Commit Graph

5511 Commits

Author SHA1 Message Date
Anders Kaseorg
ba8b9a445b eslint: Fix unicorn/prefer-node-protocol.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2024-10-08 16:54:15 -07:00
Shubham Padia
6e9d56eaf4 user_groups: Check permission to manage groups based on group setting.
We also add exception for the group creator to manage groups. See
https://chat.zulip.org/#narrow/stream/3-backend/topic/Group.20creation.20-.20who.20can.20change.20the.20setting.2E/near/1943861
for more details. For the tests, wherever possible, we've just added an
acting_user when creating a group to test.
We've also added an acting_user argument to create_user_group_for_test.
We will not remove `user_group_edit_policy` yet. That will be removed
once we have introduced this setting to the frontend.
2024-10-01 17:35:14 -07:00
Vector73
66113365a5 saved_snippets: Add new feature for saved snippets.
Fixes #31227.
2024-10-01 11:48:15 -07:00
Anders Kaseorg
2440c6d244 electron_bridge: Harden against hypothetical DOM clobbering attacks.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2024-09-30 16:31:27 -07:00
evykassirer
471d042a11 message_notifications: Convert module to typescript. 2024-09-30 12:07:27 -07:00
Anders Kaseorg
d5bc3421fc install-tusd: Be careful to match the complete version line.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2024-09-26 09:26:34 -07:00
Anders Kaseorg
5a978edf40 install-aws-server: Fix SC2206 violation.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2024-09-24 23:05:39 -07:00
Anders Kaseorg
0cc6421118 install-transifex-cli: Upgrade Transifex CLI from 1.6.16 to 1.6.17.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2024-09-24 20:51:24 -07:00
evykassirer
af915523a7 message_view: Convert module to typescript. 2024-09-24 15:43:27 -07:00
Vlad Korobov
edef41ca32 portico: hello images are always x2 size 2024-09-24 14:19:48 -07:00
Alya Abbott
1767fac1d1 portico: Add per file upload limit to feature comparison table. 2024-09-23 14:37:48 -07:00
Varun Singh
7302499485 message_list_hover: Convert module to TypeScript. 2024-09-20 18:24:49 -07:00
evykassirer
deb5d90941 message_list: Convert module to typescript. 2024-09-19 15:31:16 -07:00
Alex Vandiver
818c30372f upload: Use tusd for resumable, larger uploads.
Currently, it handles two hook types: 'pre-create' (to verify that the
user is authenticated and the file size is within the limit) and
'pre-finish' (which creates an attachment row).

No secret is shared between Django and tusd for authentication of the
hooks endpoints, because none is necessary -- tusd forwards the
end-user's credentials, and the hook checks them like it would any
end-user request.  An end-user gaining access to the endpoint would be
able to do no more harm than via tusd or the normal file upload API.

Regardless, the previous commit has restricted access to the endpoint
at the nginx layer.

Co-authored-by: Brijmohan Siyag <brijsiyag@gmail.com>
2024-09-19 11:37:29 -07:00
Aman Agrawal
6f094f0350 test_backend: For serial mode for stripe fixture generation.
It is important for stripe fixtures to be generated in serial
mode so that customer and event data doesn't overflow between
tests.
2024-09-19 11:26:21 -07:00
Sahil Batra
2fff124ec9 settings: Add new module to handle pills for group settings.
This commit creates a new module similar to add_subscribers_pill
for handling the pill widget to be used for group settings.
2024-09-19 09:08:33 -07:00
Anders Kaseorg
97ffccb45f reload: Convert module to TypeScript.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2024-09-18 15:31:41 -07:00
Lauryn Menard
52bc47a870 activity: Add view for a remote server's audit logs.
Links to the audit log view via the remote support view in the
remote server information section after the user counts.
2024-09-17 09:34:17 -07:00
Tim Abbott
3514cbd7e8 renumber-migrations: Avoid crashing with squashed migrations. 2024-09-13 18:44:58 -07:00
evykassirer
e41e365085 message_list_view: Convert module to typescript. 2024-09-11 14:59:31 -07:00
Alex Vandiver
38053e9c7c emoji: Convert spritesheets to webp.
This provides significant size savings:

| Emoji set   | png size | webp size | webp/png percent |
| ----------- | -------- | --------- | ---------------- |
| google-blob |  1968954 |   1373350 |           69.75% |
| twitter     |  2972820 |   2149672 |           72.31% |
| google      |  3455270 |   2327834 |           67.37% |

