about summary refs log tree commit diff
path: root/app/controllers/accounts_controller.rb
AgeCommit message (Collapse)Author
2022-01-17Add support for private pinned posts (#16954)Claire
* Add support for private pinned toots * Allow local user to pin private toots * Change wording to avoid "direct message"
2021-04-26Further improve the media attached status query for accounts (#16106)abcang
2021-04-25Improve media attached status query (#16105)abcang
2021-02-19replace all instances of "ends_with?" with "end_with?" (#15745)Justin Tracey
The "ends_with?" method is just a Rails alias of Ruby's "end_with?" method. Using the latter makes the code less brittle.
2020-12-07Fix slow distinct queries where grouped queries are faster (#15287)Eugen Rochko
About 2x speed-up on inboxes query
2020-11-08Add support for reversible suspensions through ActivityPub (#14989)Eugen Rochko
2020-09-14Do not serve account actors at all in limited federation mode (#14800)ThibG
* Do not serve account actors at all in limited federation mode When an account is fetched without a signature from an allowed instance, return an error. This isn't really an improvement in security, as the only information that was previously returned was required protocol-level info, and the only personal bit was the existence of the account. The existence of the account can still be checked by issuing a webfinger query, as those are accepted without signatures. However, this change makes it so that unallowed instances won't create account records on their end when they find a reference to an unknown account. The previous behavior of rendering a limited list of fields, instead of not rendering the actor at all, was in order to prevent situations in which two instances in Authorized Fetch mode or Limited Federation mode would fail to reach each other because resolving an account would require a signed query… from an account which can only be fetched with a signed query itself. However, this should now be fine as fetching accounts is done by signing on behalf of the special instance actor, which does not require any kind of valid signature to be fetched. * Fix tests
2020-08-28Introduce ApplicationController#cache_collection_paginated_by_id (#14677)Akihiko Odaki
* Replace incorrect use of distinct with group Some uses of ActiveRecord::QueryMethods#distinct pass field names but they are incorrect for the current version of Rails. ActiveRecord::QueryMethods#group provides the expected behavior and benefits performance. See commit 6da24aad4cafdef8d8a2c92bac2002a5fc2fe9c8. * Introduce ApplicationController#cache_collection_paginated_by_id ApplicationController#cache_collection_paginated_by_id fuses ApplicationController#cache_collection and Paginable.paginate_by_id. An advantage of this method is that it prevents from modifying scope which Paginable.paginate_by_id may provide. ApplicationController#cache_collection always return an array and there is no possibility of the scope modification. It is also clear for a programmer, considering the implication of "cache". This method can also emit more efficient queries by using Cacheable.cache_ids before calling Paginable.paginate_by_id.
2020-06-19Fix functional user requirements in whitelist mode (#14093)ThibG
Fixes #14092
2020-06-09Add limit parameter to rss (#13743)Takeshi Umeda
2020-05-03Add more ActivityPub controller tests (#13590)Eugen Rochko
2020-05-03Add more tests for ActivityPub controllers (#13585)Eugen Rochko
2020-02-19Fix account JSON/RSS not being cacheable due to wrong mime type comparison ↵ThibG
(#13116) `request.format` is not a symbol but a `Mime::Type`, so the condition actually never matched, and a session was created even for those requests, preventing caching.
