about summary refs log tree commit diff
path: root/app/controllers/api
AgeCommit message (Collapse)Author
2019-06-28Add categories for custom emojis (#11196)Eugen Rochko
Fix #7940
2019-06-20Add moderation API (#9387)Eugen Rochko
Fix #8580 Fix #7143
2019-06-04Fix poll API not requiring authentication on non-public polls (#10960)Eugen Rochko
* Fix poll API not requiring authentication on non-public polls That API does not reveal the content of the status, i.e. the question itself, nor who the author is, nor which status it belongs to, but it does reveal the poll options and how many answers they got Fix #10959 * Add test
2019-05-28Fix web push notifications for polls (#10864)ThibG
Fixes #10861
2019-05-21Add `account_id` param to `GET /api/v1/notifications` (#10796)Paul Woolcock
* Add `from_account` to notifications API this adds the ability to filter notifications by the account they originated from * passing a non-existent user should cause none to be returned * Fix codeclimate warnings * fix more codeclimate warnings * make requested changes: * use account id instead of user@domain * name the param `account_id` instead of `from_account` * Don't use `return` in a lambda
2019-05-11Add toot source to delete result to ease Delete & Redraft (#10669)ThibG
* Return Status with raw text in raw_content when deleting a status * Use raw content if available on delete & redraft * Rename raw_content to text; do not serialize formatted content when source is requested
2019-05-03Explicitly disable storage of REST API results (#10655)ThibG
Fixes #10652
2019-04-07Improve blocked view of profiles (#10491)Eugen Rochko
* Revert "Fix filtering of favourited_by, reblogged_by, followers and following (#10447)" This reverts commit 120544067fcca4bf6e71ba1ffb276c451c17c656. * Revert "Hide blocking accounts from blocked users (#10442)" This reverts commit 62bafa20a112ccdddaedb25723fc819dbbcd8e9a. * Improve blocked view of profiles - Change "You are blocked" to "Profile unavailable" - Hide following/followers in API when blocked - Disable follow button and show "Profile unavailable" on public profile as well
2019-04-01Hide blocking accounts from blocked users (#10442)ThibG
* Revert "Add indication that you have been blocked in web UI (#10420)" This reverts commit bd02ec6daa974dcd3231e73826a56e08dbeedadc. * Revert "Add `blocked_by` relationship to the REST API (#10373)" This reverts commit 9745de883b198375ba23f7fde879f6d75ce2df0f. * Hide blocking accounts from search results * Filter blocking accouts from account followers * Filter blocking accouts from account's following accounts * Filter blocking accounts from “reblogged by” and “favourited by” lists * Remove blocking account from URL search * Return 410 on trying to fetch user data from a user who blocked us * Return 410 in /api/v1/account/statuses for suspended or blocking accounts * Fix status filtering when performing URL search * Restore some React improvements Restore some cleanup from bd02ec6daa974dcd3231e73826a56e08dbeedadc * Refactor by adding `without_blocking` scope
2019-03-28squashed identity proof updates (#10375)Alex Gessner
2019-03-18Add Keybase integration (#10297)Eugen Rochko
* create account_identity_proofs table * add endpoint for keybase to check local proofs * add async task to update validity and liveness of proofs from keybase * first pass keybase proof CRUD * second pass keybase proof creation * clean up proof list and add badges * add avatar url to keybase api * Always highlight the “Identity Proofs” navigation item when interacting with proofs. * Update translations. * Add profile URL. * Reorder proofs. * Add proofs to bio. * Update settings/identity_proofs front-end. * Use `link_to`. * Only encode query params if they exist. URLs without params had a trailing `?