diff --git a/tools/test-backend b/tools/test-backend index edc94678fc..5b25df8dad 100755 --- a/tools/test-backend +++ b/tools/test-backend @@ -90,7 +90,6 @@ not_yet_fully_covered = { 'zerver/lib/push_notifications.py', 'zerver/lib/upload.py', 'zerver/models.py', - 'zproject/backends.py', # Webhook integrations with incomplete coverage 'zerver/webhooks/basecamp/view.py', 'zerver/webhooks/beanstalk/view.py', diff --git a/zerver/context_processors.py b/zerver/context_processors.py index 3010e6f36a..2da025360c 100644 --- a/zerver/context_processors.py +++ b/zerver/context_processors.py @@ -48,9 +48,8 @@ def zulip_default_context(request): bottom of this function in a wide range of situations: logged-in or logged-out, subdomains or not, etc. - The main variable in the below is whether we know the realm, which - is the case if there is only one realm, or we're on a - REALMS_HAVE_SUBDOMAINS subdomain, or the user is logged in. + The main variable in the below is whether we know what realm the + user is trying to interact with. """ realm = get_realm_from_request(request) @@ -97,7 +96,6 @@ def zulip_default_context(request): settings_comments_path = "/etc/zulip/settings.py" return { - 'realms_have_subdomains': settings.REALMS_HAVE_SUBDOMAINS, 'root_domain_landing_page': settings.ROOT_DOMAIN_LANDING_PAGE, 'custom_logo_url': settings.CUSTOM_LOGO_URL, 'register_link_disabled': register_link_disabled, diff --git a/zerver/forms.py b/zerver/forms.py index 800502181d..7e04083b56 100644 --- a/zerver/forms.py +++ b/zerver/forms.py @@ -18,7 +18,7 @@ from zerver.lib.send_email import send_email, FromAddress from zerver.lib.users import check_full_name from zerver.lib.utils import get_subdomain, check_subdomain from zerver.models import Realm, get_user_profile_by_email, UserProfile, \ - get_realm_by_email_domain, get_realm, email_to_domain, email_allowed_for_realm + get_realm, email_to_domain, email_allowed_for_realm from zproject.backends import password_auth_enabled import logging @@ -81,18 +81,12 @@ class RegistrationForm(forms.Form): def clean_realm_subdomain(self): # type: () -> str - if settings.REALMS_HAVE_SUBDOMAINS: - error_strings = { - 'too short': _("Subdomain needs to have length 3 or greater."), - 'extremal dash': _("Subdomain cannot start or end with a '-'."), - 'bad character': _("Subdomain can only have lowercase letters, numbers, and '-'s."), - 'unavailable': _("Subdomain unavailable. Please choose a different one.")} - else: - error_strings = { - 'too short': _("Short name needs at least 3 characters."), - 'extremal dash': _("Short name cannot start or end with a '-'."), - 'bad character': _("Short name can only have lowercase letters, numbers, and '-'s."), - 'unavailable': _("Short name unavailable. Please choose a different one.")} + error_strings = { + 'too short': _("Subdomain needs to have length 3 or greater."), + 'extremal dash': _("Subdomain cannot start or end with a '-'."), + 'bad character': _("Subdomain can only have lowercase letters, numbers, and '-'s."), + 'unavailable': _("Subdomain unavailable. Please choose a different one.")