Add description of Zulip at top of README.md.

Based on PR #22 by GedLawrenson.

README.md

@@ -1,3 +1,49 @@
+Zulip
+=====
+
+Zulip is a powerful, open source group chat application. Written in
+Python and using the Django framework, Zulip supports both private
+messaging and group chats via conversation streams.
+
+Zulip also supports fast search, drag-and-drop file uploads, image
+previews, group private messages, audible notifications,
+missed-message emails, desktop apps, and much more.
+
+Further information on the Zulip project and its features can be found
+at https://www.zulip.org
+
+Contributing to Zulip
+=====================
+
+Zulip welcomes all forms of contributions!
+
+Before a pull request can be merged, you need to to sign the [Dropbox
+Contributor License Agreement](https://opensource.dropbox.com/cla/).
+
+Please run the tests (tools/test-all) before submitting your pull
+request and read our [commit message style
+guidelines](http://zulip.readthedocs.org/en/latest/code-style.html#commit-messages).
+
+Zulip has a growing collection of developer documentation including
+detailed documentation on coding style available on [Read The
+Docs](https://zulip.readthedocs.org/).
+
+Zulip also has a [development discussion mailing list](https://groups.google.com/forum/#!forum/zulip-devel)
+
+Feel free to send any questions or suggestions of areas where you'd
+love to see more documentation to the list!
+
+We recommend sending proposals for large features or refactorings to
+the zulip-devel list for discussion and advice before getting too deep
+into implementation.
+
+Please report any security issues you discover to support@zulip.com.
+
+Running Zulip in production
+===========================
+
+This is documented in https://zulip.org/server.html and README.prod.md.
+
 Installing the Zulip Development environment
 ============================================
 
@@ -9,8 +55,8 @@ This is the recommended approach, and is tested on OS X 10.10 as well as Ubuntu
 * If your host is OS X, download VirtualBox from
   <http://download.virtualbox.org/virtualbox/4.3.30/VirtualBox-4.3.30-101610-OSX.dmg>
   and install it.
-* If your host is Ubuntu 14.04:
-  sudo apt-get install vagrant lxc lxc-templates cgroup-lite redir && vagrant plugin install vagrant-lxc
+* If your host is Ubuntu 14.04: 
+  `sudo apt-get install vagrant lxc lxc-templates cgroup-lite redir && vagrant plugin install vagrant-lxc`
 
 Once that's done, simply change to your zulip directory and run
 `vagrant up` in your terminal.  That will install the development
@@ -115,8 +161,8 @@ individual tests, e.g.:
 ./tools/test-js-with-casper 10-navigation.js
 ```
 
-Possible issues
-===============
+Possible testing issues
+=======================
 
 The Casper tests are flaky on the Virtualbox environment (probably due
 to some performance-sensitive races).  Until this issue is debugged,
@@ -132,37 +178,6 @@ When running the test suite, if you get an error like this:
 
 … then you need to install tsearch-extras, described above. Afterwards, re-run the `init*-db` and the `do-destroy-rebuild*-database` scripts.
 
-Contributing to Zulip
-=====================
-
-Zulip welcomes all forms of contributions!
-
-Before a pull request can be merged, you need to to sign the [Dropbox
-Contributor License Agreement](https://opensource.dropbox.com/cla/).
-
-Please run the tests (tools/test-all) before submitting your pull
-request.
-
-Zulip has a growing collection of developer documentation including
-detailed documentation on coding style available on [Read The
-Docs](https://zulip.readthedocs.org/).
-
-Zulip also has a [development discussion mailing list](https://groups.google.com/forum/#!forum/zulip-devel)
-
-Feel free to send any questions or suggestions of areas where you'd
-love to see more documentation to the list!
-
-We recommend sending proposals for large features or refactorings to
-the zulip-devel list for discussion and advice before getting too deep
-into implementation.
-
-Please report any security issues you discover to support@zulip.com.
-
-Running Zulip in production
-===========================
-
-This is documented in https://zulip.org/server.html and README.prod.md.
-
 License
 =======
 

bin/write-rabbitmq-consumers-state-file

@@ -11,5 +11,5 @@ ZULIP_DIR=/home/zulip/deployments/current
 STATE_DIR=/var/lib/nagios_state
 STATE_FILE=$STATE_DIR/check-rabbitmq-consumers-$queue
 
-$ZULIP_DIR/bots/check-rabbitmq-consumers --queue=$queue &> ${STATE_FILE}-tmp;
-mv ${STATE_FILE}-tmp $STATE_FILE
+"$ZULIP_DIR/bots/check-rabbitmq-consumers" "--queue=$queue" &> "${STATE_FILE}-tmp";
+mv "${STATE_FILE}-tmp" "$STATE_FILE"

bots/jabber_mirror.py

@@ -54,6 +54,6 @@ while backoff.keep_going():
 print ""
 print ""
 print "ERROR: The Jabber mirroring bot is unable to continue mirroring Jabber."