`. * Only show live proofs. * change valid to active in proof list and update liveness before displaying * minor fixes * add keybase config at well-known path * extremely naive feature flagging off the identity proof UI * fixes for rubocop * make identity proofs page resilient to potential keybase issues * normalize i18n * tweaks for brakeman * remove two unused translations * cleanup and add more localizations * make keybase_contacts an admin setting * fix ExternalProofService my_domain * use Addressable::URI in identity proofs * use active model serializer for keybase proof config * more cleanup of keybase proof config * rename proof is_valid and is_live to proof_valid and proof_live * cleanup * assorted tweaks for more robust communication with keybase * Clean up * Small fixes * Display verified identity identically to verified links * Clean up unused CSS * Add caching for Keybase avatar URLs * Remove keybase_contacts setting
2019-03-15Add `visibility` param to reblog REST API (#9851)Eugen Rochko
Use async worker for creating reblog notification to improve performance
2019-03-15Add a preferences API so apps can share basic behaviours (#10109)Eugen Rochko
2019-03-14Admission-based registrations mode (#10250)Eugen Rochko
Fix #6856 Fix #6951
2019-03-13Fix `tagged` param not being normalized before querying tags (#10249)Eugen Rochko
2019-03-03Add polls (#10111)Eugen Rochko
* Add polls Fix #1629 * Add tests * Fixes * Change API for creating polls * Use name instead of content for votes * Remove poll validation for remote polls * Add polls to public pages * When updating the poll, update options just in case they were changed * Fix public pages showing both poll and other media
2019-02-26Improve account media query (#10121)abcang
2019-02-26Add type, limit, offset, min_id, max_id, account_id to search API (#10091)Eugen Rochko
* Add type, limit, offset, min_id, max_id, account_id to search API Fix #8939 * Make the offset work on accounts and hashtags search as well * Assure brakeman we are not doing mass assignment here * Do not allow paginating unless a type is chosen * Fix search query and index id field on statuses instead of created_at
2019-02-16Add vapid_key to the application entity in the REST API (#10058)Eugen Rochko
Fix #8785
2019-02-04Add featured hashtags to profiles (#9755)Eugen Rochko
* Add hashtag filter to profiles GET /@:username/tagged/:hashtag GET /api/v1/accounts/:id/statuses?tagged=:hashtag * Display featured hashtags on public profile * Use separate model for featured tags * Update featured hashtag counters on-write * Limit featured tags to 10
2019-01-18Fix REST API showing non-public reblogs for a given status (#9850)Eugen Rochko
2019-01-07Add locale param to sign-up API (#9747)Eugen Rochko
Fix #9627
2019-01-06Add cache to custom emojis API (#9732)Eugen Rochko
Fix #9729
2019-01-05Add scheduled statuses (#9706)Eugen Rochko
Fix #340
2018-12-27Add exclude_reblogs option to account statuses API (#9640)Eugen Rochko
Fix #9606
2018-12-25Add error message with invalid email confirmation (#9625)Takeshi Umeda
2018-12-24Add REST API for creating an account (#9572)Eugen Rochko
* Add REST API for creating an account The method is available to apps with a token obtained via the client credentials grant. It creates a user and account records, as well as an access token for the app that initiated the request. The user is unconfirmed, and an e-mail is sent as usual. The method returns the access token, which the app should save for later. The REST API is not available to users with unconfirmed accounts, so the app must be smart to wait for the user to click a link in their e-mail inbox. The method is rate-limited by IP to 5 requests per 30 minutes. * Redirect users back to app from confirmation if they were created with an app * Add tests * Return 403 on the method if registrations are not open * Require agreement param to be true in the API when creating an account
2018-12-23Sanitize and sandbox toot embeds (#9552)ThibG
2018-12-20Allow unauthenticated REST API access to GET /api/v1/accounts/:id/statuses ↵Eugen Rochko
(#9573) Fix #7087 The same data is available over the ActivityPub outbox, RSS, and Atom, so there is little benefit to keeping it limited in this method.
