about summary refs log tree commit diff
path: root/app/controllers/api
AgeCommit message (Collapse)Author
2020-02-27Fix leak of arbitrary statuses through unfavourite action in REST API (#13161)Eugen Rochko
2020-02-25Merge branch 'master' into glitch-soc/merge-upstreamThibaut Girka
2020-02-24Fix dismissing an announcement twice raising an obscure error (#13124)ThibG
2020-02-09Merge branch 'master' into glitch-soc/merge-upstreamThibaut Girka
Conflicts: - `Gemfile`: We updated httplog in a separate commit. Took upstream's change which updated it further. - `Gemfile.lock`: We updated httplog in a separate commit. Took upstream's change which updated it further. - `app/lib/sanitize_config.rb`: Upstream added better unsupported link stripping, while we had different sanitizing configs. Took only upstream's link stripping code. - `config/locales/simple_form.pl.yml`: Strings unused in glitch-soc had been removed from glitch-soc, reintroduced them even if they are not useful, to reduce the risk of later merge conflicts.
2020-02-07Fix malformed HTML causing uncaught error (#13042)Eugen Rochko
Fix OEmbed preview API leaking existence of private statuses (see #12930)
2020-02-03Merge branch 'master' into glitch-soc/merge-upstreamThibaut Girka
2020-02-03Change how unread announcements are handled (#13020)ThibG
* Change meaning of /api/v1/announcements/:id/dismiss to mark an announcement as read * Change how unread announcements are counted in UI * Add unread marker to announcements and mark announcements as unread as they are displayed * Fixups
2020-01-24Merge branch 'master' into glitch-soc/merge-upstreamThibaut Girka
Conflicts: - `app/controllers/statuses_controller.rb`: Minor conflict due to theming system
2020-01-24Fix OEmbed leaking information about existence of non-public statuses (#12930)Eugen Rochko
2020-01-23Add announcements (#12662)Eugen Rochko
* Add announcements Fix #11006 * Add reactions to announcements * Add admin UI for announcements * Add unit tests * Fix issues - Add `with_dismissed` param to announcements API - Fix end date not being formatted when time range is given - Fix announcement delete causing reactions to send streaming updates - Fix announcements container growing too wide and mascot too small - Fix `all_day` being settable when no time range is given - Change text "Update" to "Announcement" * Fix scheduler unpublishing announcements before they are due * Fix filter params not being passed to announcements filter
2020-01-20Merge branch 'master' into glitch-soc/masterThibaut Girka
Conflicts: - `README.md`: We have different README files. Discarded upstream changes. - `app/views/layouts/admin.html.haml`: Conflict due to glitch-soc theming system. Adapted upstream changes. - `app/views/layouts/embedded.html.haml`: Conflict due to glitch-soc theming system. Adapted upstream changes. - `yarn.lock`: No real conflict, glitch-specific dependency too close to an updated one. Adapted upstream change.
2020-01-14Fix access to OEmbed endpoint in secure mode (#12864)Eugen Rochko
2020-01-04Merge branch 'master' into glitch-soc/merge-upstreamThibaut Girka
Conflicts: - `app/controllers/application_controller.rb`: Conflict due to theming system. - `app/controllers/oauth/authorizations_controller.rb`: Conflict due to theming system.
2020-01-04Fix base64-encoded file uploads not being possible (#12748)Eugen Rochko
Fix #3804, Fix #5776
2019-12-31Hide blocked users from more places (#12733)ThibG
* Hide blocked, muted, and blocked-by users from toot favourite lists * Hide blocked, muted, and blocked-by users from toot reblog lists * Hide blocked, muted, and blocked-by users from followers/following (API) * Fix tests * Hide blocked, muted, and blocked-by users from followers/following on public pages
2019-12-31Fix error when fetching followers/following from REST API when user has ↵Eugen Rochko
network hidden (#12716) Fix #12510
2019-12-07Merge branch 'master' into glitch-soc/merge-upstreamThibaut Girka
Conflicts: - package.json Not really a conflict, caused by an additional dependency in glitch-soc. - yarn.lock Not really a conflict, caused by an additional dependency in glitch-soc.
