Commit Graph

654 Commits

Author SHA1 Message Date
Keegan McAllister 7309d57067 Output page_params as a single JSON object
This is a lot cleaner, and also cuts about 50-70 ms off of page load time in
local testing (with lots of users), presumably because there's less work to be
done by the slow Django template engine.

(imported from commit 257b700238ee5d9a4ae00a53011ed5bce018124c)
2013-03-26 13:51:21 -04:00
Keegan McAllister 23b8833ec5 Handle Tornado callback notify in a more generic, less HTTP-centric way
(imported from commit 85a74d1b40461236c4c95ad688e9796ab50f0bbf)
2013-03-22 15:51:23 -04:00
Jessica McKellar 37e58b613d Truncate the tutorial stream name to fit the DB max stream name length.
(imported from commit e267656337f97d3ea14e14e957a405cf4fd2d06c)
2013-03-20 10:15:08 -04:00
Tim Abbott 97d7d31b68 Rewrite internal_send_message to use check_send_message.
This will automatically fix bugs such as one in which
internal_send_message didn't properly strip() the subject argument
before sending a message.

We change the recipient_type argument to internal_send_message to take
the recipient type name (e.g. 'stream') both to better fit the API and
also because the previous code incorrectly handled huddles.

(imported from commit 78c2596d328f6bb1ce2eaa3eed9a9e48146e3b6a)
2013-03-18 16:15:11 -04:00
Tim Abbott bb80d1c58c Move check_send_message and helpers to actions.py.
(imported from commit d74c90e25bd63931955d2ad9b3890be53d674a48)
2013-03-18 16:15:11 -04:00
Tim Abbott ab04d6f403 check_send_message: Don't use json_success/error directly.
This is preparation for using it from internal_send_message as well.

(imported from commit 000784be7b40e0c93b38a5a916a4a915335ea821)
2013-03-18 16:15:11 -04:00
Tim Abbott fb77af8f10 Refactor send_message_backend to do checking in new function.
This is preparatory for using this new arguments checking function in
internal_send_message as well.

(imported from commit 578e09c50b8a700c019c7dd235b2d9527af34e39)
2013-03-18 16:15:11 -04:00
Tim Abbott 14efaea0bb send_message_backend: Reorganize subject argument checking.
(imported from commit 80daa46f47e7e5279f746db89b3632eeadb27325)
2013-03-18 16:15:11 -04:00
Tim Abbott c1d3a5b5e5 Use more caching of UserProfile objects in views.
(imported from commit 3abcceeb4fac1cfa5a9944a6455c60f6512dce6e)
2013-03-18 16:15:10 -04:00
Tim Abbott a23f6be28d Cache the results of Recipient queries in our memcached cache.
(imported from commit a6ba25a9c62d2738e4738b076370e4b2bc0ffaba)
2013-03-18 16:15:10 -04:00
Tim Abbott 9c2a9eb288 send_message: Avoid querying the stream object twice.
(imported from commit c23aab232a40195d92ae4b0e68af390c3b6b20ad)
2013-03-18 16:15:10 -04:00
Keegan McAllister 45eb9bcf47 tests: Disable tutorial through the server side variable needs_tutorial
This fixes a nondeterministic test failure for me.

The first message sent in the test suite appears to get dropped.  I don't know
why this is, and I'm pretty sure it was an existing bug.  This message used to
be the one disabling the tutorial, which might explain why that didn't always
work.

Regardless, this commit at least makes the test suite usable, and we can work
on fixing that bug later.

(imported from commit 063e40871b9883e3a6dab93a4e0a51c5b2dae4b7)
2013-03-18 13:46:46 -04:00
Zev Benjamin b08dbdfe48 blueslip: Send the user agent string back with the error report
(imported from commit ed77877465b1497cd3d78753c3398329302075ff)
2013-03-15 17:30:07 -04:00
Tim Abbott 7e456ddba7 Cache get_status_list output for up to a minute.
This should substantially decrease the amount of server load generated
by the userpresence system.

I tested that this indeed was indeed saving one query on
/json/update_active_status requests on my laptop with 2 users from the
humbughq.com realm logged in.

(imported from commit 03e9d4eb95b9f664d489862684ae162db2076e08)
2013-03-15 16:37:41 -04:00
Leo Franchi 4a23959b11 Remove pointer_updater param as it is no longer used
(imported from commit 80cc4a6d4c24660087981b1132ca2ed44c86a424)
2013-03-14 13:35:28 -04:00
Leo Franchi 7c7822601f Use request._client to detect a mobile pointer update
(imported from commit d06606ded33bc598e1bdb4b33279ce92b098ed02)
2013-03-14 13:35:28 -04:00
Tim Abbott 99d4bc114b Move Zephyr mirroring liveness check to the UserPresence queries.
It's closer to a presence query than an update, and more importantly
this moves this out of Tornado -- previously Tornado was spending at
least 3ms per recipient on messages sent to the MIT realm fetching all
this data to return back to users.  This should save around 100ms per
message sent to a popular stream the MIT realm -- but more
importantly, each such event is 100ms during which Tornado is not
processing other messages.

