about summary refs log tree commit diff
path: root/app/controllers/api
AgeCommit message (Collapse)Author
2017-07-21New notification cleaning mode (#89)Ondřej Hruška
This PR adds a new notification cleaning mode, super perfectly tuned for accessibility, and removes the previous notification cleaning functionality as it's now redundant. * w.i.p. notif clearing mode * Better CSS for selected notification and shorter text if Stretch is off * wip for rebase ~ * all working in notif clearing mode, except the actual removal * bulk delete route for piggo * cleaning + refactor. endpoint gives 422 for some reason * formatting * use the right route * fix broken destroy_multiple * load more notifs after succ cleaning * satisfy eslint * Removed CSS for the old notif delete button * Tabindex=0 is mandatory In order to make it possible to tab to this element you must have tab index = 0. Removing this violates WCAG and makes it impossible to use the interface without good eyesight and a mouse. So nobody with certain mobility impairments, vision impairments, or brain injuries would be able to use this feature if you don't have tabindex=0 * Corrected aria-label Previous label implied a different behavior from what actually happens * aria role localization & made the overlay behave like a checkbox * checkboxes css and better contrast * color tuning for the notif overlay * fanceh checkboxes etc and nice backgrounds * SHUT UP TRAVIS
2017-07-20Merge pull request #87 from tootsuite/masterbeatrix
merge upstream
2017-07-20Fix webfinger retries (#4275)Eugen Rochko
* Do not raise unretryable exceptions in ResolveRemoteAccountService * Removed fatal exceptions from ResolveRemoteAccountService Exceptions that cannot be retried should not be raised. New exception class for those that can be retried (Mastodon::UnexpectedResponseError)
2017-07-15Merge upstream (#81)kibigo!
2017-07-15Raise search results count to 10 for testOndřej Hruška
reference: https://mastodon.xyz/users/lx/updates/278054
2017-07-15Improve ActivityPub representations (#3844)Eugen Rochko
* Improve webfinger templates and make tests more flexible * Clean up AS2 representation of actor * Refactor outbox * Create activities representation * Add representations of followers/following collections, do not redirect /users/:username route if format is empty * Remove unused translations * ActivityPub endpoint for single statuses, add ActivityPub::TagManager for better URL/URI generation * Add ActivityPub::TagManager#to * Represent all attachments as Document instead of Image/Video specifically (Because for remote ones we may not know for sure) Add mentions and hashtags representation to AP notes * Add AP-resolvable hashtag URIs * Use ActiveModelSerializers for ActivityPub * Clean up unused translations * Separate route for object and activity * Adjust cc/to matrices * Add to/cc to activities, ensure announce activity embeds target status and not the wrapper status, add "id" to all collections
2017-07-14Fix #2672 - Connect signed PuSH subscription requests to instance domain (#4205)Eugen Rochko
* Fix #2672 - Connect signed PuSH subscription requests to instance domain Resolves #2739 * Fix return of locate_subscription * Fix tests
2017-07-14Fix response of unreblog/unfavourite APIs (#4204)unarist
Both APIs process asynchronously, so reblogged/favourited fields in the response should be set to `false` manually.
2017-07-14HTTP signatures (#4146)Eugen Rochko
* Add Request class with HTTP signature generator Spec: https://tools.ietf.org/html/draft-cavage-http-signatures-06 * Add HTTP signature verification concern * Add test for SignatureVerification concern * Add basic test for Request class * Make PuSH subscribe/unsubscribe requests use new Request class Accidentally fix lease_seconds not being set and sent properly, and change the new minimum subscription duration to 1 day * Make all PuSH workers use new Request class * Make Salmon sender use new Request class * Make FetchLinkService use new Request class * Make FetchAtomService use the new Request class * Make Remotable use the new Request class * Make ResolveRemoteAccountService use the new Request class * Add more tests * Allow +-30 seconds window for signed request to remain valid * Disable time window validation for signed requests, restore 7 days as PuSH subscription duration (which was previous default due to a bug)
2017-07-14Added buttons and menu items to dismiss individual notifications (#76)Ondřej Hruška
* Added DELETE verb for notifications * Added notification dismiss button to status dropdown * Added reveal-on-hover notif dismiss button, added FollowNotification component
2017-07-13Web Push Notifications (#3243)Sorin Davidoi
