def send_message(self, message: Dict[str, Any]) -> Dict[str, Any]: if not self._rate_limit.is_legal(): self._rate_limit.show_error_and_exit() if message["type"] == "stream": message_id = internal_send_stream_message_by_name( self.user_profile.realm, self.user_profile, message["to"], message["topic"], message["content"], ) return {"id": message_id} assert message["type"] == "private" # Ensure that it's a comma-separated list, even though the # usual 'to' field could be either a List[str] or a str. recipients = ",".join(message["to"]).split(",") if len(message["to"]) == 0: raise EmbeddedBotEmptyRecipientsList( _("Message must have recipients!")) elif len(message["to"]) == 1: recipient_user = get_active_user(recipients[0], self.user_profile.realm) message_id = internal_send_private_message(self.user_profile, recipient_user, message["content"]) else: message_id = internal_send_huddle_message(self.user_profile.realm, self.user_profile, recipients, message["content"]) return {"id": message_id}
def send_message(self, message: Dict[str, Any]) -> None: if not self._rate_limit.is_legal(): self._rate_limit.show_error_and_exit() if message['type'] == 'stream': internal_send_stream_message(self.user_profile.realm, self.user_profile, message['to'], message['topic'], message['content']) return assert message['type'] == 'private' # Ensure that it's a comma-separated list, even though the # usual 'to' field could be either a List[str] or a str. recipients = ','.join(message['to']).split(',') if len(message['to']) == 0: raise EmbeddedBotEmptyRecipientsList( _('Message must have recipients!')) elif len(message['to']) == 1: recipient_user = get_active_user(recipients[0], self.user_profile.realm) internal_send_private_message(self.user_profile.realm, self.user_profile, recipient_user, message['content']) else: internal_send_huddle_message(self.user_profile.realm, self.user_profile, recipients, message['content'])
def get_presence_backend(request: HttpRequest, user_profile: UserProfile, email: str) -> HttpResponse: # This isn't used by the webapp; it's available for API use by # bots and other clients. We may want to add slim_presence # support for it (or just migrate its API wholesale) later. try: target = get_active_user(email, user_profile.realm) except UserProfile.DoesNotExist: return json_error(_("No such user")) if target.is_bot: return json_error(_("Presence is not supported for bot users.")) presence_dict = get_presence_for_user(target.id) if len(presence_dict) == 0: return json_error( _("No presence data for {email}").format(email=email)) # For initial version, we just include the status and timestamp keys result = dict(presence=presence_dict[target.email]) aggregated_info = result["presence"]["aggregated"] aggr_status_duration = datetime_to_timestamp( timezone_now()) - aggregated_info["timestamp"] if aggr_status_duration > settings.OFFLINE_THRESHOLD_SECS: aggregated_info["status"] = "offline" for val in result["presence"].values(): val.pop("client", None) val.pop("pushable", None) return json_success(result)
def send_message(self, message: Dict[str, Any]) -> None: if not self._rate_limit.is_legal(): self._rate_limit.show_error_and_exit() if message['type'] == 'stream': internal_send_stream_message_by_name( self.user_profile.realm, self.user_profile, message['to'], message['topic'], message['content'] ) return assert message['type'] == 'private' # Ensure that it's a comma-separated list, even though the # usual 'to' field could be either a List[str] or a str. recipients = ','.join(message['to']).split(',') if len(message['to']) == 0: raise EmbeddedBotEmptyRecipientsList(_('Message must have recipients!')) elif len(message['to']) == 1: recipient_user = get_active_user(recipients[0], self.user_profile.realm) internal_send_private_message(self.user_profile.realm, self.user_profile, recipient_user, message['content']) else: internal_send_huddle_message(self.user_profile.realm, self.user_profile, recipients, message['content'])
def principal_to_user_profile(agent: UserProfile, principal: str) -> UserProfile: try: return get_active_user(principal, agent.realm) except UserProfile.DoesNotExist: # We have to make sure we don't leak information about which users # are registered for Zulip in a different realm. We could do # something a little more clever and check the domain part of the # principal to maybe give a better error message raise PrincipalError(principal)
def principal_to_user_profile(agent: UserProfile, principal: str) -> UserProfile: try: return get_active_user(principal, agent.realm) except UserProfile.DoesNotExist: # We have to make sure we don't leak information about which users # are registered for Zulip in a different realm. We could do # something a little more clever and check the domain part of the # principal to maybe give a better error message raise PrincipalError(principal)
def get_presence_backend(request: HttpRequest, user_profile: UserProfile, email: str) -> HttpResponse: try: target = get_active_user(email, user_profile.realm) except UserProfile.DoesNotExist: return json_error(_('No such user')) if target.is_bot: return json_error(_('Presence is not supported for bot users.')) presence_dict = UserPresence.get_status_dict_by_user(target) if len(presence_dict) == 0: return json_error(_('No presence data for %s' % (target.email,))) # For initial version, we just include the status and timestamp keys result = dict(presence=presence_dict[target.email]) aggregated_info = result['presence']['aggregated'] aggr_status_duration = datetime_to_timestamp(timezone_now()) - aggregated_info['timestamp'] if aggr_status_duration > settings.OFFLINE_THRESHOLD_SECS: aggregated_info['status'] = 'offline' for val in result['presence'].values(): val.pop('client', None) val.pop('pushable', None) return json_success(result)
