about summary refs log tree commit diff
path: root/app/controllers/api
AgeCommit message (Collapse)Author
2022-04-06Merge branch 'main' into glitch-soc/merge-upstreamClaire
Conflicts: - `app/controllers/concerns/sign_in_token_authentication_concern.rb`: Upstream removed this file, while glitch-soc had changes to deal with its theming system. Removed the file like upstream did.
2022-04-06Fix admin API unconditionally requiring CSRF token (#17975)Claire
Fixes #17898 Since #17204, the admin API has only been available through the web application because of the unconditional requirement to provide a valid CSRF token. This commit changes it back to `null_session`, which should make it work both with session-based authentication (provided a CSRF token) and with a bearer token.
2022-04-06Fix `GET /api/v1/trends/tags` missing `offset` param in REST API (#17973)Eugen Rochko
2022-03-30Merge branch 'main' into glitch-soc/merge-upstreamClaire
2022-03-28Fix /api/v1/admin/accounts (#17887)Claire
* Fix /api/v1/admin/accounts Compatibility was broken since #17009 which changed the underlying filter class without changing the controller. This commits restore support for the old parameters. * Add /api/v2/admin/accounts with the new parameters * Add tests * Add missing filter for `silenced` status Co-authored-by: Eugen Rochko <eugen@zeonfederated.com> Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
2022-03-26Merge branch 'main' into glitch-soc/merge-upstreamClaire
Conflicts: - `app/lib/formatter.rb`: Upstream completely refactored the formatting code and removed that file, while glitch-soc had code for Markdown and HTML toots. Took upstream code, glitch-soc changes will be re-implemented on top of the refactored classes in a later commit. - `app/models/status.rb`: Upstream refactored status edit handling and moved code to `app/models/concerns/status_snapshot_concern.rb`. Applied glitch-soc's changes to that file. - `app/serializers/activitypub/note_serializer.rb`: Not really a conflict, just a line added too close to one modified by glitch-soc. Applied upstream changes while keeping the glitch-soc-modified one. - `app/services/update_status_service.rb`: Not really a conflict, upstream modified a line adjacent to one added by glitch-soc. Applied upstream changes while keeping the glitch-soc line. - `app/views/statuses/_simple_status.html.haml`: Upstream refactored formatting, glitch-soc changed the markup slightly. Applied upstream changes. - `spec/lib/formatter_spec.rb`: Upstream completely refactored the formatting code and removed that file, while glitch-soc had code for Markdown and HTML toots. Took upstream code, glitch-soc changes will be re-implemented on top of the refactored classes in a later commit.
2022-03-26Refactor formatter (#17828)Eugen Rochko
* Refactor formatter * Move custom emoji pre-rendering logic to view helpers * Move more methods out of Formatter * Fix code style issues * Remove Formatter * Add inline poll options to RSS feeds * Remove unused helper method * Fix code style issues * Various fixes and improvements * Fix test
2022-03-26Add offset pagination to trends in REST API (#17872)Eugen Rochko
2022-03-22Merge branch 'main' into glitch-soc/merge-upstreamClaire
Conflicts: - `.github/dependabot.yml`: Upstream modified it, but we deleted it in glitch-soc. Keep it deleted.
2022-03-22Fix locale not being set in REST API (#17847)Eugen Rochko
2022-03-15Merge branch 'main' into glitch-soc/merge-upstreamClaire
Conflicts: - `README.md`: Upstream changed their README, we have a completely different one. Kept our README.