Since these are the largest assets that we ship to clients, it is
worth shaving off every byte we can.
2024-09-11 09:03:47 -07:00
Alex Vandiver
a2517e1115 build-emoji: Reorganize /srv/zulip-emoji-cache.
This more explicitly splits out the files bound for web/generated/ from
those bound for static/generated/.
2024-09-11 09:03:47 -07:00
opmkumar
719518baba popovers: Add stream-info-popover when channel pill is clicked.
Shows a stream info popover whenever a channel pill is clicked (such
as in the pill widgets for adding subscribers to a channel or
invitations). The stream info popover contains channel icon and name,
channel description and a link to channel settings.

Fixes #30567.
2024-09-10 16:16:53 -07:00
Varun Singh
d6c34f64dd tests: Use make_user & make_bot to create test user & bot. 2024-09-10 16:02:35 -07:00
Aman Agrawal
5b9a2584c5 message_list_data_cache: Cache MessageListData objects.
We start caching MessageListData objects for the narrows which
user has visited. We restore the cached objects if the filters
match. Also, the cached objects are updated based on events. One
major piece is update path the is pending implementation is the
message move code path.
2024-09-10 15:58:15 -07:00
joseph
5d3edf06c8 message_edit: Ask users to delete attachments after editing.
currently, after a user edits a message and removes an reference to the
uploaded file, the uploaded file stays on the storage taking up space.
We want to ask the user to possibly delete the removed attachments if
they are no longer needed. These changes applies a modal that will appear
prompting the user to delete the attachments.

Fixes: #25525.

Co-authored-by: brijsiyag
Co-authored-by: wandrew0
2024-09-06 11:40:51 -07:00
Kenneth Rodrigues
dc32396180 endpoints: Remove the has_request_variables decorator.
All endpoints have been migrated to the typed_endpoint decorator,
therefore the has_request_variables decorator and the REQ function are
no longer needed and have been removed.
2024-09-05 16:02:12 -07:00
Anders Kaseorg
91ade25ba3 python: Simplify with str.removeprefix, str.removesuffix.
These are available in Python ≥ 3.9.
https://docs.python.org/3/library/stdtypes.html#str.removeprefix

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2024-09-03 12:30:16 -07:00
Anders Kaseorg
8b147d92a8 apt-repos: Use PGroonga binaries on Ubuntu 24.04.
These did not exist when we first added Ubuntu 24.04 support; now they
do.  Fixes #31261.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2024-08-29 16:04:44 -07:00
Alex Vandiver
df91cdf333 thumbnail: Backfill ImageAttachment rows.
We previously used the file extension to determine if we should
attempt to inline an image.  After b42863be4b, we rely on the
existence of ImageAttachment rows to determine if something is an
image which can be viewed inline.  This means that messages
containing files uploaded before that commit, when (re-)rendered, will
be judged as not having inline'able images.

Backfill all of the ImageAttachment rows for image-like file
extensions.  We are careful to only download the bytes that we need in
the image headers, to minimize bandwidth from S3 in the event that the
S3 backend is in use.  We do _not_ produce thumbnails for the images
during this migration; see the subsequent commit.

Because this migration will be backported to 9.x, it is marked as only
depending on the last migration in `9.x`, with a subsequent merge
migration into the tip of `main`.
2024-08-29 12:11:51 -07:00
Lauryn Menard
d54ca85de2 activity: Add view to see the ledger entries for a customer plan.
Adds a link to the plan ledger view in the current plan information
shown in the support views. Link is not shown if the plan is 100%
sponsored, e.g., the Community plan.

