about summary refs log tree commit diff
diff options
context:
space:
mode:
-rw-r--r--Gemfile2
-rw-r--r--Gemfile.lock11
-rw-r--r--app/models/status.rb4
-rw-r--r--app/workers/application_worker.rb5
-rw-r--r--app/workers/distribution_worker.rb4
-rw-r--r--docs/Running-Mastodon/Production-guide.md12
-rw-r--r--docs/Using-Mastodon/User-guide.md6
-rw-r--r--docs/Using-the-API/API.md2
8 files changed, 25 insertions, 21 deletions
diff --git a/Gemfile b/Gemfile
index 4e7ff6621..b5705e9d1 100644
--- a/Gemfile
+++ b/Gemfile
@@ -8,8 +8,6 @@ gem 'sass-rails', '~> 5.0'
 gem 'uglifier', '>= 1.3.0'
 gem 'coffee-rails', '~> 4.1.0'
 gem 'jquery-rails'
-gem 'jbuilder', '~> 2.0'
-gem 'sdoc', '~> 0.4.0', group: :doc
 gem 'puma'
 
 gem 'hamlit-rails'
diff --git a/Gemfile.lock b/Gemfile.lock
index a774a89ba..408d85ade 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -198,9 +198,6 @@ GEM
       parser (>= 2.2.3.0)
       term-ansicolor (>= 1.3.2)
       terminal-table (>= 1.5.1)
-    jbuilder (2.6.0)
-      activesupport (>= 3.0.0, < 5.1)
-      multi_json (~> 1.2)
     jmespath (1.3.1)
     jquery-rails (4.1.1)
       rails-dom-testing (>= 1, < 3)
@@ -231,7 +228,6 @@ GEM
     mimemagic (0.3.2)
     mini_portile2 (2.1.0)
     minitest (5.10.1)
-    multi_json (1.12.1)
     net-scp (1.2.1)
       net-ssh (>= 2.6.5)
     net-ssh (4.0.1)
@@ -310,8 +306,6 @@ GEM
       thor (>= 0.18.1, < 2.0)
     rainbow (2.1.0)
     rake (12.0.0)
-    rdoc (4.2.2)
-      json (~> 1.4)
     react-rails (1.10.0)
       babel-transpiler (>= 0.7.0)
       coffee-script-source (~> 1.8)
@@ -381,9 +375,6 @@ GEM
       sprockets (>= 2.8, < 4.0)
       sprockets-rails (>= 2.0, < 4.0)
       tilt (>= 1.1, < 3)
-    sdoc (0.4.1)
-      json (~> 1.7, >= 1.7.7)
-      rdoc (~> 4.0)
     sidekiq (4.2.7)
       concurrent-ruby (~> 1.0)
       connection_pool (~> 2.2, >= 2.2.0)
@@ -483,7 +474,6 @@ DEPENDENCIES
   http
   httplog
   i18n-tasks (~> 0.9.6)
-  jbuilder (~> 2.0)
   jquery-rails
   letter_opener
   letter_opener_web
@@ -514,7 +504,6 @@ DEPENDENCIES
   rubocop
   ruby-oembed
   sass-rails (~> 5.0)
-  sdoc (~> 0.4.0)
   sidekiq
   sidekiq-unique-jobs
   simple-navigation
diff --git a/app/models/status.rb b/app/models/status.rb
index daf128572..6948ad77c 100644
--- a/app/models/status.rb
+++ b/app/models/status.rb
@@ -161,9 +161,9 @@ class Status < ApplicationRecord
       return where.not(visibility: [:private, :direct]) if account.nil?
 
       if target_account.blocking?(account) # get rid of blocked peeps
-        where('1 = 0')
+        none
       elsif account.id == target_account.id # author can see own stuff
-        where('1 = 1')
+        all
       elsif account.following?(target_account) # followers can see followers-only stuff, but also things they are mentioned in
         joins('LEFT OUTER JOIN mentions ON statuses.id = mentions.status_id AND mentions.account_id = ' + account.id.to_s)
           .where('statuses.visibility != ? OR mentions.id IS NOT NULL', Status.visibilities[:direct])
diff --git a/app/workers/application_worker.rb b/app/workers/application_worker.rb
new file mode 100644
index 000000000..f2d7c1062
--- /dev/null
+++ b/app/workers/application_worker.rb
@@ -0,0 +1,5 @@
+class ApplicationWorker
+  def info(message)
+    Rails.logger.info("#{self.class.name} - #{message}")
+  end
+end
diff --git a/app/workers/distribution_worker.rb b/app/workers/distribution_worker.rb
index f4e738d80..9a2867ea6 100644
--- a/app/workers/distribution_worker.rb
+++ b/app/workers/distribution_worker.rb
@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-class DistributionWorker
+class DistributionWorker < ApplicationWorker
   include Sidekiq::Worker
 
