def login_context(request: HttpRequest) -> Dict[str, Any]:
realm = get_realm_from_request(request)
if realm is None:
realm_description = None
realm_invite_required = False
realm_web_public_access_enabled = False
else:
realm_description = get_realm_rendered_description(realm)
realm_invite_required = realm.invite_required
# We offer web-public access only if the realm has actual web
# public streams configured, in addition to having it enabled.
realm_web_public_access_enabled = realm.allow_web_public_streams_access(
)
context: Dict[str, Any] = {
"realm_invite_required": realm_invite_required,
"realm_description": realm_description,
"require_email_format_usernames":
require_email_format_usernames(realm),
"password_auth_enabled": password_auth_enabled(realm),
"two_factor_authentication_enabled":
settings.TWO_FACTOR_AUTHENTICATION_ENABLED,
"realm_web_public_access_enabled": realm_web_public_access_enabled,
}
if realm is not None and realm.description:
context["OPEN_GRAPH_TITLE"] = realm.name
context["OPEN_GRAPH_DESCRIPTION"] = get_realm_text_description(realm)
# Add the keys for our standard authentication backends.
no_auth_enabled = True
for auth_backend_name in AUTH_BACKEND_NAME_MAP:
name_lower = auth_backend_name.lower()
key = f"{name_lower}_auth_enabled"
is_enabled = auth_enabled_helper([auth_backend_name], realm)
context[key] = is_enabled
if is_enabled:
no_auth_enabled = False
context["external_authentication_methods"] = get_external_method_dicts(
realm)
context["no_auth_enabled"] = no_auth_enabled
# Include another copy of external_authentication_methods in page_params for use
# by the desktop client. We expand it with IDs of the <button> elements corresponding
# to the authentication methods.
context["page_params"] = dict(
external_authentication_methods=get_external_method_dicts(realm), )
for auth_dict in context["page_params"]["external_authentication_methods"]:
auth_dict["button_id_suffix"] = "auth_button_{}".format(
auth_dict["name"])
return context
def login_context(request: HttpRequest) -> Dict[str, Any]:
realm = get_realm_from_request(request)
if realm is None:
realm_description = None
realm_invite_required = False
else:
realm_description = get_realm_rendered_description(realm)
realm_invite_required = realm.invite_required
context: Dict[str, Any] = {
'realm_invite_required':
realm_invite_required,
'realm_description':
realm_description,
'require_email_format_usernames':
require_email_format_usernames(realm),
'password_auth_enabled':
password_auth_enabled(realm),
'any_social_backend_enabled':
any_social_backend_enabled(realm),
'two_factor_authentication_enabled':
settings.TWO_FACTOR_AUTHENTICATION_ENABLED,
}
if realm is not None and realm.description:
context['OPEN_GRAPH_TITLE'] = realm.name
context['OPEN_GRAPH_DESCRIPTION'] = get_realm_text_description(realm)
# Add the keys for our standard authentication backends.
no_auth_enabled = True
for auth_backend_name in AUTH_BACKEND_NAME_MAP:
name_lower = auth_backend_name.lower()
key = f"{name_lower}_auth_enabled"
is_enabled = auth_enabled_helper([auth_backend_name], realm)
context[key] = is_enabled
if is_enabled:
no_auth_enabled = False
context['external_authentication_methods'] = get_external_method_dicts(
realm)
context['no_auth_enabled'] = no_auth_enabled
# Include another copy of external_authentication_methods in page_params for use
# by the desktop client. We expand it with IDs of the <button> elements corresponding
# to the authentication methods.
context['page_params'] = dict(
external_authentication_methods=get_external_method_dicts(realm), )
for auth_dict in context['page_params']['external_authentication_methods']:
auth_dict['button_id_suffix'] = "auth_button_{}".format(
auth_dict['name'])
return context
def remote_user_sso(
request: HttpRequest,
mobile_flow_otp: Optional[str] = REQ(default=None),
desktop_flow_otp: Optional[str] = REQ(default=None),
next: str = REQ(default="/"),
) -> HttpResponse:
subdomain = get_subdomain(request)
try:
realm: Optional[Realm] = get_realm(subdomain)
except Realm.DoesNotExist:
realm = None
if not auth_enabled_helper([ZulipRemoteUserBackend.auth_backend_name],
realm):
return config_error(request, "remote_user_backend_disabled")
try:
remote_user = request.META["REMOTE_USER"]
except KeyError:
return config_error(request, "remote_user_header_missing")
# Django invokes authenticate methods by matching arguments, and this
# authentication flow will not invoke LDAP authentication because of
# this condition of Django so no need to check if LDAP backend is
# enabled.
validate_login_email(remote_user_to_email(remote_user))