Adds a formatted header area to the activity table template so
that it's easy to add useful information to these activity views.
2024-08-28 14:12:36 -07:00
Anders Kaseorg
ed63a40184 install-transifex-cli: Upgrade Transifex CLI from 1.6.14 to 1.6.16.
Some checks are pending
Code scanning / CodeQL (push) Waiting to run
Zulip production suite / Ubuntu 22.04 production build (push) Waiting to run
Zulip production suite / ${{ matrix.name }} (zulip/ci:bookworm, --test-custom-db, Debian 12 production install with custom db name and user, bookworm) (push) Blocked by required conditions
Zulip production suite / ${{ matrix.name }} (zulip/ci:jammy, , Ubuntu 22.04 production install and PostgreSQL upgrade with pgroonga, jammy) (push) Blocked by required conditions
Zulip production suite / ${{ matrix.name }} (zulip/ci:noble, , Ubuntu 24.04 production install, noble) (push) Blocked by required conditions
Zulip production suite / ${{ matrix.name }} (zulip/ci:bookworm-7.0, 7.0 Version Upgrade, bookworm) (push) Blocked by required conditions
Zulip production suite / ${{ matrix.name }} (zulip/ci:bookworm-8.0, 8.0 Version Upgrade, bookworm) (push) Blocked by required conditions
Zulip production suite / ${{ matrix.name }} (zulip/ci:jammy-6.0, 6.0 Version Upgrade, jammy) (push) Blocked by required conditions
Zulip production suite / ${{ matrix.name }} (zulip/ci:noble-9.0, 9.0 Version Upgrade, noble) (push) Blocked by required conditions
Zulip CI / ${{ matrix.name }} (zulip/ci:bookworm, true, false, Debian 12 (Python 3.11, backend + documentation), bookworm) (push) Waiting to run
Zulip CI / ${{ matrix.name }} (zulip/ci:jammy, false, true, Ubuntu 22.04 (Python 3.10, backend + frontend), jammy) (push) Waiting to run
Zulip CI / ${{ matrix.name }} (zulip/ci:noble, false, false, Ubuntu 24.04 (Python 3.12, backend), noble) (push) Waiting to run
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2024-08-26 14:17:05 -07:00
Anders Kaseorg
b0170fc306 install-shfmt: Upgrade shfmt from 3.8.0 to 3.9.0.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2024-08-26 14:17:05 -07:00
Anders Kaseorg
d67831ba4b run-dev: Remove unnecessary compress=False for aiohttp.
This seems to have been unnecessary since aiohttp 2, and now causes a
type error.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2024-08-24 19:44:38 -07:00
Tim Abbott
f4d98b03d5 migrations: Squash zerver migrations.
Some checks are pending
Code scanning / CodeQL (push) Waiting to run
Zulip production suite / Ubuntu 22.04 production build (push) Waiting to run
Zulip production suite / ${{ matrix.name }} (zulip/ci:bookworm, --test-custom-db, Debian 12 production install with custom db name and user, bookworm) (push) Blocked by required conditions
Zulip production suite / ${{ matrix.name }} (zulip/ci:jammy, , Ubuntu 22.04 production install and PostgreSQL upgrade with pgroonga, jammy) (push) Blocked by required conditions
Zulip production suite / ${{ matrix.name }} (zulip/ci:noble, , Ubuntu 24.04 production install, noble) (push) Blocked by required conditions
Zulip production suite / ${{ matrix.name }} (zulip/ci:bookworm-7.0, 7.0 Version Upgrade, bookworm) (push) Blocked by required conditions
Zulip production suite / ${{ matrix.name }} (zulip/ci:bookworm-8.0, 8.0 Version Upgrade, bookworm) (push) Blocked by required conditions
Zulip production suite / ${{ matrix.name }} (zulip/ci:jammy-6.0, 6.0 Version Upgrade, jammy) (push) Blocked by required conditions
Zulip production suite / ${{ matrix.name }} (zulip/ci:noble-9.0, 9.0 Version Upgrade, noble) (push) Blocked by required conditions
Zulip CI / ${{ matrix.name }} (zulip/ci:bookworm, true, false, Debian 12 (Python 3.11, backend + documentation), bookworm) (push) Waiting to run
Zulip CI / ${{ matrix.name }} (zulip/ci:jammy, false, true, Ubuntu 22.04 (Python 3.10, backend + frontend), jammy) (push) Waiting to run
Zulip CI / ${{ matrix.name }} (zulip/ci:noble, false, false, Ubuntu 24.04 (Python 3.12, backend), noble) (push) Waiting to run
This has the impact of making rebuilding the database in a Zulip
development environment, or initializing a new production database,
dramatically faster.

