Commit graph

1173 commits

Author SHA1 Message Date
ysksn
6eae8f77af Add spec for Admin::SuspentionsController#new (#9483) 2018-12-10 21:38:21 +01:00
ysksn
361818e931 Fix Admin::TagsController#unhide (#9481) 2018-12-10 21:37:38 +01:00
ysksn
ae3d2f446a Add specs for Admin::InvitesController (#9471) 2018-12-10 01:19:28 +09:00
Thibaut Girka
e7f1bfdc2d Merge branch 'master' into glitch-soc/merge-upstream
Conflicts:
- app/javascript/packs/public.js
- app/models/user.rb
- config/settings.yml
- db/schema.rb

Moved public.js changes to settings.js.
2018-12-09 16:08:04 +01:00
ysksn
dfd123d5b3 Remove pending spec (#9453) 2018-12-07 16:53:55 +01:00
ysksn
d3547fa005 Add specs for ActivityPub::InboxesController (#9456) 2018-12-07 16:40:01 +01:00
ysksn
88b3eed16f Add specs for Admin::AccountModerationNotesHelper (#9455) 2018-12-07 16:39:20 +01:00
ysksn
57bb62d5cf Remove pending spec (#9454)
Since dots are not allowed in username,
this spec is no longer needed.
2018-12-07 16:38:50 +01:00
ysksn
51cbd045da Add specs for AccountTagStat model (#9452) 2018-12-07 16:37:56 +01:00
Eugen Rochko
73be8f38c1
Add profile directory (#9427)
Fix #5578
2018-12-06 17:36:11 +01:00
Thibaut Girka
1df392819d Merge branch 'master' into glitch-soc/merge-upstream 2018-12-06 12:44:38 +01:00
ysksn
155cf12680 Remove pending spec (#9442)
`#from_account` isn't defined.
2018-12-06 17:39:15 +09:00
ysksn
e2910dff12 Add spec for Identity.find_for_oauth (#9441) 2018-12-06 17:38:49 +09:00
ThibG
e88c6a5c3c Fix thread depth computation in statuses_controller (#9426)
* Add test that should currently fail

* Fix depth computation (will still fail if statuses have been filtered out)

* Fix handling of broken threads
2018-12-05 02:12:29 +01:00
Thibaut Girka
6b22845039 Add specs for list replies policy 2018-11-28 14:46:07 +01:00
Thibaut Girka
f8e07ca5cd Merge branch 'master' into glitch-soc/merge-upstream
Conflicts:
- app/models/status.rb

Resolved by taking both changes (not a real conflict, just changes too close
to each other).
2018-11-27 13:23:02 +01:00
ThibG
395615d9f3 Allow hyphens in the middle of remote user names (#9345)
Fixes #9309

This only allows hyphens in the middle of a username, much like dots,
although I don't have a compelling reason to do so other than keeping
the changes minimal.
2018-11-27 12:28:01 +01:00
Eugen Rochko
73faadad28
Redesign admin accounts index (#9340)
* Improve overview of accounts in admin UI

- Display suspended status, role, last activity and IP prominently
- Default to showing local accounts
- Default to not showing suspended accounts

* Remove unused strings

* Fix tests

* Allow filtering accounts by IP mask
2018-11-26 15:53:27 +01:00
valerauko
db9aea34de Ensure replied-to is a status not a boost (#9129)
* Ensure replied-to is a status not a boost

* Consider case of not a reply

* Add test case for replying to boost

* Move reblog-reply resolution to model

* Remove unnecessary comment
2018-11-25 16:35:21 +01:00
Eugen Rochko
0eaf6d7693
Sort self-replies to the top of descendants (#9320)
Fix #6463
2018-11-24 20:48:50 +01:00
Eugen Rochko
fd8145d232
Fix connect timeout not being enforced (#9329)
* Fix connect timeout not being enforced

The loop was catching the timeout exception that should stop execution, so the next IP would no longer be within a timed block, which led to requests taking much longer than 10 seconds.

* Use timeout on each IP attempt, but limit to 2 attempts

* Fix code style issue

* Do not break Request#perform if no block given

* Update method stub in spec for Request

* Move timeout inside the begin/rescue block

* Use Resolv::DNS with timeout of 1 to get IP addresses

* Update Request spec to stub Resolv::DNS instead of Addrinfo

* Fix Resolve::DNS stubs in Request spec
2018-11-22 20:12:04 +01:00
valerauko
824497fbce Ignore JSON-LD profile in mime type comparison (#9179)
Ignore JSON-LD profile in mime type comparison
2018-11-22 12:49:07 +01:00
Eugen Rochko
d6b9a62e0a
Extract counters from accounts table to account_stats table (#9295) 2018-11-19 00:43:52 +01:00
Eugen Rochko
8069fd636b
Remove intermediary arrays when creating hash maps from results (#9291) 2018-11-16 15:02:18 +01:00
Thibaut Girka
9201398507 Merge branch 'master' into glitch-soc/merge-upstream 2018-11-09 14:56:31 +01:00
Eugen Rochko
6d59dfa15d
Optimize the process of following someone (#9220)
* Eliminate extra accounts select query from FollowService

