Commit graph

8384 commits

Author SHA1 Message Date
ntl-purism
f3a93987b6 LDAP & PAM added to OAuth password grant strategy (#7999) (#12390)
When authenticating via OAuth, the resource owner password grant
strategy is allowed by Mastodon, but (without this PR), it does not
attempt to authenticate against LDAP or PAM. As a result, LDAP or PAM
authenticated users cannot sign in to Mastodon with their
email/password credentials via OAuth (for instance, for native/mobile
app users).

This PR fleshes out the authentication strategy supplied to doorkeeper
in its initializer by looking up the user with LDAP and/or PAM when
devise is configured to use LDAP/PAM backends. It attempts to follow the
same logic as the Auth::SessionsController for handling email/password
credentials.

Note #1: Since this pull request affects an initializer, it's unclear
how to add test automation.

Note #2: The PAM authentication path has not been manually tested. It
was added for completeness sake, and it is hoped that it can be manually
tested before merging.
2019-11-30 19:44:59 +01:00
ThibG
35b142a7ad Fix lost focus when modals open/close (#12437)
* Fix lost focus after modal closes

Regression caused by the use of the wicg-inert polyfill

* Fix regression introduced by wicg-inert

* Catch errors to please CodeClimate
2019-11-30 18:19:47 +01:00
Sasha Sorokin
b532ead798 Fix counter sizing (#12446)
Counter size is currently set to strict 33.3% width, but with it
counter may break in other languages than English. For example it is
already broken on Gargron's profile on mastodon.social using Russian
locale.

This commit changes "width" to "min-width", so counters still displayed
correctly, but if they need more width to fit text, they are now allowed
to take as many width as they need.
2019-11-29 17:03:38 +01:00
Shlee
6c2c2eee46 Updated NodeJS in Dockerfile (#12492) 2019-11-29 17:03:20 +01:00
Sasha Sorokin
fd45f5bbaa Improve notifications page (#12497)
Currently notifications page seems a bit cluttered with no clear
separation between e-mail and filtering settings. This commit tries to
address them by adding clear separation with headers, hints and removing
continuously reused texts for events checkboxes.
2019-11-29 17:03:06 +01:00
ThibG
a690b3e470 Add hotkey for opening media files (#12498)
* [WiP] Add hotkey to open media