-print "Please contact support@zulip.com if you need assistence."
+print "Please contact support@zulip.com if you need assistance."
 print ""
 sys.exit(1)

puppet/zulip_internal/files/munin-plugins/humbug_send_receive

@@ -4,4 +4,4 @@ if [ "$(hostname)" = "staging.zulip.net" ]; then
 else
     site="https://api.zulip.com"
 fi
-/home/zulip/deployments/current/bots/check_send_receive.py --munin $1 --site="$site"
+/home/zulip/deployments/current/bots/check_send_receive.py --munin "$1" --site="$site"

puppet/zulip_internal/files/nagios_plugins/check_email_deliverer_backlog

@@ -9,11 +9,11 @@ cd /home/zulip/deployments/current
 
 BACKLOG=$(./manage.py print_email_delivery_backlog)
 
-if [ $BACKLOG -gt 0 -a $BACKLOG -lt 10 ]
+if [ "$BACKLOG" -gt 0 ] && [ "$BACKLOG" -lt 10 ]
 then
     echo "backlog of $BACKLOG"
     exit 1
-elif [ $BACKLOG -ge 10 ]
+elif [ "$BACKLOG" -ge 10 ]
 then
     echo "backlog of $BACKLOG"
     exit 2

puppet/zulip_internal/files/nagios_plugins/check_email_deliverer_process

@@ -13,14 +13,14 @@ if [ "$STATUS" == "RUNNING" ]
 then
     echo "Running"
     exit 0
-elif [ $(echo "$STATUS" | egrep '(STOPPED)|(STARTING)|(BACKOFF)|(STOPPING)|(EXITED)|(FATAL)|(UNKNOWN)$') ]
+elif [ "$(echo "$STATUS" | egrep '(STOPPED)|(STARTING)|(BACKOFF)|(STOPPING)|(EXITED)|(FATAL)|(UNKNOWN)$')" ]
 then
     # not "RUNNING", but a recognized supervisor status
-    echo $STATUS
+    echo "$STATUS"
     exit 1
 else
     # we don't recognize the second column in this SUPERVISOR_STATUS.
     # This may be indicative of a supervisor configuration problem
-    echo $SUPERVISOR_STATUS
+    echo "$SUPERVISOR_STATUS"
     exit 3
 fi

puppet/zulip_internal/files/nagios_plugins/check_worker_memory

@@ -1,7 +1,7 @@
 #!/bin/bash
 # Checks for any Zulip queue workers that are leaking memory and thus have a high vsize
 datafile=$(mktemp)
-ps -o vsize,size,pid,user,command --sort -vsize $(pgrep -f '^python /home/zulip/deployments/current/manage.py process_queue') > "$datafile"
+ps -o vsize,size,pid,user,command --sort -vsize "$(pgrep -f '^python /home/zulip/deployments/current/manage.py process_queue')" > "$datafile"
 cat "$datafile"
 top_worker=$(cat "$datafile" | head -n2 | tail -n1)
 top_worker_memory_usage=$(echo "$top_worker" | cut -f1 -d" ")

puppet/zulip_internal/files/postgresql/env-wal-e

@@ -5,9 +5,9 @@ fi
 
 export AWS_ACCESS_KEY_ID=xxxxxxxxxxxxxxxxxxxx
 export AWS_SECRET_ACCESS_KEY=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
-s3_backup_bucket=$(crudini --get $ZULIP_CONF database s3_backup_bucket 2>&1)
+s3_backup_bucket=$(crudini --get "$ZULIP_CONF" database s3_backup_bucket 2>&1)
 if [ $? -ne 0 ]; then
-    echo "Could not determine which s3 bucket to use:" $s3_backup_bucket
+    echo "Could not determine which s3 bucket to use:" "$s3_backup_bucket"
     exit 1
 fi
 export WALE_S3_PREFIX=s3://$s3_backup_bucket

scripts/lib/install

@@ -15,11 +15,6 @@ apt-get -y dist-upgrade
 apt-get install -y puppet git
 cp -a /root/zulip/puppet/zulip/files/puppet.conf /etc/puppet/
 
-# Hack to get required python-django-guardian while the PPA build of django-guardian isn't working :(
-apt-get -y install python-django
-wget https://zulip.com/dist/packages/python-django-guardian_1.3-1~zulip4_all.deb
-dpkg -i ./python-django-guardian_1.3-1~zulip4_all.deb
-
 mkdir -p /etc/zulip
 echo -e "[machine]\npuppet_classes = zulip::voyager\ndeploy_type = voyager" > /etc/zulip/zulip.conf
 /root/zulip/scripts/zulip-puppet-apply -f

scripts/setup/configure-rabbitmq

@@ -3,9 +3,9 @@
 # Delete the "guest" default user and replace it with a Zulip user
 # with a real password
 
-RMQPW=$($(dirname $0)/../../bin/get-django-setting RABBITMQ_PASSWORD)