2022-03-15Add `types` param to `GET /api/v1/notifications` in REST API (#17767)Eugen Rochko
* Add `types` param to `GET /api/v1/notifications` in REST API * Improve tests
2022-03-12Merge branch 'main' into glitch-soc/merge-upstreamClaire
2022-03-12Fix `POST /api/v1/emails/confirmations` not being available after sign-up ↵Eugen Rochko
(#17743)
2022-03-10Merge branch 'main' into glitch-soc/merge-upstreamClaire
Conflicts: - `app/models/status.rb`: Upstream updated media and edit-related code textually close to glitch-soc additions (local-only and content-type). Ported upstream changes. - `app/models/status_edit.rb`: Upstream changes textually close to glitch-soc additions (content-type). Ported upstream changes. - `app/serializers/activitypub/note_serializer.rb`: Upstream changed how media attachments are handled. Not really a conflict, but textually close to glitch-soc additions (directMessage attribute). Ported upstream changes. - `app/services/remove_status_service.rb`: Upstream changed how media attachments are handled. Not really a conflict, but textually close to glitch-soc additions (DM timeline). Ported upstream changes. - `app/services/update_status_service.rb`: Upstream fixed an issue with language selection. Not really a conflict, but textually close to glitch-soc additions (content-type). Ported upstream changes. - `db/schema.rb`: Upstream added columns to the `status_edits` table, the conflict is because of an additional column (`content-type`) in glitch-soc. Ported upstream changes. - `package.json`: Upstream dependency (express) textually adjacent to a glitch-soc-specific one (favico.js) got updated. Updated it as well.
2022-03-09Add rate limit for editing (#17728)Eugen Rochko
2022-03-08Merge branch 'main' into glitch-soc/merge-upstreamClaire
Conflicts: - `app/controllers/settings/preferences_controller.rb`: Conflicts due to us having more user settings and upstream dropping `hide_network` (to replace it with an account attribute, properly migrated). Dropped `hide_network` like upstream. - `app/lib/user_settings_decorator.rb`: Conflicts due to us having more user settings and upstream dropping `hide_network` (to replace it with an account attribute, properly migrated). Dropped `hide_network` like upstream. - `app/models/status.rb`: Conflict because of slight change in how glitch-soc handles the scope to filter out local-only posts for anonymous viewers. Took upstream's changes and re-applied glitch-soc's change. - `app/models/user.rb`: Conflicts due to us having more user settings and upstream dropping `hide_network` (to replace it with an account attribute, properly migrated). Dropped `hide_network` like upstream. - `app/views/directories/index.html.haml`: Conflict because upstream redesigned that page while glitch-soc had a minor change to support hiding the number of followers. Ported glitch-soc's change on top of upstream's redesign. Additional changes: - `app/models/account_statuses_filter.rb`: See change to `app/models/status.rb`.
2022-03-08Fix performance of account timelines (#17709)Eugen Rochko
* Fix performance of account timelines * Various fixes and improvements * Fix duplicate results being returned Co-authored-by: Claire <claire.github-309c@sitedethib.com> * Fix grouping for pinned statuses scope Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2022-03-07Add `/api/v1/accounts/familiar_followers` to REST API (#17700)Eugen Rochko
* Add `/api/v1/accounts/familiar_followers` to REST API * Change hide network preference to be stored consistently for local and remote accounts * Add dummy classes to migration * Apply suggestions from code review Co-authored-by: Claire <claire.github-309c@sitedethib.com> Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2022-03-04Merge branch 'main' into glitch-soc/merge-upstreamClaire
2022-03-04Fix duplicate notifications being possible after poll expiration (#17697)Eugen Rochko
2022-03-03Allow editing media attachments for scheduled toots (#17690)Claire
Fixes #17676
2022-03-03Change `follow` scope to be covered by `read` and `write` scopes in REST API ↵Eugen Rochko
(#17678) Deprecate `follow` scope
2022-03-02Merge branch 'main' into glitch-soc/merge-upstreamClaire
Conflicts: - `app/views/admin/trends/links/index.html.haml`: Not really a conflict, upstream change textually too close to a glitch-soc change (removed `javascript_pack_tag` to accomodate for glitch-soc's theming system). Ported upstream changes. - `app/views/admin/trends/links/preview_card_providers/index.html.haml`: Not really a conflict, upstream change textually too close to a glitch-soc change (removed `javascript_pack_tag` to accomodate for glitch-soc's theming system). Ported upstream changes. - `app/views/admin/trends/statuses/index.html.haml`: Not really a conflict, upstream change textually too close to a glitch-soc change (removed `javascript_pack_tag` to accomodate for glitch-soc's theming system). Ported upstream changes. - `app/views/admin/trends/tags/index.html.haml`: Not really a conflict, upstream change textually too close to a glitch-soc change (removed `javascript_pack_tag` to accomodate for glitch-soc's theming system). Ported upstream changes.
