The `article` variable being passed to `get_path` can also be a relative
path, which has it's security implications. By using `secure_filename`,
we mitigate that risk. We don't need to check if `/` exists in article
anymore since `secure_filename` will do so on it's own.
We add a step to build help center and then test the broken links as we
used to before removing the test temporarily.
This commit focuses on just adding back the broken link checks for the
help center. We skip the fragment check since that is in-built in
starlight and starlight tests account for that already. For the image
check we can add it back in a followup issue.
This commit removes the current help center markdown files and any logic
that was used to host those files at help/.
We also remove a bunch of tests, we should the equivalent of those tests
for the new help center. Issues to track: #35649, #35647. These issues
track adding back tests for redirects and broken links.
We had a symlink from templates/zerver/integrations/email.md pointing to
help/using-zulip-via-email.md. We can no longer have that symlink since
the latter has been converted to an MDX file. We have deleted the
symlink and put a markdown file in it's place. Both the files have
comments to edit the other in case of changes.
This commit also makes changes in astro config, astro component paths
and other places to move the starlight help center docs base path from
/starlight_help to /help.
The change to rename /starlight_help/ to /help/ in MDX files is done in
the next commit. If we squash these commits, this line should be
removed.
`./tools/build-help-center` no longer does the conversion step.
We also remove some dead code related to the old help center in
documentation.py.
Fixes#35649.
We do not serve the astro build via Django and thus we have to move the
help center redirects. We get a warning by pagefind on all these
redirects that they will be ignored in the search results as they don't
have an HTML body. We can ignore this warning till the cutover and
create a followup issue to solve that warning if this commit goes
through main.
The import code wasn't setting subscriber_count at all, resulting in a
value of 0 when dealing with imports from 3rd party apps.
We run this unconditionally, also for imports from Zulip, since this
ensures we won't inherit incorrect values, if the data we're import has
them - e.g. due to some bugs that affected the server the data came from.
We have mostly decided on the structure of the group permission
setting object in server_supported_permission_settings field of
register response, so this commit removes the comment mentioning
it as unstable and adds the corresponding "Changes" entry.
Endpoints marked deprecated:
* /users/me/apns_device_token
* /users/me/android_gcm_reg_id
The older endpoints were for non-E2EE push notification case.
Fixes part of #35213.
This commit documents the `/remotes/push/e2ee/register` endpoint.
We use auth_email="ZULIP_ORG_ID" and auth_api_key="ZULIP_ORG_KEY"
instead of "BOT_EMAIL_ADDRESS" and "BOT_API_KEY".
Until now we were not documenting bouncer's REST API endpoints.
We plan to document the newly introduced "remotes/push/e2ee/register"
and "remotes/push/e2ee/notify" endpoints.
This commit does the prep work for documenting bouncer endpoints:
* mark the older endpoints related to sending non-E2EE push
notifications as "intentionally_undocumented" - we'll remove
them in future.
* the remaining endpoints are marked pending-to-document with
helpful comments.
The 'function' variable in 'APICodeExamplesPreprocessor.generate_text'
matches the pattern of API_ENDPOINT_NAME = r"/[a-z_\-/-{}]+:[a-z]+"
It is always of the form 'endpoint_path:endpoint_method'.
There's no possibility of multiple ':'.
This commit removes the unused code block in `render_curl_example`,
which was trying to get 'auth_email' & 'auth_api_key' from 'function'.
Adds a log for the end-to-end latency from when the worker decided
to send push notifications & received a success response from bouncer.
Fixes part of #35368.
When using direct message groups as the preferred method for 1:1 or
self-messages, the get_recipient_ids function should include the
user ID for self-messages. Without this, the UI cannot detect who
was the recipient of the message.
The same subscription request can contain both existing channels
and newly created channels, so we clarify here that direct message
notifications are only sent when users are subscribed to existing
channels.
Also, updates this text to use "direct message" instead of "DM".
Co-authored-by: Lauryn Menard <lauryn@zulip.com>
For the sake of completion, we add a test case ensuring that
the response does not contain `new_subscription_messages_sent` if
the parameter `send_new_subscription_messages` is `false`,
as mentioned in the API documentation.
When the number of new subscriptions crosses a threshold, we wish to
avoid sending DMs to the user as implemented in #31206. But there was
a bug causing announcement channel and new channel notification
messages to also not be sent.
This commit fixes that bug by ensuring that we only exclude direct
message notications.
In #31206, we changed `add_subscriptions_backend` to exclude the
notification bot DMs when subscribing users to a channel when the
number of subscriptions exceeds MAX_BULK_NEW_SUBSCRIPTION_MESSAGES.
This caused a bug where new channel announcement and creation
notification messages were not being sent. Here we add a test that
confirmes the current behavior, which will be corrected in a
subsequent commit.
Co-authored-by: Lauryn Menard <lauryn@zulip.com>
Removes send_new_subscription_messages parameter from
`POST channel/create` endpoint as Notification Bot DMs
are never sent when users are subscribed as part of
creating a new channel.
Not considered a documentable API change, since the previous parameter
never had any effect, so this is effectively just a documentation and
error-handling bug fix, not an API change relevant to implementors.
Updates comments in send_user_subscribed_and_new_channel_notifications
so that it is clearer what notification each "if" block of the function
is generating.
Also, moves variables that are only used in the user subscribed DMs to
that "if" block.
Because send_messages_for_new_subscribers also sends channel
notification messages about newly created channels, a clearer
name for is send_user_subscribed_and_new_channel_notifications.
In `send_push_notifications`, we were manually asserting types of the
fields returned by the `remotes/push/e2ee/notify` endpoint at runtime
and constructed the `response_data` data structure for further use.
Pydantic is the perfect tool for this task.
This commit updates the concerned code to use Pydantic's `TypeAdapter`.
No functional change.
Fixes part of #35368.
Refactoring, no functional change.
This commit refactors `send_e2ee_push_notification_apple`
and `send_e2ee_push_notification_android` to return a
`SentPushNotificationResult` dataclass.
It's a cleaner protocol than passing a mutable data structure
`delete_device_ids` as argument and updating it within
functions.
Fixes part of #35368.
Contrary to what the comment implied, the remaining `fetch_tweet_data`
function would never return a cache hit, as it is namespaced by the
current deploy's cache key.
This will appear to _increase_ time spent in memcached, according to
our access logs. This is because we used to apply zlib compression
twice -- once, outside of our performance logging, and a
second (ineffectual) time inside. We now only compress once, which
reduces the overall time, and accounts for it more correctly.
This reverts commit f119c33789.
With 51cef01c29 merged, there is no need
to fetch .recipient here, as it won't be accessed by the delete messages
codepath.
This avoids a potential unnecessary message.recipient fetch required by
is_stream_message(). is_stream_message() methods precedes the addition
of the denormalized is_channel_message column and is now unnecessary.
In practice, we usually fetch Message objects with `.recipient` already,
so I don't expect any notable performance impact here - but it's still a
useful change to make.
This parameter should be marked as required, but allowing an empty
string value. Updates the description of the parameter to be more
explicit of that fact.