+RMQPW=$("$(dirname "$0")/../../bin/get-django-setting" RABBITMQ_PASSWORD)
 sudo rabbitmqctl delete_user zulip || true
 sudo rabbitmqctl delete_user guest || true
-sudo rabbitmqctl add_user zulip $RMQPW
+sudo rabbitmqctl add_user zulip "$RMQPW"
 sudo rabbitmqctl set_user_tags zulip administrator
 sudo rabbitmqctl set_permissions -p / zulip '.*' '.*' '.*'

scripts/setup/initialize-database

@@ -1,7 +1,7 @@
 #!/bin/bash -xe
 
 # Change to root directory of the checkout that we're running from
-cd $(dirname $0)/../..
+cd "$(dirname "$0")/../.."
 
 python manage.py checkconfig
 

scripts/setup/install

@@ -1,3 +1,3 @@
 #!/bin/bash
 mkdir -p /var/log/zulip
-$(dirname $(dirname $0))/lib/install "$@" 2>&1 | tee -a /var/log/zulip/install.log
+"$(dirname "$(dirname "$0")")/lib/install" "$@" 2>&1 | tee -a /var/log/zulip/install.log

scripts/upgrade-zulip

@@ -1,2 +1,2 @@
 #!/bin/bash
-$(dirname $0)/lib/upgrade-zulip "$@" 2>&1 | tee -a /var/log/zulip/upgrade.log
+"$(dirname "$0")/lib/upgrade-zulip" "$@" 2>&1 | tee -a /var/log/zulip/upgrade.log

templates/zerver/integrations.html

@@ -26,7 +26,7 @@
     code changes, issue tickets, build system results, and much more. If you don't see the system you would like to integrate with it, or run into any
     trouble, don't hesitate to <a href="mailto:support@zulip.com?subject=Integration%20question">email us</a>.</p>
 
-    <p>Many of these integrations require creating a Zulip bot. You can do so on your <a href="https://zulip.com/#settings">Zulip settings page</a>. Be sure to note its username and API key.</p>
+    <p>Many of these integrations require creating a Zulip bot. You can do so on your <a href="/#settings">Zulip settings page</a>. Be sure to note its username and API key.</p>
 
     <div id="integration-instruction-block" class="integration-instruction-block">
        <a href="#" id="integration-list-link"><i class="icon-vector-circle-arrow-left"></i>&nbsp;Back to list</a>
@@ -852,7 +852,7 @@
             <pre><code>npm install --save hubot-zulip</code></pre>
         </li>
 
-        <li><p>On your <a href="https://zulip.com/#settings">Zulip settings page</a>, create a bot account. Note its username, API key and full name; you will use them on the next step.</p></li>
+        <li><p>On your <a href="/#settings">Zulip settings page</a>, create a bot account. Note its username, API key and full name; you will use them on the next step.</p></li>
 
         <li>To run Hubot locally, use:
           <pre><code>HUBOT_ZULIP_BOT=hubot-bot@example.com HUBOT_ZULIP_API_KEY=your_key bin/hubot --adapter zulip --name "myhubot"</code></pre>

tools/build-deb

@@ -12,7 +12,7 @@ dist=$1
 file=$2
 
 if [ -z "$dist" ] || [ -z "$file" ]; then
-    echo "$(echo $0 | rev | cut -d "/" -f  1-1 | rev) -- build Debian packages on a Zulip buildslave"
+    echo "$(echo "$0" | rev | cut -d "/" -f  1-1 | rev) -- build Debian packages on a Zulip buildslave"
     echo
     echo "USAGE: $0 dist path/to/package.dsc"
     exit 1
@@ -21,10 +21,10 @@ fi
 set -xe
 
 ret=0
-path=$(ssh -q -l $BUILDD_USERNAME $BUILDD_HOST -- mktemp -d $BUILDD_BASE_PATH/$USER.`date -u +%F.%R`.XXXXXXX)/
+path=$(ssh -q -l "$BUILDD_USERNAME" "$BUILDD_HOST" -- "mktemp -d '$BUILDD_BASE_PATH/$USER.`date -u +%F.%R`.XXXXXXX'")/
 
-dcmd rsync -vz --copy-links $file $BUILDD_USERNAME@$BUILDD_HOST:$path/
-file=$(basename $file)
+dcmd rsync -vz --copy-links "$file" "$BUILDD_USERNAME@$BUILDD_HOST:$path/"
+file=$(basename "$file")
 
 # -A specifies to build arch-all packages (non-arch dependent) in addition to
 # binary packages
@@ -38,9 +38,9 @@ file=$(basename $file)
