a27fcf5e30
Squashed commit of the following: commit 7b2ba61c4841e23081552fb79270e4e430dd1fe0 Author: noellabo <noel.yoshiba@gmail.com> Date: Sat Sep 5 16:03:52 2020 +0900 Add the ability to change to a new circle by replying to a circle commit 7013a228c65c7bd147885de458b50095f3c24334 Author: noellabo <noel.yoshiba@gmail.com> Date: Sat Sep 5 16:10:57 2020 +0900 fixup! add-limited-visibility-icon-to-status commit 679aa8a7f9bef42ee5d0b326d9ae4925a1999939 Author: noellabo <noel.yoshiba@gmail.com> Date: Sat Sep 5 15:12:53 2020 +0900 Fix 14666 commit b3addd8220d8bb3512ff345b32ca83c714dadd2a Author: noellabo <noel.yoshiba@gmail.com> Date: Sat Sep 5 11:44:12 2020 +0900 Add Japanese translation for circle commit b7f4b773a0cd554084d5ad6a5923adb06b3acfc4 Author: noellabo <noel.yoshiba@gmail.com> Date: Sat Sep 5 11:40:12 2020 +0900 Squashed commit of the following: commit b85a4685b27c49462288aba5f38723b91e936c4a Author: noellabo <noel.yoshiba@gmail.com> Date: Sat Sep 5 10:50:03 2020 +0900 Changed to remove restrictions on privacy options and allow users to switch circles when replying commit 0a8c0140c73d7c5333e4f8017964adb5061a7cf1 Author: noellabo <noel.yoshiba@gmail.com> Date: Sat Sep 5 09:33:07 2020 +0900 Change limited visibility icon commit b64adf19788d828249408454ec6afa9beb3d4872 Author: noellabo <noel.yoshiba@gmail.com> Date: Mon Aug 31 06:50:56 2020 +0900 Fix a change to limited-visibility-bearcaps replies commit ed361405b5e38857a2f42b0515a599ddcdd412cf Author: noellabo <noel.yoshiba@gmail.com> Date: Thu Aug 27 15:53:18 2020 +0900 Fix composer text when change visibility commit 4da3adddb6ffde43070d743e34c5b56e06579b30 Author: noellabo <noel.yoshiba@gmail.com> Date: Sat Aug 22 22:34:23 2020 +0900 Fix wrong circle_id when changing visibility commit 752d7fc2a3c9e34fab9993d767f83c6eae7ba55a Author: noellabo <noel.yoshiba@gmail.com> Date: Sun Aug 9 13:12:51 2020 +0900 Add circle reply and redraft commit 5978bc04a24695edce6717bda89dcf6f861ef2c4 Author: noellabo <noel.yoshiba@gmail.com> Date: Mon Jul 27 01:07:52 2020 +0900 Fix remove unused props commit 7970f69676c24b4aa9385fee8b1635c46ba52fcd Author: noellabo <noel.yoshiba@gmail.com> Date: Sun Jul 26 21:17:07 2020 +0900 Separate circle choice from privacy commit 36f6a684c0b0c895d4d0f1b9d09b05c91b104666 Author: noellabo <noel.yoshiba@gmail.com> Date: Thu Jul 23 10:54:25 2020 +0900 Add UI for posting to circles commit 7ef48003c1407275663dd603b124d292db2aa93a Author: noellabo <noel.yoshiba@gmail.com> Date: Fri Jul 24 12:55:10 2020 +0900 Fix silent mention by circle commit 7a1caed49333c3d3241301afb77639cdf1cabdc0 Author: noellabo <noel.yoshiba@gmail.com> Date: Sat Sep 5 11:38:10 2020 +0900 Squashed commit of the following: commit dca71fab86c830932ca760b7d8b3f89cc25c453e Author: noellabo <noel.yoshiba@gmail.com> Date: Sat Sep 5 09:31:26 2020 +0900 Revert "Add focus setting when opening the circle column" This reverts commit 3a93ac99312a13b68b7edc2b81313fb0ffb7bcdc. commit 0a1bc8307bb699c7eb3024072ce14a440df1fc87 Author: noellabo <noel.yoshiba@gmail.com> Date: Sat Sep 5 09:31:11 2020 +0900 Change limited visibility icon commit 9784f8b562f6592e9d9190ca29d2b2e870006d10 Author: noellabo <noel.yoshiba@gmail.com> Date: Thu Aug 13 21:52:07 2020 +0900 Add focus setting when opening the circle column commit a84f680c167fab9276550850c60f9108d251144e Author: noellabo <noel.yoshiba@gmail.com> Date: Thu Aug 13 15:55:27 2020 +0900 Fix message commit e3f11c4adac57b6e6a15c981ed6f4721a1634212 Author: noellabo <noel.yoshiba@gmail.com> Date: Mon Jul 27 01:01:23 2020 +0900 Fix light-theme commit d7d96eda5b86d3e3f654ce79888e7cf5aa535db5 Author: noellabo <noel.yoshiba@gmail.com> Date: Sun Jul 26 21:50:56 2020 +0900 Fix circles loading in share page and followers search commit 10b821f7b8c0a87cea3df51f09deeadc2cb40b32 Author: noellabo <noel.yoshiba@gmail.com> Date: Fri Jul 24 14:08:00 2020 +0900 Refactor list items commit e020072915572ce409039ccf799d08f8d8b5b393 Author: noellabo <noel.yoshiba@gmail.com> Date: Thu Jul 23 20:15:38 2020 +0900 Fixed a bug that circle name change is not reflected in the list commit 735bc41161b4c09a8dafe2c0064096b3ca79f2a0 Author: noellabo <noel.yoshiba@gmail.com> Date: Wed Jul 22 08:49:47 2020 +0900 Add UI for managing circle members commit d7c3145b8fa84be0631bf7f41bb229f3e6d03ff1 Author: noellabo <noel.yoshiba@gmail.com> Date: Wed Jul 22 07:34:52 2020 +0900 Add the followers option to AccountSearchSercive commit 65e2b0c4299b72ede440b50089c1bd6afa6c9c05 Author: noellabo <noel.yoshiba@gmail.com> Date: Wed Jul 22 07:05:56 2020 +0900 Add CircleSerializer commit a639e1803abf5590068846dbe98bc5edfaa2ad82 Author: noellabo <noel.yoshiba@gmail.com> Date: Sat Sep 5 11:37:30 2020 +0900 Squashed commit of the following: commit 9cb3fb9d980e3ee066083076f508c5ab1447176a Author: noellabo <noel.yoshiba@gmail.com> Date: Sat Sep 5 07:15:19 2020 +0900 Move the link to the mention list to the menu commit b32dd87b43f4e09b8e2c437f1fb5d3ebd6221215 Author: noellabo <noel.yoshiba@gmail.com> Date: Sat Sep 5 00:56:12 2020 +0900 Change limited visibility icon commit 8db0d024119d1c2cef8de849f2501496a166a2dd Author: noellabo <noel.yoshiba@gmail.com> Date: Tue Sep 1 01:42:13 2020 +0900 Fix to disallow getting the list of mentions in limited replies commit 490a9d65a59a3dd0d86e81f6780e879dc4313dff Author: noellabo <noel.yoshiba@gmail.com> Date: Fri Jul 24 11:36:24 2020 +0900 Add column to list mentioned accounts of limited status commit 62a423ac2729c16f26fafe111f257bc373218df2 Author: noellabo <noel.yoshiba@gmail.com> Date: Thu Jul 23 13:30:17 2020 +0900 Fix visibility compatibility more commit a5cfa54b259054f41e89037f299fa928a2361818 Author: noellabo <noel.yoshiba@gmail.com> Date: Mon Jul 20 05:39:49 2020 +0900 Fix visibility compatibility commit 7900ca5650c77565b86ddc594a221dfa3b5321b4 Author: noellabo <noel.yoshiba@gmail.com> Date: Mon Jul 20 02:01:27 2020 +0900 Add limited visibility icon to status commit 66b83965ef068e9ee8c940249c68bcbde15731fe Author: Eugen Rochko <eugen@zeonfederated.com> Date: Wed Aug 26 03:16:47 2020 +0200 Add conversation-based forwarding for limited visibility statuses through bearcaps commit 561abc65e0ace89318b3952047025b8d98515fbb Author: Eugen Rochko <eugen@zeonfederated.com> Date: Sun Jul 19 02:05:16 2020 +0200 Add REST API for managing and posting to circles Circles are the conceptual opposite of lists. A list is a subdivision of your follows, a circle is a subdivision of your followers. Posting to a circle means making content available to only some of your followers. Circles have been internally supported in Mastodon for the purposes of federation since #8950, this adds the REST API necessary for making use of them in Mastodon itsef.