2022-03-02Fix leak of existence of otherwise inaccessible statuses in REST API (#17684)Eugen Rochko
2022-03-02Fix report category not being saved in REST API (#17682)Eugen Rochko
2022-03-02Merge branch 'main' into glitch-soc/merge-upstreamClaire
2022-03-01Change authorized applications page (#17656)Eugen Rochko
* Change authorized applications page * Hide revoke button for superapps and suspended accounts * Clean up db/schema.rb
2022-02-26Merge branch 'main' into glitch-soc/merge-upstreamClaire
Conflicts: - `app/models/account.rb`: Not a real conflict, just upstream getting rid of unused constants too close to glitch-soc-specific contents. Removed unused constants like upstream did. - `app/models/trends.rb`: Conflict because glitch-soc disabled email notifications for trending links. Upstream has refactored this quite a bit and added trending posts. Took upstream code, but disabling the extra trending stuff will come in another commit. - `app/views/admin/trends/links/index.html.haml`: Conflict due to glitch-soc's theming system. Ported upstream changes accordingly.
2022-02-25Add trending statuses (#17431)Eugen Rochko
* Add trending statuses * Fix dangling items with stale scores in localized sets * Various fixes and improvements - Change approve_all/reject_all to approve_accounts/reject_accounts - Change Trends::Query methods to not mutate the original query - Change Trends::Query#skip to offset - Change follow recommendations to be refreshed in a transaction * Add tests for trending statuses filtering behaviour * Fix not applying filtering scope in controller
2022-02-23Merge branch 'main' into glitch-soc/merge-upstreamClaire
Conflicts: - `.github/workflows/build-image.yml`: Upstream changed the workflow a bit. Conflict comes from us pushing to ghcr while upstream pushes to dockerhub. Ported the upstream changes while still pushing to ghcr.
2022-02-23Add notifications for new sign-ups (#16953)Eugen Rochko
2022-02-12Merge branch 'main' into glitch-soc/merge-upstreamClaire
2022-02-11Add notifications when a reblogged status has been updated (#17404)Eugen Rochko
* Add notifications when a reblogged status has been updated * Change wording to say "edit" instead of "update" and add missing controls * Replace previous update notifications with the most up-to-date one
2022-02-10Add ability to change content-type when editing a tootClaire
Content-type defaults to edited toot's content-type to avoid surprising behaviors when using clients that do not support this feature.
2022-02-10Merge branch 'main' into glitch-soc/merge-upstreamClaire
Conflicts: - `app/controllers/api/v1/statuses_controller.rb`: Upstream moved things around in a place where glitch-soc had support for an extra parameter (`content_type`). Follow upstream but reintroduce `content_type`.
2022-02-10Add editing for published statuses (#17320)Eugen Rochko
* Add editing for published statuses * Fix change of multiple-choice boolean in poll not resetting votes * Remove the ability to update existing media attachments for now
2022-02-10Add `category` and `rule_ids` params to `POST /api/v1/reports` (#17492)Eugen Rochko
2022-02-09Merge branch 'main' into glitch-soc/merge-upstreamClaire
Conflicts: - `app/views/settings/preferences/appearance/show.html.haml`: Upstream renamed some helper functions that were used in a part of the settings page which glitch-soc slightly changed the layout of. Ported the change.
2022-02-09Add edit history to web UI (#17390)Eugen Rochko
* Add edit history to web UI * Change history reducer to store items per status * Fix missing loading prop
2022-01-28Merge branch 'main' into glitch-soc/merge-upstreamClaire
Conflicts: - `Gemfile.lock`: Upstream-updated lib textually too close to glitch-soc-only dep. Updated like upstream.
2022-01-28Fix Sidekiq warnings about JSON serialization (#17381)Claire
* Fix Sidekiq warnings about JSON serialization This occurs on every symbol argument we pass, and every symbol key in hashes, because Sidekiq expects strings instead. See https://github.com/mperham/sidekiq/pull/5071 We do not need to change how workers parse their arguments because this has not changed and we were already converting to symbols adequately or using `with_indifferent_access`. * Set Sidekiq to raise on unsafe arguments in test mode In order to more easily catch issues that would produce warnings in production code.