 #
 # We always build for amd64. There is no 32-bit.
 
-ssh -t -l $BUILDD_USERNAME $BUILDD_HOST -- "cd $path && sbuild -A -s --force-orig-source --dist=$dist --arch=amd64 $file"
+ssh -t -l "$BUILDD_USERNAME" "$BUILDD_HOST" -- "cd '$path' && sbuild -A -s --force-orig-source '--dist=$dist' --arch=amd64 '$file'"
 
-rsync -Lvz --copy-links $BUILDD_USERNAME@$BUILDD_HOST:$path/* .
-ssh -l  $BUILDD_USERNAME $BUILDD_HOST rm -r $path
+rsync -Lvz --copy-links "$BUILDD_USERNAME@$BUILDD_HOST:$path/*" .
+ssh -l  "$BUILDD_USERNAME" "$BUILDD_HOST" rm -r "$path"
 
-exit $ret
+exit "$ret"

tools/build-release-tarball

@@ -11,8 +11,8 @@ prefix="zulip-server-$version"
 
 if [ "$(uname)" = "Darwin" ]; then
     TMPDIR=/tmp/voyager-build
-    rm -Rf $TMPDIR
-    mkdir -p $TMPDIR
+    rm -Rf "$TMPDIR"
+    mkdir -p "$TMPDIR"
 else
     TMPDIR=$(mktemp -d)
 fi
@@ -27,10 +27,10 @@ TMP_CHECKOUT=$TMPDIR/$prefix/
 TARBALL=$TMPDIR/$prefix.tar
 
 # .gitattributes lists the files that are not exported
-git archive -o $TARBALL --prefix=$prefix/ HEAD
+git archive -o "$TARBALL" "--prefix=$prefix/" HEAD
 
 
-if tar -tf $TARBALL | grep -q -e zilencer -e zproject/local_settings.py -e puppet/zulip_internal; then
+if tar -tf "$TARBALL" | grep -q -e zilencer -e zproject/local_settings.py -e puppet/zulip_internal; then
 	echo "Excluded files remain in tarball!";
 	echo "Versions of git 1.8.1.1 - 1.8.1.6 have broken .gitattributes syntax";
 	exit 1;
@@ -39,8 +39,8 @@ else
 fi
 
 # Check out a temporary full copy of the index to generate static files
-git checkout-index -f -a --prefix $TMP_CHECKOUT
-cd $TMP_CHECKOUT
+git checkout-index -f -a --prefix "$TMP_CHECKOUT"
+cd "$TMP_CHECKOUT"
 
 # Use default settings so there is no chance of leaking secrets
 cp zproject/local_settings_template.py zproject/local_settings.py
@@ -70,8 +70,8 @@ echo; echo "\033[33mRunning update-prod-static; check ${TMP_CHECKOUT}update-prod
 set -x
 
 ./tools/update-prod-static
-echo $GITID > build_id
-echo $version > version
+echo "$GITID" > build_id
+echo "$version" > version
 mv update-prod-static.log ..