* Optimistically update follow state in web UI and hide loading bar

Fix #6205

* Asynchronize NotifyService in FollowService

And fix failing test

* Skip Webfinger resolve routine when called from FollowService if possible

If an account is ActivityPub, then webfinger re-resolving is not necessary
when called from FollowService. Improve options of ResolveAccountService
2018-11-08 21:05:42 +01:00
Thibaut Girka
36dab188fd Merge branch 'master' into glitch-soc/merge-upstream 2018-11-06 15:22:44 +01:00
James Kiesel
4c03e05a4e Allow joining several hashtags in a single column (#8904)
* Nascent tag menu on frontend

* Hook up frontend to search

* Tag intersection backend first pass

* Update yarnlock

* WIP

* Fix for tags not searching correctly

* Make radio buttons function

* Simplify radio buttons with modeOption

* Better naming

* Rearrange options

* Add all/any/none functionality on backend

* Small PR cleanup

* Move to service from scope

* Small cleanup, add proper service tests

* Don't use send with user input :D

* Set appropriate column header

* Handle auto updating timeline

* Fix up toggle function

* Use tag value correctly

* A bit more correct to use 'self' rather than 'all' in status scope

* Fix some style issues

* Fix more code style issues

* Style select dropdown more better

* Only use to_id'ed value to ensure no SQL injection

* Revamp frontend to allow for multiple selects

* Update backend / col header to account for more flexible tagging

* Update brakeman ignore

* Codeclimate suggestions

* Fix presenter tag_url

* Implement initial PR feedback

* Handle additional tag streaming

* CodeClimate tweak
2018-11-05 18:53:25 +01:00
Thibaut Girka
75b48dc177 Merge branch 'master' into glitch-soc/merge-upstream 2018-10-31 10:08:36 +01:00
Eugen Rochko
ce2ee68b64
Revert "Fix FetchAtomService content type handling (#9132)" (#9171)
This reverts commit c36a4a1617.
2018-10-31 00:43:34 +01:00
Thibaut Girka
1c448d6474 Merge branch 'master' into glitch-soc/merge-upstream
Conflicts:
- app/controllers/auth/sessions_controller.rb

Upstream reverted something we partially reverted already.
Reverted the rest to match upstream.
2018-10-30 17:52:08 +01:00
valerauko
c36a4a1617 Fix FetchAtomService content type handling (#9132)
* Add profile to json+ld in Accept

It's required by the ActivityPub spec

* Use headers['Content-type'] instead of mime_type

mime_type strips the profile from the content type, but it's still available raw in the headers hash

* Add test for ld+json with profile
2018-10-30 15:07:57 +01:00
Thibaut Girka
48be335f4f Remove duplicate and outdated specs 2018-10-30 12:46:05 +01:00
Thibaut Girka
94ad76a5b9 Merge branch 'master' into glitch-soc/merge-upstream 2018-10-30 11:22:25 +01:00
ThibG
33a71e8f7c Do not hide boost notifications from followed people with hidden boosts (#9147)
* Do not hide boost notifications from followed people with hidden boosts

Not displaying boosts from a followed user in the Home timeline and not
having notifications when they reblog your own content are two very
separate concerns, tying them together seem counter-intuitive and unwanted.

* Update specs accordingly
2018-10-30 00:47:31 +01:00
Thibaut Girka
f16d66c5c8 Merge branch 'master' into glitch-soc/merge-upstream 2018-10-29 14:09:54 +01:00
Eugen Rochko
b40ea6d1d4
Bump sanitize from 4.6.6 to 5.0.0 (#9140) 2018-10-29 14:05:25 +01:00
Thibaut Girka
dcded13a99 Merge branch 'master' into glitch-soc/merge-upstream
Conflicts:
- .github/ISSUE_TEMPLATE/bug_report.md
  Took our version.
- CONTRIBUTING.md
  Updated the embedded copy of upstream's version.
- README.md
  Took our version.
- app/policies/status_policy.rb
  Not a real conflict, took code from both.
- app/views/layouts/embedded.html.haml
  Added upstream's changes (dns-prefetch) and fixed
  `%body.embed`
- app/views/settings/preferences/show.html.haml
  Reverted some of upstream changes, as we have a
  page dedicated for flavours and skins.
- config/initializers/content_security_policy.rb
  Kept our version of the CSP.
- config/initializers/doorkeeper.rb
  Not a real conflict, took code from both.
2018-10-22 17:51:38 +02:00
takayamaki
33976c8ecc fix: Execute PAM authentication tests on CircleCI (#9029)
and use 'if' option of context block
2018-10-20 17:28:04 +02:00
Eugen Rochko
d5bfba3262
Do not test PAM authentication by default (#9027)
* Do not test PAM authentication by default

* Disable PAM tests if PAM is not enabled
2018-10-20 07:32:26 +02:00
Eugen Rochko
ddd30f331c
Improve support for aspects/circles (#8950)
* Add silent column to mentions