(imported from commit 134169f0fdcd9f6640fda957edc4a28b07783d8e)
2013-03-13 17:41:29 -04:00
Leo Franchi e82b408be9 Add a shim for mobile clients to update new read flag
(imported from commit e8e269156ea671e590589f48f8494c25380a2dde)
2013-03-13 14:14:45 -04:00
Leo Franchi 93a3f14c43 Add backend support for handling new 'read' message flag
(imported from commit 6194e9332caa2d279cbc304f0d6a69f969aa9a72)
2013-03-13 14:14:45 -04:00
Leo Franchi 6a53d1c35d Add flags to dict in load_old_messages
(imported from commit 7f68ea97a424aa0b01983258dbf6e9a2a07a732a)
2013-03-13 14:14:45 -04:00
Zev Benjamin 1109d20149 Send browser errors back to the server
(imported from commit 8c676017e8b3fc4f17552db15d32266099dba8f2)
2013-03-13 10:55:33 -04:00
Waseem Daher 33dc3a2fb7 Properly start tutorial on first run, even if you have new messages.
We were previously having an issue where the tutorial could
be pre-empted if you got a few messages while you were first
logging in.

I have some reservations about this being slightly fragile, and a
better approach might be to just have a bit that we use to determine
whether or not you've already seen a tutorial. (Or potentially that
checks whether or not you've ever sent a message.)

(imported from commit f8858f64a36bcd25887b76314caff283929f340c)
2013-03-12 09:56:57 -04:00
Jessica McKellar a8d6bd3322 Remove some unused imports.
(imported from commit bb8311848ca24fbb1fb1b3df8f8b4403eb38ce1c)
2013-03-11 16:47:03 -04:00
Jessica McKellar 2314809d73 Auto-color streams.
(imported from commit b669f864b0574e9e9af282ccb8783ccfaa12adfd)
2013-03-11 16:47:03 -04:00
Leo Franchi 9466addbe2 Allow negative anchor param to get_old_message
When narrowing, we use the selected id in the home view as the anchor,
and if the user is new and hasn't selected any messages yet (or moved
the pointer since first using humbug), their home view selected message
will be -1. Rather than failing to get_old_messages for any narrows starting
from that point, return all matching messages.

(imported from commit 72cfe392d9ac01ed41abc8eadf0f47240e374665)
2013-03-11 15:11:24 -04:00
Tim Abbott 254bc9f361 Attempt to render messages before accepting them from the user.
This fixes trac #407.

(imported from commit e33647eec32266790f864d14ad377d51956d2a6f)
2013-03-08 17:24:33 -05:00
Waseem Daher 68fc8e161f github: Suppress pull request notifications for CUSTOMER18.
(imported from commit adacd7ef23b1762276888c9bda5c69fd6c89ede4)
2013-03-07 22:15:54 -05:00
Waseem Daher 68e7a052cb Remove the link to 'activity' from the gear menu.
I find that I never use it, and I don't totally like our
experience in the app to be different from our users'.
Admittedly, this is a small way in which that's the case :)

Finally, since we do usability studies in @humbughq.com,
the link appears there too, and I'd like it not to.

(imported from commit 1225c4ae79de52fa98b21ce00a6542df76b667ea)
2013-03-07 13:12:45 -05:00
Waseem Daher 4ea7ac102f Allow internal_send_message to send cross-realm stream messages.
Prior to this change, any stream message sent by internal_send_message
could only be in the realm of the sender.

This was a problem most notably for... the tutorial bot, with the
hilarious consequence that the tutorial worked fine in humbughq.com,
but failed to start anywhere else.

(imported from commit 33a904a28e3a57e1a2cf9172c2e2a75b50967a50)
2013-03-06 23:04:57 -05:00
Reid Barton 6bb9ad4e3c Avoid cross-site logout attacks
Require POST method for /accounts/logout. This has the side effect of
automatically enabling Django's CSRF protection.

(imported from commit 44b1b6ebaadc1c03006e21ae54ac768e31234801)
2013-03-06 19:10:04 -05:00
Waseem Daher f7d189feb8 Don't send GitHub notifications (for CUSTOMER18) if not to master.
People make throwaway branches all the time, and we don't
want to spam them.

(imported from commit 0e7b628573ad1a6a7f49d3c4b4135c7d3a911834)
2013-03-06 17:30:52 -05:00
Tim Abbott 27d91eb9ea Fix including debug.js when DEBUG=True.
Previously, it wasn't actually included in the index.html templates.

(imported from commit b9f9903e0daa808ec1f6ff966309cbc4eef9b9fd)
2013-03-06 11:36:15 -05:00
Waseem Daher ca127f8228 Allow tutorial bot to send messages to a stream.
But only allow them to send to tutorial-<<your username>>.

The idea being that this helps reduce potential abuse from this JSON
call. (Because otherwise, anyone could call into this endpoint and
have the tutorial bot send random messages to random peoples's
streams.)

(imported from commit 471d4348d7ad43858b5df240e4f1dceba006aab6)
2013-03-05 23:46:10 -05:00
Tim Abbott 36bb39ede9 Fix improperly case-sensitive narrowing by subject.
(imported from commit 24403f0815e46f21000f7d5a5b59bfdfe3448ddf)
2013-02-28 17:49:57 -05:00
Tim Abbott 1e9a85ff05 Fix use of case-sensitive comparisons on email addresses.
(imported from commit d420169640a9f9c034b3d9ded207e583691f6652)
2013-02-28 17:49:57 -05:00
Tim Abbott 49af19aa71 Add support for narrowing by a message's sender.
Fixes #972.