2019-10-02Fix RSS caching (but disable localization) (#12054)ThibG
2019-10-02Fix featured hashtag URL being interpreted as media or with_replies (#12048)Eugen Rochko
Fix #12034
2019-09-28Fix redirecting non-functional accounts on public pages (#11978)Eugen Rochko
Fix #11969
2019-08-18Add an RSS feed tagged to a public profile page (#10502)Takeshi Umeda
* Add featured tag support to rss feed on public account page * fix codeing style
2019-08-17Add explanation to featured hashtags page and profile (#11586)Eugen Rochko
2019-08-11Fix ActivityPub and REST API queries setting cookies and preventing caching ↵ThibG
(#11539) Regression from #8657
2019-07-21Add (back) rails-level JSON caching (#11333)Eugen Rochko
2019-07-11Add ActivityPub secure mode (#11269)Eugen Rochko
* Add HTTP signature requirement for served ActivityPub resources * Change `SECURE_MODE` to `AUTHORIZED_FETCH` * Add 'Signature' to 'Vary' header and improve code style * Improve code style by adding `public_fetch_mode?` method
2019-07-08Refactor controllers for statuses, accounts, and more (#11249)Eugen Rochko
2019-07-07Remove Atom feeds and old URLs in the form of `GET /:username/updates/:id` ↵Eugen Rochko
(#11247)
2019-06-05Cleanup various controllers (#10972)ThibG
* Remove skip_session! as it is not supported in Rails 5 * Minor cleanup in StreamEntriesController * Remove redundant mark_cacheable! calls
2019-03-17Reduce server load caused by anonymous viewing. (#9059)Ben Lubar
Do not start a session if the current user is not logged in for public-facing pages. Mark pages that don't care about sessions as publicly cacheable. Keep the max age as 0 so proxies and browsers will still try to retrieve an updated version but can still fall back to the stale version if the site is down or too slow. Fixes #9035.
2019-03-14Admission-based registrations mode (#10250)Eugen Rochko
Fix #6856 Fix #6951
2019-03-13Fix `tagged` param not being normalized before querying tags (#10249)Eugen Rochko
2019-02-05Fix it as tagged_request of accounts_controller is not addressable_uri (#9976)Takeshi Umeda
2019-02-05Fix pinned statuses being shown in a featured hashtag (#9971)Eugen Rochko
2019-02-04Add featured hashtags to profiles (#9755)Eugen Rochko
* Add hashtag filter to profiles GET /@:username/tagged/:hashtag GET /api/v1/accounts/:id/statuses?tagged=:hashtag * Display featured hashtags on public profile * Use separate model for featured tags * Update featured hashtag counters on-write * Limit featured tags to 10
2018-08-19Unuse ActiveRecord::Base#cache_key (#8185)abcang
* Unuse ActiveRecord::Base#cache_key * Enable cache_versioning * Call cache_collection
2018-08-09Public profile endorsements (accounts picked by profile owner) (#8146)Eugen Rochko
2018-08-01Do not show pinned toots when min_id is set (#8111)Yamagishi Kazutoshi
2018-07-31Compensate for scrollbar disappearing when media modal visible (#8100)Eugen Rochko
* Compensate for scrollbar disappearing when media modal visible Make auth pages backgrounds lighter * Fix typo
2018-04-25Add RSS feeds for end-users (#7259)Eugen Rochko
* Add RSS feed for accounts * Add RSS feeds for hashtags * Fix code style issues * Fix code style issues
2018-02-26Fix prev/next links on public profile page (#6497)Ian McCowan
* Fix prev/next links on public profile page * Don't make pagination urls if no available statuses * Fix empty check method * Put left chevron before prev page link * Add scope for pagination "starting at" a given id * Status pagination try 2: s/prev/older and s/next/newer "older" on left, "newer" on right Use new scope for "newer" link Extract magic 20 page size to constant Remove max_id from feed pagination as it's not respected * Reinstate max_id for accounts atom stream * normalize
2018-01-04Cache JSON of immutable ActivityPub representations (#6171)Eugen Rochko
2017-10-07Encode custom emojis as resolveable objects in ActivityPub (#5243)Eugen Rochko
* Encode custom emojis as resolveable objects in ActivityPub * Improve code style
2017-09-06Switch to static URIs, new URI format in both protocols for new statuses (#4815)Eugen Rochko
* Decouple Status#local? from uri being nil * Replace on-the-fly URI generation with stored URIs - Generate URI in after_save hook for local statuses - Use static value in TagManager when available, fallback to tag format - Make TagManager use ActivityPub::TagManager to understand new format - Adjust tests * Use other heuristic for locality of old statuses, do not perform long query * Exclude tombstone stream entries from Atom feed * Prevent nil statuses from landing in Pubsubhubbub::DistributionWorker * Fix URI not being saved (#4818) * Add more specs for Status * Save generated uri immediately and also fix method order to minimize diff. * Fix alternate HTML URL in Atom * Fix tests * Remove not-null constraint from statuses migration to speed it up
2017-09-04Show pinned statuses only in the top of the profile page (#4803)nullkal
* Show pinned statuses only in the top of the profile page * Refactor AccountsController#show_pinned_statuses?