This was generated by merging the output of `manage.py makemigrations`
with an empty migration.

Tested using `tools/rebuild-test-database` before and after this
change, and comparing the output of `pg_dump -d zulip_test` using
Git's diff comparison algorithm. Differences in that SQL dump include:

- The actual generated table contents, due to timestamps and the like;
  this is expected and unrelated to schema.

- Orders of fields within tables, which is not significant in SQL.

- IDs assigned to tables in the ContentType table, which is expected
  and not a problem with how that Django table is designed.

- Names of generated indexes and constraints; modern Django seems to
  abbreviate long names differently for these, and it's not obviously
  possible to configure those used by the `db_index` property. If
  necessarily, likely this can be converged via a migration filled
  with `IF EXISTS` rename operations like the one done in
  zerver/migrations/0246_message_date_sent_finalize_part2.py.

- Names of the ~3 sequences related to renamed tables:
  usertopic/mutedtopic, botconfigdata/botuserconfigdata,
  realmdomain/realmalias. Probably there's no action required here,
  but we could do rename operations if desired.
2024-08-23 17:15:35 -07:00
afeefuddin
f013eb1037 message_fetch: Convert module to TypeScript. 2024-08-23 13:34:13 -07:00
afeefuddin
17e2d46760 message_store: Rewrite RawMessage type using Zod.
This commit rework RawMessage and it's related type to use
Zod for parsing the data received from the server.
2024-08-23 13:34:13 -07:00
Varun Singh
f148a7a3ed popover_menus_data: Convert module to TypeScript. 2024-08-23 13:10:50 -07:00
Varun Singh
2cf09602df todo_widget: Convert module to TypeScript. 2024-08-23 12:30:27 -07:00
afeefuddin
be9d879682 settings_bots: Convert module to TypeScript. 2024-08-21 08:28:40 -07:00
Kenneth Rodrigues
86bf0d3ea3 decorators: Migrate to typed_endpoint.
Modify `semgrep-py.yml` to treat arguments after `*args` as
keyword-only arguments.
2024-08-20 10:15:30 -07:00
Alex Vandiver
64516ab9f4 install-aws-server: Output tsh ssh command, not ssh. 2024-08-20 10:04:40 -07:00
Alex Vandiver
a5a898ba21 install-aws-server: Switch to 24.04. 2024-08-20 10:04:37 -07:00
Alex Vandiver
3adedc9545 install-aws-server: Set the name of the root EBS volume. 2024-08-20 10:03:59 -07:00
evykassirer
b1198785be message_edit: Convert module to typescript.
Some checks are pending
Code scanning / CodeQL (push) Waiting to run
Zulip production suite / Ubuntu 22.04 production build (push) Waiting to run
Zulip production suite / ${{ matrix.name }} (zulip/ci:bookworm, --test-custom-db, Debian 12 production install with custom db name and user, bookworm) (push) Blocked by required conditions
Zulip production suite / ${{ matrix.name }} (zulip/ci:jammy, , Ubuntu 22.04 production install and PostgreSQL upgrade with pgroonga, jammy) (push) Blocked by required conditions
Zulip production suite / ${{ matrix.name }} (zulip/ci:noble, , Ubuntu 24.04 production install, noble) (push) Blocked by required conditions
Zulip production suite / ${{ matrix.name }} (zulip/ci:bookworm-7.0, 7.0 Version Upgrade, bookworm) (push) Blocked by required conditions
