This removes a false-positive ReDoS, since the input is always
checked-in code. It also incidentally refactors to make the regexes
be more explicit about the values they expect, and removes unnecessary
capturing groups.
It removes an optional parenthesized status code for fixtures,
unnecessary since 981e4f8946, as well as
optional key-value language options, unnecessary since
a2be9a0e2d.
Thank you to @erik-krogh and @yoff for bringing this to our attention.
Also added a waitFor for the modal to disappear and removed
waitFor for the spinner to hide which would obviously be hidden
with modal and it also doesn't add much value.
For text that already has the formatting that the user is
trying to apply, we undo the formatting. This gives a nice
experience of applying and removing the formatting from text
on the same button press.
This fixes the issue where 'None' would appear in the rendered
html in case of a missing tab display_name. Now,
'test-help-documentation' will fail in case of any tab display_name
being missing.
In case of a tab_section with no tabs, currently a single tab with
the name 'null_tab' gets added. Added the display name 'None' for
'null_tab', to keep in line with the existing behaviour.
Fixes#19822
This makes our onboarding guide for education organizations much
simpler, since new organizations will start with these settings
correctly configured.
Fixes#19682
It feels like the "Same as" content was unnecessarily requiring the
user to bounce around in these cases.
(I've left the "Same as" text for the Ubuntu ones, where it's two
steps in a row to follow).
Users wanted a feature where they could specify
which users can create public streams and which users can
create private streams.
This splits stream creation code into two parts,
public and private stream creation.
Fixes#17009.
Having tooltip `appendTo` to parent causes it to be trimmed by
the size of parent container if the parent doesn't have enough
size to include the tooltip. To fix this, we append tooltip
to `document.body`.
This change doesn't have proper test coverage and also doesn't work as
intended, since due to the structure of the function, we'll only
complain about invalid policy values for members in unlikely situations.
This reverts commit c69a968ffe.
This commit replaces 'allow_message_deleting' boolean setting
with an integer setting 'delete_own_message_policy'. We have a
separate dropdown now for deciding which user-roles can delete
messages sent by themselves and the time-limit setting droddown
is different.
This new setting has two options - everyone and admins only. Other
options including moderators will be added further.
We also remove the "Never" option from the original time-limit
dropdown, as admins are always allowed to delete message. This
never option resembled the case of only admins being allowed to
delete but this state is now resembled by setting the dropdown
to "admins only" and we also disable the time-limit dropdown in
this case as admins are allowed to delete irrespective of limit.
Note, this setting is only for deleting messages sent by the
deleting user themselves, and only admins are allowed to delete
messages sent by others as before.
We make zero invalid value for message_content_delete_limit_seconds and
for handling the case of "Allow to delete message any time", the API-level
value of message_content_delete_limit_seconds is "anytime" and "None"
as the DB-level value. We also use these values for message retention
setting, so it helps maintain consistency.
We should also hide the 'Other emails' heading in realm-level
defaults section when digest emails organization setting is
disabled because there is no other setting in this subsection
after we removed the enable_login_emails setting in d1732fb.
* Switch from underline to a smaller range of font sizes to indicate
h5/h6 headings.
* Provide margin-top for headings while avoiding problematic behavior
for messages that start with a heading.
When expanding the compose box to full screen size, the buttons below
the compose box would unexpectedly jump because of how the 100% height
interacted with padding in the default box-sizing model.
Switching to border-box fixes this.
Fixes part of #19353.
This commit does not remove the 'enable_login_emails' field from
RealmUserDefault table but it is just not used and cannot be
changed from UI or API similar to 'enable_marketing_emails' setting.
This commit removes inline-block class from the subsection-parent
elements in notification settings because we do not need different
subsections to be inline. This was working correctly till now
because the widths of the subsections were large enough to not
be able to fit in same line.
We incorrectly show message to reload in the savings indicator
for realm-level default of left_side_userlist setting. It should
be shown only for user-level setting since no change will take
place for the user changing realm-level default.
Previously, after sending a message from the full-sized compose-box,
the compose-box remained in expanded state covering the entire middle
part. Instead, it should return to the original state after the
message is sent.
There's a subtle race that would cause the "Scroll down to see your
message" compose notification to appear incorrectly, because the
full-size compose box occluded the entire message feed at the time the
message was locally echoed, even though it would no longer do so after
collapsing.
We address that by shrinking the compose box immediately before doing
a local echo, in addition to the primary code path in
`clear_compose_box`. Care is taken to ensure that we avoid shrinking
the compose box when sending a message that cannot be locally echoed
and gets an error from the server.
Tested on my Ubuntu development environment, by sending empty message,
valid message and slash commands. The compose-box only shrunk on
sending valid messages.
Fixes part of #19353.
This is a somewhat subtle function, that deserves a few comments
explaining subtle details of its logic, and there's no good reason to
have multiple copies of that logic that are slightly inconsistent.
Because the main changes here are just checking for invariant
failures, the behavioral change here should be limited to ensuring
deactivated streams are not considered available even if they were
tagged as web public streams before deactivation.
This fixes a problem where we could not import zerver.lib.streams from
zerver.lib.message, which would otherwise be reasonable, because the
former implicitly imported many modules due to this issue.
Requests to the root subdomain weren't getting request_notes.realm set
even if a realm exists on the root subdomain - which is actually a
common scenario, because simply having one organization, on the root
subdomain, is the simplest and common way for self-hosted deployments.
This reverts commit cd93d0967f.
This check_or is redundant with check_union; it gives a misleading
error message for the non-matching case; and it has no type safety.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
In the series of migrations to this tool's configuration to support
specifying an arbitrary database name
(e.g. c17f502bb0), we broke support for
running process_fts_updates on the application server, connected to a
remote database server. That workflow is used by docker-zulip and
presumably other settings like Amazon RDS.
The fix is to import the Zulip virtualenv (if available) when running
on an application server. This is better than just supporting this
case, since both docker-zulip and an Amazon RDS database are setting
where it would be inconvenient to run process-fts-updates directly on
the database server. (In the former case, because we want to avoid
having a strong version dependency on the postgres container).
Details are available in this conversation:
https://chat.zulip.org/#narrow/stream/49-development-help/topic/Logic.20in.20process_fts_updates.20seems.20to.20be.20broken/near/1251894
Thanks to Erik Tews for reporting and help in debugging this issue.
A recent commit removed the "Thanks for you request!" at the start
of the find accounts email. As Alya Abbott pointed out, this line
actually helps us point out to the user that they are the ones who
requested the email in the first place, lowering the chances that
they'll misinterpret it as spam.
This is a follow-up to issue #19659.
Alex Vandiver
Dinesh
Tim Abbott
Eeshan Garg
Aman Agrawal
Pradyumna Sinha
Anders Kaseorg
Shlok Patel
Gaurav Pandey
Ganesh Pawar
sahil839
Sahil Batra
Mateusz Mandera
nooblag
Alya Abbott
AnushaNathRoy
optimm
Priyansh Garg
seiwailai
isakhagg
Kevin Scott