(imported from commit 2514d14c94a071f2b3e6149a2bdaeaa00e0c847f)
2013-02-28 17:49:57 -05:00
Jessica McKellar 6a56ed0c94 Add a button on the Settings page to declare Humbug bankruptcy.
(imported from commit 6ca635e997ada54b816abe3425980102ad8f5d2c)
2013-02-27 18:16:51 -05:00
Jessica McKellar ff62ac96e6 Extend get_profile to also be a JSON request.
(imported from commit 38e0d5a9aa2498ffcdfa65b07283a456257feafd)
2013-02-27 18:16:50 -05:00
Jeff Arnold fcd033e33e [schema] Save enter_sends on the server in the database.
(imported from commit 4d82f6aaf5918f155a930253c9cc334dbcc0d97a)
2013-02-27 17:25:29 -05:00
Keegan McAllister cc19afd0fe Re-enable desktop notifications in automated testing
After c1d98239 the function works in CasperJS as well.

Reverts some of 90f4d6ac3ddb387e74051b9af2c230698fa94479.

(imported from commit 3579df33930bb34dc081908b84900905eee6d270)
2013-02-26 18:02:20 -05:00
Keegan McAllister 56d183ea06 Remove lurk mode from web client and API examples
See #796.

(imported from commit e238ce571c3f30d8312b630df7048ad1d9cad6d2)
2013-02-21 15:11:10 -05:00
Waseem Daher 163c9c8d75 Add a JSON call that causes the tutorial bot to send you a message.
The idea here is: part of the onboarding tutorial is going to
be you talking to the tutorial bot and it talking to you, from
our Javascript.

The reason it's driven by Javascript is that then in principle we can
do nice stuff like making popovers appear in places to point things
out to you, whereas if we were to do it strictly server-side, doing so
would be a lot harder.

The downside to doing it in Javascript is that you don't get any of
the Markdown rendering, since that happens on the server. So instead
we add this call where you give it a message, and it responds by
having the tutorial bot send you that message.

I don't think there are any security concerns here because
(1) The bot only messages you -- so you can't use it to make someone
    else think that the system is telling them to do something
(2) If there were an issue associated with having the server parse
    arbitrary Markdown, you could just trigger the issue by sending
    a message yourself.

(imported from commit b34f594dab6be6bcb81899278ae1cbe447404468)
2013-02-20 23:04:49 +00:00
Zev Benjamin 061aaea601 Use plainto_tsquery instead of to_tsquery
This will discard punctuation symbols in the Postgres search and also prevent
syntax errors when users try to submit queries with symbols that to_tsquery
interprets as special syntax (such as '|' and '&').

Fixes #906

(imported from commit 3e3a0d6ae3d4a516beb8a5846f06065294ca9457)
2013-02-15 16:18:02 -05:00
Tim Abbott 1612b5c045 Fix sending messages to numeric stream names.
json_to_foo will raise a ValueError if the JSON passed to it is just a
string containing a number, e.g. "1".

Traceback (most recent call last):
  File "/home/tabbott/humbug/zephyr/views.py", line 711, in extract_recipients
    recipients = json_to_list(raw_recipients)
  File "/home/tabbott/humbug/zephyr/decorator.py", line 289, in json_to_list
    return json_to_foo(json, list)
  File "/home/tabbott/humbug/zephyr/decorator.py", line 282, in json_to_foo
    raise ValueError("argument is not a %s" % (type().__class__.__name__))
ValueError: argument is not a list

Fixes #776.

(imported from commit 0c123a610c009eda9004cf0b0b53d60695c4e8d5)
2013-02-13 13:08:40 -05:00
Luke Faraone ea7005e8e3 Rename is_active to is_inactive.
The purpose of the validator is to ensure the user isn't active, so
let's correctly test for that here.

(imported from commit 772ddb901098f78750efab274405a10f36c49232)
2013-02-12 16:15:29 -05:00
Luke Faraone 54a19e9091 Check whether users are active, not whether they are nonunique.
Previously we checked and bailed when there was a user registered with
an email address, regardless of active status.

This meant that MIT users who had inactive accounts autocreated had
issues where they would be confusingly told they were signed up even
though they had never taken any action on our site directly.

Now we instead check whether there are any current *active* user
accounts with that email address, and proceed with generating an
activation link if the user lacks a corresponding active account.

Security implications of this commit come into play if we start
implementing removing users ability to sign in as deactivation. Since we
lack a user removal story here, this isn't terribly concerning yet and
we'll revist this code when we decide to add such functionality in the
future.

This resolves trac #581 and #631.

(imported from commit c3fb93ce065e63e19b41f63c1f27891b93b75f86)
2013-02-12 15:31:06 -05:00
Tim Abbott 62c632ceef presence: Fix loop making database queries.
The previous select_related didn't properly get the User object,
containing the email address, and thus would make one query per user
with presernce information.

(imported from commit 3341bc5a65387030fa8737b03ca43f79089ef56b)
2013-02-12 14:52:59 -05:00
Keegan McAllister 6fba03a0a4 activity: Use select_related when querying UserActivity records
On my dev machine this cuts /activity load time with lots of users by more than
2/3.  I expect the gains will be even greater in production due to the greater
relative cost of database queries.

