simply the interleaved view that this
represents.
This commit leaves everything as "home" in the code, and only changes
user-visible strings and docs. Changing the code will be a big project;
there are hundreds of relevant occurrences in variable names, etc.
Further, we'll probably want to convert those various variable names
in different ways.
Tweaked by tabbott to extend the commit message and update a few comments.
This resulted in problems with the desktop app, where clicking these
links would leave the user in a situation where they needed the "back"
button in order to get back to the webapp.
Fixeszulip/zulip-electron#342.
The first part of this change is to have the "Your bots"
tooltip not lie about creating `.zuliprc`, because it
doesn't put a dot in front of the file.
And then the more significant change here is to make
the "Running a bot" documentation use realistic filepaths,
both in terms of where the download typically puts the file,
and where you want to move it to.
This restyles and rewords some of the emoji style section to look
better and fit it more with the current style guide.
Tweaked by tabbott to modify the historical migration rather than
adding a new one. This is OK because the emojiset choices text change
doesn't touch the database; it's just a Django Python code thing.
Also removed translation tags, since we don't need them for a set of
brand names.
Add a spinner for when a stream is being created to show that
an operation is being performed, while also disallowing users to
modify the form in the meanwhile.
Commit modified by Brock Whittaker <brock@zulipchat.com>.
Fixes: #5268.
Lets administrators view a list of open(unconfirmed) invitations and
resend or revoke a chosen invitation.
There are a few changes that we can expect for the future:
* It is currently possible to invite an email that you have already
invited, it might make sense to change this behavior.
* Resend currently sends an invite reminder instead of resending the
original invite, this is because 'custom_body' was not stored when
the first invite was sent.
Tweaked in various minor ways, primarily in the backend, by tabbott,
mostly for style consistency with the rest of the codebase.
Fixes: #1180.
If an organization doesn't have the EmailAuthBackend (which allows
password auth) enabled, then our password reset form doesn't do
anything, so we should hide it in the UI.
The original "quality score" was invented purely for populating
our password-strength progress bar, and isn't expressed in terms
that are particularly meaningful. For configuration and the core
accept/reject logic, it's better to use units that are readily
understood. Switch to those.
I considered using "bits of entropy", defined loosely as the log
of this number, but both the zxcvbn paper and the linked CACM
article (which I recommend!) are written in terms of the number
of guesses. And reading (most of) those two papers made me
less happy about referring to "entropy" in our terminology.
I already knew that notion was a little fuzzy if looked at
too closely, and I gained a better appreciation of how it's
contributed to confusion in discussing password policies and
to adoption of perverse policies that favor "Password1!" over
"derived unusual ravioli raft". So, "guesses" it is.
And although the log is handy for some analysis purposes
(certainly for a graph like those in the zxcvbn paper), it adds
a layer of abstraction, and I think makes it harder to think
clearly about attacks, especially in the online setting. So
just use the actual number, and if someone wants to set a
gigantic value, they will have the pleasure of seeing just
how many digits are involved.
(Thanks to @YJDave for a prototype that the code changes in this
commit are based on.)
This sets the column width of the upload table actions and size
columns to always be 75 so that the buttons are always in the same
line and take up the least amount of space possible with that
constraint.
"Mobile push notifications always" is now indented and a
sub-setting of "Mobile push notifications when offline".
It can be selected only when the outer setting is
selected, otherwise it is greyed out.
Fixes#6570.
Yashashvi Dave
Tim Abbott
Yago González
Shubham Dhama
Aditya Bansal
LuisFSilva
Angelika Serwa
guaca
Steve Howell
Umair Khan
Vishnu Ks
Natalie Totonchy
Marco Burstein
Armaan Ahluwalia
Armaan Ahluwalia
Tarun Kumar
Balaji2198
Aastha Gupta
Cynthia Lin
Shubham Padia
Nikhil Kumar Mishra
Brock Whittaker
Priyank Patel
Harshit Bansal
Archana BS
Robert Hönig
Xavier Cooney
Tommy Ip
Anupam-dagar
Rhea Parekh
Utkarsh Patil
Vishwesh Jainkuniya
Vaida Plankyte
ryan
ihsavru
Eric Eslinger
Greg Price
Rishi Gupta
Roman Godov
Alena Volkova
Abhijeet Kaur
Utkarsh Patil
Henrik Pettersson
Garvit
Ali Rizwi