Commit Graph

240 Commits

Author SHA1 Message Date
Shubham Padia
41c74314c0 streams: Use can_add_subscribers_group for permission check.
The function to check relevant permissions does so for multiple streams
at once to save us database query counts. Doing it one by one for every
stream would become very expensive.
We've also added `insufficient_permission_streams` to the filter
functions return type for streams for which the current user does not
have permission to subscribe other users.
2025-01-22 14:27:06 -08:00
Shubham Padia
97996b9929 streams: Add can_add_subscribers_group as a setting.
We're not using this setting to check the permissions yet.
2025-01-22 14:27:06 -08:00
Shubham Padia
24341076a3 realm: Delete invite_to_stream_policy. 2025-01-22 12:33:58 -08:00
Shubham Padia
275a1a4c69 realm: Use can_add_subscribers_group instead of invite_to_stream_policy.
We remove `invite_to_stream_policy` from the backend wherever applicable
except deleting the field. We have just ported the existing behaviour of
`invite_to_stream_policy` to `can_add_subscribers_group` except one
change. We have added an explicit exception for admins to have this
permission whether they are part of this group or not. The reason for
this is we are adding `stream.can_add_susbcribers_group` in the future
which will grant all admins permission to subscribe other users to a
channel given they have access to a channel. So it makes sense that we
add this exception to the realm level property also.
See https://chat.zulip.org/#narrow/channel/101-design/topic/Can.20subscribe.20other.20users.20on.20user.20profile/near/2039825
2025-01-22 12:33:58 -08:00
Shubham Padia
3cdc9d8459 realm: Add can_add_subscribers_group as a setting.
This commit just adds the setting, the work to use this setting and
replace `invite_to_stream_policy` will be done in future commits.
2025-01-22 12:33:56 -08:00
Sahil Batra
9682e35584 settings: Show avatar by default in right sidebar for new orgs.
This commit sets the default for user_list_style to
USER_LIST_STYLE_WITH_AVATAR so that the organization
level defaults for new users of this setting is set
to show avatar in right sidebar for new orgs.
2025-01-09 09:19:22 -08:00
Prakhar Pratyush
3ba198e79a message_send: Add support to send message with an empty topic name.
This commit is a part of the work to support empty string
as a topic name.

Previously, empty string was not a valid topic name.

Adds a `empty_topic_name` client capability to allow client
to specify whether it supports empty string as a topic name.

Adds backward compatibility for:
- `subject` field in the `message` event type
2025-01-07 17:24:00 -08:00
Sahil Batra
b4b571d60c streams: Remove stream_post_policy field from Stream. 2025-01-07 12:17:37 -08:00
Sahil Batra
1d7a77b9a8 streams: Pass stream_post_policy value according to the group setting.
The stream and subscription objects now have stream_post_policy value
set according to the can_send_message_group setting representing the
superset of users who have permission to post in the channel.
2025-01-07 12:17:09 -08:00
Sahil Batra
2d09cd899e message: Use new setting for checking stream posting permissions. 2025-01-07 12:17:09 -08:00
Sahil Batra
101e94b052 streams: Add group based setting to control posting permissions. 2025-01-07 12:17:07 -08:00
Sahil Batra
fa099f7ce7 mention: Allow silent mentioning system user groups.
Previously, we do not allow mentioning system user groups
at all. Now we want to use silent mention syntax for system
groups in the message sent when updating the posting permission
for a stream, so it is important to allowing silent mentioning
system groups at least. And there is no problem in allowing
silent mentions of system groups for all users.

We do not allow mentioning system groups as can_mention_group
for them is set to "Nobody" group.
2025-01-07 11:28:44 -08:00
opmkumar
5b0c55fda3 realm: Add option to schedule data deletion while deactivating.
Introduce a feature to schedule realm data deletion time during realm
deactivation. This includes a server-level setting to configure the
minimum and maximum allowed deletion days.

Co-authored-by: Ujjawal Modi <umodi2003@gmail.com>
Co-authored-by: Lauryn Menard <lauryn@zulip.com>

Fixes #24677.
2024-12-18 23:06:12 -08:00
PieterCK
943fbb76fe settings: Add realm-level setting moderation_request_channel.
This commit introduces a new non-operational
`moderation_request_channel` field to the server/API. This setting will
support a feature allowing users to flag or report abusive content
(harassment, spam, etc.).