# Here we support the mobile and desktop flow for REMOTE_USER_BACKEND; we
# validate the data format and then pass it through to
# login_or_register_remote_user if appropriate.
validate_otp_params(mobile_flow_otp, desktop_flow_otp)
if realm is None:
user_profile = None
else:
user_profile = authenticate(remote_user=remote_user, realm=realm)
if user_profile is not None:
assert isinstance(user_profile, UserProfile)
email = remote_user_to_email(remote_user)
data_dict = ExternalAuthDataDict(
email=email,
mobile_flow_otp=mobile_flow_otp,
desktop_flow_otp=desktop_flow_otp,
redirect_to=next,
)
if realm:
data_dict["subdomain"] = realm.subdomain
else:
data_dict["subdomain"] = "" # realm creation happens on root subdomain
result = ExternalAuthResult(user_profile=user_profile, data_dict=data_dict)
return login_or_register_remote_user(request, result)
def remote_user_sso(
request: HttpRequest,
mobile_flow_otp: Optional[str] = REQ(default=None),
desktop_flow_otp: Optional[str] = REQ(default=None)
) -> HttpResponse:
subdomain = get_subdomain(request)
try:
realm = get_realm(subdomain) # type: Optional[Realm]
except Realm.DoesNotExist:
realm = None
if not auth_enabled_helper([ZulipRemoteUserBackend.auth_backend_name],
realm):
return redirect_to_config_error("remoteuser/backend_disabled")
try:
remote_user = request.META["REMOTE_USER"]
except KeyError:
return redirect_to_config_error(
"remoteuser/remote_user_header_missing")
# Django invokes authenticate methods by matching arguments, and this
# authentication flow will not invoke LDAP authentication because of
# this condition of Django so no need to check if LDAP backend is
# enabled.
validate_login_email(remote_user_to_email(remote_user))
# Here we support the mobile and desktop flow for REMOTE_USER_BACKEND; we
# validate the data format and then pass it through to
# login_or_register_remote_user if appropriate.
validate_otp_params(mobile_flow_otp, desktop_flow_otp)
subdomain = get_subdomain(request)
if realm is None:
user_profile = None
else:
user_profile = authenticate(remote_user=remote_user, realm=realm)
redirect_to = request.GET.get('next', '')
return login_or_register_remote_user(request,
remote_user,
user_profile,
mobile_flow_otp=mobile_flow_otp,
desktop_flow_otp=desktop_flow_otp,
realm=realm,
redirect_to=redirect_to)
def login_context(request: HttpRequest) -> Dict[str, Any]:
realm = get_realm_from_request(request)
if realm is None:
realm_description = None
realm_invite_required = False
else:
realm_description = get_realm_rendered_description(realm)
realm_invite_required = realm.invite_required
context = {
'realm_invite_required': realm_invite_required,
'realm_description': realm_description,
'require_email_format_usernames': require_email_format_usernames(realm),
'password_auth_enabled': password_auth_enabled(realm),
'any_oauth_backend_enabled': any_oauth_backend_enabled(realm),
'two_factor_authentication_enabled': settings.TWO_FACTOR_AUTHENTICATION_ENABLED,
} # type: Dict[str, Any]
# Add the keys for our standard authentication backends.
no_auth_enabled = True
social_backends = []
for auth_backend_name in AUTH_BACKEND_NAME_MAP:
name_lower = auth_backend_name.lower()
key = "%s_auth_enabled" % (name_lower,)
is_enabled = auth_enabled_helper([auth_backend_name], realm)
context[key] = is_enabled
if is_enabled:
no_auth_enabled = False
# Now add the enabled social backends to the social_backends
# list used to generate buttons for login/register pages.
backend = AUTH_BACKEND_NAME_MAP[auth_backend_name]
if not is_enabled or backend not in SOCIAL_AUTH_BACKENDS:
continue
social_backends.append({
'name': backend.name,
'display_name': backend.auth_backend_name,
'login_url': reverse('login-social', args=(backend.name,)),
'signup_url': reverse('signup-social', args=(backend.name,)),
'sort_order': backend.sort_order,
})
context['social_backends'] = sorted(social_backends, key=lambda x: x['sort_order'], reverse=True)
context['no_auth_enabled'] = no_auth_enabled
return context
def login_context(request: HttpRequest) -> Dict[str, Any]:
realm = get_realm_from_request(request)
if realm is None:
realm_description = None
realm_invite_required = False
else:
realm_description = get_realm_rendered_description(realm)
realm_invite_required = realm.invite_required
context = {
'realm_invite_required':
realm_invite_required,
'realm_description':
realm_description,
'require_email_format_usernames':
require_email_format_usernames(realm),
'password_auth_enabled':
password_auth_enabled(realm),
'any_social_backend_enabled':
any_social_backend_enabled(realm),
'two_factor_authentication_enabled':
settings.TWO_FACTOR_AUTHENTICATION_ENABLED,
} # type: Dict[str, Any]
if realm is not None and realm.description:
context['OPEN_GRAPH_TITLE'] = realm.name
context['OPEN_GRAPH_DESCRIPTION'] = get_realm_text_description(realm)
# Add the keys for our standard authentication backends.
no_auth_enabled = True
for auth_backend_name in AUTH_BACKEND_NAME_MAP:
name_lower = auth_backend_name.lower()
key = "%s_auth_enabled" % (name_lower, )
is_enabled = auth_enabled_helper([auth_backend_name], realm)
context[key] = is_enabled
if is_enabled:
no_auth_enabled = False
context['external_authentication_methods'] = get_external_method_dicts(
realm)
context['no_auth_enabled'] = no_auth_enabled
return context
def get_auth_backends_data(request: HttpRequest) -> Dict[str, Any]:
"""Returns which authentication methods are enabled on the server"""
subdomain = get_subdomain(request)
try:
realm = Realm.objects.get(string_id=subdomain)
except Realm.DoesNotExist:
# If not the root subdomain, this is an error
if subdomain != Realm.SUBDOMAIN_FOR_ROOT_DOMAIN:
raise JsonableError(_("Invalid subdomain"))