} + subdomain = self.cleaned_data['realm_subdomain'] if not subdomain: return '' @@ -128,18 +122,11 @@ class HomepageForm(forms.Form): # Otherwise, the user is trying to join a specific realm. realm = self.realm from_multiuse_invite = self.from_multiuse_invite - if realm is None and not settings.REALMS_HAVE_SUBDOMAINS: - realm = get_realm_by_email_domain(email) if realm is None: - if settings.REALMS_HAVE_SUBDOMAINS: - raise ValidationError(_("The organization you are trying to " - "join using {email} does not " - "exist.").format(email=email)) - else: - raise ValidationError(_("Your email address, {email}, does not " - "correspond to any existing " - "organization.").format(email=email)) + raise ValidationError(_("The organization you are trying to " + "join using {email} does not " + "exist.").format(email=email)) if not from_multiuse_invite and realm.invite_required: raise ValidationError(_("Please request an invite for {email} " diff --git a/zerver/lib/utils.py b/zerver/lib/utils.py index c5706c55c8..4bb59b2c66 100644 --- a/zerver/lib/utils.py +++ b/zerver/lib/utils.py @@ -207,7 +207,7 @@ def is_subdomain_root_or_alias(request): def check_subdomain(realm_subdomain, user_subdomain): # type: (Optional[Text], Optional[Text]) -> bool - if settings.REALMS_HAVE_SUBDOMAINS and realm_subdomain is not None: + if realm_subdomain is not None: if (realm_subdomain == "" and user_subdomain is None): return True if realm_subdomain != user_subdomain: diff --git a/zerver/middleware.py b/zerver/middleware.py index 7b54606e93..dc092f5ae2 100644 --- a/zerver/middleware.py +++ b/zerver/middleware.py @@ -374,17 +374,16 @@ class SessionHostDomainMiddleware(SessionMiddleware): # just return here. return response - if settings.REALMS_HAVE_SUBDOMAINS: - if (not request.path.startswith("/static/") and not request.path.startswith("/api/") and - not request.path.startswith("/json/")): - subdomain = get_subdomain(request) - if (request.get_host() == "127.0.0.1:9991" or request.get_host() == "localhost:9991"): - return redirect("%s%s" % (settings.EXTERNAL_URI_SCHEME, - settings.EXTERNAL_HOST)) - if subdomain != "": - realm = get_realm(subdomain) - if (realm is None): - return render(request, "zerver/invalid_realm.html") + if (not request.path.startswith("/static/") and not request.path.startswith("/api/") and + not request.path.startswith("/json/")): + subdomain = get_subdomain(request) + if (request.get_host() == "127.0.0.1:9991" or request.get_host() == "localhost:9991"): + return redirect("%s%s" % (settings.EXTERNAL_URI_SCHEME, + settings.EXTERNAL_HOST)) + if subdomain != "": + realm = get_realm(subdomain) + if (realm is None): + return render(request, "zerver/invalid_realm.html") """ If request.session was modified, or if the configuration is to save the session every time, save the changes and set a session cookie. @@ -411,14 +410,12 @@ class SessionHostDomainMiddleware(SessionMiddleware): request.session.save() host = request.get_host().split(':')[0] - session_cookie_domain = settings.SESSION_COOKIE_DOMAIN # The subdomains feature overrides the # SESSION_COOKIE_DOMAIN setting, since the setting # is a fixed value and with subdomains enabled, # the session cookie domain has to vary with the # subdomain. - if settings.REALMS_HAVE_SUBDOMAINS: - session_cookie_domain = host + session_cookie_domain = host response.set_cookie(settings.SESSION_COOKIE_NAME, request.session.session_key, max_age=max_age, expires=expires, domain=session_cookie_domain, diff --git a/zerver/models.py b/zerver/models.py index e950128c01..5f3bb1bbf1 100644 --- a/zerver/models.py +++ b/zerver/models.py @@ -258,9 +258,7 @@ class Realm(ModelReprMixin, models.Model): @property def subdomain(self): # type: () -> Optional[Text] - if settings.REALMS_HAVE_SUBDOMAINS: - return self.string_id - return None + return self.string_id @property def uri(self): @@ -337,31 +335,6 @@ def email_to_domain(email): class GetRealmByDomainException(Exception): pass -def get_realm_by_email_domain(email): - # type: (Text) -> Optional[Realm] - if settings.REALMS_HAVE_SUBDOMAINS: - raise GetRealmByDomainException( - "Cannot get realm from email domain when settings.REALMS_HAVE_SUBDOMAINS = True") - domain = email_to_domain(email) - query = RealmDomain.objects.select_related('realm') - # Search for the longest match. If found return immediately. Since in case of - # settings.REALMS_HAVE_SUBDOMAINS=True, we have a unique mapping between the - # realm and domain so don't worry about `allow_subdomains` being True or False. - realm_domain = query.filter(domain=domain).first() - if realm_domain is not None: - return realm_domain.realm - else: - # Since we have not found any match. We will now try matching the parent domain. - # Filter out the realm domains with `allow_subdomains=False` so that we don't end - # up matching 'test.zulip.com' wrongly to (realm, 'zulip.com', False). - query = query.filter(allow_subdomains=True) - while len(domain) > 0: - subdomain, sep, domain = domain.partition('.') - realm_domain = query.filter(domain=domain).first() - if realm_domain is not None: - return realm_domain.realm - return None - # Is a user with the given email address allowed to be in the given realm? # (This function does not check whether the user has been invited to the realm. # So for invite-only realms, this is the test for whether a user can be invited, diff --git a/zerver/tests/test_auth_backends.py b/zerver/tests/test_auth_backends.py index 16a05abe63..f5559497d1 100644 --- a/zerver/tests/test_auth_backends.py +++ b/zerver/tests/test_auth_backends.py @@ -351,16 +351,6 @@ class GitHubAuthBackendTest(ZulipTestCase): # type: () -> None self.assertEqual(self.backend.get_full_name(response={'email': None}), '') - def test_github_backend_do_auth_without_subdomains(self): - # type: () -> None - with mock.patch('social_core.backends.github.GithubOAuth2.do_auth', - side_effect=self.do_auth), \ - mock.patch('zerver.views.auth.do_login'): - response = dict(email=self.email, name=self.name) - result = self.backend.do_auth(response=response) - assert(result is not None) - self.assertNotIn('subdomain=1', result.url) - def test_github_backend_do_auth_with_non_existing_subdomain(self): # type: () -> None with mock.patch('social_core.backends.github.GithubOAuth2.do_auth', @@ -529,9 +519,9 @@ class GitHubAuthBackendTest(ZulipTestCase): response = dict(email=email, name='Ghost') result = self.backend.do_auth(response=response) self.assert_in_response('action="/register/"', result) - self.assert_in_response('Your email address, {}, does not ' - 'correspond to any existing ' - 'organization.'.format(email), result) + self.assert_in_response('Your email address, {}, is not ' + 'in one of the domains that are allowed to register ' + 'for accounts in this organization.'.format(email), result) def test_github_backend_new_user(self): # type: () -> None @@ -1086,51 +1076,6 @@ class GoogleSubdomainLoginTest(GoogleOAuthTest): self.assertEqual(get_session_dict_user(self.client.session), user_profile.id) class GoogleLoginTest(GoogleOAuthTest): - def test_google_oauth2_success(self): - # type: () -> None - token_response = ResponseMock(200, {'access_token': "unique_token"}) - account_data = dict(name=dict(formatted="Full Name"), - emails=[dict(type="account", - value=self.example_email("hamlet"))]) - account_response = ResponseMock(200, account_data) - self.google_oauth2_test(token_response, account_response, subdomain="") - - user_profile = self.example_user('hamlet') - self.assertEqual(get_session_dict_user(self.client.session), user_profile.id) - - def test_google_oauth2_registration(self): - # type: () -> None - """If the user doesn't exist yet, Google auth can be used to register an account""" - email = "newuser@zulip.com" - token_response = ResponseMock(200, {'access_token': "unique_token"}) - account_data = dict(name=dict(formatted="Full Name"), - emails=[dict(type="account", - value=email)]) - account_response = ResponseMock(200, account_data) - result = self.google_oauth2_test(token_response, account_response, subdomain="") - self.assert_in_response('No account found for', - result) - self.assert_in_response('newuser@zulip.com. Would you like to register instead?', - result) - # Click confirm registration button. - result = self.client_post('/register/', - {'email': email}) - self.assertEqual(result.status_code, 302) - self.client_get(result.url) - assert Confirmation.objects.all().count() == 1 - confirmation = Confirmation.objects.all().first() - url = confirmation_url(confirmation.confirmation_key, - settings.EXTERNAL_HOST, Confirmation.USER_REGISTRATION) - result = self.client_get(url) - key_match = re.search('value="(?P[0-9a-z]+)" name="key"', result.content.decode("utf-8")) - result = self.client_post('/accounts/register/', - {'full_name': "New User", - 'password': 'test_password', - 'key': key_match.group("key"), - 'terms': True}) - self.assertEqual(result.status_code, 302) - self.assertEqual(result.url, "http://testserver/") - @override_settings(REALMS_HAVE_SUBDOMAINS=True) @override_settings(ROOT_DOMAIN_LANDING_PAGE=True) def test_google_oauth2_subdomains_homepage(self): diff --git a/zerver/tests/test_bots.py b/zerver/tests/test_bots.py index 47e4085072..19defb03cd 100644 --- a/zerver/tests/test_bots.py +++ b/zerver/tests/test_bots.py @@ -48,10 +48,7 @@ class BotTest(ZulipTestCase, UploadSerializeMixin): # the wrong subdomain, and because 'testserver.example.com' is not a valid domain for the bot's email. # So we just test the Raelm.get_bot_domain function. realm = get_realm('zulip') - with self.settings(REALMS_HAVE_SUBDOMAINS=True): - self.assertEqual(realm.get_bot_domain(), 'zulip.testserver') - Realm.objects.exclude(string_id='zulip').update(deactivated=True) - self.assertEqual(realm.get_bot_domain(), 'testserver') + self.assertEqual(realm.get_bot_domain(), 'zulip.testserver') def deactivate_bot(self): # type: () -> None diff --git a/zerver/tests/test_home.py b/zerver/tests/test_home.py index 5fc2852cc4..94c0b1f16b 100644 --- a/zerver/tests/test_home.py +++ b/zerver/tests/test_home.py @@ -238,7 +238,7 @@ class HomeTest(ZulipTestCase): with queries_captured() as queries2: result = self._get_home_page() - self.assert_length(queries2, 32) + self.assert_length(queries2, 33) # Do a sanity check that our new streams were in the payload. html = result.content.decode('utf-8') diff --git a/zerver/tests/test_realm_domains.py b/zerver/tests/test_realm_domains.py index 7b6c25d6ab..a8c99d67a1 100644 --- a/zerver/tests/test_realm_domains.py +++ b/zerver/tests/test_realm_domains.py @@ -10,7 +10,6 @@ from zerver.lib.actions import do_change_is_admin, \ from zerver.lib.domains import validate_domain from zerver.lib.test_classes import ZulipTestCase from zerver.models import email_allowed_for_realm, get_realm, \ - get_realm_by_email_domain, \ GetRealmByDomainException, RealmDomain import ujson @@ -116,46 +115,6 @@ class RealmDomainTest(ZulipTestCase): # would not be updated. self.assertFalse(get_realm('zulip').restricted_to_domain) - def test_get_realm_by_email_domain(self): - # type: () -> None - realm1 = do_create_realm('testrealm1', 'Test Realm 1') - realm2 = do_create_realm('testrealm2', 'Test Realm 2') - realm3 = do_create_realm('testrealm3', 'Test Realm 3') - - realm_domain_1 = RealmDomain.objects.create(realm=realm1, domain='test1.com', allow_subdomains=True) - realm_domain_2 = RealmDomain.objects.create(realm=realm2, domain='test2.test1.com', allow_subdomains=False) - RealmDomain.objects.create(realm=realm3, domain='test3.test2.test1.com', allow_subdomains=True) - - def assert_and_check(email, realm_string_id): - # type: (Text, Optional[Text]) -> None - realm = get_realm_by_email_domain(email) - if realm_string_id is None: - self.assertIsNone(realm) - else: - assert(realm is not None) - self.assertEqual(realm.string_id, realm_string_id) - - assert_and_check('user@zulip.com', 'zulip') - assert_and_check('user@fakedomain.com', None) - assert_and_check('user@test1.com', 'testrealm1') - assert_and_check('user@test2.test1.com', 'testrealm2') - assert_and_check('user@test3.test2.test1.com', 'testrealm3') - assert_and_check('user@test2.test1.com', 'testrealm2') - assert_and_check('user@test2.test2.test1.com', 'testrealm1') - assert_and_check('user@test1.test3.test2.test1.com', 'testrealm3') - - do_change_realm_domain(realm_domain_1, False) - assert_and_check('user@test1.test1.com', None) - assert_and_check('user@test1.com', 'testrealm1') - - do_change_realm_domain(realm_domain_2, True) - assert_and_check('user@test2.test1.com', 'testrealm2') - assert_and_check('user@test2.test2.test1.com', 'testrealm2') - - with self.settings(REALMS_HAVE_SUBDOMAINS = True), ( - self.assertRaises(GetRealmByDomainException)): - get_realm_by_email_domain('user@zulip.com') - def test_email_allowed_for_realm(self): # type: () -> None realm1 = do_create_realm('testrealm1', 'Test Realm 1', restricted_to_domain=True) @@ -178,7 +137,7 @@ class RealmDomainTest(ZulipTestCase): def test_realm_realm_domains_uniqueness(self): # type: () -> None realm = get_realm('zulip') - with self.settings(REALMS_HAVE_SUBDOMAINS=True), self.assertRaises(IntegrityError): + with self.assertRaises(IntegrityError): RealmDomain.objects.create(realm=realm, domain='zulip.com', allow_subdomains=True) def test_validate_domain(self): diff --git a/zerver/tests/test_signup.py b/zerver/tests/test_signup.py index d63a7b1dc3..a57301982c 100644 --- a/zerver/tests/test_signup.py +++ b/zerver/tests/test_signup.py @@ -2068,24 +2068,3 @@ class LoginOrAskForRegistrationTestCase(ZulipTestCase): self.assertEqual(user_id, user_profile.id) self.assertEqual(response.status_code, 302) self.assertIn('http://zulip.testserver', response.url) - - def test_login_without_subdomains(self): - # type: () -> None - request = HostRequestMock(host="localhost") - setattr(request, 'session', self.client.session) - setattr(request, 'get_host', lambda: 'localhost') - user_profile = self.example_user('hamlet') - user_profile.backend = 'zproject.backends.GitHubAuthBackend' - full_name = 'Hamlet' - invalid_subdomain = False - with self.settings(REALMS_HAVE_SUBDOMAINS=False): - response = login_or_register_remote_user( - request, - user_profile.email, - user_profile, - full_name=full_name, - invalid_subdomain=invalid_subdomain) - user_id = get_session_dict_user(getattr(request, 'session')) - self.assertEqual(user_id, user_profile.id) - self.assertEqual(response.status_code, 302) - self.assertIn('http://localhost', response.url) diff --git a/zerver/views/auth.py b/zerver/views/auth.py index ae64779083..8d6e42acd5 100644 --- a/zerver/views/auth.py +++ b/zerver/views/auth.py @@ -165,10 +165,7 @@ def login_or_register_remote_user(request, remote_username, user_profile, full_n return response do_login(request, user_profile) - if settings.REALMS_HAVE_SUBDOMAINS and user_profile.realm.subdomain is not None: - return HttpResponseRedirect(user_profile.realm.uri) - return HttpResponseRedirect("%s%s" % (settings.EXTERNAL_URI_SCHEME, - request.get_host())) + return HttpResponseRedirect(user_profile.realm.uri) def remote_user_sso(request): # type: (HttpRequest) -> HttpResponse @@ -289,10 +286,9 @@ def send_oauth_request_to_google(request): is_signup = request.GET.get('is_signup', '') mobile_flow_otp = request.GET.get('mobile_flow_otp', '0') - if settings.REALMS_HAVE_SUBDOMAINS: - if ((settings.ROOT_DOMAIN_LANDING_PAGE and subdomain == '') or - not Realm.objects.filter(string_id=subdomain).exists()): - return redirect_to_subdomain_login_url() + if ((settings.ROOT_DOMAIN_LANDING_PAGE and subdomain == '') or + not Realm.objects.filter(string_id=subdomain).exists()): + return redirect_to_subdomain_login_url() google_uri = 'https://accounts.google.com/o/oauth2/auth?' cur_time = str(int(time.time())) @@ -512,7 +508,7 @@ def login_page(request, **kwargs): extra_context['direct_admins'] = [u.email for u in users if u.is_realm_admin] extra_context['direct_users'] = [u.email for u in users if not u.is_realm_admin] - if settings.REALMS_HAVE_SUBDOMAINS and 'new_realm' in request.POST: + if 'new_realm' in request.POST: # If we're switching realms, redirect to that realm return HttpResponseRedirect(realm.uri) @@ -555,10 +551,7 @@ def dev_direct_login(request, **kwargs): if user_profile is None: raise Exception("User cannot login") do_login(request, user_profile) - if settings.REALMS_HAVE_SUBDOMAINS and user_profile.realm.subdomain is not None: - return HttpResponseRedirect(user_profile.realm.uri) - return HttpResponseRedirect("%s%s" % (settings.EXTERNAL_URI_SCHEME, - request.get_host())) + return HttpResponseRedirect(user_profile.realm.uri) @csrf_exempt @require_post @@ -656,26 +649,21 @@ def api_fetch_api_key(request, username=REQ(), password=REQ()): def get_auth_backends_data(request): # type: (HttpRequest) -> Dict[str, Any] """Returns which authentication methods are enabled on the server""" - if settings.REALMS_HAVE_SUBDOMAINS: - subdomain = get_subdomain(request) - try: - realm = Realm.objects.get(string_id=subdomain) - except Realm.DoesNotExist: - # If not the root subdomain, this is an error - if subdomain != "": - raise JsonableError(_("Invalid subdomain")) - # With the root subdomain, it's an error or not depending - # whether ROOT_DOMAIN_LANDING_PAGE (which indicates whether - # there are some realms without subdomains on this server) - # is set. - if settings.ROOT_DOMAIN_LANDING_PAGE: - raise JsonableError(_("Subdomain required")) - else: - realm = None - else: - # Without subdomains, we just have to report what the server - # supports, since we don't know the realm. - realm = None + subdomain = get_subdomain(request) + try: + realm = Realm.objects.get(string_id=subdomain) + except Realm.DoesNotExist: + # If not the root subdomain, this is an error + if subdomain != "": + raise JsonableError(_("Invalid subdomain")) + # With the root subdomain, it's an error or not depending + # whether ROOT_DOMAIN_LANDING_PAGE (which indicates whether + # there are some realms without subdomains on this server) + # is set. + if settings.ROOT_DOMAIN_LANDING_PAGE: + raise JsonableError(_("Subdomain required")) + else: + realm = None return {"password": password_auth_enabled(realm), "dev": dev_auth_enabled(realm), "github": github_auth_enabled(realm), diff --git a/zerver/views/registration.py b/zerver/views/registration.py index bd080dca0f..775c0935c7 100644 --- a/zerver/views/registration.py +++ b/zerver/views/registration.py @@ -11,9 +11,10 @@ from django.template import RequestContext, loader from django.utils.timezone import now from django.core.exceptions import ValidationError from django.core import validators +from zerver.context_processors import get_realm_from_request from zerver.models import