Fixes part of #20047.
2024-12-18 11:36:19 -08:00
Sahil Batra
a9bd614df3 default_streams: Remove get_default_streams_for_realm_as_dicts.
Since get_default_streams_for_realm_as_dicts function was only
used in tests, this commit removes it and updates the test to
use the function which returns Stream objects instead of dicts.

This commit also removes Stream.to_dict function which is no
longer used.
2024-12-17 09:40:10 -08:00
Sahil Batra
1182e7e350 streams: Pass only stream IDs for default stream groups data.
Clients do not use default stream groups feature now but they
should only require IDs when they use them and not the full
stream data since that is already available in streams and
subscriptions data.
2024-12-17 09:40:10 -08:00
Kislay Verma
00df8a593d user_settings: Add field web_suggest_update_timezone.
This field tracks whether the user should be shown an
alert offering to update their profile time zone to the
time zone of the browser in case they differ.

The field is added to RealmUserDefault and UserProfile
models with a default value of True.

Fixes part of #16957
2024-12-13 12:58:07 -08:00
Vector73
143ca5065e api: Remove user object from reactions objects in the API.
Removes deprecated `user` object from reactions objects returned by
the API as it is redundant because of the presence of `user_id` field in
the API and is not used by any clients now.
2024-12-13 09:58:25 -08:00
bedo
1847086044 subscription: Remove unnecessary select_related fields and clean up.
Removes the unnecessary fields from bulk_access_users_by_email and
bulk_access_users_id, while also removing duplication of these lists
of fields.

"base_bulk_get_user_queryset", used when fetching a user
other than the acting user.

"base_get_user_queryset", used when fetching the acting user,
prefetching more fields.

There remains some inconsistency in the models.py functions that may
merit further investigation.
2024-12-05 17:02:07 -08:00
Shubham Padia
0cc200e573 stream: Only realm admins can change default channels. 2024-12-04 12:25:19 -08:00
Sahil Batra
3319a192d4 realm: Allow various settings to be set to "Nobody" group.
We now allow setting following settings to "Nobody" group -
- can_add_custom_emoji_group
- can_create_groups
- can_create_public_channel_group
- can_create_private_channel_group
- can_delete_any_message_group
- can_delete_own_message_group

We are fine with nobody having these permissions as there
will be no major challenges for working of the organization
with these settings and admins anyways will always have
permission to change these settings.

Fixes #32401.
2024-12-04 11:15:18 -08:00
Sahil Batra
b675e95695 stream-settings: Allow nobody group for can_remove_subscribers_group.
We can allow nobody group since admins always have permission to
remove subscribers.
2024-12-04 11:15:18 -08:00
Sahil Batra
367a0bdbff groups: Remove id_field_name field from GroupPermissionSetting.
id_field_name was being used only to set the initial dummy
values for realm settings. We can directly add "_id" to the
setting name instead of having an extra id_field_name field.
2024-12-04 11:15:17 -08:00
Sahil Batra
121df45cc4 groups: Remove allow_owners_group field from GroupPermissionSetting.
As we now allow anonymous groups and settings can be set to any
set of users, there is no benefit in not allowing a setting to
be set to "Owners" group.
2024-12-04 11:12:28 -08:00
Shubham Padia
4b3d1a5aac streams: Creator should be able to administer new channels.
There are cases when importing from slack where the stream creator can
technically be none, that is why we have named the default group string
to `stream_creator_or_nobody`. If stream creator is not present, we
default back to nobody. See
https://chat.zulip.org/#narrow/channel/3-backend/topic/Default.20can_administer_channel_group.20for.20imported.20realms/near/1983634
for mode details.
2024-12-03 18:38:25 -08:00
Shubham Padia
eb943d54a9 streams: Add can_administer_channel_group as a stream setting.
We have not added current user as the default for new channels in this
commit.
2024-12-03 18:38:25 -08:00
Sahil Batra
7e6a02b82d user_groups: Add setting to control who can remove members.
This commit adds a new setting to control who can remove
members from the group.
2024-12-02 17:38:44 -08:00
Aman Agrawal
a8d0667b46 preregistration: Add field to track import progress.
We add a field to track user's progress and other details
during the import process.
2024-12-02 10:21:03 -08:00
Aman Agrawal
50256f4831 stream: Add field to track active status of stream. 2024-11-27 17:31:06 -08:00
Anders Kaseorg
0048dfabd0 admin: Convert module to TypeScript.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2024-11-27 16:46:35 -08:00
sujal shah
771d3b1434 invites: Enable adding users to user groups during invitations.
This commit allows users to be assigned to custom groups when
inviting them to join Zulip, similar to how channels are handled.
The implementation follows a similar pattern for adding pills,
ensuring consistency, as user groups and channels are parallel
in nature.