# With the root subdomain, it's an error or not depending
# whether ROOT_DOMAIN_LANDING_PAGE (which indicates whether
# there are some realms without subdomains on this server)
# is set.
if settings.ROOT_DOMAIN_LANDING_PAGE:
raise JsonableError(_("Subdomain required"))
else:
realm = None
result = {
"password": password_auth_enabled(realm),
}
for auth_backend_name in AUTH_BACKEND_NAME_MAP:
key = auth_backend_name.lower()
result[key] = auth_enabled_helper([auth_backend_name], realm)
return result
def get_auth_backends_data(request: HttpRequest) -> Dict[str, Any]:
"""Returns which authentication methods are enabled on the server"""
subdomain = get_subdomain(request)
try:
realm = Realm.objects.get(string_id=subdomain)
except Realm.DoesNotExist:
# If not the root subdomain, this is an error
if subdomain != Realm.SUBDOMAIN_FOR_ROOT_DOMAIN:
raise JsonableError(_("Invalid subdomain"))
# With the root subdomain, it's an error or not depending
# whether ROOT_DOMAIN_LANDING_PAGE (which indicates whether
# there are some realms without subdomains on this server)
# is set.
if settings.ROOT_DOMAIN_LANDING_PAGE:
raise JsonableError(_("Subdomain required"))
else:
realm = None
result = {
"password": password_auth_enabled(realm),
}
for auth_backend_name in AUTH_BACKEND_NAME_MAP:
key = auth_backend_name.lower()
result[key] = auth_enabled_helper([auth_backend_name], realm)
return result
def zulip_default_context(request):
# type: (HttpRequest) -> Dict[str, Any]
"""Context available to all Zulip Jinja2 templates that have a request
passed in. Designed to provide the long list of variables at the
bottom of this function in a wide range of situations: logged-in
or logged-out, subdomains or not, etc.
The main variable in the below is whether we know the realm, which
is the case if there is only one realm, or we're on a
REALMS_HAVE_SUBDOMAINS subdomain, or the user is logged in.
"""
realm = get_realm_from_request(request)
if realm is not None:
realm_uri = realm.uri
realm_name = realm.name
realm_icon = get_realm_icon_url(realm)
realm_description = realm.description or "The coolest place in the universe."
else:
realm_uri = settings.SERVER_URI
realm_name = None
realm_icon = None
realm_description = None
return {
'realms_have_subdomains': settings.REALMS_HAVE_SUBDOMAINS,
'custom_logo_url': settings.CUSTOM_LOGO_URL,
'register_link_disabled': settings.REGISTER_LINK_DISABLED,
'login_link_disabled': settings.LOGIN_LINK_DISABLED,
'about_link_disabled': settings.ABOUT_LINK_DISABLED,
'show_oss_announcement': settings.SHOW_OSS_ANNOUNCEMENT,
'zulip_admin': settings.ZULIP_ADMINISTRATOR,
'terms_of_service': settings.TERMS_OF_SERVICE,
'privacy_policy': settings.PRIVACY_POLICY,
'login_url': settings.HOME_NOT_LOGGED_IN,
'only_sso': settings.ONLY_SSO,
'external_api_path': settings.EXTERNAL_API_PATH,
'external_api_uri': settings.EXTERNAL_API_URI,
'external_host': settings.EXTERNAL_HOST,
'external_uri_scheme': settings.EXTERNAL_URI_SCHEME,
'realm_uri': realm_uri,
'realm_name': realm_name,
'realm_icon': realm_icon,
'realm_description': realm_description,
'server_uri': settings.SERVER_URI,
'api_site_required': settings.EXTERNAL_API_PATH != "api.zulip.com",
'email_integration_enabled': settings.EMAIL_GATEWAY_BOT != "",
'email_gateway_example': settings.EMAIL_GATEWAY_EXAMPLE,
'open_realm_creation': settings.OPEN_REALM_CREATION,
'password_auth_enabled': password_auth_enabled(realm),
'dev_auth_enabled': dev_auth_enabled(realm),
'google_auth_enabled': google_auth_enabled(realm),
'github_auth_enabled': github_auth_enabled(realm),
'any_oauth_backend_enabled': any_oauth_backend_enabled(realm),
'no_auth_enabled': not auth_enabled_helper(list(AUTH_BACKEND_NAME_MAP.keys()), realm),
'development_environment': settings.DEVELOPMENT,
'support_email': settings.ZULIP_ADMINISTRATOR,
'find_team_link_disabled': settings.FIND_TEAM_LINK_DISABLED,
'password_min_length': settings.PASSWORD_MIN_LENGTH,
'password_min_quality': settings.PASSWORD_MIN_ZXCVBN_QUALITY,
'zulip_version': ZULIP_VERSION,
}
def zulip_default_context(request):
# type: (HttpRequest) -> Dict[str, Any]
"""Context available to all Zulip Jinja2 templates that have a request
passed in. Designed to provide the long list of variables at the
bottom of this function in a wide range of situations: logged-in
or logged-out, subdomains or not, etc.
The main variable in the below is whether we know what realm the
user is trying to interact with.