 
 rm -f zproject/dev-secrets.conf
@@ -79,11 +79,11 @@ rm -f zproject/dev-secrets.conf
 # We don't need duplicate copies of emoji with hashed paths, and they would break bugdown
 find prod-static/serve/third/gemoji/images/emoji/ -regex '.*\.[0-9a-f]+\.png' -delete
 
-cd $TMPDIR
+cd "$TMPDIR"
 
-tar --append -f $TARBALL $prefix/prod-static $prefix/build_id $prefix/version
+tar --append -f "$TARBALL" "$prefix/prod-static" "$prefix/build_id" "$prefix/version"
 
-rm -rf $prefix
+rm -rf "$prefix"
 
-gzip $TARBALL
+gzip "$TARBALL"
 echo "Generated $TARBALL.gz"

tools/clean-branches

@@ -4,7 +4,7 @@
 # and also any branches in origin which are ancestors of
 # origin/master and are named like $USER-*.
 
-push_args=''
+push_args=()
 
 function is_merged {
     ! git rev-list -n 1 origin/master.."$1" | grep -q .
@@ -31,7 +31,7 @@ function clean_ref {
                 echo -n "Deleting remote branch $remote_name"
                 echo " (was $(git rev-parse --short "$ref"))"
                 # NB: this won't handle spaces in ref names
-                push_args="$push_args :$remote_name"
+                push_args=("${push_args[@]}" ":$remote_name")
             fi
             ;;
     esac
@@ -44,8 +44,8 @@ fi
 
 git fetch --prune origin
 
-eval $(git for-each-ref --shell --format='clean_ref %(refname);')
+eval "$(git for-each-ref --shell --format='clean_ref %(refname);')"
 
-if [ -n "$push_args" ]; then
-    git push origin $push_args
+if [ "${#push_args}" -ne 0 ]; then
+    git push origin "${push_args[@]}"
 fi

tools/deploy-branch

@@ -2,7 +2,7 @@
 
 function error_out {
     echo -en '\e[0;31m'
-    echo $1
+    echo "$1"
     echo -en '\e[0m'
     exit 1
 }
@@ -12,16 +12,16 @@ status=$(git status --porcelain | grep -v '^??')
 
 old_ref=$(git rev-list --max-count=1 HEAD)
 branch=$1
-branch_ref=$(git rev-list --max-count=1 $branch)
+branch_ref=$(git rev-list --max-count=1 "$branch")
 
 [ $? -ne 0 ] && error_out "Unknown branch: $branch"
 
 if [ "$old_ref" == "$branch_ref" ]; then
     new_ref=master
 else
-    ref_name=$(git describe --all --exact $old_ref)
+    ref_name=$(git describe --all --exact "$old_ref")
     if [ $? -eq 0 ]; then
-        new_ref=$(echo $ref_name | perl -pe 's{^(heads|remotes)/}{}')
+        new_ref=$(echo "$ref_name" | perl -pe 's{^(heads|remotes)/}{}')
     else
         new_ref=$old_ref
     fi
@@ -31,13 +31,13 @@ fi
 
 git fetch -p
 
-git rebase origin/master $branch
+git rebase origin/master "$branch"
 [ $? -ne 0 ] && error_out "Rebase onto origin/master failed"
 
 git push . HEAD:master
 git push origin master
 [ $? -ne 0 ] && error_out "Push of master to origin/master failed"
 
-git checkout $new_ref
-git branch -D $branch
-git push origin :$branch
+git checkout "$new_ref"
+git branch -D "$branch"
+git push origin ":$branch"

tools/deployment-lock-ctl

@@ -15,23 +15,23 @@ exit 1
 }
 
 
-if [[ $# < 1 || $# >2 ]]; then
+if [[ $# -lt 1 || $# -gt 2 ]]; then
     usage
 fi
 
 function get_status {
-    if (ssh zulip@$1.zulip.net '[ -d "'"$lockdir"'" ]'); then
+    if (ssh "zulip@$1.zulip.net" '[ -d "'"$lockdir"'" ]'); then
         printf "%-10s %b" "$1" "is currently \e[31mlocked\e[0m\n"
     else
         printf "%-10s %b" "$1" "is currently \e[32munlocked\e[0m\n"
     fi
 }
 
-if [[ $1 == "lock" ]]; then
+if [[ "$1" == "lock" ]]; then
     verb="mkdir"
-elif [[ $1 == "unlock" ]]; then