Fixes #24365.
2024-11-26 11:26:34 -08:00
Prakhar Pratyush
175104ea01 streams: Add 'ChannelEmailAddress' model.
This commit removes the 'email_token' field from the
'Stream' model, introduces a new model 'ChannelEmailAddress',
and backfills it.

This is a prep work towards our plan to generate unique
channel emails for different users, which can be used
to check post permissions at message send time.
2024-11-21 14:53:28 -08:00
Vector73
de44eb6a1b settings: Remove invite_to_realm_policy setting.
Removed `invite_to_realm_policy` property, as the permission
to invite other users to the organization is now controlled by
`can_invite_users_group` setting.
2024-11-20 13:35:05 -08:00
Vector73
4e89b4a88c settings: Add can_invite_users_group realm setting.
Added `can_invite_users_group` realm setting to replace
`invite_to_realm_policy`.
2024-11-20 13:35:05 -08:00
Shubham Padia
b6ebf143cc streams: Backend changes to support anonymous groups.
can_remove_subscribers_group setting can now be set to
anonymous user groups.

Co-authored-by: Sahil Batra <sahil@zulip.com>
2024-11-16 17:11:08 -08:00
Prakhar Pratyush
6820cbb980 realm_export: Change tarball_size_bytes to PositiveBigIntegerField.
This commit updates `tarball_size_bytes` field from
`PositiveIntegerField` to `PositiveBigIntegerField` to support
larger values.
2024-11-14 10:09:03 -08:00
Prakhar Pratyush
ca4760a04c recipients: Add savepoint=False to avoid creating savepoints.
'get_or_create_direct_message_group' is used inside an outer
db transaction created in 'edit_scheduled_message'.

`transaction.atomic()` block in 'get_or_create_direct_message_group'
resulted in savepoint creation.

This commit adds `savepoint=False` to avoid that.
2024-11-05 17:58:47 -08:00
Tim Abbott
f54817d78d groups: Enable group-valued settings in production. 2024-10-31 12:04:51 -07:00
Vector73
1ba1408b01 settings: Remove edit_topic_policy setting.
Some checks failed
Code scanning / CodeQL (push) Has been cancelled
Zulip production suite / Ubuntu 22.04 production build (push) Has been cancelled
Zulip CI / ${{ matrix.name }} (zulip/ci:bookworm, true, false, Debian 12 (Python 3.11, backend + documentation), bookworm) (push) Has been cancelled
Zulip CI / ${{ matrix.name }} (zulip/ci:jammy, false, true, Ubuntu 22.04 (Python 3.10, backend + frontend), jammy) (push) Has been cancelled
Zulip CI / ${{ matrix.name }} (zulip/ci:noble, false, false, Ubuntu 24.04 (Python 3.12, backend), noble) (push) Has been cancelled
Zulip production suite / ${{ matrix.name }} (zulip/ci:bookworm, --test-custom-db, Debian 12 production install with custom db name and user, bookworm) (push) Has been cancelled
Zulip production suite / ${{ matrix.name }} (zulip/ci:jammy, , Ubuntu 22.04 production install and PostgreSQL upgrade with pgroonga, jammy) (push) Has been cancelled
Zulip production suite / ${{ matrix.name }} (zulip/ci:noble, , Ubuntu 24.04 production install, noble) (push) Has been cancelled
Zulip production suite / ${{ matrix.name }} (zulip/ci:bookworm-7.0, 7.0 Version Upgrade, bookworm) (push) Has been cancelled
Zulip production suite / ${{ matrix.name }} (zulip/ci:bookworm-8.0, 8.0 Version Upgrade, bookworm) (push) Has been cancelled
Zulip production suite / ${{ matrix.name }} (zulip/ci:jammy-6.0, 6.0 Version Upgrade, jammy) (push) Has been cancelled
Zulip production suite / ${{ matrix.name }} (zulip/ci:noble-9.0, 9.0 Version Upgrade, noble) (push) Has been cancelled
Removed `edit_topic_policy` property, as the permission
to move messages between topcis is now controlled by
`can_move_messages_between_topics_group` setting.
2024-10-29 16:27:04 -07:00
Vector73
ed5638ec3c settings: Add can_move_messages_between_topics_group realm setting.
Added `can_move_messages_between_topics_group` realm setting to replace
`edit_topic_policy`.
2024-10-29 16:27:04 -07:00
sanchi-t
af7ebde9e4 subscription: Include archived channels in streams list.
`is_archived` field is added to the stream and types.