(imported from commit 0391cb29f66b618b4b99902d9fb9ab0a6cff0cb3)
2013-02-12 13:46:16 -05:00
Leo Franchi 78ffe36c2d Hide users list for MIT
(imported from commit 4e9dcef483e0c0d85ba2e7511f1abfa4da06be9e)
2013-02-12 12:30:52 -05:00
Leo Franchi 0a0c4bb9a0 [manual] Use rabbitmq for asynchronous presence updating
Note: When deploying, restarting the process-user-activity-commandline script is needed

(imported from commit 63ee795c9c7a7db4a40170cff5636dc1dd0b46a8)
2013-02-11 18:05:57 -05:00
Leo Franchi 31f87481d0 [manual][schema] Add an API for user presence (idle) information
Adds a new db table for storing presences, and an API for setting
an individual user's idleness as well as fetching all idle status
for all users in a realm

(imported from commit 5aad3510d4c90c49470c130d6dfa80f0d36b0057)
2013-02-11 18:05:57 -05:00
Jessica McKellar 3a39ac76c4 Add a new /get_members API query.
(imported from commit ced7c74212210a1fcee03c1c402dca9b42483d11)
2013-02-11 13:45:46 -05:00
Luke Faraone 8dbda2cd64 Use full emails rather than just usernames in /activity.
(imported from commit c0397d6429fe85f0bd6e57731dd2132ed1e11b85)
2013-02-11 10:33:16 -05:00
Keegan McAllister c5644cff12 notify_new_user: Remove code specific to customer29.invalid
(imported from commit 4ac29251ccbfafb4a7c2dd9d7b200474d68505d9)
2013-02-08 13:33:28 -05:00
Keegan McAllister d68674be83 Remove CUSTOMER30-specific account views
Reverts c4b6f744 (inexactly, since there are some other changes along the way).

(imported from commit 5c7294fb13cd0bc523ae55c137dc5254b7cb0121)
2013-02-08 13:33:28 -05:00
Jessica McKellar ad8e9598f6 Log domain in do_activate_user.
(imported from commit 0e39b5ddc395ff245f8e3b0252ea3b33a90860f1)
2013-02-08 13:20:19 -05:00
Jessica McKellar 18db4bc823 views: remove unused imports.
(imported from commit 38a4981637f1b3bfd9135d459a17a3ba142c86a7)
2013-02-08 13:20:19 -05:00
Jessica McKellar 1fcf43c289 When someone invites you to Humbug, infer your domain from their referral.
Regardless of your e-mail address, as the realm might be open.

(imported from commit 5f9cdbdef52f8c8ae61035e71f12a9b7e4ed4a5e)
2013-02-08 13:20:18 -05:00
Jessica McKellar 256fa0e485 Fix invite bug in which we'd falsely say you'd invited folks with existing accounts.
(imported from commit 9114836d084937dcc1a707338dd916e28f97a87d)
2013-02-08 13:20:18 -05:00
Jessica McKellar a332bee2b7 When inviting users, check if the invitee is in-domain or the realm is open.
(imported from commit 42e072d9717f38cc6d0c7010d37bbabd81aa3ae7)
2013-02-08 13:20:18 -05:00
Jessica McKellar aeba3beb55 Validate and document checking the domain of the recipient of an MIT Zephyr Humbug.
(imported from commit 35b8675171bcdf0c27655723bc76bced8b53a431)
2013-02-08 13:20:18 -05:00
Zev Benjamin 526995316f Use the new tsvector cache column for full text search
Note that the tsvector cache column should be fully populated before
commit is deployed.  Otherwise, full text search will be broken until
it's populated.

(imported from commit 23c36fb7d146c289148e8243c3d6a9a6494cfc62)
2013-02-06 12:09:49 -05:00
Luke Faraone 3de93f2b2b Pass stream information in initial template.
This allows us to remove fetch_colors() entirely, and should speed up page
load a bit.

We also JSONEncoderForHTML instead of dumps so that the result is safe
to embed.

(imported from commit 013630911960e2ac1d0bae6f5df31ad342750594)
2013-02-05 15:34:37 -05:00
Luke Faraone e8afaa8b8e Return a dictionary in subscriptions/list instead of a tuple.
This will give us flexibility in the future to add new properties to the
list.

In order to support that, we now do a list comprehension rather than just
returning the gather_subscriptions list in get_stream_colors.

(imported from commit a3c0f749a3320f647440f800105942434da08111)
2013-02-05 15:34:37 -05:00
Luke Faraone 1c3c3cc33f Add call to toggle whether a view is in the home view.
(imported from commit 5ece7b74a5ac4929a46d3d66ae5d838e1f418b44)
2013-02-05 15:34:37 -05:00
Luke Faraone 2a01b355a4 Correctly return a JSON error if property value is not passed.
Previously we checked if property was false after doing .strip(). Since
you can't call string methods on a NoneType, we were 500ing.

The code now does a normal dictionary get via [] and catches the
KeyError.

(imported from commit da7f28febf0865f44e92bcac1791f817c3d370f3)
2013-02-05 15:34:37 -05:00
Luke Faraone b78d154370 Factor out subscription retrieval code into another function.
(imported from commit 6a66a4feb03990e11c98cd8666d1a7bb97299987)
2013-02-05 15:34:36 -05:00
Luke Faraone 3d25fbce49 Replace calls to json_error to raise JsonableError.
Returning json_error inside an inner function call will result in the error
getting lost.