"""
realm = get_realm_from_request(request)
if realm is None:
realm_uri = settings.ROOT_DOMAIN_URI
realm_name = None
realm_icon = None
realm_description = None
realm_invite_required = False
else:
realm_uri = realm.uri
realm_name = realm.name
realm_icon = get_realm_icon_url(realm)
realm_description_raw = realm.description or "The coolest place in the universe."
realm_description = convert(realm_description_raw, message_realm=realm)
realm_invite_required = realm.invite_required
register_link_disabled = settings.REGISTER_LINK_DISABLED
login_link_disabled = settings.LOGIN_LINK_DISABLED
about_link_disabled = settings.ABOUT_LINK_DISABLED
find_team_link_disabled = settings.FIND_TEAM_LINK_DISABLED
if settings.ROOT_DOMAIN_LANDING_PAGE and get_subdomain(request) == "":
register_link_disabled = True
login_link_disabled = True
about_link_disabled = True
find_team_link_disabled = False
apps_page_url = 'https://zulipchat.com/apps/'
if settings.ZILENCER_ENABLED:
apps_page_url = '/apps/'
user_is_authenticated = False
if hasattr(request, 'user') and hasattr(request.user, 'is_authenticated'):
user_is_authenticated = request.user.is_authenticated.value
if settings.DEVELOPMENT:
secrets_path = "zproject/dev-secrets.conf"
settings_path = "zproject/dev_settings.py"
settings_comments_path = "zproject/prod_settings_template.py"
else:
secrets_path = "/etc/zulip/zulip-secrets.conf"
settings_path = "/etc/zulip/settings.py"
settings_comments_path = "/etc/zulip/settings.py"
if hasattr(request, "client") and request.client.name == "ZulipElectron":
platform = "ZulipElectron" # nocoverage
else:
platform = "ZulipWeb"
return {
'root_domain_landing_page':
settings.ROOT_DOMAIN_LANDING_PAGE,
'custom_logo_url':
settings.CUSTOM_LOGO_URL,
'register_link_disabled':
register_link_disabled,
'login_link_disabled':
login_link_disabled,
'about_link_disabled':
about_link_disabled,
'terms_of_service':
settings.TERMS_OF_SERVICE,
'privacy_policy':
settings.PRIVACY_POLICY,
'login_url':
settings.HOME_NOT_LOGGED_IN,
'only_sso':
settings.ONLY_SSO,
'external_api_path':
settings.EXTERNAL_API_PATH,
'external_api_uri':
settings.EXTERNAL_API_URI,
'external_host':
settings.EXTERNAL_HOST,
'external_uri_scheme':
settings.EXTERNAL_URI_SCHEME,
'realm_invite_required':
realm_invite_required,
'realm_uri':
realm_uri,
'realm_name':
realm_name,
'realm_icon':
realm_icon,
'realm_description':
realm_description,
'root_domain_uri':
settings.ROOT_DOMAIN_URI,
'api_site_required':
settings.EXTERNAL_API_PATH != "api.zulip.com",
'email_gateway_example':
settings.EMAIL_GATEWAY_EXAMPLE,
'apps_page_url':
apps_page_url,
'open_realm_creation':
settings.OPEN_REALM_CREATION,
'password_auth_enabled':
password_auth_enabled(realm),
'dev_auth_enabled':
dev_auth_enabled(realm),
'google_auth_enabled':
google_auth_enabled(realm),
'github_auth_enabled':
github_auth_enabled(realm),
'email_auth_enabled':
email_auth_enabled(realm),
'require_email_format_usernames':
require_email_format_usernames(realm),
'any_oauth_backend_enabled':
any_oauth_backend_enabled(realm),
'no_auth_enabled':
not auth_enabled_helper(list(AUTH_BACKEND_NAME_MAP.keys()), realm),
'development_environment':
settings.DEVELOPMENT,
'support_email':
FromAddress.SUPPORT,
'find_team_link_disabled':
find_team_link_disabled,
'password_min_length':
settings.PASSWORD_MIN_LENGTH,
'password_min_guesses':
settings.PASSWORD_MIN_GUESSES,
'zulip_version':
ZULIP_VERSION,
'user_is_authenticated':
user_is_authenticated,
'settings_path':
settings_path,
'secrets_path':
secrets_path,
'settings_comments_path':
settings_comments_path,
'platform':
platform,
}
def zulip_default_context(request: HttpRequest) -> Dict[str, Any]:
"""Context available to all Zulip Jinja2 templates that have a request
passed in. Designed to provide the long list of variables at the
bottom of this function in a wide range of situations: logged-in
or logged-out, subdomains or not, etc.
The main variable in the below is whether we know what realm the
user is trying to interact with.
"""
realm = get_realm_from_request(request)
if realm is None:
realm_uri = settings.ROOT_DOMAIN_URI
realm_name = None
realm_icon = None
realm_description = None
realm_invite_required = False
else:
realm_uri = realm.uri
realm_name = realm.name
realm_icon = get_realm_icon_url(realm)
realm_description_raw = realm.description or "The coolest place in the universe."