UserProfile, Realm, Stream, PreregistrationUser, MultiuseInvite, \ name_changes_disabled, email_to_username, email_allowed_for_realm, \ - get_realm, get_realm_by_email_domain, get_user_profile_by_email + get_realm, get_user_profile_by_email from zerver.lib.send_email import send_email, FromAddress from zerver.lib.events import do_events_register from zerver.lib.actions import do_change_password, do_change_full_name, do_change_is_admin, \ @@ -79,14 +80,12 @@ def accounts_register(request): if prereg_user.referred_by: # If someone invited you, you are joining their realm regardless # of your e-mail address. - realm = prereg_user.referred_by.realm # type: Optional[Realm] + realm = prereg_user.referred_by.realm elif realm_creation: # For creating a new realm, there is no existing realm or domain realm = None - elif settings.REALMS_HAVE_SUBDOMAINS: - realm = get_realm(get_subdomain(request)) else: - realm = get_realm_by_email_domain(email) + realm = get_realm(get_subdomain(request)) if realm and not email_allowed_for_realm(email, realm): return render(request, "zerver/closed_realm.html", @@ -210,7 +209,7 @@ def accounts_register(request): setup_initial_private_stream(user_profile) send_initial_realm_messages(realm) - if realm_creation and settings.REALMS_HAVE_SUBDOMAINS: + if realm_creation: # Because for realm creation, registration happens on the # root domain, we need to log them into the subdomain for # their new realm. @@ -246,7 +245,6 @@ def accounts_register(request): # but for the registration form, there is no logged in user yet, so # we have to set it here. 'creating_new_team': realm_creation, - 'realms_have_subdomains': settings.REALMS_HAVE_SUBDOMAINS, 'password_required': password_auth_enabled(realm) and password_required, 'password_auth_enabled': password_auth_enabled(realm), 'MAX_REALM_NAME_LENGTH': str(Realm.MAX_REALM_NAME_LENGTH), @@ -331,13 +329,6 @@ def confirmation_key(request): # type: (HttpRequest) -> HttpResponse return json_success(request.session.get('confirmation_key')) -def get_realm_from_request(request): - # type: (HttpRequest) -> Realm - if settings.REALMS_HAVE_SUBDOMAINS: - realm_str = get_subdomain(request) - else: - realm_str = None - return get_realm(realm_str) def show_deactivation_notice(request): # type: (HttpRequest) -> HttpResponse @@ -354,7 +345,7 @@ def redirect_to_deactivation_notice(): def accounts_home(request, multiuse_object=None): # type: (HttpRequest, Optional[MultiuseInvite]) -> HttpResponse - realm = get_realm_from_request(request) + realm = get_realm(get_subdomain(request)) if realm and realm.deactivated: return redirect_to_deactivation_notice() diff --git a/zproject/backends.py b/zproject/backends.py index 0abe584c41..e529717022 100644 --- a/zproject/backends.py +++ b/zproject/backends.py @@ -12,7 +12,7 @@ from zerver.lib.actions import do_create_user from zerver.models import UserProfile, Realm, get_user_profile_by_id, \ get_user_profile_by_email, remote_user_to_email, email_to_username, \ - get_realm, get_realm_by_email_domain + get_realm from apiclient.sample_tools import client as googleapiclient from oauth2client.crypt import AppIdentityError @@ -146,11 +146,8 @@ class SocialAuthMixin(ZulipAuthMixin): if user is None: user = {} - if return_data is None: - return_data = {} - - if response is None: - response = {} + assert return_data is not None + assert response is not None return self._common_authenticate(self, realm_subdomain=realm_subdomain, @@ -427,10 +424,7 @@ class ZulipLDAPAuthBackend(ZulipLDAPAuthBackendBase): def authenticate(self, username, password, realm_subdomain=None, return_data=None): # type: (Text, str, Optional[Text], Optional[Dict[str, Any]]) -> Optional[UserProfile] try: - if settings.REALMS_HAVE_SUBDOMAINS: - self._realm = get_realm(realm_subdomain) - elif settings.LDAP_EMAIL_ATTR is not None: - self._realm = get_realm_by_email_domain(username) + self._realm = get_realm(realm_subdomain) username = self.django_to_ldap_username(username) user_profile = ZulipLDAPAuthBackendBase.authenticate(self, username, password) if user_profile is None: @@ -439,9 +433,9 @@ class ZulipLDAPAuthBackend(ZulipLDAPAuthBackendBase): return None return user_profile except Realm.DoesNotExist: - return None + return None # nocoverage # TODO: this may no longer be possible except ZulipLDAPException: - return None + return None # nocoverage # TODO: this may no longer be possible def get_or_create_user(self, username, ldap_user): # type: (str, _LDAPUser) -> Tuple[UserProfile, bool] @@ -452,7 +446,6 @@ class ZulipLDAPAuthBackend(ZulipLDAPAuthBackendBase): raise ZulipLDAPException("LDAP user doesn't have the needed %s attribute" % (settings.LDAP_EMAIL_ATTR,)) username = ldap_user.attrs[settings.LDAP_EMAIL_ATTR][0] - self._realm = get_realm_by_email_domain(username) user_profile = get_user_profile_by_email(username) if not user_profile.is_active or user_profile.realm.deactivated: @@ -505,7 +498,7 @@ class GitHubAuthBackend(SocialAuthMixin, GithubOAuth2): # type: (*Any, **Any) -> Optional[Text] try: return kwargs['response']['email'] - except KeyError: + except KeyError: # nocoverage # TODO: investigate return None def get_full_name(self, *args, **kwargs): diff --git a/zproject/dev_settings.py b/zproject/dev_settings.py index b2f8f36bd1..d54afb7ce9 100644 --- a/zproject/dev_settings.py +++ b/zproject/dev_settings.py @@ -7,16 +7,10 @@ from typing import Set LOCAL_UPLOADS_DIR = 'var/uploads' EMAIL_LOG_DIR = "/var/log/zulip/email.log" -# Default to subdomains disabled in development until we can update -# the development documentation to make sense with subdomains. -REALMS_HAVE_SUBDOMAINS = False # Check if test_settings.py set EXTERNAL_HOST. EXTERNAL_HOST = os.getenv('EXTERNAL_HOST') if EXTERNAL_HOST is None: - if REALMS_HAVE_SUBDOMAINS: - EXTERNAL_HOST = 'zulipdev.com:9991' - else: - EXTERNAL_HOST = 'localhost:9991' + EXTERNAL_HOST = 'zulipdev.com:9991' ALLOWED_HOSTS = ['*'] # Uncomment extra backends if you want to test with them. Note that diff --git a/zproject/settings.py b/zproject/settings.py index 51553ebc31..dd6beafa57 100644 --- a/zproject/settings.py +++ b/zproject/settings.py @@ -225,10 +225,6 @@ DEFAULT_SETTINGS.update({ # Whether anyone can create a new organization on the Zulip server. 'OPEN_REALM_CREATION': False, - # Whether every realm has its own subdomain. Soon to be set to - # True always and removed.. - 'REALMS_HAVE_SUBDOMAINS': True, - # Setting for where the system bot users are. Likely will have no # purpose after the REALMS_HAVE_SUBDOMAINS migration finishes. 'SYSTEM_ONLY_REALMS': {"zulip"}, @@ -565,7 +561,6 @@ if PRODUCTION: try: # For get_updates hostname sharding. domain = config_file.get('django', 'cookie_domain') - SESSION_COOKIE_DOMAIN = '.' + domain CSRF_COOKIE_DOMAIN = '.' + domain except six.moves.configparser.Error: # Failing here is OK diff --git a/zproject/test_settings.py b/zproject/test_settings.py index 4bd8445aeb..f4dd476d79 100644 --- a/zproject/test_settings.py +++ b/zproject/test_settings.py @@ -103,7 +103,6 @@ WEBPACK_LOADER['DEFAULT']['STATS_FILE'] = os.path.join(DEPLOY_ROOT, WEBPACK_FILE if CASPER_TESTS: # Don't auto-restart Tornado server during casper tests AUTORELOAD = False - REALMS_HAVE_SUBDOMAINS = True else: # Use local memory cache for backend tests. CACHES['default'] = {