paulmataruso/zulip
1
0
Fork 0
mirror of https://github.com/zulip/zulip.git synced 2025-11-02 13:03:29 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
0c227217b2b00e68ac6da6aa61c9d5256294d5fb
zulip/zerver/views
History
Mateusz Mandera 0c227217b2 registration: Change create_preregistration_user to take realm as arg. 
create_preregistration_user is a footgun, because it takes the realm
from the request. The calling code is supposed to validate that
registration for the realm is allowed
first, but can sometimes do that on "realm" taken from something else
than the request - and later on calls create_preregistration_user, thus
leading to prereg user creation on unvalidated request.realm.

It's safer, and makes more sense, for this function to take the intended
realm as argument, instead of taking the entire request. It follows that
the same should be done for prepare_activation_url.
2022-02-22 23:18:34 +00:00
..
development
registration: Change create_preregistration_user to take realm as arg.
2022-02-22 23:18:34 +00:00
__init__.py
alert_words.py
request: Rename validator parameter of REQ to json_validator.
2021-04-07 14:13:06 -07:00
archive.py
archive: Use access_web_public_stream helper.
2021-04-14 12:37:34 -07:00
attachments.py
python: Reformat with Black, except quotes.
2021-02-12 13:11:19 -08:00
auth.py
registration: Change create_preregistration_user to take realm as arg.
2022-02-22 23:18:34 +00:00
compatibility.py
python: Convert deprecated Django ugettext alias to gettext.
2021-04-15 18:01:34 -07:00
custom_profile_fields.py
python: Convert deprecated Django ugettext alias to gettext.
2021-04-15 18:01:34 -07:00
digest.py
python: Normalize quotes with Black.
2021-02-12 13:11:19 -08:00
documentation.py
python: Normalize quotes with Black.
2021-02-12 13:11:19 -08:00
drafts.py
python: Convert deprecated Django ugettext alias to gettext.
2021-04-15 18:01:34 -07:00
email_mirror.py
python: Normalize quotes with Black.
2021-02-12 13:11:19 -08:00
events_register.py
mypy: Don’t use Iterable for values iterated multiple times.
2021-04-29 16:06:17 -07:00
home.py
version: Display Zulip version in About Zulip dialog.
2021-05-13 11:36:12 -07:00
hotspots.py
api: Fix encoding of strings in hotspot endpoint.
2021-05-07 11:45:25 -07:00
invite.py
invites: Allow user to be invited as a moderator.
2021-04-30 15:57:09 -07:00
message_edit.py
backend: Extract check_update_message from update_message_backend.
2021-05-09 20:44:04 -07:00
message_fetch.py
models: Replace __id syntax with _id where possible.
2021-04-22 14:53:00 -07:00
message_flags.py
python: Convert deprecated Django ugettext alias to gettext.
2021-04-15 18:01:34 -07:00
message_send.py
python: Convert deprecated Django ugettext alias to gettext.
2021-04-15 18:01:34 -07:00
muting.py
python: Convert deprecated Django ugettext alias to gettext.
2021-04-15 18:01:34 -07:00
portico.py
python: Normalize quotes with Black.
2021-02-12 13:11:19 -08:00
presence.py
python: Convert deprecated Django ugettext alias to gettext.
2021-04-15 18:01:34 -07:00
push_notifications.py
python: Convert deprecated Django ugettext alias to gettext.
2021-04-15 18:01:34 -07:00
reactions.py
reactions: Extract check_add_reaction from add_reaction.
2021-04-28 09:11:08 -07:00
realm_domains.py
api: Fix encoding of strings in realm domain endpoint.
2021-05-07 14:06:54 -07:00
realm_emoji.py
python: Convert deprecated Django ugettext alias to gettext.
2021-04-15 18:01:34 -07:00
realm_export.py
python: Convert deprecated Django ugettext alias to gettext.
2021-04-15 18:01:34 -07:00
realm_icon.py
python: Convert deprecated Django ugettext alias to gettext.
2021-04-15 18:01:34 -07:00
realm_linkifiers.py
linkifiers: Add an API to support the editing of linkifier.
2021-04-19 18:01:45 -07:00
realm_logo.py
python: Convert deprecated Django ugettext alias to gettext.
2021-04-15 18:01:34 -07:00
realm_playgrounds.py
docs: Capitalize “Markdown” consistently.
2021-04-26 09:31:08 -07:00
realm.py
settings: Add new setting for controlling who can move msgs to stream.
2021-04-16 15:10:39 -07:00
registration.py
registration: Change create_preregistration_user to take realm as arg.
2022-02-22 23:18:34 +00:00
report.py
docs: Fix capitalization mistakes.
2021-05-10 09:57:26 -07:00
storage.py
storage: Fix get_storage and remove_storage with empty keys list.
2021-04-13 08:53:03 -07:00
streams.py
api: Fix encoding of strings in streams endpoint.
2021-05-10 10:29:22 -07:00
submessage.py
widgets: Validate todo data on the backend.
2021-07-01 15:15:11 -07:00
thumbnail.py
requirements: Remove Thumbor.
2021-05-06 20:07:32 -07:00
tutorial.py
api: Fix encoding of strings in tutorial endpoint.
2021-05-07 14:06:54 -07:00
typing.py
typing: Support sending stream/topic typing status.
2021-04-27 20:52:21 -07:00
unsubscribe.py
send_email: Change clear_scheduled_emails to only take one user.
2021-10-18 17:06:11 -07:00
upload.py
python: Convert deprecated Django ugettext alias to gettext.
2021-04-15 18:01:34 -07:00
user_groups.py
python: Convert deprecated Django ugettext alias to gettext.
2021-04-15 18:01:34 -07:00
user_settings.py
api: Fix encoding of strings in display settings endpoint.
2021-05-10 10:03:32 -07:00
users.py
python: Convert deprecated Django ugettext alias to gettext.
2021-04-15 18:01:34 -07:00
video_calls.py
api: Fix encoding of strings in video calls endpoint.
2021-05-07 14:11:48 -07:00
zephyr.py
docs: Add missing space to compound verbs “log in”, “set up”, etc.
2021-04-26 09:31:08 -07:00