realm_description = convert(realm_description_raw, message_realm=realm)
realm_invite_required = realm.invite_required
register_link_disabled = settings.REGISTER_LINK_DISABLED
login_link_disabled = settings.LOGIN_LINK_DISABLED
find_team_link_disabled = settings.FIND_TEAM_LINK_DISABLED
allow_search_engine_indexing = False
if (settings.ROOT_DOMAIN_LANDING_PAGE
and get_subdomain(request) == Realm.SUBDOMAIN_FOR_ROOT_DOMAIN):
register_link_disabled = True
login_link_disabled = True
find_team_link_disabled = False
allow_search_engine_indexing = True
apps_page_url = 'https://zulipchat.com/apps/'
if settings.ZILENCER_ENABLED:
apps_page_url = '/apps/'
user_is_authenticated = False
if hasattr(request, 'user') and hasattr(request.user, 'is_authenticated'):
user_is_authenticated = request.user.is_authenticated.value
if settings.DEVELOPMENT:
secrets_path = "zproject/dev-secrets.conf"
settings_path = "zproject/dev_settings.py"
settings_comments_path = "zproject/prod_settings_template.py"
else:
secrets_path = "/etc/zulip/zulip-secrets.conf"
settings_path = "/etc/zulip/settings.py"
settings_comments_path = "/etc/zulip/settings.py"
if hasattr(request, "client") and request.client.name == "ZulipElectron":
platform = "ZulipElectron" # nocoverage
else:
platform = "ZulipWeb"
return {
'root_domain_landing_page': settings.ROOT_DOMAIN_LANDING_PAGE,
'custom_logo_url': settings.CUSTOM_LOGO_URL,
'register_link_disabled': register_link_disabled,
'login_link_disabled': login_link_disabled,
'terms_of_service': settings.TERMS_OF_SERVICE,
'privacy_policy': settings.PRIVACY_POLICY,
'login_url': settings.HOME_NOT_LOGGED_IN,
'only_sso': settings.ONLY_SSO,
'custom_profile_fields_enabled': settings.DEVELOPMENT,
'external_host': settings.EXTERNAL_HOST,
'external_uri_scheme': settings.EXTERNAL_URI_SCHEME,
'realm_invite_required': realm_invite_required,
'realm_uri': realm_uri,
'realm_name': realm_name,
'realm_icon': realm_icon,
'realm_description': realm_description,
'root_domain_uri': settings.ROOT_DOMAIN_URI,
'apps_page_url': apps_page_url,
'open_realm_creation': settings.OPEN_REALM_CREATION,
'password_auth_enabled': password_auth_enabled(realm),
'dev_auth_enabled': dev_auth_enabled(realm),
'google_auth_enabled': google_auth_enabled(realm),
'github_auth_enabled': github_auth_enabled(realm),
'email_auth_enabled': email_auth_enabled(realm),
'require_email_format_usernames': require_email_format_usernames(realm),
'any_oauth_backend_enabled': any_oauth_backend_enabled(realm),
'no_auth_enabled': not auth_enabled_helper(list(AUTH_BACKEND_NAME_MAP.keys()), realm),
'development_environment': settings.DEVELOPMENT,
'support_email': FromAddress.SUPPORT,
'find_team_link_disabled': find_team_link_disabled,
'password_min_length': settings.PASSWORD_MIN_LENGTH,
'password_min_guesses': settings.PASSWORD_MIN_GUESSES,
'jitsi_server_url': settings.JITSI_SERVER_URL,
'two_factor_authentication_enabled': settings.TWO_FACTOR_AUTHENTICATION_ENABLED,
'zulip_version': ZULIP_VERSION,
'user_is_authenticated': user_is_authenticated,
'settings_path': settings_path,
'secrets_path': secrets_path,
'settings_comments_path': settings_comments_path,
'platform': platform,
'allow_search_engine_indexing': allow_search_engine_indexing,
}
def zulip_default_context(request: HttpRequest) -> Dict[str, Any]:
"""Context available to all Zulip Jinja2 templates that have a request
passed in. Designed to provide the long list of variables at the
bottom of this function in a wide range of situations: logged-in
or logged-out, subdomains or not, etc.
The main variable in the below is whether we know what realm the
user is trying to interact with.
"""
realm = get_realm_from_request(request)
if realm is None:
realm_uri = settings.ROOT_DOMAIN_URI
realm_name = None
realm_icon = None
realm_description = None
realm_invite_required = False
realm_plan_type = 0
else:
realm_uri = realm.uri
realm_name = realm.name
realm_icon = get_realm_icon_url(realm)
realm_description_raw = realm.description or "The coolest place in the universe."
realm_description = bugdown_convert(realm_description_raw, message_realm=realm)
realm_invite_required = realm.invite_required
realm_plan_type = realm.plan_type
register_link_disabled = settings.REGISTER_LINK_DISABLED
login_link_disabled = settings.LOGIN_LINK_DISABLED
find_team_link_disabled = settings.FIND_TEAM_LINK_DISABLED
allow_search_engine_indexing = False
if (settings.ROOT_DOMAIN_LANDING_PAGE
and get_subdomain(request) == Realm.SUBDOMAIN_FOR_ROOT_DOMAIN):
register_link_disabled = True
login_link_disabled = True
find_team_link_disabled = False
allow_search_engine_indexing = True
apps_page_url = 'https://zulipchat.com/apps/'
if settings.ZILENCER_ENABLED:
apps_page_url = '/apps/'
user_is_authenticated = False
if hasattr(request, 'user') and hasattr(request.user, 'is_authenticated'):
user_is_authenticated = request.user.is_authenticated.value
if settings.DEVELOPMENT:
secrets_path = "zproject/dev-secrets.conf"
settings_path = "zproject/dev_settings.py"
settings_comments_path = "zproject/prod_settings_template.py"
else:
secrets_path = "/etc/zulip/zulip-secrets.conf"
settings_path = "/etc/zulip/settings.py"
settings_comments_path = "/etc/zulip/settings.py"
