paulmataruso/zulip
1
0
Fork 0
mirror of https://github.com/zulip/zulip.git synced 2025-11-06 06:53:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
5d7828096ea24308ce275e8daa40b0e901bde1c5
zulip/zerver/views
History
Tim Abbott 1f48fa2767 invite: Fix invite_by_admins_only to be enforced in backend. 
This is CVE-2017-0896.

Apparently, this setting never actually was wired up to anything other
than hiding the UI widget.

Huge thanks to Ibram Marzouk from the HackerOne community for finding
this security bug.
2017-06-01 17:24:29 -07:00
..
__init__.py
views: Rename __init__.py to zerver.views.registration.
2017-01-08 16:21:15 -08:00
alert_words.py
alert_words: Avoid redundant .lstrip().
2017-02-28 10:13:03 -08:00
attachments.py
Add support for managing and deleting attachments.
2017-02-16 23:44:44 -08:00
auth.py
mypy: Fix strict optional in zerver/views.
2017-05-25 09:30:41 -07:00
compatibility.py
mobile: Add an endpoint for checking compatibility.
2017-02-03 09:55:34 -08:00
custom_profile_fields.py
profile: Support custom profile data.
2017-04-18 15:20:59 -07:00
email_mirror.py
email mirror: Fix mypy annotation error.
2017-04-24 22:01:48 -07:00
events_register.py
events: Add support for fetch_event_types option to events_register.
2017-04-26 16:02:40 -07:00
home.py
pep8: Add compliance with rule E261 to zerver/views/home.py.
2017-05-18 03:00:32 +05:30
hotspots.py
hotspots: Add backend support for tutorial hotspots.
2017-03-29 11:34:32 -07:00
integrations.py
pep8: Add compliance with rule E261 to zerver/views/integrations.py.
2017-05-18 03:00:32 +05:30
invite.py
invite: Fix invite_by_admins_only to be enforced in backend.
2017-06-01 17:24:29 -07:00
messages.py
messages: Add support for admins deleting messages.
2017-05-29 21:59:38 -07:00
muting.py
Implemented API routes for muting/unmuting a topic
2017-03-15 16:19:00 -07:00
pointer.py
mypy: Convert zerver/views to use typing.Text.
2016-12-26 13:43:09 -08:00
presence.py
views/presence: Refactor get_user_profile_by_email -> get_user.
2017-05-22 16:43:08 -07:00
push_notifications.py
Add support infrastructure for push notification bouncer service.
2017-04-18 23:03:06 -07:00
reactions.py
reactions: Fix reacting to messages on streams you're not subscribed to.
2017-03-22 20:22:13 -07:00
realm_domains.py
realm_domains: Restructure library for getting realm domains.
2017-04-28 21:11:56 -07:00
realm_emoji.py
realm_emoji.py: Allow an user to delete an emoji uploaded by them.
2017-05-29 20:21:25 -07:00
realm_filters.py
Change domain to realm_id in bugdown and realm filter dicts and caches.
2017-01-03 16:25:20 -08:00
realm_icon.py
Add size limit for uploading user avatars and realm icons.
2017-03-07 22:13:01 -08:00
realm.py
pep8: Add compliance with rule E261 to zerver/views/realm.py.
2017-05-18 03:00:32 +05:30
registration.py
Switch change_full_name to use RealmAuditLog.
2017-05-29 15:22:08 -07:00
report.py
statsd: Change keys to use Realm.string_id instead of domain.
2017-03-13 09:51:02 -07:00
streams.py
send_email.py: Remove unused get_user_profile_by_email import.
2017-05-23 15:27:21 -07:00
tutorial.py
internal_send_message: Make realm argument mandatory.
2017-01-21 21:37:30 -08:00
typing.py
mypy: Added Dict, List and Set imports.
2017-03-04 14:33:44 -08:00
unsubscribe.py
notification_settings: Refactor notification preference settings.
2017-05-23 14:47:46 -07:00
upload.py
mypy: serve_local return type to FileResponse.
2017-05-25 15:41:52 -07:00
user_settings.py
Switch change_full_name to use RealmAuditLog.
2017-05-29 15:22:08 -07:00
users.py
Switch change_full_name to use RealmAuditLog.
2017-05-29 15:22:08 -07:00
zephyr.py
bots: Move zephyr-related files to api/integrations/zephyr/.
2017-05-26 15:07:02 -07:00