about summary refs log tree commit diff
path: root/app/controllers
diff options
context:
space:
mode:
authorThibaut Girka <thib@sitedethib.com>2018-12-18 16:55:15 +0100
committerThibaut Girka <thib@sitedethib.com>2018-12-18 16:55:15 +0100
commit034ffc079e40e0c723173b5998242803cc28dc50 (patch)
treefee1b208be2068cf372ab23f268a66ca51cc2dc3 /app/controllers
parent36d27e289177fdec5332539c94b8192022a412f2 (diff)
parent5bf100f87be571e86305f3ab244183fc46f1ede2 (diff)
Merge branch 'master' into glitch-soc/merge-upstream
Conflicts:
- app/controllers/admin/base_controller.rb
  Some refactoring made upstream, no real conflict.
- app/javascript/mastodon/features/compose/components/compose_form.js
  Updated using upstream's code but using maxChars instead of the
  hardcoded length of 500 characters per toot.
- app/javascript/styles/mastodon/components.scss
  Upstream redesigned the onboarding modal. Not sure why we had a
  conflict there.
Diffstat (limited to 'app/controllers')
-rw-r--r--app/controllers/admin/base_controller.rb4
-rw-r--r--app/controllers/admin/confirmations_controller.rb4
-rw-r--r--app/controllers/admin/resets_controller.rb6
-rw-r--r--app/controllers/admin/roles_controller.rb6
-rw-r--r--app/controllers/admin/two_factor_authentications_controller.rb4
-rw-r--r--app/controllers/directories_controller.rb12
-rw-r--r--app/controllers/media_controller.rb5
7 files changed, 12 insertions, 29 deletions
diff --git a/app/controllers/admin/base_controller.rb b/app/controllers/admin/base_controller.rb
index f2190ddf9..cc6cd51f0 100644
--- a/app/controllers/admin/base_controller.rb
+++ b/app/controllers/admin/base_controller.rb
@@ -20,5 +20,9 @@ module Admin
     def set_pack
       use_pack 'admin'
     end
+
+    def set_user
+      @user = Account.find(params[:account_id]).user || raise(ActiveRecord::RecordNotFound)
+    end
   end
 end
diff --git a/app/controllers/admin/confirmations_controller.rb b/app/controllers/admin/confirmations_controller.rb
index 8d3477e66..efe7dcbd4 100644
--- a/app/controllers/admin/confirmations_controller.rb
+++ b/app/controllers/admin/confirmations_controller.rb
@@ -25,10 +25,6 @@ module Admin
 
     private
 
-    def set_user
-      @user = Account.find(params[:account_id]).user || raise(ActiveRecord::RecordNotFound)
-    end
-
     def check_confirmation
       if @user.confirmed?
         flash[:error] = I18n.t('admin.accounts.resend_confirmation.already_confirmed')
diff --git a/app/controllers/admin/resets_controller.rb b/app/controllers/admin/resets_controller.rb
index 3e27d01ac..db8f61d64 100644
--- a/app/controllers/admin/resets_controller.rb
+++ b/app/controllers/admin/resets_controller.rb
@@ -10,11 +10,5 @@ module Admin
       log_action :reset_password, @user
       redirect_to admin_accounts_path
     end
-
-    private
-
-    def set_user
-      @user = Account.find(params[:account_id]).user || raise(ActiveRecord::RecordNotFound)
-    end
   end
 end
diff --git a/app/controllers/admin/roles_controller.rb b/app/controllers/admin/roles_controller.rb
index af7ec0740..13f56e9be 100644
--- a/app/controllers/admin/roles_controller.rb
+++ b/app/controllers/admin/roles_controller.rb
@@ -17,11 +17,5 @@ module Admin
       log_action :demote, @user
       redirect_to admin_account_path(@user.account_id)
     end
-
-    private
-
-    def set_user
-      @user = Account.find(params[:account_id]).user || raise(ActiveRecord::RecordNotFound)
-    end
   end
 end
diff --git a/app/controllers/admin/two_factor_authentications_controller.rb b/app/controllers/admin/two_factor_authentications_controller.rb
index 022107203..2577a4b17 100644
--- a/app/controllers/admin/two_factor_authentications_controller.rb
+++ b/app/controllers/admin/two_factor_authentications_controller.rb
@@ -2,7 +2,7 @@
 
 module Admin
   class TwoFactorAuthenticationsController < BaseController
-    before_action :set_user
+    before_action :set_target_user
 
     def destroy
       authorize @user, :disable_2fa?
@@ -13,7 +13,7 @@ module Admin
 
     private
 
-    def set_user
+    def set_target_user
       @user = User.find(params[:user_id])
     end
   end
diff --git a/app/controllers/directories_controller.rb b/app/controllers/directories_controller.rb
index 1c8ebdac9..e91e784a5 100644
--- a/app/controllers/directories_controller.rb
+++ b/app/controllers/directories_controller.rb
@@ -37,22 +37,12 @@ class DirectoriesController < ApplicationController
   end
 
   def set_accounts
-    @accounts = Account.searchable.discoverable.page(params[:page]).per(50).tap do |query|
+    @accounts = Account.discoverable.page(params[:page]).per(30).tap do |query|
       query.merge!(Account.tagged_with(@tag.id)) if @tag
-
-      if popular_requested?
-        query.merge!(Account.popular)
-      else
-        query.merge!(Account.by_recent_status)
-      end
     end
   end
 
   def set_instance_presenter
     @instance_presenter = InstancePresenter.new
   end
-
-  def popular_requested?
-    request.path.ends_with?('/popular')
-  end
 end
diff --git a/app/controllers/media_controller.rb b/app/controllers/media_controller.rb
index 88c7232dd..8e1624ce1 100644
--- a/app/controllers/media_controller.rb
+++ b/app/controllers/media_controller.rb
@@ -6,12 +6,17 @@ class MediaController < ApplicationController
   before_action :set_media_attachment
   before_action :verify_permitted_status!
 
+  content_security_policy only: :player do |p|
+    p.frame_ancestors(false)
+  end
+
   def show
     redirect_to @media_attachment.file.url(:original)
   end
 
   def player
     @body_classes = 'player'
+    response.headers['X-Frame-Options'] = 'ALLOWALL'
     raise ActiveRecord::RecordNotFound unless @media_attachment.video? || @media_attachment.gifv?
   end
generated by cgit-pink (git 2.37.1) at 2024-06-29 12:14:59 +0000