(imported from commit fd7754b15f7b62fd6e4197fd72ae03d6996a93da)
2013-02-05 15:34:36 -05:00
Luke Faraone 2d4ef59f68 Fix InviteOnlyStreamTest to call public API
Previously we made calls to the JSON api, which means that the API key
was being ignored.

(imported from commit 46d8d0e5ac7926e824f300fd846ec42bc939e2c0)
2013-02-05 15:34:36 -05:00
Jessica McKellar fdb0d15080 Don't let non-subscribers of invite-only streams query the membership.
(imported from commit 01bd8ea089dec96e487e5e82fb38df65703679ae)
2013-02-05 10:12:04 -05:00
Jessica McKellar ab21823c19 Fix bug allowing people to subscribe themselves to others' invite-only streams.
(imported from commit db7634d81677217032c180d8bab297cc766228f1)
2013-02-05 10:01:45 -05:00
Jessica McKellar dc66d6290b views: be more strict about the value of invite_only in add_subscriptions_backend.
(imported from commit 565375b06bb38382100923554e52a16549a18e00)
2013-02-05 10:01:45 -05:00
Jessica McKellar 6d880c2147 subscriptions: make invite-only checkbox have an effect.
(imported from commit 7ee5c5c88efa4ab21395c03012c2921fd3c5192e)
2013-02-05 10:01:45 -05:00
Jessica McKellar 7e6a9136f5 views: make add_subscriptions_backend able to subscribe many people to streams.
Before, it let you subscribe only yourself or one other person to
possibly many streams.

This is used by the subscriptions page to specify the subscribers when
you create a stream.

(imported from commit c1055e98b0bb27799ac9e6dad80b9c9fd87deca2)
2013-02-05 10:01:45 -05:00
Zev Benjamin d5fdfd7be2 Make searching for multiple words be treated as the boolean AND of those words
(imported from commit d9e47dd25553cc31eeda615e3a5709436e883ab3)
2013-01-31 18:10:54 -05:00
Zev Benjamin 97851a93c4 Use full text search when using Postgres
On my laptop, this cuts search time from several seconds down to
a few hundred milliseconds.

If we want even more speed, we could store the ts_vector as a column
on the message database.  The Postgres documentation says this will
make "searches [...] faster, since it will not be necessary to redo
the to_tsvector calls to verify index matches."  Going this route
requires creating a trigger to automatically insert the appropriate
column when new rows are inserted.

Note that the full text index must be fully created before this
commit is deployed.  Full text search without an index is actually
significantly slower than using the LIKE operator.

(imported from commit ae74083da20d33aa2425d3e44fcdc19b160002ba)
2013-01-31 15:57:45 -05:00
Zev Benjamin 1f4e27cf52 Pass the query object to NarrowBuilder
This is for allowing us to do things more complex than returning a Q
expression, needed for doing Postgres full text search.

(imported from commit 669ec71417c04baaf8ed1774bee147079b05b03d)
2013-01-31 15:57:45 -05:00
Leo Franchi 7e567f527f Move gather_subscriptions to actions.py as it's not a view
(imported from commit cdf94ded51e441fe3515641458023be44c1ba40c)
2013-01-28 17:32:58 -05:00
Leo Franchi b2505bfc22 Add backend support for invite-only streams
Trying to add a user to an invite-only stream that already
exists will result in in error

(imported from commit 910750580a122cee92096d7e83457cb0b8cce616)
2013-01-24 17:34:21 -05:00
Luke O'Malley cde69d5bf8 activity: Add iPhone and Android tabs to /activity
(imported from commit 225ac7a718e5545296137c6703fe13c89d0dbbf5)
2013-01-23 10:25:48 -05:00
Waseem Daher dfadc79dc9 activity: Display the user portion of the email address rather than short_name.
Apparently short_name is not consistently the person's username
in our system -- for many MIT people, it's their full name.

(imported from commit d975300a59c7afe5ee20b4a0db1bd51110c3df33)
2013-01-18 13:47:43 -05:00
Waseem Daher 068c702883 activity: Display short name instead of full email address.
As of this writing, short_name is the part before the @-sign,
and we already display the realm, so no need to display it
twice.

(imported from commit f5f9b29bff99b36b0c23176348c2869193467c38)
2013-01-18 13:34:39 -05:00
Waseem Daher 764047e113 activity: Add names to the table.
(imported from commit d4554690a9381dd0b72c7c03116dc01145960a5b)
2013-01-18 13:29:53 -05:00
Tim Abbott 8cb8c0065c Move get_stream to models.py and accept an id for the realm argument.
(imported from commit 7ce09b7ed450cfa3ddf1de22bbb0b19abfc4a2a2)
2013-01-17 16:20:18 -05:00
Reid Barton b8d56433f0 Send customer29.invalid signups to customer29.invalid too
Eventually there should be a database table or something where we can
configure this for each realm.

(imported from commit 5f3e6823f420e113da8ff8c521cc706175299fa4)
2013-01-17 14:37:52 -05:00
Luke Faraone 63d43aa152 Notify us when a Hunt user signs up.
(imported from commit 10d4eea99427c16f8936f7fc2e2a821e7fbf73c6)
2013-01-17 13:54:52 -05:00
Luke Faraone a3f412b193 Add functions for CUSTOMER30 registration.
(imported from commit c4b6f744ffa5b41df4170735f081bbe5655a54fe)
2013-01-17 10:49:10 -05:00
Reid Barton 9e23907259 Add "Lurk" mode
/?lurk=foo will show all messages to the stream "foo", regardless of
whether you're subscribed.