Zulip production suite / ${{ matrix.name }} (zulip/ci:bookworm-8.0, 8.0 Version Upgrade, bookworm) (push) Blocked by required conditions
Zulip production suite / ${{ matrix.name }} (zulip/ci:jammy-6.0, 6.0 Version Upgrade, jammy) (push) Blocked by required conditions
Zulip production suite / ${{ matrix.name }} (zulip/ci:noble-9.0, 9.0 Version Upgrade, noble) (push) Blocked by required conditions
Zulip CI / ${{ matrix.name }} (zulip/ci:bookworm, true, false, Debian 12 (Python 3.11, backend + documentation), bookworm) (push) Waiting to run
Zulip CI / ${{ matrix.name }} (zulip/ci:jammy, false, true, Ubuntu 22.04 (Python 3.10, backend + frontend), jammy) (push) Waiting to run
Zulip CI / ${{ matrix.name }} (zulip/ci:noble, false, false, Ubuntu 24.04 (Python 3.12, backend), noble) (push) Waiting to run
2024-08-19 16:33:04 -07:00
Vector73
80969a62e6 settings: Add can_delete_any_message_group setting.
Fixes #30717.
2024-08-15 12:03:49 -07:00
Varun Singh
d8dd682944 echo: Convert module to TypeScript.
Some checks are pending
Code scanning / CodeQL (push) Waiting to run
Zulip production suite / Ubuntu 22.04 production build (push) Waiting to run
Zulip production suite / ${{ matrix.name }} (zulip/ci:bookworm, --test-custom-db, Debian 12 production install with custom db name and user, bookworm) (push) Blocked by required conditions
Zulip production suite / ${{ matrix.name }} (zulip/ci:jammy, , Ubuntu 22.04 production install and PostgreSQL upgrade with pgroonga, jammy) (push) Blocked by required conditions
Zulip production suite / ${{ matrix.name }} (zulip/ci:noble, , Ubuntu 24.04 production install, noble) (push) Blocked by required conditions
Zulip production suite / ${{ matrix.name }} (zulip/ci:bookworm-7.0, 7.0 Version Upgrade, bookworm) (push) Blocked by required conditions
Zulip production suite / ${{ matrix.name }} (zulip/ci:bookworm-8.0, 8.0 Version Upgrade, bookworm) (push) Blocked by required conditions
Zulip production suite / ${{ matrix.name }} (zulip/ci:jammy-6.0, 6.0 Version Upgrade, jammy) (push) Blocked by required conditions
Zulip production suite / ${{ matrix.name }} (zulip/ci:noble-9.0, 9.0 Version Upgrade, noble) (push) Blocked by required conditions
Zulip CI / ${{ matrix.name }} (zulip/ci:bookworm, true, false, Debian 12 (Python 3.11, backend + documentation), bookworm) (push) Waiting to run
Zulip CI / ${{ matrix.name }} (zulip/ci:jammy, false, true, Ubuntu 22.04 (Python 3.10, backend + frontend), jammy) (push) Waiting to run
Zulip CI / ${{ matrix.name }} (zulip/ci:noble, false, false, Ubuntu 24.04 (Python 3.12, backend), noble) (push) Waiting to run
2024-08-13 09:37:35 -07:00
Varun Singh
f5d71fa320 server_message: Remove from EXEMPT_FILES. 2024-08-13 09:37:35 -07:00
afeefuddin
19b85eb600 user_profile: Convert module to TypeScript. 2024-08-12 09:40:33 -07:00
Shubham Padia
72f7a13346 tools: Add option for help center dev server.
Fixes #30451.
In a case that both `--help-center` and `--help-center-dev-server`
flags are passed to `run-dev`, `--help-center` flag will take
precedence without throwing any error.
2024-08-02 18:18:01 -07:00