about summary refs log tree commit diff
path: root/app/controllers/api
AgeCommit message (Collapse)Author
2022-11-17Make tag following idempotent (#20860)trwnh
2022-11-17Fix pagination of followed tags (#20861)trwnh
* Fix missing pagination headers on followed tags * Fix typo
2022-11-16Add 'private' to Cache-Control, match Rails expectations (#20608)Daniel Axtens
Several controlers set quite intricate Cache-Control headers in order to hopefully not be cached by any intermediate proxies or local caches. Unfortunately, these headers are processed by ActionDispatch::HTTP::Cache in a way that squashes and discards any values set alongside no-store other than private: https://github.com/rails/rails/blob/8015c2c2cf5c8718449677570f372ceb01318a32/actionpack/lib/action_dispatch/http/cache.rb#L207-L209 We want to preserve no-store on these responses, but we might as well remove parts that are going to be dropped anyway. As many of the endpoints in these controllers are private to a particular user, we should also add "private", which will be preserved alongside no-store.
2022-11-14Move V2 Filter methods under /api/v2 prefix (#20622)trwnh
* Move V2 Filter methods under /api/v2 prefix * move over the tests too
2022-11-14Fix error when passing unknown filter param in REST API (#20626)Eugen Rochko
Fix #19156
2022-11-14Fix `role_ids` not accepting arrays in admin API (#20625)Eugen Rochko
Fix #19157
2022-11-10Remove dead code and refactor status threading code (#20357)Claire
* Remove dead code * Remove unneeded/broken parameters and refactor descendant computation
2022-11-10Change logged out /api/v1/statuses/:id/context logged out limits (#20355)Claire
2022-11-10Improve performance by avoiding regex construction (#20215)James Tucker
```ruby 10.times { p /#{FOO}/.object_id } 10.times { p FOO_RE.object_id } ```
2022-11-10Revert filtering public timelines by locale by default (#20294)Eugen Rochko
2022-11-08Make account endorsements idempotent (fix #19045) (#20118)trwnh
* Make account endorsements idempotent (fix #19045) * Accept suggestion to use exists? instead of find_by + nil check Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh> * fix logic (unless, not if) * switch to using `find_or_create_by!` Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
2022-11-08Fix uncaught 500 error on invalid `replies_policy` (Fix #19097) (#20126)trwnh
2022-11-07Fix crash in legacy filter creation controller (#19878)Claire
2022-11-05Change `AUTHORIZED_FETCH` to not block unauthenticated REST API access (#19803)Eugen Rochko
New environment variable `DISALLOW_UNAUTHENTICATED_API_ACCESS`
2022-11-04Fix reblogs being discarded after the reblogged status (#19731)Claire
2022-11-01Change post-processing to be deferred only for large media types (#19617)Eugen Rochko
2022-10-30Remove language filtering from hashtag timelines (#19563)Eugen Rochko
2022-10-30Fix admin APIs returning deleted object instead of empty object upon delete ↵Eugen Rochko
(#19479) Fix #19153
2022-10-30Fix language not being saved when editing status (#19543)Eugen Rochko
Fix #19542
2022-10-27Fix uncaught error when invalid date is supplied to API (#19480)Eugen Rochko
Fix #19213
2022-10-26Change unauthenticated search to not support pagination in REST API (#19326)Eugen Rochko
- Only exact search matches for queries with < 5 characters - Do not support queries with `offset` (pagination) - Return HTTP 401 on truthy `resolve` instead of overriding to false
2022-10-22Change featured tag updates to add/remove activity (#19409)Takeshi Umeda
* Change featured tag updates to add/remove activity * Fix to check for the existence of feature tag * Rename service and worker * Merge AddHashtagSerializer with AddSerializer * Undo removal of sidekiq_options
2022-10-20Add synchronization of remote featured tags (#19380)Takeshi Umeda
* Add LIMIT of featured tag to instance API response * Add featured_tags_collection_url to Account * Add synchronization of remote featured tags * Deliver update activity when updating featured tag * Remove featured_tags_collection_url * Revert "Add featured_tags_collection_url to Account" This reverts commit cff349fc27b104ded2df6bb5665132dc24dab09c. * Add hashtag sync from featured collections * Fix tag name normalize * Add target option to fetch featured collection * Refactor fetch_featured_tags_collection_service * Add LIMIT of featured tag to v1/instance API response
