Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Improve error handling for uploading custom emojis and other minor modifications. #18885

Merged
merged 1 commit into from Jul 13, 2021
Merged

Improve error handling for uploading custom emojis and other minor modifications. #18885

merged 1 commit into from Jul 13, 2021

Conversation

aryanshridhar
Copy link
Member

@aryanshridhar aryanshridhar commented Jun 16, 2021
edited

Improved error handling and modified the emoji_settings_warning_modal text for a clearer understanding.
@alya FYI.

Screenshots:

Commit 9229de0 and 9d91121:
3

Commit aa01c62:

1

Commit 5e9c99d:

2

Fixes #18860 and #18269.

@zulipbot zulipbot added size: M area: emoji Emoji in markup, emoji reactions, emoji picker, etc. bug area: settings (admin/org) labels Jun 16, 2021
@zulipbot
Copy link
Member

Hello @zulip/server-emoji, @zulip/server-settings members, this pull request was labeled with the "area: emoji", "area: settings (admin/org)" labels, so you may want to check it out!

@aryanshridhar aryanshridhar mentioned this pull request Jun 16, 2021
Open
@alya
Copy link
Contributor

alya commented Jun 16, 2021

Screenshots look good to me -- thanks!

@timabbott
Copy link
Sponsor Member

timabbott commented Jun 17, 2021
edited

I've merged all but the last commit as the series ending with 2d8fcef, thanks @aryanshridhar!

The last commit would be a security bug -- any authorization check needs to happen on the server; otherwise you could work around it by using the API.

We should add an equivalent check in zerver/views/realm_emoji.py, and it's very possible the error message experience from that will be good enough, but if not, we can include something like this PR's last commit.

@aryanshridhar aryanshridhar force-pushed the Fix-CustomEmojiMisc branch 2 times, most recently from c5236a9 to 9b7bbb2 Compare July 9, 2021 16:22
@aryanshridhar
Copy link
Member Author

Updated it @timabbott by adding an authorization check in realm_emoji.py and also it's relevant tests in test_realm_emoji.

timabbott
timabbott reviewed Jul 9, 2021
View reviewed changes
zerver/tests/test_realm_emoji.py Outdated
self.assert_json_error(
result,
"An emoji with this name already exists. Only administrators can override built-in emoji.",
)
Copy link
Sponsor Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

See our testing philosophy page, but we should do both the failure and success tasks in a single test.

@aryanshridhar @timabbott
settings_emoji: Allow only admins to override existing emojis.
7dc56fd 
Previously, even non-admins had the option to override built-in
emojis in the `Settings Emoji` UI.

This commits essentially limits the functionality of overriding
custom and allows only realm administrators to
override built-in emojis with their custom emojis by adding an
authorization check in the backend.

It also adds relevant tests in `test_realm_emoji` which tests
for the cases where an admin and non admin tries to override
the built-in emoji.

Fixes zulip#18860.
@timabbott timabbott merged commit 7dc56fd into zulip:master Jul 13, 2021
@timabbott
Copy link
Sponsor Member

Merged, after making the small testing style changes noted above, and also making the error message just the second sentence, to save a bit of work for our translators. Thanks @aryanshridhar!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@timabbott timabbott timabbott left review comments

Assignees
No one assigned
Labels
area: emoji Emoji in markup, emoji reactions, emoji picker, etc. area: settings (admin/org) bug size: M
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Permissions and warning for custom emoji overriding unicode emoji
4 participants
@aryanshridhar @zulipbot @alya @timabbott