* Save silent mentions in ActivityPub Create handler and optimize it

Move networking calls out of the database transaction

* Add "limited" visibility level masked as "private" in the API

Unlike DMs, limited statuses are pushed into home feeds. The access
control rules between direct and limited statuses is almost the same,
except for counter and conversation logic

* Ensure silent column is non-null, add spec

* Ensure filters don't check silent mentions for blocks/mutes

As those are "this person is also allowed to see" rather than "this
person is involved", therefore does not warrant filtering

* Clean up code

* Use Status#active_mentions to limit returned mentions

* Fix code style issues

* Use Status#active_mentions in Notification

And remove stream_entry eager-loading from Notification
2018-10-17 17:13:04 +02:00
Eugen Rochko
fac529975b Improve signature verification safeguards (#8959)
* Downcase signed_headers string before building the signed string

The HTTP Signatures draft does not mandate the “headers” field to be downcased,
but mandates the header field names to be downcased in the signed string, which
means that prior to this patch, Mastodon could fail to process signatures from
some compliant clients. It also means that it would not actually check the
Digest of non-compliant clients that wouldn't use a lowercased Digest field
name.

Thankfully, I don't know of any such client.

* Revert "Remove dead code (#8919)"

This reverts commit a00ce8c92c.

* Restore time window checking, change it to 12 hours

By checking the Date header, we can prevent replaying old vulnerable
signatures. The focus is to prevent replaying old vulnerable requests
from software that has been fixed in the meantime, so a somewhat long
window should be fine and accounts for timezone misconfiguration.

* Escape users' URLs when formatting them

Fixes possible HTML injection

* Escape all string interpolations in Formatter class

Slightly improve performance by reducing class allocations
from repeated Formatter#encode calls

* Fix code style issues
2018-10-12 07:00:41 +02:00
Eugen Rochko
21ad21cb50
Improve signature verification safeguards (#8959)
* Downcase signed_headers string before building the signed string

The HTTP Signatures draft does not mandate the “headers” field to be downcased,
but mandates the header field names to be downcased in the signed string, which
means that prior to this patch, Mastodon could fail to process signatures from
some compliant clients. It also means that it would not actually check the
Digest of non-compliant clients that wouldn't use a lowercased Digest field
name.

Thankfully, I don't know of any such client.

* Revert "Remove dead code (#8919)"

This reverts commit a00ce8c92c.

* Restore time window checking, change it to 12 hours

By checking the Date header, we can prevent replaying old vulnerable
signatures. The focus is to prevent replaying old vulnerable requests
from software that has been fixed in the meantime, so a somewhat long
window should be fine and accounts for timezone misconfiguration.

* Escape users' URLs when formatting them

Fixes possible HTML injection

* Escape all string interpolations in Formatter class

Slightly improve performance by reducing class allocations
from repeated Formatter#encode calls

* Fix code style issues
2018-10-12 00:15:55 +02:00
Thibaut Girka
d17844e6d1 Merge branch 'master' into glitch-soc/merge-upstream 2018-10-08 13:51:33 +02:00
ashleyhull-versent
f194857ac9 rubocop issues - Cleaning up (#8912)
* cleanup pass

* undo mistakes

* fixed.

* revert
2018-10-08 04:50:11 +02:00
ashleyhull-versent
2dba313100 Replace SVG asset with Custom mascot (#8766) 2018-10-08 00:20:45 +02:00
Eugen Rochko
774ac47373
Add conversations API (#8832)
* Add conversations API

* Add web UI for conversations

* Add test for conversations API

* Add tests for ConversationAccount

* Improve web UI

* Rename ConversationAccount to AccountConversation

* Remove conversations on block and mute

* Change last_status_id to be a denormalization of status_ids

* Add optimistic locking
2018-10-07 23:44:58 +02:00
Thibaut Girka
98bb6815a7 Merge branch 'master' into glitch-soc/merge-upstream 2018-10-05 21:48:25 +02:00
Jeong Arm
144d73730d Leave unknown language as nil if account is remote (#8861)
* Force use language detector if account is remote

* Set unknown remote toot's language as nil
2018-10-05 19:17:46 +02:00
Thibaut Girka
00fcdebed7 Merge branch 'master' into glitch-soc/merge-upstream
Conflicts:
	db/migrate/20170716191202_add_hide_notifications_to_mute.rb
	spec/controllers/application_controller_spec.rb

Took our version, upstream changes were only minor style linting.
2018-10-05 15:23:57 +02:00
aus-social
0a4739c732 lint pass 2 (#8878)
* Code quality pass

* Typofix

* Update applications_controller_spec.rb

* Update applications_controller_spec.rb
2018-10-04 17:38:04 +02:00
Eugen Rochko
a46ab86adf
Limit the number of people that can be followed from one account (#8807)
Configurable soft limit of 7,500, and above that, configurable
ratio of 1.1 * followers, controlled by:

- MAX_FOLLOWS_THRESHOLD
- MAX_FOLLOWS_RATIO

Fix #2311
2018-10-04 17:36:11 +02:00
Eugen Rochko
e645ae9561
Change admin accounts default sort to most recent (#8813) 2018-10-04 16:05:38 +02:00
Eugen Rochko
7fe137d2f7
Fix link verification for remote accounts (#8868) 2018-10-04 15:47:03 +02:00
aus-social
1f98eae1cf Lint pass (#8876) 2018-10-04 12:36:53 +02:00
Thibaut Girka
c91d9b7389 Merge branch 'master' into glitch-soc/merge-upstream
Conflicts:
	app/lib/user_settings_decorator.rb
	app/models/user.rb
	app/serializers/initial_state_serializer.rb
	app/views/stream_entries/_simple_status.html.haml
	config/locales/simple_form.en.yml
	config/locales/simple_form.ja.yml
	config/locales/simple_form.pl.yml
	config/routes.rb
2018-10-01 12:43:20 +02:00
Eugen Rochko
f0fff3eb10
Support min_id-based pagination in REST API (#8736)
* Allow min_id pagination in Feed#get

* Add min_id pagination to home and list timeline APIs

* Add min_id pagination to account statuses, public and tag APIs

* Remove unused stub in reports API

* Use min_id pagination in notifications, favourites, and fix order

* Fix HomeFeed#from_database not using paginate_by_id
2018-09-28 02:23:45 +02:00
Eugen Rochko
3d7f68c273
Revert Font Awesome 5 upgrade (#8810)
* Revert "Fix some icon names changed by the Font Awesome 5. (#8796)"

This reverts commit 3f9ec3de82.

* Revert "Migrate to font-awesome 5.0. (#8799)"

This reverts commit 8bae14591b.

* Revert "Fix some icons names, unavailable in fontawesome5 (free license). (#8792)"

This reverts commit b9c727a945.

* Revert "Update the icon name changed by the Font Awesome 5. (#8776)"

This reverts commit 17af4d27da.

* Revert "Add bot icon to bot avatars and migrate to newer version of Font Awesome (#8484)"

This reverts commit 4b794e134d.
2018-09-28 02:11:14 +02:00
Naoki Kosaka
8bae14591b Migrate to font-awesome 5.0. (#8799) 2018-09-27 17:08:56 +02:00
ThibG
c39183cc62 Refactor active_nav_class for use with multiple paths (#8757) 2018-09-23 20:42:13 +02:00
Thibaut Girka
343acd96cc Merge branch 'master' into glitch-soc/merge-upstream 2018-09-20 18:36:00 +02:00
Eugen Rochko
f92f1ee80a
Support link verification with redirects (#8735)
(e.g. URL shortener)
2018-09-20 00:10:35 +02:00
Thibaut Girka
91bef4759f Merge branch 'master' into glitch-soc/merge-upstream
Conflicts:
	Vagrantfile
	app/javascript/packs/public.js
	app/views/admin/settings/edit.html.haml
	app/views/settings/preferences/show.html.haml
	app/views/settings/profiles/show.html.haml
	config/locales/es.yml
	config/locales/simple_form.en.yml
	config/webpack/configuration.js
	config/webpack/loaders/babel.js
	package.json
	yarn.lock

Split new additions to app/javascript/packs/public.js to
app/javascript/core/settings.js
2018-09-19 21:46:01 +02:00
Yamagishi Kazutoshi
3da1cc7d5e Fix failed profile verification when rel attribute including values other than me (#8733) 2018-09-19 16:47:31 +02:00
Eugen Rochko
f4d549d300
Redesign forms, verify link ownership with rel="me" (#8703)
* Verify link ownership with rel="me"

* Add explanation about verification to UI

* Perform link verifications

* Add click-to-copy widget for verification HTML

* Redesign edit profile page

* Redesign forms

* Improve responsive design of settings pages

* Restore landing page sign-up form

* Fix typo

* Support <link> tags, add spec

* Fix links not being verified on first discovery and passive updates
2018-09-18 16:45:58 +02:00
luzpaz
40dd19be37 Misc. typos (#8694)
Found via `codespell -q 3 --skip="./app/javascript/mastodon/locales,./config/locales"`
2018-09-14 00:53:09 +02:00
Thibaut Girka
cd99255698 Merge branch 'master' into glitch-soc/merge-upstream
Conflicts:
	app/controllers/oauth/authorizations_controller.rb

Just two changes being too close to one another.
Took both.
2018-09-11 16:51:26 +02:00
Eugen Rochko
2288d50a7b
Add force_login option to OAuth authorize page (#8655)
* Add force_login option to OAuth authorize page

For when a user needs to sign into an app from multiple accounts
on the same server

* When logging out from modal header, redirect back after re-login
2018-09-09 04:10:44 +02:00
Sorin Davidoi
6f3d934bc1 feat(cookies): Use the same-site attribute to lax (#8626)
CSFR-prevention is already implemented but adding this doesn't hurt.