+elif [[ "$1" == "unlock" ]]; then
     verb="rmdir"
-elif [[ $# == 1 && $1 == "status" ]]; then
+elif [[ $# == 1 && "$1" == "status" ]]; then
     get_status "staging"
     get_status "prod0"
     exit
@@ -40,11 +40,11 @@ else
 fi
 
 
-if [[ $2 == "staging" ]]; then
+if [[ "$2" == "staging" ]]; then
     ssh zulip@staging.zulip.net "$verb $lockdir"
     get_status "staging"
     exit
-elif [[ $2 == "prod" ]]; then
+elif [[ "$2" == "prod" ]]; then
     ssh zulip@prod0.zulip.net "$verb $lockdir"
     get_status "prod0"
     exit

tools/deprecated/iframe-bot/last-messages-wrapper.sh

@@ -11,7 +11,7 @@ COUNT=50
 mkdir -p output
 while true; do
 
-if python show-last-messages --api-key=$API_KEY --user=$BOT_EMAIL --streams="$STREAMS" --count=$COUNT; then
+if python show-last-messages --api-key="$API_KEY" --user="$BOT_EMAIL" --streams="$STREAMS" --count="$COUNT"; then
     echo "[`date`] Success";
     mv output-candidate.html output/zulip.html
     touch output/zulip.html

tools/deprecated/include-supported.example

@@ -21,5 +21,5 @@ if [ $# = 2 ]; then
 fi
 
 for dist in $DISTS; do
-    reprepro --ignore=wrongdistribution include$type $dist "$1"
+    reprepro --ignore=wrongdistribution "include$TYPE" "$dist" "$1"
 done

tools/deprecated/install-server

@@ -8,7 +8,7 @@ if [ -z "$hostname" ]; then
     echo "USAGE: $0 server type hostname [branch]"
     exit 1
 fi
-if ! $(echo "$hostname" | grep -q zulip); then
+if ! echo "$hostname" | grep -q zulip; then
     echo "USAGE: $0 server type hostname [branch]"
     echo "Hostname must have zulip in it."
     exit 1
@@ -35,11 +35,11 @@ fi
 # Force RSA keys. We do this because the ECDSA key is not printed on syslog,
 # and our puppet configuration does not use ECDSA. If we don't do this,
 # we'll get key errors after puppet apply.
-SSH_OPTS="-o HostKeyAlgorithms=ssh-rsa"
+SSH_OPTS=(-o HostKeyAlgorithms=ssh-rsa)
 
 set +e
 
-ssh $SSH_OPTS "$server" -t -i "$amazon_key_file" -ladmin -o "ControlMaster=no" <<EOF
+ssh "${SSH_OPTS[@]}" "$server" -t -i "$amazon_key_file" -ladmin -o "ControlMaster=no" <<EOF
 sudo sed -i 's/PermitRootLogin no/PermitRootLogin yes/g' /etc/ssh/sshd_config
 sudo mkdir -p ~root/.ssh && sudo cp .ssh/authorized_keys ~root/.ssh/authorized_keys
 sudo service ssh restart
@@ -48,7 +48,7 @@ EOF
 
 set -e
 
-ssh $SSH_OPTS "$server" -t -i "$amazon_key_file" -lroot <<EOF
+ssh "${SSH_OPTS[@]}" "$server" -t -i "$amazon_key_file" -lroot <<EOF
 resize2fs /dev/xvda1
 echo "$hostname" > /etc/hostname
 sed -i 's/localhost$/localhost $hostname/' /etc/hosts
@@ -69,9 +69,9 @@ EOF
 
 # Give new server git access
 # TODO: Don't give servers push access to our git!
-scp $SSH_OPTS -i "$amazon_key_file" "$server_private_key_file" root@"$server":/root/.ssh/id_rsa
+scp "${SSH_OPTS[@]}" -i "$amazon_key_file" "$server_private_key_file" root@"$server":/root/.ssh/id_rsa
 
-ssh $SSH_OPTS "$server" -t -i "$amazon_key_file" -lroot <<EOF
+ssh "${SSH_OPTS[@]}" "$server" -t -i "$amazon_key_file" -lroot <<EOF
 chmod 600 /root/.ssh/id_rsa
 # Setup initial known_hosts including git server
 cat > /root/.ssh/known_hosts <<EOF2
@@ -85,7 +85,7 @@ cd /root/zulip
 git checkout $branch
 EOF
 
-ssh $SSH_OPTS "$server" -t -i "$amazon_key_file" -lroot <<EOF
+ssh "${SSH_OPTS[@]}" "$server" -t -i "$amazon_key_file" -lroot <<EOF
 cp -a /root/zulip/puppet/zulip/files/puppet.conf /etc/puppet/
 
 userdel admin
@@ -107,8 +107,8 @@ fi
 EOF
 