161 lines
6.7 KiB
Ruby
161 lines
6.7 KiB
Ruby
Doorkeeper.configure do
|
|
# Change the ORM that doorkeeper will use (needs plugins)
|
|
orm :active_record
|
|
|
|
# This block will be called to check whether the resource owner is authenticated or not.
|
|
resource_owner_authenticator do
|
|
current_user || redirect_to(new_user_session_url)
|
|
end
|
|
|
|
resource_owner_from_credentials do |_routes|
|
|
user = User.authenticate_with_ldap(email: request.params[:username], password: request.params[:password]) if Devise.ldap_authentication
|
|
user ||= User.authenticate_with_pam(email: request.params[:username], password: request.params[:password]) if Devise.pam_authentication
|
|
|
|
if user.nil?
|
|
user = User.find_by(email: request.params[:username])
|
|
user = nil unless user&.valid_password?(request.params[:password])
|
|
end
|
|
|
|
user unless user&.otp_required_for_login?
|
|
end
|
|
|
|
# If you want to restrict access to the web interface for adding oauth authorized applications, you need to declare the block below.
|
|
admin_authenticator do
|
|
current_user&.admin? || redirect_to(new_user_session_url)
|
|
end
|
|
|
|
# Authorization Code expiration time (default 10 minutes).
|
|
# authorization_code_expires_in 10.minutes
|
|
|
|
# Access token expiration time (default 2 hours).
|
|
# If you want to disable expiration, set this to nil.
|
|
access_token_expires_in nil
|
|
|
|
# Assign a custom TTL for implicit grants.
|
|
# custom_access_token_expires_in do |oauth_client|
|
|
# oauth_client.application.additional_settings.implicit_oauth_expiration
|
|
# end
|
|
|
|
# Use a custom class for generating the access token.
|
|
# https://github.com/doorkeeper-gem/doorkeeper#custom-access-token-generator
|
|
# access_token_generator "::Doorkeeper::JWT"
|
|
|
|
# The controller Doorkeeper::ApplicationController inherits from.
|
|
# Defaults to ActionController::Base.
|
|
# https://github.com/doorkeeper-gem/doorkeeper#custom-base-controller
|
|
base_controller 'ApplicationController'
