Merge branch 'glitch'

Conflicts: yarn.lock: caniuse-lite has been outdated in upstream for awhile, and we fixed it a few weeks ago in our fork
author: Starfall <us@starfall.systems> 2021-06-08 09:28:57 -0500
committer: Starfall <us@starfall.systems> 2021-06-08 09:28:57 -0500
commit: f95637178671b1aa0648fa506231717229a6cd8f (patch)
tree: fbaa725bcdb88220c5d1e299b338b196822460e5 /app/controllers
parent: 2c6fcb9cf8fbb09e900fc3625837529155f98f4f (diff)
parent: db5baf3d1a93cbf6961f721205cff0beaf71bffd (diff)
4 files changed, 16 insertions, 8 deletions
diff --git a/app/controllers/activitypub/outboxes_controller.rb b/app/controllers/activitypub/outboxes_controller.rb
index 111285036..4a52560ac 100644
--- a/app/controllers/activitypub/outboxes_controller.rb
+++ b/app/controllers/activitypub/outboxes_controller.rb
@@ -29,7 +29,7 @@ class ActivityPub::OutboxesController < ActivityPub::BaseController
       )
     else
       ActivityPub::CollectionPresenter.new(
-        id: account_outbox_url(@account),
+        id: outbox_url,
         type: :ordered,
         size: @account.statuses_count,
         first: outbox_url(page: true),
@@ -47,11 +47,11 @@ class ActivityPub::OutboxesController < ActivityPub::BaseController
   end
 
   def next_page
-    account_outbox_url(@account, page: true, max_id: @statuses.last.id) if @statuses.size == LIMIT
+    outbox_url(page: true, max_id: @statuses.last.id) if @statuses.size == LIMIT
   end
 
   def prev_page
-    account_outbox_url(@account, page: true, min_id: @statuses.first.id) unless @statuses.empty?
+    outbox_url(page: true, min_id: @statuses.first.id) unless @statuses.empty?
   end
 
   def set_statuses
diff --git a/app/controllers/api/v1/emails/confirmations_controller.rb b/app/controllers/api/v1/emails/confirmations_controller.rb
index 4a7aa9c32..f1d9954d0 100644
--- a/app/controllers/api/v1/emails/confirmations_controller.rb
+++ b/app/controllers/api/v1/emails/confirmations_controller.rb
@@ -3,12 +3,11 @@
 class Api::V1::Emails::ConfirmationsController < Api::BaseController
   before_action :doorkeeper_authorize!
   before_action :require_user_owned_by_application!
+  before_action :require_user_not_confirmed!
 
   def create
-    if !current_user.confirmed? && current_user.unconfirmed_email.present?
-      current_user.update!(email: params[:email]) if params.key?(:email)
-      current_user.resend_confirmation_instructions
-    end
+    current_user.update!(email: params[:email]) if params.key?(:email)
+    current_user.resend_confirmation_instructions
 
     render_empty
   end
@@ -18,4 +17,8 @@ class Api::V1::Emails::ConfirmationsController < Api::BaseController
   def require_user_owned_by_application!
     render json: { error: 'This method is only available to the application the user originally signed-up with' }, status: :forbidden unless current_user && current_user.created_by_application_id == doorkeeper_token.application_id
   end
+
+  def require_user_not_confirmed!
+    render json: { error: 'This method is only available while the e-mail is awaiting confirmation' }, status: :forbidden if current_user.confirmed? || current_user.unconfirmed_email.blank?
+  end
 end
diff --git a/app/controllers/custom_css_controller.rb b/app/controllers/custom_css_controller.rb
index 0a667a6a6..e1dc5eaf6 100644
--- a/app/controllers/custom_css_controller.rb
+++ b/app/controllers/custom_css_controller.rb
@@ -3,11 +3,16 @@
 class CustomCssController < ApplicationController
   skip_before_action :store_current_location
   skip_before_action :require_functional!
+  skip_before_action :update_user_sign_in
+  skip_before_action :set_session_activity
+
+  skip_around_action :set_locale
 
   before_action :set_cache_headers
 
   def show
     expires_in 3.minutes, public: true
+    request.session_options[:skip] = true
     render plain: Setting.custom_css || '', content_type: 'text/css'
   end
 end
diff --git a/app/controllers/media_proxy_controller.rb b/app/controllers/media_proxy_controller.rb
index 1b610318d..5596e92d1 100644
--- a/app/controllers/media_proxy_controller.rb
+++ b/app/controllers/media_proxy_controller.rb
@@ -45,7 +45,7 @@ class MediaProxyController < ApplicationController
   end
 
   def lock_options
-    { redis: Redis.current, key: "media_download:#{params[:id]}" }
+    { redis: Redis.current, key: "media_download:#{params[:id]}", autorelease: 15.minutes.seconds }
   end
 
   def reject_media?
author	Starfall <us@starfall.systems>	2021-06-08 09:28:57 -0500
committer	Starfall <us@starfall.systems>	2021-06-08 09:28:57 -0500
commit	f95637178671b1aa0648fa506231717229a6cd8f (patch)
tree	fbaa725bcdb88220c5d1e299b338b196822460e5 /app/controllers
parent	2c6fcb9cf8fbb09e900fc3625837529155f98f4f (diff)
parent	db5baf3d1a93cbf6961f721205cff0beaf71bffd (diff)