 # TODO: Don't give servers push access to our git!
-scp $SSH_OPTS -i "$amazon_key_file" "$server_private_key_file" zulip@"$server":/home/zulip/.ssh/id_rsa
-ssh $SSH_OPTS "$server" -t -i "$amazon_key_file" -lzulip <<EOF
+scp "${SSH_OPTS[@]}" -i "$amazon_key_file" "$server_private_key_file" zulip@"$server":/home/zulip/.ssh/id_rsa
+ssh "${SSH_OPTS[@]}" "$server" -t -i "$amazon_key_file" -lzulip <<EOF
 chmod 600 /home/zulip/.ssh/id_rsa
 EOF
 

tools/do-destroy-rebuild-test-database

@@ -1,5 +1,5 @@
 #!/bin/sh -xe
 
 # This is a really simple wrapper script, pretty much for documenting clarity
-`dirname $0`/../tools/generate-fixtures --force
+"`dirname "$0"`/../tools/generate-fixtures" --force
 

tools/generate-fixtures

@@ -6,7 +6,7 @@ function migration_status {
 
 template_grep_error_code=$(echo "SELECT 1 from pg_database WHERE datname='zulip_test_template';" | python manage.py dbshell --settings=zproject.test_settings | grep -q "1 row"; echo $?)
 
-if [ $template_grep_error_code == "0" ]; then
+if [ "$template_grep_error_code" == "0" ]; then
     migration_status zerver/fixtures/available-migrations
     if [ -e zerver/fixtures/migration-status ] &&
         cmp -s zerver/fixtures/available-migrations zerver/fixtures/migration-status &&

tools/postgres-init-db

@@ -11,7 +11,7 @@ VAGRANTUSERNAME=$(whoami)
 
 if [[ $# == 0 ]]; then
     USERNAME=zulip
-    PASSWORD=$($(dirname $0)/../bin/get-django-setting LOCAL_DATABASE_PASSWORD)
+    PASSWORD=$("$(dirname "$0")/../bin/get-django-setting" LOCAL_DATABASE_PASSWORD)
     DBNAME=zulip
     SEARCH_PATH="$USERNAME",public
 elif [[ $# == 4 ]]; then
@@ -28,7 +28,7 @@ fi
 
 DBNAME_BASE=${DBNAME}_base
 
-$ROOT_POSTGRES $DEFAULT_DB << EOF
+$ROOT_POSTGRES "$DEFAULT_DB" << EOF
 CREATE USER $USERNAME;
 ALTER USER $USERNAME PASSWORD '$PASSWORD';
 ALTER USER $USERNAME CREATEDB;
@@ -42,28 +42,28 @@ EOF
 umask go-rw
 PGPASS_PREFIX="*:*:*:$USERNAME:"
 PGPASS_ESCAPED_PREFIX="*:\*:\*:$USERNAME:"
-if ! $(grep -q "$PGPASS_ESCAPED_PREFIX" ~/.pgpass); then
-    echo $PGPASS_PREFIX$PASSWORD >> ~/.pgpass
+if ! grep -q "$PGPASS_ESCAPED_PREFIX" ~/.pgpass; then
+    echo "$PGPASS_PREFIX$PASSWORD" >> ~/.pgpass
 else
     sed -i "s/$PGPASS_ESCAPED_PREFIX.*\$/$PGPASS_PREFIX$PASSWORD/" ~/.pgpass
 fi
 chmod go-rw ~/.pgpass
 
-psql -h localhost postgres $USERNAME <<EOF
+psql -h localhost postgres "$USERNAME" <<EOF
 DROP DATABASE IF EXISTS $DBNAME;
 DROP DATABASE IF EXISTS $DBNAME_BASE;
 CREATE DATABASE $DBNAME_BASE
 EOF
 
-psql -h localhost $DBNAME_BASE $USERNAME <<EOF
+psql -h localhost "$DBNAME_BASE" "$USERNAME" <<EOF
 CREATE SCHEMA zulip;
 EOF
 
-$ROOT_POSTGRES $DBNAME_BASE << EOF
+$ROOT_POSTGRES "$DBNAME_BASE" << EOF
 CREATE EXTENSION tsearch_extras SCHEMA zulip;
 EOF
 
-psql -h localhost postgres $USERNAME <<EOF
+psql -h localhost postgres "$USERNAME" <<EOF
 CREATE DATABASE $DBNAME TEMPLATE $DBNAME_BASE;
 EOF
 

tools/postgres-init-test-db

@@ -1,3 +1,3 @@
 #!/bin/bash -xe
 
-$(dirname $0)/postgres-init-db zulip_test $($(dirname $0)/../bin/get-django-setting LOCAL_DATABASE_PASSWORD) zulip_test zulip,public
+"$(dirname "$0")/postgres-init-db" zulip_test "$("$(dirname "$0")/../bin/get-django-setting" LOCAL_DATABASE_PASSWORD)" zulip_test zulip,public

tools/test-js-with-node

@@ -6,11 +6,11 @@ export NODE_PATH=/usr/lib/nodejs:static
 
 INDEX_JS=zerver/tests/frontend/node/index.js
 NODEJS=$(which nodejs || which node)