def get_presence_backend(request: HttpRequest, user_profile: UserProfile, email: str) -> HttpResponse: try: target = get_active_user(email, user_profile.realm) except UserProfile.DoesNotExist: return json_error(_('No such user')) if target.is_bot: return json_error(_('Presence is not supported for bot users.')) presence_dict = UserPresence.get_status_dict_by_user(target) if len(presence_dict) == 0: return json_error(_('No presence data for %s' % (target.email, ))) # For initial version, we just include the status and timestamp keys result = dict(presence=presence_dict[target.email]) aggregated_info = result['presence']['aggregated'] aggr_status_duration = datetime_to_timestamp( timezone_now()) - aggregated_info['timestamp'] if aggr_status_duration > settings.OFFLINE_THRESHOLD_SECS: aggregated_info['status'] = 'offline' for val in result['presence'].values(): val.pop('client', None) val.pop('pushable', None) return json_success(result)
def save(self, domain_override: Optional[bool]=None, subject_template_name: str='registration/password_reset_subject.txt', email_template_name: str='registration/password_reset_email.html', use_https: bool=False, token_generator: PasswordResetTokenGenerator=default_token_generator, from_email: Optional[str]=None, request: HttpRequest=None, html_email_template_name: Optional[str]=None, extra_email_context: Optional[Dict[str, Any]]=None ) -> None: """ If the email address has an account in the target realm, generates a one-use only link for resetting password and sends to the user. We send a different email if an associated account does not exist in the database, or an account does exist, but not in the realm. Note: We ignore protocol and the various email template arguments (those are an artifact of using Django's password reset framework). """ email = self.cleaned_data["email"] realm = get_realm(get_subdomain(request)) if not email_auth_enabled(realm): logging.info("Password reset attempted for %s even though password auth is disabled." % (email,)) return if realm.deactivated: logging.info("Realm is deactivated") return user = None # type: Optional[UserProfile] try: user = get_active_user(email, realm) except UserProfile.DoesNotExist: pass context = { 'email': email, 'realm_uri': realm.uri, } if user is not None: token = token_generator.make_token(user) uid = urlsafe_base64_encode(force_bytes(user.id)).decode('ascii') endpoint = reverse('django.contrib.auth.views.password_reset_confirm', kwargs=dict(uidb64=uid, token=token)) context['no_account_in_realm'] = False context['reset_url'] = "{}{}".format(user.realm.uri, endpoint) send_email('zerver/emails/password_reset', to_user_id=user.id, from_name="Zulip Account Security", from_address=FromAddress.NOREPLY, context=context) else: context['no_account_in_realm'] = True accounts = UserProfile.objects.filter(email__iexact=email) if accounts: context['accounts'] = accounts context['multiple_accounts'] = accounts.count() != 1 send_email('zerver/emails/password_reset', to_email=email, from_name="Zulip Account Security", from_address=FromAddress.NOREPLY, context=context)
def save( self, domain_override: Optional[bool] = None, subject_template_name: str = 'registration/password_reset_subject.txt', email_template_name: str = 'registration/password_reset_email.html', use_https: bool = False, token_generator: PasswordResetTokenGenerator = default_token_generator, from_email: Optional[str] = None, request: HttpRequest = None, html_email_template_name: Optional[str] = None, extra_email_context: Optional[Dict[str, Any]] = None) -> None: """ If the email address has an account in the target realm, generates a one-use only link for resetting password and sends to the user. We send a different email if an associated account does not exist in the database, or an account does exist, but not in the realm. Note: We ignore protocol and the various email template arguments (those are an artifact of using Django's password reset framework). """ email = self.cleaned_data["email"] realm = get_realm(get_subdomain(request)) if not email_auth_enabled(realm): logging.info( "Password reset attempted for %s even though password auth is disabled." % (email, )) return if realm.deactivated: logging.info("Realm is deactivated") return user = None # type: Optional[UserProfile] try: user = get_active_user(email, realm) except UserProfile.DoesNotExist: pass context = { 'email': email, 'realm_uri': realm.uri, } if user is not None: token = token_generator.make_token(user) uid = urlsafe_base64_encode(force_bytes(user.id)).decode('ascii') endpoint = reverse( 'django.contrib.auth.views.password_reset_confirm', kwargs=dict(uidb64=uid, token=token)) context['no_account_in_realm'] = False context['reset_url'] = "{}{}".format(user.realm.uri, endpoint) send_email('zerver/emails/password_reset', to_user_id=user.id, from_name="Zulip Account Security", from_address=FromAddress.NOREPLY, context=context) else: context['no_account_in_realm'] = True accounts = UserProfile.objects.filter(email__iexact=email) if accounts: context['accounts'] = accounts context['multiple_accounts'] = accounts.count() != 1 send_email('zerver/emails/password_reset', to_email=email, from_name="Zulip Account Security", from_address=FromAddress.NOREPLY, context=context)