* Give focus to play/pause button when opening video modal
2019-11-29 17:02:35 +01:00
ThibG
667708f5b0 Fix pending upload count not being decremented on error (#12499)
The arguments were passed to the wrong function… also, there is no
need to have a conditional decrementation: failure to upload means
we marked an upload as pending, in all cases.
2019-11-29 17:02:18 +01:00
Eugen Rochko
07da35c17c
Fix n+1 query for bookmarks on statuses (#12494) 2019-11-28 04:08:00 +01:00
Eugen Rochko
d9793b2367
Fix proofs API being inaccessible in secure mode (#12495) 2019-11-28 04:07:49 +01:00
dependabot-preview[bot]
8040923501 Bump net-ldap from 0.16.1 to 0.16.2 (#12479)
Bumps [net-ldap](https://github.com/ruby-ldap/ruby-net-ldap) from 0.16.1 to 0.16.2.
- [Release notes](https://github.com/ruby-ldap/ruby-net-ldap/releases)
- [Changelog](https://github.com/ruby-ldap/ruby-net-ldap/blob/master/History.rdoc)
- [Commits](https://github.com/ruby-ldap/ruby-net-ldap/compare/v0.16.1...v0.16.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-11-27 21:33:20 +09:00
dependabot-preview[bot]
c455a314fd Bump parallel from 1.18.0 to 1.19.1 (#12475)
Bumps [parallel](https://github.com/grosser/parallel) from 1.18.0 to 1.19.1.
- [Release notes](https://github.com/grosser/parallel/releases)
- [Commits](https://github.com/grosser/parallel/compare/v1.18.0...v1.19.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-11-27 20:49:19 +09:00
Yamagishi Kazutoshi
ffc33c1ae6 Use override_csp options on pghero (#12489) 2019-11-27 05:28:11 +01:00
dependabot-preview[bot]
0931faff97 Bump browser from 2.6.1 to 2.7.1 (#12490)
Bumps [browser](https://github.com/fnando/browser) from 2.6.1 to 2.7.1.
- [Release notes](https://github.com/fnando/browser/releases)
- [Changelog](https://github.com/fnando/browser/blob/master/CHANGELOG.md)
- [Commits](https://github.com/fnando/browser/compare/v2.6.1...v2.7.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-11-27 13:19:27 +09:00
dependabot-preview[bot]
b8f798db54 Bump @babel/plugin-transform-react-inline-elements from 7.2.0 to 7.7.4 (#12467)
Bumps [@babel/plugin-transform-react-inline-elements](https://github.com/babel/babel) from 7.2.0 to 7.7.4.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/compare/v7.2.0...v7.7.4)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-11-27 13:13:55 +09:00
dependabot-preview[bot]
c54002e520 Bump @babel/preset-env from 7.7.1 to 7.7.4 (#12471)
Bumps [@babel/preset-env](https://github.com/babel/babel) from 7.7.1 to 7.7.4.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/compare/v7.7.1...v7.7.4)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-11-27 12:24:13 +09:00
dependabot-preview[bot]
d4a2467c81 Bump rack-cors from 1.0.6 to 1.1.0 (#12477)
Bumps [rack-cors](https://github.com/cyu/rack-cors) from 1.0.6 to 1.1.0.
- [Release notes](https://github.com/cyu/rack-cors/releases)
- [Changelog](https://github.com/cyu/rack-cors/blob/master/CHANGELOG.md)
- [Commits](https://github.com/cyu/rack-cors/compare/v1.0.6...v1.1.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-11-27 11:59:57 +09:00
dependabot-preview[bot]
65d52d46bd Bump browser from 2.6.1 to 2.7.0 (#12476)
Bumps [browser](https://github.com/fnando/browser) from 2.6.1 to 2.7.0.
- [Release notes](https://github.com/fnando/browser/releases)
- [Changelog](https://github.com/fnando/browser/blob/master/CHANGELOG.md)
- [Commits](https://github.com/fnando/browser/compare/v2.6.1...v2.7.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-11-27 11:54:40 +09:00
dependabot-preview[bot]
19feb9b667 Bump charlock_holmes from 0.7.6 to 0.7.7 (#12474)
Bumps [charlock_holmes](https://github.com/brianmario/charlock_holmes) from 0.7.6 to 0.7.7.
- [Release notes](https://github.com/brianmario/charlock_holmes/releases)
- [Commits](https://github.com/brianmario/charlock_holmes/compare/0.7.6...v0.7.7)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-11-27 11:53:50 +09:00
dependabot-preview[bot]
5449da285c Bump @babel/plugin-transform-react-jsx-self from 7.2.0 to 7.7.4 (#12466)
Bumps [@babel/plugin-transform-react-jsx-self](https://github.com/babel/babel) from 7.2.0 to 7.7.4.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/compare/v7.2.0...v7.7.4)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-11-27 11:36:47 +09:00
dependabot-preview[bot]
de662961df Bump @babel/plugin-syntax-dynamic-import from 7.2.0 to 7.7.4 (#12469)
Bumps [@babel/plugin-syntax-dynamic-import](https://github.com/babel/babel) from 7.2.0 to 7.7.4.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/compare/v7.2.0...v7.7.4)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-11-27 11:36:29 +09:00
dependabot-preview[bot]
257d816c99 Bump @babel/runtime from 7.7.2 to 7.7.4 (#12472)
Bumps [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime) from 7.7.2 to 7.7.4.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.7.4/packages/babel-runtime)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-11-27 11:36:09 +09:00
dependabot-preview[bot]
c2441e4e1d Bump @babel/plugin-transform-runtime from 7.5.5 to 7.7.4 (#12473)
Bumps [@babel/plugin-transform-runtime](https://github.com/babel/babel) from 7.5.5 to 7.7.4.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/compare/v7.5.5...v7.7.4)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-11-27 11:35:39 +09:00
dependabot-preview[bot]
7c9cb9d7e8 Bump pghero from 2.3.0 to 2.4.1 (#12478)
Bumps [pghero](https://github.com/ankane/pghero) from 2.3.0 to 2.4.1.
- [Release notes](https://github.com/ankane/pghero/releases)
- [Changelog](https://github.com/ankane/pghero/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ankane/pghero/compare/v2.3.0...v2.4.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-11-27 09:03:02 +09:00
ThibG
00c219aa45 Fix empty poll options not being filtered on remote poll update (#12484)
If a poll contains empty options (which is apparently possible on Pleroma),
it is created without them. However, the poll update code doesn't filter
empty options, and thus:
1. Clear known votes, as it assumes the set of options has changed
2. Errors out because it tries adding empty options, which fails validation