Include a new `archived_channeels` client capability, to allow clients
to access data on archived channels, without breaking
backwards-compatibility for existing clients that don't know how to
handle these.

Also, included `exclude_archived` parameter to `/get-streams`,
which defaults to `true` as basic clients may not be interested
in archived streams.
2024-10-25 16:06:40 -07:00
Shubham Padia
1f0906aef7 groups: Remove list specifying group settings with new API format.
All the groups are now following the new API format, making the list
redundant.
2024-10-24 14:42:21 -07:00
Shubham Padia
9f9d5b2f98 groups: Accept anonymous groups for can_access_all_users_group.
On the frontend, the selection is still a dropdown of system groups but
on the API level, we have started accepting anonymous groups similar to
other settings
We've kept require system groups true for now until we switch to group
picker on the frontend.
2024-10-24 14:42:19 -07:00
Shubham Padia
ceb0197c1b groups: Accept anonymous groups for create_multiuse_invite_group.
On the frontend, the selection is still a dropdown of system groups but
on the API level, we have started accepting anonymous groups similar to
other settings.
We've kept require system groups true for now until we switch to group
picker on the frontend.
2024-10-24 14:41:09 -07:00
Mateusz Mandera
389b851f81 update_user_backend: Allow authorized org owners to change user emails.
This adds a new special UserProfile flag can_change_user_emails(disabled
by default) and the ability for changing the email address of users in
the realm via update_user_backend. This is useful for allowing
organizations to update user emails without needing to set up a SCIM
integration, but since it gives the ability to hijack user accounts, it
needs to be behind this additional permission and can't be just given to
organization owners by default. Analogical to how the
create_user_backend endpoint works.
2024-10-22 16:36:38 -07:00
Vector73
68dc914b6e users: Refactor has_permission function.
Refactored `has_permission` function to programmatically check if the `policy_name`
is a group-based setting.
2024-10-16 14:26:20 -07:00
Vector73
8d341d1af9 settings: Remove move_messages_between_streams_policy setting.
Removed `move_messages_between_streams_policy` property, as the permission
to move messages between channels is now controlled by
`can_move_messages_between_channels_group` setting.
2024-10-16 14:26:20 -07:00
Vector73
1be0cb1b75 settings: Add can_move_messages_between_channels_group realm setting.
Added `can_move_messages_between_channels_group` realm setting to replace
`move_messages_between_streams_policy`.
2024-10-16 14:26:18 -07:00
Tim Abbott
7e7113ad84 groups: Enable group-settings value on groups in production.
The main change is redefining ALLOW_GROUP_VALUED_SETTINGS to not
control code, but instead to instead control the configuration for
whether settings that have not been converted to use our modern UI
patterns should require system groups.

Fundamentally, it's the same for the realm/stream group-valued
settings, which don't have the new UI patterns yet.

We remove the visual hiding of the "can manage group" setting, which
was hidden only due to transitions being incomplete.
2024-10-15 15:58:54 -07:00
Tim Abbott
b4ae76be65 upload: Improve error messages when uploads limited by plan.
To make the tests work, we ensure that MAX_FILE_UPLOAD_SIZE is
enforced even in the plans case.
2024-10-15 13:30:29 -07:00