(imported from commit 049d98b3ee8df19ef0a9dc392ae941dd463f8dd5)
2013-01-16 14:19:06 -05:00
Reid Barton ed29f22069 Implement single-stream get_old_messages/get_updates
(imported from commit 22a5c4985f36c38cf2490ecf26da294b502f8e46)
2013-01-16 14:19:05 -05:00
Zev Benjamin d3dd0a805a Inlucde the current user in the people list
(imported from commit a596b61a68453126726bd6f56a6c421022e1e395)
2013-01-15 17:40:30 -05:00
Zev Benjamin 28a2832415 Use get_stream in more places to avoid case-sensitivity errors
(imported from commit 9b7109d4e23db4359751b0283025b7ff60e06836)
2013-01-15 17:02:39 -05:00
Zev Benjamin 4ffc6a2de1 When subscribing to streams, send back the canonical stream name
(imported from commit 7803409878cca4627447bc64735ad71f56701a5c)
2013-01-15 17:02:39 -05:00
Zev Benjamin 044fc61be2 Restrict the get_public_streams query to non-MIT or superusers
(imported from commit ede1dff6176e6a39da126948ce307941e6dffaec)
2013-01-15 17:02:39 -05:00
Zev Benjamin 76b1e4778d Expose get_public_streams to the JSON API
(imported from commit 2ef9e000e4cd9fcc075e66d3da9c4bce63d68a4d)
2013-01-15 17:02:39 -05:00
Zev Benjamin 2544cef6bb Add the ability for users to subscribe others in their realm to streams
Right now we mitigate abuse by sending the principal user a Humbug
informing them that they've been subscribed.  Longer term, we want
some sort of stream invitation system, instead.

(imported from commit bf1f1ee0c5d3803cead1ddd9a766ff02043b629e)
2013-01-15 17:02:39 -05:00
Zev Benjamin 45de8fd25b Add a query to fetch the subscribers of a stream
(imported from commit 286bb42980619a3f8e575a4e2984ad1c4b3fe099)
2013-01-15 17:02:38 -05:00
Luke Faraone f62c97706a Don't assume that PreregistrationUser.email is unique in accounts_home
The schema change made this no longer a guarantee, and creating duplicate
PUs is not harmful.

(imported from commit ca05b4dad7d3cc12a35548817f98c0a072c14c8f)
2013-01-14 10:25:27 -05:00
Luke Faraone 99abad2447 Use custom copy for invites.
(imported from commit 15b306777fd40e7c3feeaaaa871a8936ffc0f651)
2013-01-14 10:25:27 -05:00
Luke Faraone 974c220625 Convert invitee_emails to a set to eliminate duplicate users.
(imported from commit 09e6f7251c4d8d13ce2b4a2808f53e3c9fb97708)
2013-01-14 10:25:26 -05:00
Luke Faraone 75004c65f2 Prevent MIT users from sending invites and hide the button.
(imported from commit 0388c4a2253514e0aba15605bd75a87543479312)
2013-01-14 10:25:26 -05:00
Luke Faraone 22a4b76290 [manual] [schema] Add backend function to invite users to the app.
(imported from commit 17ae27b22bdca33e63b96fa8c819759e4f4315fa)
2013-01-14 10:25:25 -05:00
Tim Abbott 1a82741650 Move action functions from models.py to zephyr/lib/actions.py.
(imported from commit 9d577dd53ce7d4c9faf6cc8a56129d684a50811b)
2013-01-11 16:11:03 -05:00
Tim Abbott 761b7cd5fa Rename zephyr.lib.time to zephyr.lib.timestamp.
Otherwise one gets:

AttributeError: 'module' object has no attribute 'time'

when trying to use the time module from inside zephyr.lib.

(imported from commit 645368672a3eff68320278dd480edeed56721fcc)
2013-01-11 15:58:19 -05:00
Keegan McAllister 4a9d65c758 Disable desktop notifications in automated testing
CasperJS can't handle them; window.webkitNotifications.requestPermission()
throws a type error.  We can revisit this when we want to write tests for the
notification code.

(imported from commit 90f4d6ac3ddb387e74051b9af2c230698fa94479)
2013-01-09 14:03:40 -05:00
Luke Faraone c327446537 Add alternative terms acceptance workflow.
This view lives at /accounts/accept_terms, and (after getting an acceptance
from the user) sends an email to all@ documenting the acceptance.

(imported from commit 8f64286ab02887fd6544fa274b2967f6499b6dbc)
2013-01-08 17:48:42 -05:00
Tim Abbott 83abc08315 Move tornado views to their own file.
(imported from commit e0d9182cbc89a16eedd2846fa17cfba482510565)
2013-01-08 16:53:53 -05:00
Tim Abbott 2d94e4c780 Improve database queries for narrowing to personals with another user.
Inspection of the postgres slow queries log showed that the "narrow to
personals with a particular user" database queries were taking a long
time to run (0.5s+).  Further investigation determined that the OR
gate construction used here was causing the entire zephyr_message
table to be scanned; primarily I think because we were using the
implicit constraint that the logged in user had received messages.

This change makes that query explicit (improving performance), while
cleaning up the code to avoid an unnecessary query and read a little
more clearly.