   def perform(status_id)
@@ -9,6 +9,6 @@ class DistributionWorker
     FanOutOnWriteService.new.call(status)
     WarmCacheService.new.call(status)
   rescue ActiveRecord::RecordNotFound
-    true
+    info("Couldn't find the status")
   end
 end
diff --git a/docs/Running-Mastodon/Production-guide.md b/docs/Running-Mastodon/Production-guide.md
index b1f7bd35b..d539ddf64 100644
--- a/docs/Running-Mastodon/Production-guide.md
+++ b/docs/Running-Mastodon/Production-guide.md
@@ -12,9 +12,21 @@ map $http_upgrade $connection_upgrade {
 }
 
 server {
+  listen 80;
+  listen [::]:80;
+  server_name example.com;
+  return 301 https://$host$request_uri;
+}
+
+server {
   listen 443 ssl;
   server_name example.com;
 
+  ssl_protocols TLSv1.2;
+  ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
+  ssl_prefer_server_ciphers on;
+  ssl_session_cache shared:SSL:10m;
+
   ssl_certificate     /etc/letsencrypt/live/example.com/fullchain.pem;
   ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
 
diff --git a/docs/Using-Mastodon/User-guide.md b/docs/Using-Mastodon/User-guide.md
index f8018909a..acd02f24e 100644
--- a/docs/Using-Mastodon/User-guide.md
+++ b/docs/Using-Mastodon/User-guide.md
@@ -160,13 +160,13 @@ Toot privacy is handled independently of account privacy, and individually for e
 
 **Unlisted** toots are toggled with the "Do not display in public timeline" option in the Compose pane. They are visible to anyone following you and appear on your profile page to the public even without a Mastodon login, but do *not* appear to anyone viewing the Public Timeline while logged into Mastodon.
 
-**Private** toots, finally, are toggled with the "Mark as private" switch. Private toots do not appear in the public timeline nor on your profile page to anyone viewing it unless they are on your Followers list. This means the option is of very limited use if your account is not also set to be private (as anyone can follow you without confirmation and thus see your private toots). However the separation of this means that if you *do* set your entire account to private, you can switch this option off on a toot to make unlisted or even public toots from your otherwise private account.
+**Private** toots, finally, are toggled with the "Mark as private" switch. Private toots do not appear in the public timeline nor on your profile page to anyone viewing it unless they are on your Followers list. This means the option is of very limited use if your account is not also set to be private (as anyone can follow you without confirmation and thus see your private toots). However the separation of this means that if you *do* set your entire account to private, you can switch this option off on a toot to make unlisted or even public toots from your otherwise private account. Private posts are not encrypted. Make sure you trust your instance admin not to just read your private posts on the back-end.
 
 Private toots do not federate to other instances, unless you @mention a remote user. In this case, they will federate to their instance *and may appear there PUBLICLY*. A warning will be displayed if you're composing a private toot that will federate to another instance.
 
 Private toots cannot be boosted. If someone you follow makes a private toot, it will appear in your timeline with a padlock icon in place of the Boost icon. **NOTE** that remote instances may not respect this.
 
-**Direct** messages are only visible to users you have @mentioned in them. This does *not* federate to protect your privacy (as other instances may ignore the "Direct" status and display the messages as public if they were to receive them), even if you have @mentioned a remote user.
+**Direct** posts are only visible to users you have @mentioned in them and cannot be boosted. Like with private posts, you should be mindful that the remote instance may not respect this protocol. If you are discussing a sensitive matter you should move the conversation off of Mastodon. 
 
 To summarise:
 
@@ -175,7 +175,7 @@ Toot Privacy | Visible on Profile | Visible on Public Timeline | Federates to ot
 Public | Anyone incl. anonymous viewers | Yes | Yes
 Unlisted | Anyone incl. anonymous viewers | No | Yes
 Private | Followers only | No | Only remote @mentions
-Direct | No | No | No
+Direct | No | No | Only remote @mentions
 
 #### Blocking
 
diff --git a/docs/Using-the-API/API.md b/docs/Using-the-API/API.md
index bc5ca3de4..e09d8ac9c 100644
--- a/docs/Using-the-API/API.md
+++ b/docs/Using-the-API/API.md
@@ -310,7 +310,7 @@ Returns a [Status](#status).
 
 #### Getting status context:
 
-    GET /api/v1/statuses/:id/contexts
+    GET /api/v1/statuses/:id/context
 
 Returns a [Context](#context).