A brief introduction to Same-Site cookies (and the difference between strict and
lax) can be found at
https://blog.mozilla.org/security/2018/04/24/same-site-cookies-in-firefox-60/

TLDR: We use lax since we want the cookies to be sent when the user navigates
safely from an external site.
2018-09-08 23:54:28 +02:00
Thibaut Girka
6c233a04a0 Merge branch 'master' into glitch-soc/merge-upstream
Conflicts:
	README.md

Discarded upstream changes to the README, kept our version.
2018-09-03 14:33:06 +02:00
Eugen Rochko
c593d6df9c
Add preference for report notification e-mails, skip for duplicates (#8559)
If an unresolved report for the same target account already exists,
no new notification is generated
2018-09-02 00:11:58 +02:00
Thibaut Girka
6f75a9001f Merge branch 'master' into glitch-soc/merge-upstream
Conflicts:
- app/views/stream_entries/_simple_status.html.haml
- config/locales/nl.yml

Deleted unused translation strings (themes) and adapted minor changes to
_simple_status.html.haml
2018-08-31 19:10:57 +02:00
Renato "Lond" Cerqueira
fe56d26f7b Fix autoplay issue with spoiler tag (#8540)
Add tests to avoid similar issues in the future
2018-08-31 15:16:59 +02:00
Renato "Lond" Cerqueira
11658d8653 Add animate custom emoji param to embed pages (#8507)
* Add animate custom emoji param to embed pages

* Rename param, use it for avatars and gifs

* Fix issues pointed by codeclimate and breaking test

* Ignore brakeman warning
2018-08-30 23:14:01 +02:00
Renato "Lond" Cerqueira
5b2b493a90 Fix nil host in remotable (#8508)
Host can be nil in urls like
'https:https://example.com/path/file.png'
2018-08-29 21:13:49 +02:00
Thibaut Girka
c24491a8df Merge branch 'master' into glitch-soc/merge-upstream 2018-08-29 13:57:56 +02:00
sundevour
4bfd786550 formatter spec fixes & clarification (#8481)
updates some "context" and "it" lines to have clearer explanations
updates "context" lines to properly describe function input, and "it" lines to describe results
2018-08-29 01:20:56 +02:00
Thibaut Girka
43d132039b Merge branch 'master' into glitch-soc/merge-upstream 2018-08-28 17:24:39 +02:00
Eugen Rochko
5e1767173f
Display pending message on admin relays UI (#8494)
* Add missing specs for relay accept/reject

* Display pending message on admin relays UI
2018-08-28 05:39:43 +02:00
Thibaut Girka
53b7bb9d04 Merge branch 'master' into glitch-soc/merge-upstream
Conflicts:
	app/controllers/api/v1/mutes_controller.rb
	config/locales/simple_form.pl.yml
2018-08-27 18:09:28 +02:00
Jakub Mendyk
f3a12ddfd0 Make Api::V1::MutesController paginate properly (#8472)
Fixes #8463
2018-08-26 21:30:17 +02:00
Thibaut Girka
36393e1d2b Merge branch 'master' into glitch-soc/merge-upstream
Conflicts:
	app/views/layouts/application.html.haml

Edited:
        app/helpers/application_helper.rb
        app/views/admin/domain_blocks/new.html.haml

Conflict wasn't really one, just two changes too close to one another.
Edition was to adapt the class names for themes to class names for
skins and flavours.

Also edited app/views/admin/domain_blocks/new.html.haml to strip the
duplicate admin pack inclusion thing.
2018-08-26 14:23:24 +02:00
Eugen Rochko
22e46ebad8
Add theme identifier to body classes for easier custom CSS styling (#8439)
Add forgotten custom CSS admin setting strings
2018-08-25 22:55:25 +02:00
Thibaut Girka
246c313d45 Merge branch 'master' into glitch-soc/merge-upstream
Conflicts:
	app/controllers/application_controller.rb

Changed instance theme selection by instance flavour selection.
2018-08-24 15:10:34 +02:00
Eugen Rochko
2f34b747b3
Allow mods to disable login, improve message when login disabled (#8329)
* Allow moderators to disable/enable login

* Instead of rejecting login, show forbidden error when login disabled

Avoid confusion because when login is rejected, the message is that
the account is not activated, which is wrong.

* Fix tests
2018-08-23 23:26:29 +02:00
Jakub Mendyk
6cb3514d64 Add ability to change an instance default theme from the administration panel (#7092) (#8381)
* Add default_settings class method to ScopedSettings

ScopedSettings was extended to use value of unscoped setting instead of
only using defaults set in config/settings.yml for selected settings.
This adds possibility for admins to set default values of users' settings,
for example default theme (as requested in #7092).

* Add ability to change an instance default theme

Closes #7092
2018-08-23 14:17:35 +02:00
Thibaut Girka
e70fc059a9 Merge branch 'master' into glitch-soc/merge-upstream 2018-08-22 20:56:32 +02:00
Eugen Rochko
802cf6a4c5
Improve federated ID validation (#8372)
* Fix URI not being sufficiently validated with prefetched JSON

* Add additional id validation to OStatus documents, when possible
2018-08-22 20:55:14 +02:00
masarakki
4bdab203ac exclude-other-silenced-accounts (#7528) 2018-08-22 13:20:50 +02:00
Eugen Rochko
2374a00c10
Add confirmation step to account suspensions (#8353)
* Add confirmation page for suspensions

* Suspension confirmation closes reports, linked from report UI

* Fix tests
2018-08-22 11:53:41 +02:00
Thibaut Girka
8b4abaa90d Merge branch 'master' into glitch-soc/master
Conflicts:
	config/routes.rb