This commit fixes that by filtering them out the same way they are filtered
out at poll creation time.
2019-11-26 22:46:31 +01:00
ThibG
e7a7f88df7 Fix OCR with delete & redraft (#12465) 2019-11-25 01:42:51 +01:00
ThibG
00b8704a32 Revert "Bump tesseract.js from 2.0.0-alpha.16 to 2.0.0-beta.2 (#12311)" (#12454)
This reverts commit 0c20442605.
2019-11-24 12:16:41 +09:00
Dimitri Merejkowsky
054ef83fc5 Fix an eslint warning (#12426) 2019-11-22 15:57:22 +01:00
ThibG
42b3b019e0 Fix blur behind closed registration message (#12442)
* Fix closed registration message blur

* Adjust overlay margins to account for blur

Fixes #12425
2019-11-22 15:56:59 +01:00
Eugen Rochko
a60b602ade
Fix OEmbed discovery not handling different URL variants in query (#12439)
Fix #12433
2019-11-21 19:03:07 +01:00
ThibG
2edf6d81cb Simplify SQL query when performing account search amongst followings (#12302) 2019-11-21 17:35:04 +01:00
ThibG
c656cc2191 Fix FetchLinkCardServices crashing on a tags without a target (#12159)
* Add test for links without targets

* Fix FetchLinkCardServices crashing on a tags without a target
2019-11-21 16:04:52 +01:00
ThibG
e86234b1e9 Change media description label to be context-sensitive (#12270)
“Describe for the visually impaired” makes no sense when the uploaded media
is an audio file.
2019-11-21 11:39:07 +01:00
ThibG
c4d45765e3 Change domain block behavior to update user records before deleting data (#12247)
When suspending or silencing a domain, one probably wants the silence or
suspend parts to take effect as soon as possible. Deleting media files can
take a while (possibly days), so perform silencing as soon as possible, and
clean up media afterwards.
2019-11-21 11:36:15 +01:00
noiob
5bc4edd078 Fix whitelist federation for subdomains (#12435) 2019-11-21 11:35:39 +01:00
dependabot-preview[bot]
5605b828e5 Bump webpacker from 4.0.7 to 4.2.0 (#12416)
* Bump webpacker from 4.0.7 to 4.2.0

Bumps [webpacker](https://github.com/rails/webpacker) from 4.0.7 to 4.2.0.
- [Release notes](https://github.com/rails/webpacker/releases)
- [Changelog](https://github.com/rails/webpacker/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rails/webpacker/compare/v4.0.7...v4.2.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