After this change, the relevant database query takes 10s of milliseconds.

(imported from commit 020f5af5846c958386615e37ea9318383bf99ca0)
2013-01-08 13:42:37 -05:00
Keegan McAllister 50d229fe11 Accept '{}' to mean 'no narrowing', for old mobile clients
(imported from commit 879f6ef846f2a8980a0574372324d8dc8d22c8ed)
2013-01-08 12:18:31 -05:00
Keegan McAllister 3af2bf345a Reinstate server-side narrow filtering
(imported from commit 40f63324a8dff404b504b06bddf303b8c1ad5780)
2013-01-08 12:18:31 -05:00
Tim Abbott dd843b3916 Fix buggy check for zmirror huddle sending to multiple recipients.
(imported from commit 2abc88338225a8a07c50aaf6eb54862885edcb9e)
2013-01-07 15:06:28 -05:00
Tyler Hallada 3763dca4a6 Return error if confirm_password is filled but not new_password
(imported from commit c58ca8d2f5592c4cf062b963f3cca6673242419e)
2013-01-02 18:46:09 -05:00
Tim Abbott 384e64aaf5 Fix notify_pointer_update notifying on the wrong user's pointer.
(imported from commit 4b50fa7da7d1de4e478f222f284ab6ba35db9899)
2012-12-31 17:19:59 -05:00
Tim Abbott dd99f0ceb8 Temporarily reintroduce #174 pending better performance.
This essentially reverts d900957e468815bcb99de67d570dfd7ce4413220.

This code was consuming up to 50-100ms per client recipient of a
message, so for any messages that would go to 50+ browser windows /
mobile devices, it would take several seconds to run, during which
time Tornado would be completely blocked.

In the future, we can re-fix #174 using a cache of recently delivered
messages, so that this code block doesn't go to the database and thus
can run instantaneously.

(imported from commit bdfa1664210429411737f70cde54ab5a56525341)
2012-12-31 13:06:03 -05:00
Zev Benjamin 4a28359092 Use to_non_negative_int in an additional place
(imported from commit 2e44cdc927499b0f0fd655ebfe00a864a55ae20a)
2012-12-20 14:26:36 -05:00
Jeff Arnold db6f03d46d Make the back button work when narrowed
(imported from commit be922b06e7b53ec21751e67a490bb518333c3e6c)
2012-12-19 14:46:31 -05:00
Keegan McAllister 44b9925bfc Configure get_updates timeout in settings.py
(imported from commit 2a647bdd73c43ca5fed704925808efafc70da044)
2012-12-14 16:22:42 -05:00
Tim Abbott 9811050a4f views: Add json_to_list and use it and json_to_dict more.
(imported from commit a6fdc85edb8066eab7ca7cfa5f6f5fdf53b10a8c)
2012-12-13 16:39:58 -05:00
Tim Abbott 2280e4a58a Rename from_json_to_dict to json_to_dict.
(imported from commit a96d29c5e9a700c54a29a8777d7a1e5a4ccbd77d)
2012-12-13 16:39:58 -05:00
Tim Abbott e6fef7d7ba Fix confusion of user / user_profile objects in MIT signup codepaths.
(imported from commit f39943bf31f705365ed9743c6d2e9239fed8c9e2)
2012-12-13 13:32:34 -05:00
Waseem Daher 4108f2f817 Add a 'realm' column to the activity page.
This makes it easier for me to, e.g. check on all of CUSTOMER1.

(imported from commit 1970df29b08b299cd1d00013abecefd7efbffb48)
2012-12-12 18:05:54 -05:00
Jessica McKellar 41e688d913 Add exception handling around database lookups based on user data.
(imported from commit 4ddab2ed130ef57c967cc9364f8890a4c5b5e347)
2012-12-11 16:07:09 -05:00
Jessica McKellar 435c98b35c Be more picky about the type of get_old_messages's narrow POST parameter.
This addresses 500s observed on prod due to bad narrow values.

(imported from commit 5a865ce41e8a90d3990332d906cba4336eb53ada)
2012-12-11 16:07:09 -05:00
Tim Abbott 100df7e349 Add a maximum message length of 10000 characters.
(imported from commit a07c872d612521c9792be8dc704a9cfd6c752c75)
2012-12-11 11:33:40 -05:00
Zev Benjamin 19108929a7 github: only describe the first several commits in push notifications
(imported from commit aa26d2ae1d2d30350ec6e30729fb5652f385bd19)
2012-12-11 11:04:37 -05:00
Luke Faraone ced8062509 Use MAX_SUBJECT_LENGTH instead of hardcoded constant.
(imported from commit cc885f7ca196ec1de0279a6a6192044ff7c8420f)
2012-12-07 17:32:16 -05:00
Luke Faraone c65d6113ed Factor out notifying of a new user into a separate function, notify on manage.py create_user.
(imported from commit 1a6aa0536dbfea8035b6bbd76528e70d90aa8b60)
2012-12-07 17:32:16 -05:00
Luke Faraone 7fbee21584 Factor out Message() creation for internal use into separate function.
(imported from commit 0352010da4255fc74cd67835e04dbdb1f8bbf4e9)
2012-12-07 17:32:15 -05:00
Zev Benjamin f09ddbf80a Raise a ValueError instead of using an assert to enforce constraints
(imported from commit d4b0a9b13df3e2ffd33ae330f2301118c2e75343)
2012-12-07 13:16:31 -05:00
Zev Benjamin d31c33e505 github: fix missing argument to format string
(imported from commit 423cb4cb62976c5689db255120db5061a8b7be11)
2012-12-06 17:18:57 -05:00
Keegan McAllister 273c71e094 get_stream_colors: Use gather_subscriptions
(imported from commit fd870d889335860b14ad7a279160495e84bb303f)
2012-12-06 11:04:32 -05:00
Keegan McAllister 6776fd389f gather_subscriptions: Fetch colors along with subscriptions
Fixes #533.