Added the “endorsements” route from upstream.
2018-08-21 18:24:48 +02:00
Eugen Rochko
6226aa83d7
Increase reach of Delete->Actor activities (#8305)
Fix #7316
2018-08-20 13:28:05 +02:00
Thibaut Girka
bfeac6747a Merge branch 'master' into glitch-soc/merge-upstream
Conflicts:
	.circleci/config.yml
	app/controllers/authorize_follows_controller.rb
	app/javascript/packs/public.js

Moved new stuff from packs/public.js to core/public.js.
Added appropriate use_pack in new controllers.
2018-08-18 18:04:49 +02:00
Eugen Rochko
d010816ba8
Fix error when trying to update counters for statuses that are gone (#8251) 2018-08-18 03:03:23 +02:00
Eugen Rochko
78fa926ed5
Add remote interaction dialog for toots (#8202)
* Add remote interaction dialog for toots

* Change AuthorizeFollow into AuthorizeInteraction, support statuses

* Update brakeman.ignore

* Adjust how interaction buttons are display on public pages

* Fix tests
2018-08-18 03:03:12 +02:00
Thibaut Girka
280d7b1df8 Merge branch 'master' into glitch-soc/merge-upstream
Conflicts:
	app/models/status.rb
	db/migrate/20180528141303_fix_accounts_unique_index.rb
	db/schema.rb

Resolved by taking upstream changes (no real conflicts, just glitch-soc
specific code too close to actual changes).
2018-08-17 17:43:54 +02:00
ThibG
59f7f4c923 Implement Undo { Accept { Follow } } (fixes #8234) (#8245)
* Add Follow#revoke_request!

* Implement Undo { Accept { Follow } } (fixes #8234)
2018-08-17 16:24:56 +02:00
ThibG
af912fb308 Allow accessing local private/DM messages by URL (#8196)
* Allow accessing local private/DM messages by URL

(Provided the user pasting the URL is authorized to see the toot, obviously)

* Fix SearchServiceSpec tests
2018-08-15 19:33:36 +02:00
Eugen Rochko
aaac14b8ad
Show exact number of followers/statuses on export page/in tooltip (#8199)
* Show exact number of followers/statuses on export page/in tooltip

* Fix tests
2018-08-14 21:56:17 +02:00
Eugen Rochko
8e111b753a
Move status counters to separate table, count replies (#8104)
* Move status counters to separate table, count replies

* Migration to remove old counter columns from statuses table

* Fix schema file
2018-08-14 19:19:32 +02:00
S.H
5f41bbd274 Update Rails (#8141)
* Update Rails

* fix Update Rails
2018-08-13 18:17:20 +02:00
S.H
2aeeffc3ec Update Rails (#8141)
* Update Rails

* fix Update Rails
2018-08-12 12:25:23 +02:00
Thibaut Girka
e5a603206d Merge branch 'master' into glitch-soc/merge-upstream
Conflicts:
	app/controllers/accounts_controller.rb
	app/javascript/mastodon/locales/pl.json
	app/views/about/more.html.haml

Conflicts in `accounts_controller.rb` resolved by taking upstream's
version + our `use_pack`.

Conflicts in `pl.json` resolved by taking upstream's changes.

Conflicts in `aboute/more.html.haml` resolved by taking upstream's changes.
2018-08-10 16:22:31 +02:00
Thibaut Girka
90b492143d Introduce OAuth scopes for bookmarks 2018-08-10 15:26:52 +02:00
Eugen Rochko
0dcc1950d1
Update /terms and /about/more to use public layout (#8142) 2018-08-09 12:58:20 +02:00
Eugen Rochko
f2404de871
Public profile endorsements (accounts picked by profile owner) (#8146) 2018-08-09 09:56:53 +02:00
Thibaut Girka
bf1d3ae3b8 Merge branch 'master' into glitch-soc/merge-upstream
Conflicts:
	config/settings.yml
2018-08-01 22:20:25 +02:00
Thibaut Girka
c1c514ca70 Merge branch 'master' into glitch-soc/merge-upstream
Manually-resolved conflicts:
	.circleci/config.yml
	app/controllers/accounts_controller.rb
	app/controllers/auth/passwords_controller.rb
	app/controllers/statuses_controller.rb
	app/javascript/packs/public.js
	app/models/media_attachment.rb
	app/views/stream_entries/_content_spoiler.html.haml
	app/views/stream_entries/_media.html.haml
	config/locales/en.yml
	config/locales/ja.yml
	config/locales/pl.yml
	lib/mastodon/version.rb

Some content from app/javascript/packs/public.js has been split to
app/javascript/core/settings.js.

Translation strings for glitch-soc's keyword mutes were dropped.