# We can't use request.client here because we might not be using
# an auth decorator that sets it, but we can call its helper to
# get the same result.
platform = get_client_name(request, True)
context = {
'root_domain_landing_page': settings.ROOT_DOMAIN_LANDING_PAGE,
'custom_logo_url': settings.CUSTOM_LOGO_URL,
'register_link_disabled': register_link_disabled,
'login_link_disabled': login_link_disabled,
'terms_of_service': settings.TERMS_OF_SERVICE,
'privacy_policy': settings.PRIVACY_POLICY,
'login_url': settings.HOME_NOT_LOGGED_IN,
'only_sso': settings.ONLY_SSO,
'external_host': settings.EXTERNAL_HOST,
'external_uri_scheme': settings.EXTERNAL_URI_SCHEME,
'realm_invite_required': realm_invite_required,
'realm_uri': realm_uri,
'realm_name': realm_name,
'realm_icon': realm_icon,
'realm_description': realm_description,
'realm_plan_type': realm_plan_type,
'root_domain_uri': settings.ROOT_DOMAIN_URI,
'apps_page_url': apps_page_url,
'open_realm_creation': settings.OPEN_REALM_CREATION,
'password_auth_enabled': password_auth_enabled(realm),
'require_email_format_usernames': require_email_format_usernames(realm),
'any_oauth_backend_enabled': any_oauth_backend_enabled(realm),
'no_auth_enabled': not auth_enabled_helper(list(AUTH_BACKEND_NAME_MAP.keys()), realm),
'development_environment': settings.DEVELOPMENT,
'support_email': FromAddress.SUPPORT,
'find_team_link_disabled': find_team_link_disabled,
'password_min_length': settings.PASSWORD_MIN_LENGTH,
'password_min_guesses': settings.PASSWORD_MIN_GUESSES,
'jitsi_server_url': settings.JITSI_SERVER_URL,
'two_factor_authentication_enabled': settings.TWO_FACTOR_AUTHENTICATION_ENABLED,
'zulip_version': ZULIP_VERSION,
'latest_release_version': LATEST_RELEASE_VERSION,
'latest_major_version': LATEST_MAJOR_VERSION,
'latest_release_announcement': LATEST_RELEASE_ANNOUNCEMENT,
'user_is_authenticated': user_is_authenticated,
'settings_path': settings_path,
'secrets_path': secrets_path,
'settings_comments_path': settings_comments_path,
'platform': platform,
'allow_search_engine_indexing': allow_search_engine_indexing,
}
# Add the keys for our standard authentication backends.
for auth_backend_name in AUTH_BACKEND_NAME_MAP:
name_lower = auth_backend_name.lower()
key = "%s_auth_enabled" % (name_lower,)
context[key] = auth_enabled_helper([auth_backend_name], realm)
social_backends = []
for backend in SOCIAL_AUTH_BACKENDS:
if not auth_enabled_helper([backend.auth_backend_name], realm):
continue
social_backends.append({
'name': backend.name,
'display_name': backend.auth_backend_name,
'login_url': reverse('login-social', args=(backend.name,)),
'signup_url': reverse('signup-social', args=(backend.name,)),
'sort_order': backend.sort_order,
})
context['social_backends'] = sorted(social_backends, key=lambda x: x['sort_order'])
return context
def zulip_default_context(request: HttpRequest) -> Dict[str, Any]:
"""Context available to all Zulip Jinja2 templates that have a request
passed in. Designed to provide the long list of variables at the
bottom of this function in a wide range of situations: logged-in
or logged-out, subdomains or not, etc.
The main variable in the below is whether we know what realm the
user is trying to interact with.
"""
realm = get_realm_from_request(request)
if realm is None:
realm_uri = settings.ROOT_DOMAIN_URI
realm_name = None
realm_icon = None
realm_logo = None
realm_description = None
realm_invite_required = False
realm_plan_type = 0
else:
realm_uri = realm.uri
realm_name = realm.name
realm_icon = get_realm_icon_url(realm)
realm_logo = get_realm_logo_url(realm)
realm_description_raw = realm.description or "The coolest place in the universe."
realm_description = bugdown_convert(realm_description_raw,
message_realm=realm)
realm_invite_required = realm.invite_required
realm_plan_type = realm.plan_type
register_link_disabled = settings.REGISTER_LINK_DISABLED
login_link_disabled = settings.LOGIN_LINK_DISABLED
find_team_link_disabled = settings.FIND_TEAM_LINK_DISABLED
allow_search_engine_indexing = False
if (settings.ROOT_DOMAIN_LANDING_PAGE
and get_subdomain(request) == Realm.SUBDOMAIN_FOR_ROOT_DOMAIN):
register_link_disabled = True
login_link_disabled = True
find_team_link_disabled = False
allow_search_engine_indexing = True
apps_page_url = 'https://zulipchat.com/apps/'
if settings.ZILENCER_ENABLED:
apps_page_url = '/apps/'
user_is_authenticated = False
if hasattr(request, 'user') and hasattr(request.user, 'is_authenticated'):
user_is_authenticated = request.user.is_authenticated.value
if settings.DEVELOPMENT:
secrets_path = "zproject/dev-secrets.conf"
settings_path = "zproject/dev_settings.py"
settings_comments_path = "zproject/prod_settings_template.py"
else:
secrets_path = "/etc/zulip/zulip-secrets.conf"
settings_path = "/etc/zulip/settings.py"
settings_comments_path = "/etc/zulip/settings.py"
if hasattr(request, "client") and request.client.name == "ZulipElectron":
platform = "ZulipElectron" # nocoverage
else:
platform = "ZulipWeb"
context = {
'root_domain_landing_page':
settings.ROOT_DOMAIN_LANDING_PAGE,
'custom_logo_url':
settings.CUSTOM_LOGO_URL,
'register_link_disabled':
register_link_disabled,
'login_link_disabled':
login_link_disabled,
'terms_of_service':
settings.TERMS_OF_SERVICE,