2022-10-13Change about page to be mounted in the web UI (#19345)Eugen Rochko
2022-10-08Add support for language preferences for trending statuses and links (#18288)Eugen Rochko
2022-10-08Change privacy policy to be rendered in web UI, add REST API (#19310)Eugen Rochko
Source string no longer localized, Markdown instead of raw HTML
2022-10-05Change public timelines to be filtered by current locale by default (#19291)Eugen Rochko
In the absence of an opt-in to multiple specific languages in the preferences, it makes more sense to filter by the user's presumed language only (interface language or `lang` override)
2022-10-05Add server banner to web app, add `GET /api/v2/instance` to REST API (#19294)Eugen Rochko
2022-10-05Fix deleted pinned posts potentially counting towards the pinned posts limit ↵Claire
(#19005) Fixes #18938
2022-09-23Add user content translations with configurable backends (#19218)Eugen Rochko
2022-09-20Add ability to filter followed accounts' posts by language (#19095)Eugen Rochko
2022-09-08Fix REST API sometimes returning HTML on error (#19135)Claire
Fixes #19115
2022-08-28Change search API to be accessible without being logged in (#18963)Eugen Rochko
But with the resolve option turned off
2022-08-28Change following and followers API to be accessible without being logged in ↵Eugen Rochko
(#18964)
2022-08-28Add admin API for managing e-mail domain blocks (#19066)Eugen Rochko
2022-08-28Add admin API for managing canonical e-mail blocks (#19067)Eugen Rochko
2022-08-27Add admin API for managing IP blocks (#19065)Eugen Rochko
2022-08-25Add ability to filter individual posts (#18945)Claire
* Add database table for status-specific filters * Add REST endpoints, entities and attributes * Show status filters in /filters interface * Perform server-side filtering for individual posts filters * Fix filtering on context mismatch * Refactor `toServerSideType` by moving it to its own module * Move loupe and delete icons to their own module * Add ability to filter individual posts from WebUI * Replace keyword list by warnings (expired, context mismatch) * Refactor server-side filtering code * Add tests
2022-07-20Fix /api/v1/tags/:id route constraints (#18854)Claire
The constraint was applied prior to decoding, and rejected anything containing the '%' character, which would be used for anything with non-ASCII unicode characters.
2022-07-17Add ability to follow hashtags (#18809)Eugen Rochko
2022-07-13Change how hashtags are normalized (#18795)Eugen Rochko
* Change how hashtags are normalized * Fix tests
2022-07-05Add customizable user roles (#18641)Eugen Rochko
* Add customizable user roles * Various fixes and improvements * Add migration for old settings and fix tootctl role management
2022-06-28Revamp post filtering system (#18058)Claire
* Add model for custom filter keywords * Use CustomFilterKeyword internally Does not change the API * Fix /filters/edit and /filters/new * Add migration tests * Remove whole_word column from custom_filters (covered by custom_filter_keywords) * Redesign /filters Instead of a list, present a card that displays more information and handles multiple keywords per filter. * Redesign /filters/new and /filters/edit to add and remove keywords This adds a new gem dependency: cocoon, as well as a npm dependency: cocoon-js-vanilla. Those are used to easily populate and remove form fields from the user interface when manipulating multiple keyword filters at once. * Add /api/v2/filters to edit filter with multiple keywords Entities: - `Filter`: `id`, `title`, `filter_action` (either `hide` or `warn`), `context` `keywords` - `FilterKeyword`: `id`, `keyword`, `whole_word` API endpoits: - `GET /api/v2/filters` to list filters (including keywords) - `POST /api/v2/filters` to create a new filter `keywords_attributes` can also be passed to create keywords in one request - `GET /api/v2/filters/:id` to read a particular filter - `PUT /api/v2/filters/:id` to update a new filter `keywords_attributes` can also be passed to edit, delete or add keywords in one request - `DELETE /api/v2/filters/:id` to delete a particular filter - `GET /api/v2/filters/:id/keywords` to list keywords for a filter - `POST /api/v2/filters/:filter_id/keywords/:id` to