2017-08-25Allow multiple pinned statuses to be shown and make them be ordered b… (#4690)nullkal
* Allow multiple pinned statuses to be shown and make them be ordered by pinned date * Set timestamps NOT NULL * Make single-line pinned_statuses * Spec for pinned_statuses * Remove redundant empty line
2017-08-25Pinned statuses (#4675)Eugen Rochko
* Pinned statuses * yarn manage:translations
2017-08-16Redesign public profiles (#4608)Eugen Rochko
* Redesign public profiles * Responsive design * Change public profile status filtering defaults and add options - No longer displays private/direct toots even if you are permitted access - By default omits replies - "With replies" option - "Media only" option * Redesign account grid cards * Fix style issues
2017-08-14Set correct content-type for ActivityPub JSON (#4592)Eugen Rochko
2017-07-19Correct OStatus inflection (Ostatus -> OStatus) (#4255)Eugen Rochko
2017-07-18Introduce Ostatus name space (#4164)Akihiko Odaki
* Wrap methods of ProcessFeedService::ProcessEntry in classes This is a change same with 425acecfdb15093a265b191120fb2d4e4c4135c4, except that it has the following changes: * Revert irrelevant change in find_or_create_conversation * Fix error handling for RemoteActivity * Introduce Ostatus name space
2017-07-15Improve ActivityPub representations (#3844)Eugen Rochko
* Improve webfinger templates and make tests more flexible * Clean up AS2 representation of actor * Refactor outbox * Create activities representation * Add representations of followers/following collections, do not redirect /users/:username route if format is empty * Remove unused translations * ActivityPub endpoint for single statuses, add ActivityPub::TagManager for better URL/URI generation * Add ActivityPub::TagManager#to * Represent all attachments as Document instead of Image/Video specifically (Because for remote ones we may not know for sure) Add mentions and hashtags representation to AP notes * Add AP-resolvable hashtag URIs * Use ActiveModelSerializers for ActivityPub * Clean up unused translations * Separate route for object and activity * Adjust cc/to matrices * Add to/cc to activities, ensure announce activity embeds target status and not the wrapper status, add "id" to all collections
2017-07-14HTTP signatures (#4146)Eugen Rochko
* Add Request class with HTTP signature generator Spec: https://tools.ietf.org/html/draft-cavage-http-signatures-06 * Add HTTP signature verification concern * Add test for SignatureVerification concern * Add basic test for Request class * Make PuSH subscribe/unsubscribe requests use new Request class Accidentally fix lease_seconds not being set and sent properly, and change the new minimum subscription duration to 1 day * Make all PuSH workers use new Request class * Make Salmon sender use new Request class * Make FetchLinkService use new Request class * Make FetchAtomService use the new Request class * Make Remotable use the new Request class * Make ResolveRemoteAccountService use the new Request class * Add more tests * Allow +-30 seconds window for signed request to remain valid * Disable time window validation for signed requests, restore 7 days as PuSH subscription duration (which was previous default due to a bug)
2017-05-26Remove redundant call of recent scope in AccountsController (#3330)Akihiko Odaki
recent is included in paginate_by_max_id.
2017-05-23Cover AccountsController more in spec (#3229)Akihiko Odaki
* Introduce recent scope to Status and StreamEntry Introduce recent scope to Status and StreamEntry as Account has. * Cover AccountsController more in AccountsController