Everything else was mostly “take both”.
2018-08-01 00:18:13 +02:00
Eugen Rochko
cc56f2230a
Add separate setting for sidebar text (site_short_description) (#8107)
* Add separate setting for sidebar text (site_short_description)

* Fix tests
2018-07-31 18:59:34 +02:00
Thibaut Girka
9f2945ef80 Add test to disallow remote users from fetching local-only toots 2018-07-31 15:41:04 +02:00
Eugen Rochko
60df87f6f0
Compensate for scrollbar disappearing when media modal visible (#8100)
* Compensate for scrollbar disappearing when media modal visible

Make auth pages backgrounds lighter

* Fix typo
2018-07-31 01:14:33 +02:00
Eugen Rochko
e7e577dd6e
Enforce username format for remote users, too (#8102)
Initially I thought there might be valid reasons for remote users to
have a different, unpredicted username format. However, I now realize
such a difference would be unusable and unexpected within Mastodon.

Fix #8058
2018-07-30 22:29:52 +02:00
Thibaut Girka
5f1bdca4c8 Merge commit 'e23b26178a71f90d64fe2a3e9e4468f265ecc71c' into glitch-soc/merge-upstream
Merge upstream changes right before the public profile redesign.
2018-07-30 14:39:06 +02:00
Eugen Rochko
bb71538bb5
Redesign public profiles and toots (#8068) 2018-07-28 19:25:33 +02:00
Eugen Rochko
0fb0037ca7
Resize images by area instead of fixed dimensions (#8083)
To improve the way super tall or super ride images are treated, the
numbers remain the same, 1280x1280 and 400x400, but if an image
is less in one dimension than the other, the other can become larger

Thanks to @WAHa_06x36@mastodon.social for the tip
2018-07-28 03:33:00 +02:00
Thibaut Girka
f26f1145ac Merge branch 'master' into glitch-soc/merge-upstream
Conflicts:
	Dockerfile
	app/javascript/packs/common.js
	config/webpack/loaders/sass.js
	config/webpack/shared.js
	db/schema.rb
	package.json
	yarn.lock

A lot of the conflicts come from updating webpack.

Even though upstream deleted app/javascript/packs/common.js, I kept
glitch-soc's version as it unifies JS/CSS packs behavior across flavours.

Ported glitch changes to webpack 4.x
2018-07-16 14:50:42 +02:00
Eugen Rochko
2a176514be
Display full acct on public status pages, always (#8011) 2018-07-14 04:07:47 +02:00
Eugen Rochko
38e9662d78
Disable language detection for texts shorter than 140 characters (#8010)
If the input text is blank after preparation (only mention, or
only URL, or empty as in a media post), then use nil as language,
since it's OK to show to everyone.

Otherwise, always fall back to the server's default locale
2018-07-14 04:05:36 +02:00
Eugen Rochko
e55dce3176
Add federation relay support (#7998)
* Add federation relay support

* Add admin UI for managing relays

* Include actor on relay-related activities

* Fix i18n
2018-07-13 02:16:06 +02:00
Thibaut Girka
402da8065c Migrate glitch-soc keyword mutes to Mastodon's
Completely remove glitch-soc's Keyword Mutes, migrate
existing database records to CustomFilters.

Handling of client-side filters is still not implemented
in the glitch-soc front-end.
2018-07-09 19:19:23 +02:00
Thibaut Girka
d392020da6 Merge branch 'master' into glitch-soc/tentative-merge
Conflicts:
	README.md
	app/controllers/statuses_controller.rb
	app/lib/feed_manager.rb
	config/navigation.rb
	spec/lib/feed_manager_spec.rb

Conflicts were resolved by taking both versions for each change.
This means the two filter systems (glitch-soc's keyword mutes and tootsuite's
custom filters) are in place, which will be changed in a follow-up commit.
2018-07-09 07:13:59 +02:00
ThibG
1ca4e51eb3 Add option to not consider word boundaries when processing keyword filtering (#7975)
* Add option to not consider word boundaries when filtering phrases

* Add a few tests for keyword/phrase filtering
2018-07-09 02:22:09 +02:00
Eugen Rochko
cd509d2146
Remove .p-name microformat class (#7961)
Fix #7926
2018-07-07 18:51:56 +02:00
Eugen Rochko
1f6ed4f86a
Add more granular OAuth scopes (#7929)
* Add more granular OAuth scopes

* Add human-readable descriptions of the new scopes

* Ensure new scopes look good on the app UI

* Add tests

* Group scopes in screen and color-code dangerous ones

* Fix wrong extra scope
2018-07-05 18:31:35 +02:00
Eugen Rochko
da8fe8079e
Re-add follow recommendations API (#7918)
* Re-add follow recommendations API

    GET /api/v1/suggestions

Removed in 8efa081f21 due to Neo4J
dependency. The algorithm uses triadic closures, takes into account
suspensions, blocks, mutes, domain blocks, excludes locked and moved
accounts, and prefers more recently updated accounts.

* Track interactions with people you don't follow

Replying to, favouriting and reblogging someone you're not following
will make them show up in follow recommendations. The interactions
have different weights:

- Replying is 1
- Favouriting is 10 (decidedly positive interaction, but private)
- Reblogging is 20

Following them, muting or blocking will remove them from the list,
obviously.