add a new keyword to a filter - `GET /api/v2/filter_keywords/:id` to read a particular keyword - `PUT /api/v2/filter_keywords/:id` to edit a particular keyword - `DELETE /api/v2/filter_keywords/:id` to delete a particular keyword * Change from `irreversible` boolean to `action` enum * Remove irrelevent `irreversible_must_be_within_context` check * Fix /filters/new and /filters/edit with update for filter_action * Fix Rubocop/Codeclimate complaining about task names * Refactor FeedManager#phrase_filtered? This moves regexp building and filter caching to the `CustomFilter` class. This does not change the functional behavior yet, but this changes how the cache is built, doing per-custom_filter regexps so that filters can be matched independently, while still offering caching. * Perform server-side filtering and output result in REST API * Fix numerous filters_changed events being sent when editing multiple keywords at once * Add some tests * Use the new API in the WebUI - use client-side logic for filters we have fetched rules for. This is so that filter changes can be retroactively applied without reloading the UI. - use server-side logic for filters we haven't fetched rules for yet (e.g. network error, or initial timeline loading) * Minor optimizations and refactoring * Perform server-side filtering on the streaming server * Change the wording of filter action labels * Fix issues pointed out by linter * Change design of “Show anyway” link in accordence to review comments * Drop “irreversible” filtering behavior * Move /api/v2/filter_keywords to /api/v1/filters/keywords * Rename `filter_results` attribute to `filtered` * Rename REST::LegacyFilterSerializer to REST::V1::FilterSerializer * Fix systemChannelId value in streaming server * Simplify code by removing client-side filtering code The simplifcation comes at a cost though: filters aren't retroactively applied anymore.
2022-06-23Add /api/v1/admin/domain_allows (#18668)Claire
- `GET /api/v1/admin/domain_allows` lists allowed domains - `GET /api/v1/admin/domain_allows/:id` shows one by ID - `DELETE /api/v1/admin/domain_allows/:id` deletes a given domain from the list of allowed domains - `POST /api/v1/admin/domain_allows` to allow a new domain: if that domain is already allowed, the existing DomainAllow will be returned
2022-06-23use Notification::TYPES for api push subscription alerts (#18709)tateisu
2022-06-01Add /api/v1/admin/domain_blocks (#18247)Claire
* Add /api/v1/admin/domain_blocks Fixes #18140 - `GET /api/v1/admin/domain_blocks` lists domain blocks - `GET /api/v1/admin/domain_blocks/:id` shows one by ID - `DELETE /api/v1/admin/domain_blocks/:id` deletes a given domain block - `POST /api/v1/admin/domain_blocks` to create a new domain block: if it conflicts with an existing one, returns an error with an attribute `existing_domain_block` with the rendered domain block * Simplify conflict handling as suggested in review
2022-05-26Fix suspended users being able to access APIs that don't require a user (#18524)Eugen Rochko
2022-05-26Change unapproved and unconfirmed account to not be accessible in the REST ↵Claire
API (#17530) * Change unapproved and unconfirmed account to not be accessible in the REST API * Change Account#searchable? to reject unconfirmed and unapproved users * Disable search for unapproved and unconfirmed users in Account.search_for * Disable search for unapproved and unconfirmed users in Account.advanced_search_for * Remove unconfirmed and unapproved accounts from Account.searchable scope * Prevent mentions to unapproved/unconfirmed accounts * Fix some old tests for Account.advanced_search_for * Add some Account.advanced_search_for tests for existing behaviors * Add some tests for Account.search_for * Add Account.advanced_search_for tests unconfirmed and unapproved accounts * Add Account.searchable tests * Fix Account.without_unapproved scope potentially messing with previously-applied scopes * Allow lookup of unconfirmed/unapproved accounts through /api/v1/accounts/lookup This is so that the API can still be used to check whether an username is free to use.
2022-05-02Fix error when looking handle with surrounding spaces (#18225)Claire
2022-04-28Fix 500 error when a bookmark or favorite has been reported and deleted (#18174)Claire