2022-01-23Merge branch 'main' into glitch-soc/merge-upstreamClaire
Conflicts: - `spec/models/status_spec.rb`: Upstream added tests too close to glitch-soc-specific tests. Kept both tests.
2022-01-23Add OMNIAUTH_ONLY environment variable to enforce externa log-in (#17288)Claire
* Remove support for OAUTH_REDIRECT_AT_SIGN_IN Fixes #15959 Introduced in #6540, OAUTH_REDIRECT_AT_SIGN_IN allowed skipping the log-in form to instead redirect to the external OmniAuth login provider. However, it did not prevent the log-in form on /about introduced by #10232 from appearing, and completely broke with the introduction of #15228. As I restoring that previous log-in flow without introducing a security vulnerability may require extensive care and knowledge of how OmniAuth works, this commit removes support for OAUTH_REDIRECT_AT_SIGN_IN instead for the time being. * Add OMNIAUTH_ONLY environment variable to enforce external log-in only * Disable user registration when OMNIAUTH_ONLY is set to true * Replace log-in links When OMNIAUTH_ONLY is set with exactly one OmniAuth provider
2022-01-19Merge branch 'main' into glitch-soc/merge-upstreamClaire
Conflicts: - `app/lib/activitypub/activity/create.rb`: Upstream refactored how `Create` activities are handled and how values are extracted from `Create`d objects. This conflicted with how glitch-soc supported the `directMessage` flag to explicitly distinguish between limited and direct messages. Ported glitch-soc's changes to latest upstream changes. - `app/services/fan_out_on_write_service.rb`: Upstream largely refactored that file and changed some of the logic. This conflicted with glitch-soc's handling of the direct timeline and the options to allow replies and boosts in public feeds. Ported those glitch-soc changes on top of latest upstream changes. - `app/services/process_mentions_service.rb`: Upstream refactored to move mention-related ActivityPub deliveries to `ActivityPub::DeliveryWorker`, while glitch-soc contained an extra check to not send local-only toots to remote mentioned users. Took upstream's version, as the check is not needed anymore, since it is performed at the `ActivityPub::DeliveryWorker` call site already. - `app/workers/feed_insert_worker.rb`: Upstream added support for `update` toot events, while glitch-soc had support for an extra timeline support, `direct`. Ported upstream changes and extended them to the `direct` timeline. Additional changes: - `app/lib/activitypub/parser/status_parser.rb`: Added code to handle the `directMessage` flag and take it into account to compute visibility. - `app/lib/feed_manager.rb`: Extended upstream's support of `update` toot events to glitch-soc's `direct` timeline.
2022-01-19Add support for editing for published statuses (#16697)Eugen Rochko
* Add support for editing for published statuses * Fix references to stripped-out code * Various fixes and improvements * Further fixes and improvements * Fix updates being potentially sent to unauthorized recipients * Various fixes and improvements * Fix wrong words in test * Fix notifying accounts that were tagged but were not in the audience * Fix mistake
2022-01-17Merge branch 'main' into glitch-soc/merge-upstreamClaire
Conflicts: - `app/views/admin/reports/show.html.haml`: Conflicts due to glitch-soc's theming system.
2022-01-17Add notifications for statuses deleted by moderators (#17204)Eugen Rochko
2022-01-17Merge branch 'main' into glitch-soc/merge-upstreamClaire
Conflicts: - `app/controllers/accounts_controller.rb`: Upstream introduced support for private pinned toots, but glitch-soc's query was a bit different as it filtered out local-only toots. Used upstream's query, while adding local-only filtering back. - `app/controllers/activitypub/collections_controller.rb`: Same thing with regards to local-only posts. - `app/validators/status_pin_validator.rb`: Not a real conflict, but the line below was different in glitch-soc due to the configurable pinned toots limit.
2022-01-17Add support for private pinned posts (#16954)Claire
* Add support for private pinned toots * Allow local user to pin private toots * Change wording to avoid "direct message"