2018-12-06Add profile directory (#9427)Eugen Rochko
Fix #5578
2018-11-19Extract counters from accounts table to account_stats table (#9295)Eugen Rochko
2018-11-08Optimize the process of following someone (#9220)Eugen Rochko
* Eliminate extra accounts select query from FollowService * Optimistically update follow state in web UI and hide loading bar Fix #6205 * Asynchronize NotifyService in FollowService And fix failing test * Skip Webfinger resolve routine when called from FollowService if possible If an account is ActivityPub, then webfinger re-resolving is not necessary when called from FollowService. Improve options of ResolveAccountService
2018-11-05Allow joining several hashtags in a single column (#8904)James Kiesel
* Nascent tag menu on frontend * Hook up frontend to search * Tag intersection backend first pass * Update yarnlock * WIP * Fix for tags not searching correctly * Make radio buttons function * Simplify radio buttons with modeOption * Better naming * Rearrange options * Add all/any/none functionality on backend * Small PR cleanup * Move to service from scope * Small cleanup, add proper service tests * Don't use send with user input :D * Set appropriate column header * Handle auto updating timeline * Fix up toggle function * Use tag value correctly * A bit more correct to use 'self' rather than 'all' in status scope * Fix some style issues * Fix more code style issues * Style select dropdown more better * Only use to_id'ed value to ensure no SQL injection * Revamp frontend to allow for multiple selects * Update backend / col header to account for more flexible tagging * Update brakeman ignore * Codeclimate suggestions * Fix presenter tag_url * Implement initial PR feedback * Handle additional tag streaming * CodeClimate tweak
2018-10-19Add unread indicator to conversations (#9009)Eugen Rochko
2018-10-07Add conversations API (#8832)Eugen Rochko
* Add conversations API * Add web UI for conversations * Add test for conversations API * Add tests for ConversationAccount * Improve web UI * Rename ConversationAccount to AccountConversation * Remove conversations on block and mute * Change last_status_id to be a denormalization of status_ids * Add optimistic locking
2018-10-07Ensure only toots from the reported users are reported (#8916)ThibG
2018-09-28Support min_id-based pagination in REST API (#8736)Eugen Rochko
* Allow min_id pagination in Feed#get * Add min_id pagination to home and list timeline APIs * Add min_id pagination to account statuses, public and tag APIs * Remove unused stub in reports API * Use min_id pagination in notifications, favourites, and fix order * Fix HomeFeed#from_database not using paginate_by_id
2018-09-24Cache instance info (#8765)Yamagishi Kazutoshi
2018-09-09Add force_login option to OAuth authorize page (#8655)Eugen Rochko
* Add force_login option to OAuth authorize page For when a user needs to sign into an app from multiple accounts on the same server * When logging out from modal header, redirect back after re-login
2018-08-31Self-notify on accepting follow requests (#8541)ThibG
2018-08-26Make Api::V1::MutesController paginate properly (#8472)Jakub Mendyk
Fixes #8463
2018-08-26Fix low-hanging rubocop gripes (#8458)Quint Guvernator
* rubocop: quit being so picky * rubocop: miscellany * rubocop: prefer present to blank
2018-08-23Allow mods to disable login, improve message when login disabled (#8329)Eugen Rochko
* Allow moderators to disable/enable login * Instead of rejecting login, show forbidden error when login disabled Avoid confusion because when login is rejected, the message is that the account is not activated, which is wrong. * Fix tests
2018-08-20Add API endpoint to list featured accounts (fixes #8315) (#8317)ThibG
2018-08-19Unuse ActiveRecord::Base#cache_key (#8185)abcang
* Unuse ActiveRecord::Base#cache_key * Enable cache_versioning * Call cache_collection
2018-08-09Public profile endorsements (accounts picked by profile owner) (#8146)Eugen Rochko
2018-07-09Add option to not consider word boundaries when processing keyword filtering ↵ThibG
(#7975) * Add option to not consider word boundaries when filtering phrases * Add a few tests for keyword/phrase filtering
2018-07-07Add API method to remove a suggestion (#7978)Eugen Rochko
DELETE /api/v1/suggestions/:account_id When blocking, remove suggestion from both sides. Muting not affected, since muting is supposed to be invisible to the target.
2018-07-07Fix missing irreversible in filters API, expires_in param (#7976)Eugen Rochko
2018-07-05Add more granular OAuth scopes (#7929)Eugen Rochko
* Add more granular OAuth scopes * Add human-readable descriptions of the new scopes * Ensure new scopes look good on the app UI * Add tests * Group scopes in screen and color-code dangerous ones * Fix wrong extra scope