* Remove triadic closures, ensure potential friendships are trimmed
2018-07-03 01:47:56 +02:00
Eugen Rochko
cdb101340a
Keyword/phrase filtering (#7905)
* Add keyword filtering

    GET|POST       /api/v1/filters
    GET|PUT|DELETE /api/v1/filters/:id

- Irreversible filters can drop toots from home or notifications
- Other filters can hide toots through the client app
- Filters use a phrase valid in particular contexts, expiration

* Make sure expired filters don't get applied client-side

* Add missing API methods

* Remove "regex filter" from column settings

* Add tests

* Add test for FeedManager

* Add CustomFilter test

* Add UI for managing filters

* Add streaming API event to allow syncing filters

* Fix tests
2018-06-29 15:34:36 +02:00
Thibaut Girka
4b0f27ba78 Merge branch 'master' into glitch-soc/merge-upstream 2018-06-24 14:32:22 +02:00
Shuhei Kitagawa
23955d956e Add tests for remote_unfollows_controller (#7879) 2018-06-24 19:55:55 +09:00
Thibaut Girka
ab5f450700 Merge branch 'master' into glitch-soc/merge-upstream
Conflicts:
	app/models/user.rb

Resolved by adding :default_language to user settings fields
2018-06-21 20:49:57 +02:00
Shuhei Kitagawa
459394a020 Add missing tests for confirmations controller (#7866) 2018-06-21 10:40:23 +09:00
Shuhei Kitagawa
63b05096c7 Add tests for shares_controller (#7835) 2018-06-18 10:45:20 +09:00
Eugen Rochko
7eec279c7f
Change language opt-out to language opt-in (#7823)
* Switch filtered_languages to chosen_languages

* Adjust interface

* Remove unused translations
2018-06-17 13:54:02 +02:00
Jenkins
afceef74c2 Merge remote-tracking branch 'tootsuite/master' into glitchsoc/master 2018-06-14 06:17:24 +00:00
Shuhei Kitagawa
ad8814232f Add tests for following accounts controller (#7800) 2018-06-14 10:49:17 +09:00
Shuhei Kitagawa
5b47774ab8 Add tests for followers_accounts_controller (#7794) 2018-06-13 10:28:39 +09:00
David Yip
5cff053944
Merge branch 'master' into 454-allow-keyword-mutes-to-skip-mentions 2018-06-12 18:13:30 -05:00
David Yip
99b2bc2668
keyword mute: Add missing scope for regex escape test 2018-06-12 17:48:38 -05:00
David Yip
908a770d2b
keyword mute: use mentions scope in home feed filtering (#454)
If a status shows up in mentions because all keyword mutes that might
apply to it are marked as "don't apply to mentions", then it ought to
show up in the home feed also.
2018-06-12 17:14:35 -05:00
David Yip
e931cf656d
Merge remote-tracking branch 'glitchsoc/master' into 454-allow-keyword-mutes-to-skip-mentions
Conflicts:
 	app/models/glitch/keyword_mute.rb
2018-06-12 16:39:30 -05:00
Jenkins
4d8d1fa129 Merge remote-tracking branch 'tootsuite/master' into glitchsoc/master 2018-06-12 13:17:21 +00:00
Shuhei Kitagawa
6151308c47 Add missing tests for admin/accounts_controller (#7791) 2018-06-12 21:24:46 +09:00
Shuhei Kitagawa
7086aa598b Add tests for intents_controller (#7763) 2018-06-09 22:47:50 +02:00
Eugen Rochko
10f51c9886
Fix domain hiding logic (#7765)
* Send rejections to followers when user hides domain they're on

* Use account domain blocks for "authorized followers" action

Replace soft-blocking (block & unblock) behaviour with follow rejection

* Split sync and async work of account domain blocking

Do not create domain block when removing followers by domain, that
is probably unexpected from the user's perspective.

* Adjust confirmation message for domain block

* yarn manage:translations
2018-06-09 22:46:54 +02:00
David Yip
8142bd2553
Merge remote-tracking branch 'tootsuite/master' into merge-upstream
Conflicts:
 	app/models/status.rb

The conflict in the Status model was due to
5bf5003384.
It was resolved by accepting tootsuite's changes.
2018-06-07 05:13:49 -05:00
Shuhei Kitagawa
12fa2500c4 Add missing tests for sessions controller (#7744) 2018-06-06 10:23:22 +09:00
David Yip
a640c322c1
Escape metacharacters in non-whole-word keyword mutes. Fixes #533.
Also addresses #463.
2018-06-05 02:49:28 -05:00
David Yip
cf28049f0a
Add a FeedManager example demonstrating non-mention keywords. #454. 2018-06-03 23:04:00 -05:00
David Yip
a40e322f4b
Fix spacing in some FeedManager examples. 2018-06-03 23:02:01 -05:00
David Yip
26573ad7e6
Thread scopes through #matches?. #454.
Also add an apply_to_mentions attribute on Glitch::KeywordMute, which is
used to calculate scope.  Next up: additions to the test suite to
demonstrate how scoping works.
2018-06-03 23:00:50 -05:00
Shuhei Kitagawa
22caa32ba2 Add tests for embeds controller (#7719)
* Small refactoring of status_finder_spec

* Add tests for embeds_controller
2018-06-04 10:35:56 +09:00