|
|
|
|
# Reuse access token for the same resource owner within an application (disabled by default)
|
|
# Rationale: https://github.com/doorkeeper-gem/doorkeeper/issues/383
|
|
reuse_access_token
|
|
|
|
# Issue access tokens with refresh token (disabled by default)
|
|
# use_refresh_token
|
|
|
|
# Forbids creating/updating applications with arbitrary scopes that are
|
|
# not in configuration, i.e. `default_scopes` or `optional_scopes`.
|
|
# (Disabled by default)
|
|
enforce_configured_scopes
|
|
|
|
# Provide support for an owner to be assigned to each registered application (disabled by default)
|
|
# Optional parameter :confirmation => true (default false) if you want to enforce ownership of
|
|
# a registered application
|
|
# Note: you must also run the rails g doorkeeper:application_owner generator to provide the necessary support
|
|
enable_application_owner
|
|
|
|
# Define access token scopes for your provider
|
|
# For more information go to
|
|
# https://github.com/doorkeeper-gem/doorkeeper/wiki/Using-Scopes
|
|
default_scopes :read
|
|
optional_scopes :write,
|
|
:'write:accounts',
|
|
:'write:blocks',
|
|
:'write:bookmarks',
|
|
:'write:circles',
|
|
:'write:conversations',
|
|
:'write:favourites',
|
|
:'write:filters',
|
|
:'write:follows',
|
|
:'write:lists',
|
|
:'write:media',
|
|
:'write:mutes',
|
|
:'write:notifications',
|
|
:'write:reports',
|
|
:'write:statuses',
|
|
:read,
|
|
:'read:accounts',
|
|
:'read:blocks',
|
|
:'read:bookmarks',
|
|
:'read:circles',
|
|
:'read:favourites',
|
|
:'read:filters',
|
|
:'read:follows',
|
|
:'read:lists',
|
|
:'read:mutes',
|
|
:'read:notifications',
|
|
:'read:search',
|
|
:'read:statuses',
|
|
:follow,
|
|
:push,
|
|
:'admin:read',
|
|
:'admin:read:accounts',
|
|
:'admin:read:reports',
|
|
:'admin:write',
|
|
:'admin:write:accounts',
|
|
:'admin:write:reports',
|
|
:crypto
|
|
|
|
# Change the way client credentials are retrieved from the request object.
|
|
# By default it retrieves first from the `HTTP_AUTHORIZATION` header, then
|
|
# falls back to the `:client_id` and `:client_secret` params from the `params` object.
|
|
# Check out the wiki for more information on customization
|
|
# client_credentials :from_basic, :from_params
|
|
|
|
# Change the way access token is authenticated from the request object.
|
|
# By default it retrieves first from the `HTTP_AUTHORIZATION` header, then
|
|
# falls back to the `:access_token` or `:bearer_token` params from the `params` object.
|
|
# Check out the wiki for more information on customization
|
|
# access_token_methods :from_bearer_authorization, :from_access_token_param, :from_bearer_param
|
|
|
|
# Change the native redirect uri for client apps
|
|
# When clients register with the following redirect uri, they won't be redirected to any server and the authorization code will be displayed within the provider
|
|
# The value can be any string. Use nil to disable this feature. When disabled, clients must provide a valid URL
|
|
# (Similar behaviour: https://developers.google.com/accounts/docs/OAuth2InstalledApp#choosingredirecturi)
|
|
#
|
|
# native_redirect_uri 'urn:ietf:wg:oauth:2.0:oob'
|
|
|
|
# Forces the usage of the HTTPS protocol in non-native redirect uris (enabled
|
|
# by default in non-development environments). OAuth2 delegates security in
|
|
# communication to the HTTPS protocol so it is wise to keep this enabled.
|
|
#
|
|
force_ssl_in_redirect_uri false
|
|
|
|
# Specify what grant flows are enabled in array of Strings. The valid
|
|
# strings and the flows they enable are:
|
|
#
|
|
# "authorization_code" => Authorization Code Grant Flow
|
|
# "implicit" => Implicit Grant Flow
|
|
# "password" => Resource Owner Password Credentials Grant Flow
|
|
# "client_credentials" => Client Credentials Grant Flow
|
|
#
|
|
# If not specified, Doorkeeper enables authorization_code and
|
|
# client_credentials.
|
|
#
|
|
# implicit and password grant flows have risks that you should understand
|
|
# before enabling:
|
|
# http://tools.ietf.org/html/rfc6819#section-4.4.2
|
|
# http://tools.ietf.org/html/rfc6819#section-4.4.3
|
|
#
|
|
|
|
grant_flows %w(authorization_code password client_credentials)
|
|
|
|
# Under some circumstances you might want to have applications auto-approved,
|
|
# so that the user skips the authorization step.
|
|
# For example if dealing with a trusted application.
|
|
skip_authorization do |resource_owner, client|
|
|
client.application.superapp?
|
|
end
|
|
|
|
# WWW-Authenticate Realm (default "Doorkeeper").
|
|
# realm "Doorkeeper"
|
|
end
|