'privacy_policy':
settings.PRIVACY_POLICY,
'login_url':
settings.HOME_NOT_LOGGED_IN,
'only_sso':
settings.ONLY_SSO,
'external_host':
settings.EXTERNAL_HOST,
'external_uri_scheme':
settings.EXTERNAL_URI_SCHEME,
'realm_invite_required':
realm_invite_required,
'realm_uri':
realm_uri,
'realm_name':
realm_name,
'realm_icon':
realm_icon,
'realm_logo':
realm_logo,
'realm_description':
realm_description,
'realm_plan_type':
realm_plan_type,
'root_domain_uri':
settings.ROOT_DOMAIN_URI,
'apps_page_url':
apps_page_url,
'open_realm_creation':
settings.OPEN_REALM_CREATION,
'password_auth_enabled':
password_auth_enabled(realm),
'require_email_format_usernames':
require_email_format_usernames(realm),
'any_oauth_backend_enabled':
any_oauth_backend_enabled(realm),
'no_auth_enabled':
not auth_enabled_helper(list(AUTH_BACKEND_NAME_MAP.keys()), realm),
'development_environment':
settings.DEVELOPMENT,
'support_email':
FromAddress.SUPPORT,
'find_team_link_disabled':
find_team_link_disabled,
'password_min_length':
settings.PASSWORD_MIN_LENGTH,
'password_min_guesses':
settings.PASSWORD_MIN_GUESSES,
'jitsi_server_url':
settings.JITSI_SERVER_URL,
'two_factor_authentication_enabled':
settings.TWO_FACTOR_AUTHENTICATION_ENABLED,
'zulip_version':
ZULIP_VERSION,
'latest_release_version':
LATEST_RELEASE_VERSION,
'latest_major_version':
LATEST_MAJOR_VERSION,
'latest_release_announcement':
LATEST_RELEASE_ANNOUNCEMENT,
'user_is_authenticated':
user_is_authenticated,
'settings_path':
settings_path,
'secrets_path':
secrets_path,
'settings_comments_path':
settings_comments_path,
'platform':
platform,
'allow_search_engine_indexing':
allow_search_engine_indexing,
}
# Add the keys for our standard authentication backends.
for auth_backend_name in AUTH_BACKEND_NAME_MAP:
name_lower = auth_backend_name.lower()
key = "%s_auth_enabled" % (name_lower, )
context[key] = auth_enabled_helper([auth_backend_name], realm)
return context
def zulip_default_context(request):
# type: (HttpRequest) -> Dict[str, Any]
"""Context available to all Zulip Jinja2 templates that have a request
passed in. Designed to provide the long list of variables at the
bottom of this function in a wide range of situations: logged-in
or logged-out, subdomains or not, etc.
The main variable in the below is whether we know the realm, which
is the case if there is only one realm, or we're on a
REALMS_HAVE_SUBDOMAINS subdomain, or the user is logged in.
"""
realm = get_realm_from_request(request)
if realm is not None:
realm_uri = realm.uri
realm_name = realm.name
realm_icon = get_realm_icon_url(realm)
realm_description_raw = realm.description or "The coolest place in the universe."
realm_description = convert(realm_description_raw, message_realm=realm)
else:
realm_uri = settings.SERVER_URI
realm_name = None
realm_icon = None
realm_description = None
register_link_disabled = settings.REGISTER_LINK_DISABLED
login_link_disabled = settings.LOGIN_LINK_DISABLED
about_link_disabled = settings.ABOUT_LINK_DISABLED
find_team_link_disabled = settings.FIND_TEAM_LINK_DISABLED
if settings.SUBDOMAINS_HOMEPAGE and get_subdomain(request) == "":
register_link_disabled = True
login_link_disabled = True
about_link_disabled = True
find_team_link_disabled = False
apps_page_url = 'https://zulipchat.com/apps/'
if settings.ZILENCER_ENABLED:
apps_page_url = '/apps/'
return {
'realms_have_subdomains': settings.REALMS_HAVE_SUBDOMAINS,
'custom_logo_url': settings.CUSTOM_LOGO_URL,
'register_link_disabled': register_link_disabled,
'login_link_disabled': login_link_disabled,
'about_link_disabled': about_link_disabled,
'terms_of_service': settings.TERMS_OF_SERVICE,
'privacy_policy': settings.PRIVACY_POLICY,
'login_url': settings.HOME_NOT_LOGGED_IN,
'only_sso': settings.ONLY_SSO,
'external_api_path': settings.EXTERNAL_API_PATH,
'external_api_uri': settings.EXTERNAL_API_URI,
'external_host': settings.EXTERNAL_HOST,
'external_uri_scheme': settings.EXTERNAL_URI_SCHEME,
'realm_uri': realm_uri,
'realm_name': realm_name,
'realm_icon': realm_icon,
'realm_description': realm_description,
'server_uri': settings.SERVER_URI,
'api_site_required': settings.EXTERNAL_API_PATH != "api.zulip.com",
'email_gateway_example': settings.EMAIL_GATEWAY_EXAMPLE,
'apps_page_url': apps_page_url,
'open_realm_creation': settings.OPEN_REALM_CREATION,
'password_auth_enabled': password_auth_enabled(realm),
'dev_auth_enabled': dev_auth_enabled(realm),
'google_auth_enabled': google_auth_enabled(realm),
'github_auth_enabled': github_auth_enabled(realm),
'any_oauth_backend_enabled': any_oauth_backend_enabled(realm),
'no_auth_enabled': not auth_enabled_helper(list(AUTH_BACKEND_NAME_MAP.keys()), realm),
'development_environment': settings.DEVELOPMENT,
'support_email': FromAddress.SUPPORT,
'find_team_link_disabled': find_team_link_disabled,
'password_min_length': settings.PASSWORD_MIN_LENGTH,
'password_min_quality': settings.PASSWORD_MIN_ZXCVBN_QUALITY,
'zulip_version': ZULIP_VERSION,
}
def zulip_default_context(request: HttpRequest) -> Dict[str, Any]:
"""Context available to all Zulip Jinja2 templates that have a request
passed in. Designed to provide the long list of variables at the
bottom of this function in a wide range of situations: logged-in
or logged-out, subdomains or not, etc.
