Find a file

Robert Hönig f4e0808a87 botserver: Validate token before accepting message. Previously, the botserver would accept any message sent to it. This was a security hazard, since an attacker could impersonate arbitrary users with arbitrary messages. We only want the Zulip instance where a bot is registered to be able to send out messages for that bot. To do this, this commits adds a check for the security token associated with each outgoing webhook bot. For each bot, its token is stored in the botserverrc file. The server sends the token along with each message.		2018-05-30 09:37:33 -04:00
tools	provision: Make the `source` line stand out more.	2018-05-29 11:32:45 -07:00
zulip	mercurial: Rename hook file to zulip_changegroup.py.	2018-05-29 11:45:56 -07:00
zulip_bots	salesforce: Minor improvements; imports & types.	2018-05-30 07:11:16 -04:00
zulip_botserver	botserver: Validate token before accepting message.	2018-05-30 09:37:33 -04:00
.codecov.yml	codecov: Adjust failure threshold.	2017-09-14 04:26:12 -07:00
.editorconfig	Editing: Add .editorconfig from zulip/zulip (with note).	2017-12-18 07:36:40 -05:00
.gitignore	Rename flaskbotrc to botserverrc.	2018-05-29 10:19:50 +02:00
.travis.yml	slack importer: Shift the slack data conversion files to zulip server repo.	2017-12-27 07:54:42 -05:00
mypy.ini	mypy: Improve typing of bots & API; enforce no_implicit_optional.	2018-04-06 13:45:11 -04:00
py3_requirements.txt	requirements: Upgrade to mypy 0.600.	2018-05-15 10:03:57 -07:00
README.md	Consistently use Botserver instead of botserver or bot server.	2018-05-29 10:58:37 +02:00
requirements.txt	requirements: Remove runtime dependency on mock.	2018-01-09 17:01:16 -03:30

README.md

Zulip API

This repository contains the source code for Zulip's PyPI packages:

zulip: PyPI package for Zulip's API bindings.
zulip_bots: PyPI package for Zulip's bots and bots API.
zulip_botserver: PyPI package for Zulip's Flask Botserver.

The source code is written in Python 3.

Development

Fork and clone the Git repo: git clone https://github.com/<your_username>/python-zulip-api.git
Make sure you have pip and virtualenv installed.
cd into the repository cloned earlier: cd python-zulip-api
Run:
```
python3 ./tools/provision
```
This sets up a virtual Python environment in zulip-api-py<your_python_version>-venv, where <your_python_version> is your default version of Python. If you would like to specify a different Python version, run
```
python3 ./tools/provision -p <path_to_your_python_version>
```
If that succeeds, it will print end with printing the following command:
```
source /.../python-zulip-api/.../activate
```
You can run run this command to enter the virtual environment. You'll want to run this in each new shell before running commands from python-zulip-api.
Once you've entered the virtualenv, you should see something like this on the terminal:
```
(zulip-api-py3-venv) user@pc ~/python-zulip-api $
```
You should now be able to run any commands/tests/etc. in this virtual environment.

Running tests

To run the tests for

zulip: run ./tools/test-zulip
zulip_bots: run ./tools/test-bots
zulip_botserver: run ./tools/test-botserver

To run the linter, type:

./tools/lint

To check the type annotations, run:

./tools/run-mypy