* feat: Register push subscription * feat: Notify when mentioned * feat: Boost, favourite, reply, follow, follow request * feat: Notification interaction * feat: Handle change of public key * feat: Unsubscribe if things go wrong * feat: Do not send normal notifications if push is enabled * feat: Focus client if open * refactor: Move push logic to WebPushSubscription * feat: Better title and body * feat: Localize messages * chore: Fix lint errors * feat: Settings * refactor: Lazy load * fix: Check if push settings exist * feat: Device-based preferences * refactor: Simplify logic * refactor: Pull request feedback * refactor: Pull request feedback * refactor: Create /api/web/push_subscriptions endpoint * feat: Spec PushSubscriptionController * refactor: WebPushSubscription => Web::PushSubscription * feat: Spec Web::PushSubscription * feat: Display first media attachment * feat: Support direction * fix: Stuff broken while rebasing * refactor: Integration with session activations * refactor: Cleanup * refactor: Simplify implementation * feat: Set VAPID keys via environment * chore: Comments * fix: Crash when no alerts * fix: Set VAPID keys in testing environment * fix: Follow link * feat: Notification actions * fix: Delete previous subscription * chore: Temporary logs * refactor: Move migration to a later date * fix: Fetch the correct session activation and misc bugs * refactor: Move migration to a later date * fix: Remove follow request (no notifications) * feat: Send administrator contact to push service * feat: Set time-to-live * fix: Do not show sensitive images * fix: Reducer crash in error handling * feat: Add badge * chore: Fix lint error * fix: Checkbox label overlap * fix: Check for payload support * fix: Rename action "type" (crash in latest Chrome) * feat: Action to expand notification * fix: Lint errors * fix: Unescape notification body * fix: Do not allow boosting if the status is hidden * feat: Add VAPID keys to the production sample environment * fix: Strip HTML tags from status * refactor: Better error messages * refactor: Handle browser not implementing the VAPID protocol (Samsung Internet) * fix: Error when target_status is nil * fix: Handle lack of image * fix: Delete reference to invalid subscriptions * feat: Better error handling * fix: Unescape HTML characters after tags are striped * refactor: Simpify code * fix: Modify to work with #4091 * Sort strings alphabetically * i18n: Updated Polish translation it annoys me that it's not fully localized :P * refactor: Use current_session in PushSubscriptionController * fix: Rebase mistake * fix: Set cacheName to mastodon * refactor: Pull request feedback * refactor: Remove logging statements * chore(yarn): Fix conflicts with master * chore(yarn): Copy latest from master * chore(yarn): Readd offline-plugin * refactor: Use save! and update! * refactor: Send notifications async * fix: Allow retry when push fails * fix: Save track for failed pushes * fix: Minify sw.js * fix: Remove account_id from fabricator
2017-07-11Fix #3462 - Require authentication for search API (#4155)Eugen Rochko
This makes it consistent with /api/v1/accounts/search and previous behaviour has been an oversight.
2017-07-10Add attribute for default privacy to verify credentials (#4075)Yamagishi Kazutoshi
* Add attribute for default privacy to verify credentials * add raw_note * source
2017-07-08Replace OEmbed and initial state Rabl templates with serializers (#4110)Eugen Rochko
* Replace OEmbed Rabl template with serializer * Replace initial state rabl with serializer
2017-07-07Refactor JSON templates to be generated with ActiveModelSerializers instead ↵Eugen Rochko
of Rabl (#4090)
2017-06-27Fix #1624 - Send e-mail notifications to admins about new reports (#3949)Eugen Rochko
2017-06-19Rename FollowRemoteAccountService to ResolveRemoteAccountService (#3847)Eugen Rochko
Rename Activitypub to ActivityPub
2017-06-10Move create/destroy actions for api/v1/statuses to namespace (#3678)Matt Jankowski
Each of mute, favourite, reblog has been updated to: - Have a separate controller with just a create and destroy action - Preserve historical route names to not break the API - Mild refactoring to break up long methods
2017-06-09Move reblogged_by and favourited_by actions out of api/v1/statuses and into ↵Matt Jankowski
unique controllers (#3646) * Add specs for api statuses routes * Update favourited_by and reblogged_by api routes * Move methods into new controllers * Use load_accounts methods to simplify index actions * Clean up load_accounts methods * Clean up link header generation * Check for link headers in specs * Remove unused actions from api/v1/statuses controller * Remove specs for moved actions
2017-06-08Improve RuboCop rules (compatibility to Code Climate) (#3636)Yamagishi Kazutoshi
https://github.com/codeclimate/codeclimate-rubocop/blob/08f8de84ebfb39caa96391e23816877278f6441c/Gemfile.lock#L38 Code Climate is using RuboCop v0.46.0. Change several rules to maintain compatibility.
