This commit adds new API endpoint to get stream email which is
used by the web-app as well to get the email when a user tries
to open the stream email modal.
The stream email is returned only to the users who have access
to it. Specifically for private streams only subscribed users
have access to its email. And for public streams, all non-guest
users and only subscribed guests have access to its email.
All users can access email of web-public streams.
This commit removes "email_address" field from Subscription objects
and we would instead a new endpoint in next commit to get email
address for stream with proper access check.
This change also fixes the bug where we would include email address
for the unsubscribed private stream as well when user did not have
permission to send message to the stream, and having email allowed
the unsubscribed user to send message to the stream.
Note that the unsubscribed user can still send message to the stream
if the user had noted down the email before being unsubscribed
and the stream token is not changed after unsubscribing the user.
This bad rendering was the result of unwanted css applied
in the stream description. In message view header, the stream
link (title) we have defined has css defined but the markdown
rendered stream link in stream description had the same class
resulting in unwanted css applied to it.
Fixes: #25961.
Signed-off-by: Akshat <akshat25iiit@gmail.com>
(cherry picked from commit d302ac4a18)
Simplebar seems unaware of the `max-height: 1000px` on
`.subscriptions-container`, and therefore does not properly provide
a scrollbar when it's needed.
This commit adds a `max-height` to the stream Simplebar container,
ensuring that otherwise hidden content that Simplebar believes to
be visible can be scrolled to.
Finally, rather than rely on magic numbers or math done in comments,
this commit establishes CSS variables for all relevant modal-element
heights, doing the math inline using CSS calc().
Fixes#26107.
(cherry picked from commit 0c55fb7e89)
In commit #25837, we added in a check for the user's mark as read
policy in the frontend for `by_topic` and `by_recipient` narrowing.
In that change, the assumption was that for both functions, it was
sufficient to check only for whether the user policy was to never
mark as read.
But because the `by_recipient` function may narrow to an interleaved
stream view, it is possible that message will be marked as read
when the user did not expect it to be (e.g. they marked all the
messages in a topic narrow as unread and then used the `S` key
shortcut to navigate back to the stream view) when they have
conversation views only as their mark as read policy.
Here we move the check for the user's mark as read policy to be in
the two cases for `by_recipient` so that the mark as read behavior
here matches the user's setting.
(cherry picked from commit c5fbd3f085)
Previously, we used to have top and bottom paddings of 4px to
the select elements but it was removed in a208da9c4d to make
sure that text for the selected option is aligned properly.
All other select elements have height set to 30px, but the
select elements in stream settings page had height set to
"fit-content" and so they looked ugly after removing the
padding.
This commit sets the height of select elements in stream
settings to 30px.
(cherry picked from commit b119ff68c3)
These changes appear to correct the keyboard-navigation repro
from #25907, and it makes it possible for users without the
permission to create streams to exit the streams modal by
hitting Esc.
This reorganizes logic within the Tippy `onShow` method to
ensure that nothing is set or called for those users without
stream-creation privileges.
These changes probably require broader testing to determine
whether the fix addresses only that specific reproducer, or
the broader problems #25907 addresses with malfunctioning
j, k, Esc, and Return keys (when Ctrl + Return to send is
enabled).
Fixes a part of #25907.
It was throwing error while schudiling a message having wildcard mention,
because the function `open_send_later_menu` was using param instance to track down
interval, but the parametere instance was not passed from when it was
called from warning banner action. This commit removes the instance
param as it is of no use, and uses a variable to track interval.
* Remove `box-sizing` and `min-width` properties which have no
effect on `inline` positioned element. Modified class selector to
add `span` which reflects this while reading the CSS.
* Remove `2px` vertical padding and `line-height` which combined
are fighting for space??
If the stream settings is open but the stream which was
subscribed/unsubscribed wasn't open (say user unsubscribed
from a different tab), `$settings_button` would
be `undefined` here.
Since we want the same space in recent topics to display the
compose box without overlapping with any other topics, it makes
sense to use a common variable.
Othwersie, compose banner will overlap with any breadcrumbs
we have below the last message when user is fully scrolled up
and compose is at max-height.
This ensures that the click event on the mobile `+` button for
showing the compose tooltip is registered on a different element
from the tooltip for showing the `C` shortcut menu.
In commit a93598c22e, we removed, in `narrow.by_topic` and
`narrow_by_recipient`, calls to `unread_ops.notify_server_message_read`
because that would have marked messages as read for users who had
set their preference in the web-app to never mark messages as read.
We add those calls back now, but with a check for that user setting.
This allows the recipient box to take 100% of the available
horizontal space, up to 175px. The effect is that the
compose-box buttons are available to users at mobile scales
(viewports of 400px wide or less).
Commit 903dbda79b (#25370) introduced a
cross-site scripting vulnerability in the tooltips for the stream and
topic in the recipient bar. An attacker who can send messages could
maliciously craft a topic for the message, such that a victim who
hovers the tooltip for that topic in their message feed triggers
execution of JavaScript code controlled by the attacker.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
This commit fixes the vertical alignment of "x" button in the
alert to be more closer to the center. We can still improve it
by probably using something like flexbox layout instead of
hard coding paddings or margins.
We were not showing the error, if any, when resolving and
unresolving the topic using topic popover in left sidebar
or using the banner in compose box. This commit adds code
to show the error in the message feed where we show other
errors like connection error, etc.
This moves selection of the correct input box / textarea to
a `on_hidden_callback` of dropdown widget, which also allows us
to just simplify `on_compose_select_recipient_update` to only
call `switch_message_type` when necessary so that it doesn't
interfere with setting focus.
Fixes#25779
We move the simplebar scroll on the right sidebar to a little left
when there is an overlay scrollbar present so that user can drag
either of them.
It is unusal to use a hack to close overlays when there is a method
to do it.
This fixes a bug where user is unable to scroll message feed
after opening an overlay and then using browser back button.
This could have easily cause other bugs too.
This fixes a bug where reducing the height of the window, reduces
the size of textarea and doesn't instroduce scrollbars, making
the textarea not scrollable.