2019-12-06Fix generic HTTP 500 error on duplicate records (#12563)Eugen Rochko
Fix #12551 Fix #12547
2019-12-01Add follow_request notification type (#12198)ThibG
* Add follow_request notification type The notification type already existed in the backend but was never pushed to the front-end. This also means translation strings were also available for the backend, from the notification mailer. Unlike other notification types, these are off by default, to match what I remember of Gargron's view on the topic: that follow requests should not clutter notifications and should instead be reviewed at the user's own leisure in the dedicated column. Since follow requests have their own column, I've deemed it unnecessary to add a specific tab for them in the notification quick filter. * Show follow request link in single-column if there are pending requests, even if account isn't locked * Push follow requests from notifications to the follow_requests list * Offer to accept or reject follow request from the notification * Redesign follow request notification
2019-11-30Merge branch 'master' into glitch-soc/merge-upstreamThibaut Girka
2019-11-28Fix proofs API being inaccessible in secure mode (#12495)Eugen Rochko
2019-11-20Merge branch 'master' into glitch-soc/merge-upstreamThibaut Girka
Conflicts: - README.md discarded upstream changes - app/controllers/api/v1/bookmarks_controller.rb finally merged upstream, some code style fixes and slightly changed pagination code - app/controllers/application_controller.rb changed upstream to always return HTML error pages slight conflict caused by theming code - app/models/bookmark.rb finally merged upstream, no real conflict - spec/controllers/api/v1/bookmarks_controller_spec.rb finally merged upstream, slightly changed pagination code
2019-11-17Support min_id-based pagination for bookmarks (#12381)Gomasy
* Support min_id-based pagination for bookmarks * Fix spec
2019-11-16make it not return http 400 when passing and empty source argument (#12259)Jennifer Glauche
* make it not return http 400 when passing and empty source argument * create a spec for the empty source hash bug * compact checks for nil, empty? parameters * use nil.blank? instead checking for nil
2019-11-13Add bookmarks (#7107)ThibG
* Add backend support for bookmarks Bookmarks behave like favourites, except they aren't shared with other users and do not have an associated counter. * Add spec for bookmark endpoints * Add front-end support for bookmarks * Introduce OAuth scopes for bookmarks * Add bookmarks to archive takeout * Fix migration * Coding style fixes * Fix rebase issue * Update bookmarked_statuses to latest UI changes * Update bookmark actions to properly reflect status changes in state * Add bookmarks item to single-column layout * Make active bookmarks red
2019-10-10Merge branch 'master' into glitch-soc/merge-upstreamThibaut Girka
Conflicts: - README.md - app/javascript/styles/mastodon/components.scss conflicts caused by image URLs being different - app/models/status.rb as_home_timeline removed, kept glitch-soc-only as_direct_timeline - app/views/statuses/_simple_status.html.haml - config/locales/en.yml some strings were changed upstream - spec/models/status_spec.rb as_home_timeline removed, kept glitch-soc-only as_direct_timeline
2019-10-09Fix attachment not being re-downloaded even if file is not stored (#12125)Eugen Rochko
Change the behaviour of remotable concern. Previously, it would skip downloading an attachment if the stored remote URL is identical to the new one. Now it would not be skipped if the attachment is not actually currently stored by Paperclip.