(imported from commit 100b69569f61910a79a911fe82d7c8d14cac1e88)
2012-12-06 11:04:31 -05:00
Zev Benjamin 04063548fe Fix response for unsubscribe requests
The response was being populated with the same stream name over and over again

(imported from commit e205ce6019c1c7980b87ef33fd49497fe9c8691c)
2012-12-06 10:38:07 -05:00
Tim Abbott 28aa976be3 Fix desktop notifications being enabled on every settings change.
(imported from commit 09375c78125987de3223a17239fdef9273ccabe6)
2012-12-06 10:32:45 -05:00
Tim Abbott 41ec4d44a0 Don't let users change their fullname to be whitespace.
(imported from commit 015fc7cbc06acd5057952a3f09a9b6d3fe68d9fd)
2012-12-06 10:32:45 -05:00
Zev Benjamin 037aebd487 Improve Github push messages
This addresses Greg Price's feedback in #527.  We now distinguish
between normal pushes, force pushes, and branch deletions.

(imported from commit 0fab6055f63ffc7e6df283b8bb8ed9971000e6d5)
2012-12-05 16:57:33 -05:00
Tim Abbott 970969fc44 Add new timestamp_to_datetime helper function.
(imported from commit 6791d009ae2e8371abe2c929e87c816a1981f5fe)
2012-12-05 15:34:19 -05:00
Tim Abbott 8e3bcdaa19 Add user_created event type and appropriate replay code.
This is necessary for correctly replaying new user signups on non-MIT
domains.

(imported from commit e5a9d37b8772bd9794579ef16e7039196ac06f62)
2012-12-05 15:34:18 -05:00
Keegan McAllister ec3bef300b activity: Provide a link from the app
For humbughq.com users only.  Opens in a new tab.

(imported from commit 509905ebfacb45a454e863e8309896ffd3c538be)
2012-12-05 14:32:41 -05:00
Zev Benjamin 817baa72e3 Avoid sending messages to clients more than once due to out-of-order processing
This resolves #535

(imported from commit 9a7bf7443d17523e9ba14797a0215ee11262c7de)
2012-12-05 13:51:28 -05:00
Tim Abbott e816604c6e Fix bug where personals might be lost in mirroring.
(imported from commit ed78ca442677f3ee8b3149d61e351f624f437d24)
2012-12-05 12:39:56 -05:00
Keegan McAllister 97bcfbdbb8 activity: Put the three tables into Bootstrap tabs
(imported from commit 508c4b15a82df969b08b430ad892c4b13ed68092)
2012-12-05 12:35:05 -05:00
Keegan McAllister 23eef06ed0 activity: Initially sort rows by time of last activity
Doing this on the server is somewhat easier than making sorttable do it on page load.

(imported from commit 3ed7b127ba874d674d5cfe5b102c62a74be572f8)
2012-12-05 11:42:09 -05:00
Keegan McAllister 3f5d9902ab activity: Color rows for recently active or long inactive users
(imported from commit 5acc9317085acd7b4433b24b96bdf7fdebee5380)
2012-12-05 11:42:09 -05:00
Keegan McAllister 83d86f33ca activity: Clean up table computation a bit
(imported from commit c599d7ca572010c07b457ec15a305eef7dff78dd)
2012-12-05 11:42:08 -05:00
Zev Benjamin 7e4776322d [manual] Unify huddles and personals into private messages on the receive path
feedback-bot and zephyr_mirror will need to be updated and restarted
when this is deployed to prod.

(imported from commit fe2b524424c174bcb1b717a851a5d3815fda3f69)
2012-12-04 18:01:51 -05:00
Zev Benjamin bc67d9d1d7 Prevent race during get_updates that can cause clients to miss messages
This fixes #174

(imported from commit d900957e468815bcb99de67d570dfd7ce4413220)
2012-12-04 12:44:44 -05:00
Zev Benjamin f4898ea490 do_send_message: use JSON for the user list instead of joining/splitting with commas
(imported from commit 85d94ca647d0e6707f4f96e2b7a7b330f76db9d9)
2012-12-04 12:44:44 -05:00
Tim Abbott 2ad1b14f23 Set zephyr_mirror_active to False for new MIT users.
(imported from commit ffa0513561c994da1b561c0ad50728b8351e22e8)
2012-12-04 10:55:31 -05:00
Jeff Arnold 5ea4e30caf Proprely handle get_old_messages when narrowed to personals with yourself
(imported from commit 3ace5655d093f4568b4dea512a6e1bbbd6245f10)
2012-12-03 15:58:26 -05:00
Jessica McKellar dbcd6684a2 Add error handling to subscription color requests.
(imported from commit b2f65feeb44abe37397de88c616fa1aa01cf8277)
2012-12-03 12:46:27 -05:00