The main variable in the below is whether we know what realm the
user is trying to interact with.
"""
realm = get_realm_from_request(request)
if realm is None:
realm_uri = settings.ROOT_DOMAIN_URI
realm_name = None
realm_icon = None
realm_description = None
realm_invite_required = False
realm_plan_type = 0
else:
realm_uri = realm.uri
realm_name = realm.name
realm_icon = get_realm_icon_url(realm)
realm_description = get_realm_rendered_description(realm)
realm_invite_required = realm.invite_required
realm_plan_type = realm.plan_type
register_link_disabled = settings.REGISTER_LINK_DISABLED
login_link_disabled = settings.LOGIN_LINK_DISABLED
find_team_link_disabled = settings.FIND_TEAM_LINK_DISABLED
allow_search_engine_indexing = False
if (settings.ROOT_DOMAIN_LANDING_PAGE
and get_subdomain(request) == Realm.SUBDOMAIN_FOR_ROOT_DOMAIN):
register_link_disabled = True
login_link_disabled = True
find_team_link_disabled = False
allow_search_engine_indexing = True
apps_page_url = 'https://zulipchat.com/apps/'
if settings.ZILENCER_ENABLED:
apps_page_url = '/apps/'
user_is_authenticated = False
if hasattr(request, 'user') and hasattr(request.user, 'is_authenticated'):
user_is_authenticated = request.user.is_authenticated.value
if settings.DEVELOPMENT:
secrets_path = "zproject/dev-secrets.conf"
settings_path = "zproject/dev_settings.py"
settings_comments_path = "zproject/prod_settings_template.py"
else:
secrets_path = "/etc/zulip/zulip-secrets.conf"
settings_path = "/etc/zulip/settings.py"
settings_comments_path = "/etc/zulip/settings.py"
# We can't use request.client here because we might not be using
# an auth decorator that sets it, but we can call its helper to
# get the same result.
platform = get_client_name(request, True)
context = {
'root_domain_landing_page': settings.ROOT_DOMAIN_LANDING_PAGE,
'custom_logo_url': settings.CUSTOM_LOGO_URL,
'register_link_disabled': register_link_disabled,
'login_link_disabled': login_link_disabled,
'terms_of_service': settings.TERMS_OF_SERVICE,
'privacy_policy': settings.PRIVACY_POLICY,
'login_url': settings.HOME_NOT_LOGGED_IN,
'only_sso': settings.ONLY_SSO,
'external_host': settings.EXTERNAL_HOST,
'external_uri_scheme': settings.EXTERNAL_URI_SCHEME,
'realm_invite_required': realm_invite_required,
'realm_uri': realm_uri,
'realm_name': realm_name,
'realm_icon': realm_icon,
'realm_description': realm_description,
'realm_plan_type': realm_plan_type,
'root_domain_uri': settings.ROOT_DOMAIN_URI,
'apps_page_url': apps_page_url,
'open_realm_creation': settings.OPEN_REALM_CREATION,
'password_auth_enabled': password_auth_enabled(realm),
'require_email_format_usernames':
require_email_format_usernames(realm),
'any_oauth_backend_enabled': any_oauth_backend_enabled(realm),
'development_environment': settings.DEVELOPMENT,
'support_email': FromAddress.SUPPORT,
'find_team_link_disabled': find_team_link_disabled,
'password_min_length': settings.PASSWORD_MIN_LENGTH,
'password_min_guesses': settings.PASSWORD_MIN_GUESSES,
'jitsi_server_url': settings.JITSI_SERVER_URL,
'two_factor_authentication_enabled':
settings.TWO_FACTOR_AUTHENTICATION_ENABLED,
'zulip_version': ZULIP_VERSION,
'latest_release_version': LATEST_RELEASE_VERSION,
'latest_major_version': LATEST_MAJOR_VERSION,
'latest_release_announcement': LATEST_RELEASE_ANNOUNCEMENT,
'user_is_authenticated': user_is_authenticated,
'settings_path': settings_path,
'secrets_path': secrets_path,
'settings_comments_path': settings_comments_path,
'platform': platform,
'allow_search_engine_indexing': allow_search_engine_indexing,
}
# Add the keys for our standard authentication backends.
no_auth_enabled = True
social_backends = []
for auth_backend_name in AUTH_BACKEND_NAME_MAP:
name_lower = auth_backend_name.lower()
key = "%s_auth_enabled" % (name_lower, )
is_enabled = auth_enabled_helper([auth_backend_name], realm)
context[key] = is_enabled
if is_enabled:
no_auth_enabled = False
# Now add the enabled social backends to the social_backends
# list used to generate buttons for login/register pages.
backend = AUTH_BACKEND_NAME_MAP[auth_backend_name]
if not is_enabled or backend not in SOCIAL_AUTH_BACKENDS:
continue
social_backends.append({
'name':
backend.name,
'display_name':
backend.auth_backend_name,
'login_url':
reverse('login-social', args=(backend.name, )),
'signup_url':
reverse('signup-social', args=(backend.name, )),
'sort_order':
backend.sort_order,
})
context['social_backends'] = sorted(social_backends,
key=lambda x: x['sort_order'],
reverse=True)
context["no_auth_enabled"] = no_auth_enabled
return context