* Use NODE_ENV=tests instead of test, to work around async modules not having a chunk
2019-11-20 17:56:11 +01:00
Eugen Rochko
8dfc45f757
Fix account dropdown not opening due to regression from #12377 (#12430) 2019-11-20 00:56:22 +01:00
dependabot-preview[bot]
5f0cba2561 Bump react-dom from 16.11.0 to 16.12.0 (#12415)
Bumps [react-dom](https://github.com/facebook/react/tree/HEAD/packages/react-dom) from 16.11.0 to 16.12.0.
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/facebook/react/blob/master/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v16.12.0/packages/react-dom)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-11-20 05:28:00 +09:00
Eugen Rochko
853a67ed16
Add relationship-based options to status dropdowns (#12377)
Move bookmark action in inline statuses from action bar to dropdown
2019-11-19 21:24:16 +01:00
Dimitri Merejkowsky
cb3e9a2934 Store rspec statuses in .cache/rspec (#12427)
This allows using rspec with `--only-failures`
2019-11-19 17:22:40 +01:00
dependabot-preview[bot]
e8de558ee7 Bump glob from 7.1.5 to 7.1.6 (#12413)
Bumps [glob](https://github.com/isaacs/node-glob) from 7.1.5 to 7.1.6.
- [Release notes](https://github.com/isaacs/node-glob/releases)
- [Changelog](https://github.com/isaacs/node-glob/blob/master/changelog.md)
- [Commits](https://github.com/isaacs/node-glob/compare/v7.1.5...v7.1.6)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-11-18 23:04:53 +09:00
dependabot-preview[bot]
6e8d6ba3b7 Bump babel-plugin-preval from 3.0.1 to 4.0.0 (#12414)
Bumps [babel-plugin-preval](https://github.com/kentcdodds/babel-plugin-preval) from 3.0.1 to 4.0.0.
- [Release notes](https://github.com/kentcdodds/babel-plugin-preval/releases)
- [Changelog](https://github.com/kentcdodds/babel-plugin-preval/blob/master/CHANGELOG.md)
- [Commits](https://github.com/kentcdodds/babel-plugin-preval/compare/v3.0.1...v4.0.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-11-18 22:43:49 +09:00
dependabot-preview[bot]
4e992e4ea8 Bump aws-sdk-s3 from 1.52.0 to 1.55.0 (#12419)
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.52.0 to 1.55.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sdk-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/compare/v1.52.0...v1.55.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-11-18 22:40:16 +09:00
dependabot-preview[bot]
c4fd5156ef Bump derailed_benchmarks from 1.4.1 to 1.4.2 (#12418)
Bumps [derailed_benchmarks](https://github.com/schneems/derailed_benchmarks) from 1.4.1 to 1.4.2.
- [Release notes](https://github.com/schneems/derailed_benchmarks/releases)
- [Changelog](https://github.com/schneems/derailed_benchmarks/blob/master/CHANGELOG.md)
- [Commits](https://github.com/schneems/derailed_benchmarks/compare/v1.4.1...v1.4.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-11-18 22:40:04 +09:00
dependabot-preview[bot]
258539b2c5 Bump react-textarea-autosize from 7.1.0 to 7.1.2 (#12412)
Bumps [react-textarea-autosize](https://github.com/andreypopp/react-textarea-autosize) from 7.1.0 to 7.1.2.
- [Release notes](https://github.com/andreypopp/react-textarea-autosize/releases)
- [Commits](https://github.com/andreypopp/react-textarea-autosize/compare/v7.1.0...v7.1.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-11-18 22:30:10 +09:00
dependabot-preview[bot]
5e2c08c453 Bump httplog from 1.3.2 to 1.3.3 (#12420)
Bumps [httplog](https://github.com/trusche/httplog) from 1.3.2 to 1.3.3.
- [Release notes](https://github.com/trusche/httplog/releases)
- [Changelog](https://github.com/trusche/httplog/blob/master/CHANGELOG.md)
- [Commits](https://github.com/trusche/httplog/compare/v1.3.2...v1.3.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-11-18 22:29:00 +09:00
dependabot-preview[bot]
f2362f642a Bump rack-attack from 6.1.0 to 6.2.1 (#12421)
Bumps [rack-attack](https://github.com/kickstarter/rack-attack) from 6.1.0 to 6.2.1.
- [Release notes](https://github.com/kickstarter/rack-attack/releases)
- [Changelog](https://github.com/kickstarter/rack-attack/blob/master/CHANGELOG.md)
- [Commits](https://github.com/kickstarter/rack-attack/compare/v6.1.0...v6.2.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-11-18 22:26:08 +09:00
dependabot-preview[bot]
7f65eff6c3 Bump @babel/preset-react from 7.6.3 to 7.7.0 (#12410)
Bumps [@babel/preset-react](https://github.com/babel/babel) from 7.6.3 to 7.7.0.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/compare/v7.6.3...v7.7.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-11-18 22:21:52 +09:00
dependabot-preview[bot]
9eba62a73f Bump doorkeeper from 5.2.1 to 5.2.2 (#12417)
Bumps [doorkeeper](https://github.com/doorkeeper-gem/doorkeeper) from 5.2.1 to 5.2.2.
- [Release notes](https://github.com/doorkeeper-gem/doorkeeper/releases)
- [Changelog](https://github.com/doorkeeper-gem/doorkeeper/blob/master/CHANGELOG.md)
- [Commits](https://github.com/doorkeeper-gem/doorkeeper/compare/v5.2.1...v5.2.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-11-18 22:13:23 +09:00
dependabot-preview[bot]
88ef210af2 Bump copy-webpack-plugin from 5.0.4 to 5.0.5 (#12408)
Bumps [copy-webpack-plugin](https://github.com/webpack-contrib/copy-webpack-plugin) from 5.0.4 to 5.0.5.
- [Release notes](https://github.com/webpack-contrib/copy-webpack-plugin/releases)
- [Changelog](https://github.com/webpack-contrib/copy-webpack-plugin/blob/master/CHANGELOG.md)
- [Commits](https://github.com/webpack-contrib/copy-webpack-plugin/compare/v5.0.4...v5.0.5)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-11-18 22:10:46 +09:00
dependabot-preview[bot]
4bf2e080f4 Bump react-select from 3.0.5 to 3.0.8 (#12407)
Bumps [react-select](https://github.com/JedWatson/react-select) from 3.0.5 to 3.0.8.
- [Release notes](https://github.com/JedWatson/react-select/releases)
- [Changelog](https://github.com/JedWatson/react-select/blob/master/.sweet-changelogs.js)
- [Commits](https://github.com/JedWatson/react-select/compare/react-select@3.0.5...react-select@3.0.8)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-11-18 22:07:31 +09:00