2017-06-07Clean up for api/base controller (#3629)Matt Jankowski
* Move ApiController to Api/BaseController * API controllers inherit from Api::BaseController * Add coverage for various error cases in api/base controller
2017-06-05Redirect to streaming_api_base_url (#3579)Daigo 3 Dango
* Redirect to streaming_api_base_url When Rails receives a request to streaming API, it most likely means that there is another host which is configured to respond to it. This is to redirect clients to that host if `STREAMING_API_BASE_URL` is set as another host. * Use the new Ruby 1.9 hash syntax
2017-06-04Fix limit_param in favourites_controller.rb (#3553)Naoki Kosaka
2017-05-31Spec coverage and refactor for the api/v1/accounts controllers (#3451)Matt Jankowski
2017-05-31Improve spec coverage and clean up api/v1/blocks controller (#3464)Matt Jankowski
2017-05-31Improve spec coverage and clean up api/v1/follow_requests controller (#3465)Matt Jankowski
2017-05-31Improve spec coverage and clean up api/v1/domain_blocks controller (#3466)Matt Jankowski
2017-05-31Refactor api/v1/notifications controller (#3470)Matt Jankowski
2017-05-31Improve spec coverage and clean up api/v1/favourites controller (#3472)Matt Jankowski
2017-05-31Improve spec coverage and clean up api/v1/mutes controller (#3481)Matt Jankowski
2017-05-31Refactor and spec coverage for api/v1/timelines actions (#3482)Matt Jankowski
2017-05-30Refactor api/v1/apps controller (#3471)Matt Jankowski
2017-05-30Refactor api/v1/reports controller (#3469)Matt Jankowski
2017-05-30Refactor api/v1/search controller (#3468)Matt Jankowski
2017-05-30Improve spec coverage and clean up api/v1/media controller (#3467)Matt Jankowski
2017-05-31Clean up api/subscriptions controller (#3448)Matt Jankowski
2017-05-30Add status destroy authorization to policy (#3453)Jack Jennings
* Add status destroy authorization to policy * Create explicit unreblog status authorization
2017-05-30Improve api oembed controller (#3450)Matt Jankowski
* Add StreamEntryFinder class to parse URLs * Use StreamEntryFinder and clean up api/oembed controller
2017-05-30Clean up api/salmon controller (#3449)Matt Jankowski
2017-05-29Extract authorization policy for viewing statuses (#3150)Jack Jennings
2017-05-25More use of next link header on account (media) timelines (#3311)unarist
This will reduce requests on who have only few statuses. - Use next link header to detect more items from first request - Omit next link header if result items are fewer than requested count (It had omit it only if result was empty before)
2017-05-23Fix following/followers API to return correct link headers (#3268)unarist
Link headers in following/followers API should include follow_id as max_id/since_id. However, these API use current_user's account_id instead of follow_id from #3167. This causes irrelevant result on loading more users.
2017-05-23Refactor of API timeline actions (#3263)Matt Jankowski
- Increase coverage to exercise all parts of each action - Move into namespace to share common code - Misc refactor of each action for smaller methods, simpler code
2017-05-22Coverage for api/web/settings controller (#3238)Matt Jankowski
2017-05-21Fix mutes_controller error and incorrect statuses_controller report (#3202)Akihiko Odaki
This commit fixes a regression in commit f55480756337dd4df7513e89673e81e003f1201a.
2017-05-20Fix regressions in api/v1 (#3178)Akihiko Odaki
The regressions are introduced at commit f55480756337dd4df7513e89673e81e003f1201a by me (Akihiko Odaki)
2017-05-20Fix block list 500 (#3174)Yamagishi Kazutoshi
2017-05-20Use joins for account properties (#3167)Akihiko Odaki
2017-05-19Add buttons to block and unblock domain (#3127)Eugen Rochko
* Add buttons to block and unblock domain * Relationship API now returns "domain_blocking" status for accounts, rename "block entire domain" to "hide entire domain", fix unblocking domain, do not block notifications from domain-blocked-but-followed people, do not send Salmons to domain blocked users * Add test * Personal domain blocks shouldn't affect Salmon after all, since in this direction of communication the control is very thin when it comes to public stuff. Best stay consistent and not affect federation in this way * Ignore followers and follow request from domain blocked folks, ensure account domain blocks are not created for empty domain, and avoid duplicates in validation * Purge followers when blocking domain (without soft-blocks, since they are useless here) * Add tests, fix local timeline being empty when having any domain blocks
2017-05-19Account domain blocks (#2381)Eugen Rochko
* Add <ostatus:conversation /> tag to Atom input/output Only uses ref attribute (not href) because href would be the alternate link that's always included also. Creates new conversation for every non-reply status. Carries over conversation for every reply. Keeps remote URIs verbatim, generates local URIs on the fly like the rest of them. * Conversation muting - prevents notifications that reference a conversation (including replies, favourites, reblogs) from being created. API endpoints /api/v1/statuses/:id/mute and /api/v1/statuses/:id/unmute Currently no way to tell when a status/conversation is muted, so the web UI only has a "disable notifications" button, doesn't work as a toggle * Display "Dismiss notifications" on all statuses in notifications column, not just own * Add "muted" as a boolean attribute on statuses JSON For now always false on contained reblogs, since it's only relevant for statuses returned from the notifications endpoint, which are not nested Remove "Disable notifications" from detailed status view, since it's only relevant in the notifications column * Up max class length * Remove pending test for conversation mute * Add tests, clean up * Rename to "mute conversation" and "unmute conversation" * Raise validation error when trying to mute/unmute status without conversation * Adding account domain blocks that filter notifications and public timelines * Add tests for domain blocks in notifications, public timelines Filter reblogs of blocked domains from home * Add API for listing and creating account domain blocks * API for creating/deleting domain blocks, tests for Status#ancestors and Status#descendants, filter domain blocks from them * Filter domains in streaming API * Update account_domain_block_spec.rb