2019-10-06Fix `GET /api/v1/instance` REST APIs being unavailable in secure mode (#12089)Eugen Rochko
2019-10-06Fix performance of home feed regeneration (#12084)Eugen Rochko
Fetching statuses from all followed accounts at once takes too long within Postgres. Fetching them one by one and merging in Ruby could be a lot less resource-intensive Because the query for dynamically fetching the home timeline is so heavy, we can no longer offer it when the home timeline is missing
2019-10-04Merge tag 'v3.0.0' into glitch-soc/merge-upstreamThibaut Girka
2019-10-03Add `reason` param to `POST /api/v1/accounts` REST API (#12064)Eugen Rochko
For approval-required registrations mode
2019-09-30Merge branch 'master' into glitch-soc/merge-upstreamThibaut Girka
Conflicts: - Gemfile - Gemfile.lock - app/controllers/about_controller.rb - app/controllers/auth/sessions_controller.rb
2019-09-28Add `exclude_unreviewed` param to `GET /api/v2/search` REST API (#11977)Eugen Rochko
Make it so normal search returns even unreviewed matches, but autosuggestions do not. Fix #11960
2019-09-27Change silences to always require approval on follow (#11975)ThibG
* Change silenced accounts to require approval on follow * Also require approval for follows by people explicitly muted by target accounts * Do not auto-accept silenced or muted accounts when switching from locked to unlocked * Add `follow_requests_count` to verify_credentials * Show “Follow requests” menu item if needed even if account is locked * Add tests * Correctly reflect that follow requests weren't auto-accepted when local account is silenced * Accept follow requests from user-muted accounts to avoid leaking mutes
2019-09-27Improve status pin query (#11972)abcang
2019-09-13Merge branch 'master' into glitch-soc/merge-upstreamThibaut Girka
Conflicts: - Gemfile - app/controllers/api/v1/search_controller.rb Conflict because we changed the number of default results to be configurable - app/lib/settings/scoped_settings.rb Addition of a new “noindex” site-wide setting, conflict due to our change of the two other site-wide settings (default flavour and skin instead of theme) - spec/controllers/application_controller_spec.rb Addition of a new “noindex” site-wide setting, conflict due to our change of the two other site-wide settings (default flavour and skin instead of theme)
2019-09-13Remove deprecated `GET /api/v1/search` API (#11823)Eugen Rochko
Use `GET /api/v2/search` instead
2019-09-13Change /api/v1/timelines/public to require auth when public preview is off ↵ThibG
(#11802) Fixes #11289
2019-09-13Change unlisted custom emoji to not appear in autosuggestions (#11818)Eugen Rochko
Fix #11669
2019-09-11Change deletes to preserve soft-deleted statuses in unresolved reports (#11805)Eugen Rochko
Change all account actions except "none" to resolve all unresolved reports Refactor `SuspendAccountService` to be more readable
2019-09-10Add updated relationship to follow request API responses (#11800)ThibG
Fixes #11747
2019-09-09Add featured tags API (#11778)Takeshi Umeda
* Add featured tags API * Remove show and update, change scope, fix code style
2019-09-06Add timeline read markers API (#11762)Eugen Rochko
Fix #4093
2019-08-30Merge branch 'master' into glitch-soc/merge-upstreamThibaut Girka
Conflicts: - app/views/directories/index.html.haml Upstream has redesigned the profile directory, and we had a glitch-soc-specific change to hide follower counts. Ported that change to the new design.
2019-08-30Fix error in REST API for an account's statuses (#11700)Eugen Rochko
2019-08-30Fix uncaught parameter missing exceptions and missing error templates (#11702)Eugen Rochko
2019-08-30Add profile directory to web UI (#11688)Eugen Rochko
* Add profile directory to web UI * Add a line of bio to the directory
2019-08-29Merge branch 'master' into glitch-soc/merge-upstreamThibaut Girka
Conflicts: - app/models/status.rb - app/services/remove_status_service.rb - db/schema.rb All conflicts were due to the addition of a `deleted_at` attribute to Statuses and reworked database indexes.
2019-08-22Add soft delete for statuses for instant deletes through API (#11623)Eugen Rochko
* Add soft delete for statuses to allow them to appear instant * Allow reporting soft-deleted statuses and show them in the admin UI * Change index for getting an account's statuses
2019-08-22Fix remote and staff-removed statuses leaving media behind for a day (#11638)Eugen Rochko
The reason for unattaching media instead of removing it is to support delete & redraft functionality, but remote or staff-removed statuses will never be redrafted, so the media should be deleted immediately