-if [ f$1 = fcover ]; then
+if [ "$1" = "cover" ]; then
   # Run a coverage test with Istanbul.
-  istanbul cover $INDEX_JS
+  istanbul cover "$INDEX_JS"
 else
   # Normal testing, no coverage analysis.
   # Run the index.js test runner, which runs all the other tests.
-  $NODEJS --stack-trace-limit=100 $INDEX_JS
+  "$NODEJS" --stack-trace-limit=100 "$INDEX_JS"
 fi

zerver/views/__init__.py

@@ -693,7 +693,7 @@ def finish_google_oauth2(request):
     )
     if resp.status_code != 200:
         raise Exception('Could not convert google pauth2 code to access_token\r%r' % resp.text)
-    access_token = resp.json['access_token']
+    access_token = resp.json()['access_token']
 
     resp = requests.get(
         'https://www.googleapis.com/plus/v1/people/me',
@@ -701,7 +701,7 @@ def finish_google_oauth2(request):
     )
     if resp.status_code != 200:
         raise Exception('Google login failed making API call\r%r' % resp.text)
-    body = resp.json
+    body = resp.json()
 
     try:
         full_name = body['name']['formatted']

zproject/backends.py

@@ -91,7 +91,6 @@ class GoogleMobileOauth2Backend(ZulipAuthMixin):
         https://developers.google.com/+/mobile/android/sign-in#server-side_access_for_your_app
         https://developers.google.com/accounts/docs/CrossClientAuth#offlineAccess
 
-    This backend is not currently supported on voyager.
     """
     def authenticate(self, google_oauth2_token=None, return_data={}):
         try:

zproject/local_settings_template.py

@@ -20,9 +20,17 @@ ADMIN_DOMAIN = 'example.com'
 AUTHENTICATION_BACKENDS = (
 #                           'zproject.backends.EmailAuthBackend', # Email and password
 #                           'zproject.backends.ZulipRemoteUserBackend', # Local SSO
-#                           'zproject.backends.GoogleBackend', # Google Apps
+#                           'zproject.backends.GoogleMobileOauth2Backend', # Google Apps, setup below
     )
 
+# Google Oauth requires a bit of configuration; you will need to go to
+# https://console.developers.google.com, setup an Oauth2 client ID
+# that allows redirects to
+# e.g. https://zulip.example.com/accounts/login/google/done/ put your
+# client secret as "google_oauth2_client_secret" in
+# zulip-secrets.conf, and your cleitn ID here:
+# GOOGLE_OAUTH2_CLIENT_ID=<your client ID from Google>
+
 # If you are using the ZulipRemoteUserBackend authentication backend,
 # set this to your domain (e.g. if REMOTE_USER is "username" and the
 # corresponding email address is "username@example.com", set
@@ -36,7 +44,8 @@ SSO_APPEND_DOMAIN = None
 # or empty to skip sending email.
 EMAIL_HOST = 'smtp.gmail.com'
 EMAIL_HOST_USER = ''
-EMAIL_HOST_PASSWORD = ''
+# If you're using password auth, you will need to put the password in
+# /etc/zulip/zulip-secrets.conf as email_host_password.
 EMAIL_PORT = 587
 EMAIL_USE_TLS = True
 

zproject/settings.py

@@ -86,8 +86,7 @@ else:
     AUTHENTICATION_BACKENDS = ('zproject.backends.DevAuthBackend',)
     # Add some of the below if you're testing other backends
     # AUTHENTICATION_BACKENDS = ('zproject.backends.EmailAuthBackend',
-    #                            'zproject.backends.GoogleMobileOauth2Backend',
-    #                            'zproject.backends.GoogleBackend')
+    #                            'zproject.backends.GoogleMobileOauth2Backend',)
     EXTERNAL_URI_SCHEME = "http://"
     EMAIL_GATEWAY_PATTERN = "%s@" + EXTERNAL_HOST
     ADMIN_DOMAIN = "zulip.com"