about summary refs log tree commit diff
path: root/app/controllers
AgeCommit message (Collapse)Author
2018-01-03Merge remote-tracking branch 'tootsuite/master' into glitchsoc/masterJenkins
2018-01-03Allow to dereference Follow object for ActivityPub (#5772)Akihiko Odaki
* Allow to dereference Follow object for ActivityPub * Accept IRI as object representation for Accept activity
2018-01-03Merge remote-tracking branch 'tootsuite/master' into glitchsoc/masterJenkins
2018-01-03Allow HTTP caching of json view of public statuses (#6115)ThibG
* Allow HTTP caching of json view of public statuses HTML views are not cached as they can contain private statuses as well * Disable session cookies for ActivityPub json rendering of public toots
2018-01-02Add confirmation step for email changes (#6071)Patrick Figel
* Add confirmation step for email changes This adds a confirmation step for email changes of existing users. Like the initial account confirmation, a confirmation link is sent to the new address. Additionally, a notification is sent to the existing address when the change is initiated. This message includes instruction to reset the password immediately or to contact the instance admin if the change was not initiated by the account owner. Fixes #3871 * Add review fixes
2018-01-02Merge remote-tracking branch 'origin/master' into merge-upstreamDavid Yip
Conflicts: app/controllers/authorize_follows_controller.rb app/javascript/styles/mastodon/components.scss
2018-01-02Show mastodon on modal (#6129)Akihiko Odaki
2017-12-30Merge remote-tracking branch 'origin/master' into merge-upstreamDavid Yip
Conflicts: app/controllers/auth/confirmations_controller.rb
2017-12-30keep the same filters and page when doing custom emojo stuff (fixes #6112) ↵beatrix
(#6114)
2017-12-29Add more instance stats APIs (#6125)Eugen Rochko
* Add GET /api/v1/instance/peers API to reveal known domains * Add GET /api/v1/instance/activity API * Make new APIs disableable, exclude private statuses from activity stats * Fix code style issue * Fix week timestamps
2017-12-27Make host_meta/webfinger replies cacheable (fixes #6100) (#6101)ThibG
* Make host_meta/webfinger replies cacheable (fixes #6100) Drop common code for handling users and sessions as webfinger queries are very basic, public APIs. Also explicitly mark results as cacheable with “expires_in”. * Add “Vary: Accept” header for caching since content-negociation is used
2017-12-20Set packs on 2FA-related pages. Fixes #271.David Yip
Specifically, this commit: - changes S::TFA::{Confirmations,RecoveryCodes}Controller to derive from S::BaseController, because this gives us the necessary actions and packs - prepends set_pack to Auth::SessionsController's action chain so that it takes effect in time for render :two_factor
2017-12-15Merge branch 'gs-master' into prevent-local-only-federationDavid Yip
Conflicts: db/schema.rb
2017-12-15Merge remote-tracking branch 'tootsuite/master' into glitchsoc/masterJenkins
2017-12-14Fix #6022 - Prevent nested migrated accounts, or migrations to self (#6026)Eugen Rochko
2017-12-13Merge remote-tracking branch 'tootsuite/master' into glitchsoc/masterJenkins
2017-12-13Add filters to admin UI for custom emojis (#6003)Eugen Rochko
2017-12-13Clean up admin UI for accounts (#6004)Eugen Rochko
* Add staff filter to admin UI for accounts, remove obsolete columns * Only display OStatus section in admin UI for accounts when OStatus data
2017-12-12Merge remote-tracking branch 'tootsuite/master' into merge-upstreamDavid Yip
2017-12-12Fix #5953 - Add GET /api/v1/accounts/:id/lists (#5983)Eugen Rochko
2017-12-11change pack to 'auth'cwm
2017-12-11load packcwm
2017-12-11move outbox filtering to Status#permitted_for (as per @ekiru)Erin
2017-12-11Merge pull request #254 from glitch-soc/new-theme-uxbeatrix
New flavour/skin UX
2017-12-11Apply a 25x rate limit by IP even to authenticated requests (#5948)Eugen Rochko
2017-12-11Add missing set_pack def/filter in OAuth::AuthorizedApplicationsController.David Yip
2017-12-10Moved flavour UI into own prefs tabkibigo!
2017-12-10filter local-only toots from AP outboxesErin
2017-12-10filter local-only statuses from public pagesErin
2017-12-10pulled master, moved locale entry to new locationcwm
2017-12-10Javascript intl8n flavour supportkibigo!
2017-12-09Remove unused function (#5950)abcang
2017-12-09add initial components based off of tootsuite pr #1507cwm
2017-12-09Rate limit by user instead of IP when API user is authenticated (#5923)Eugen Rochko
* Fix #668 - Rate limit by user instead of IP when API user is authenticated * Fix code style issue * Use request decorator provided by Doorkeeper
2017-12-09Keep WebPush settings (#5879)abcang
2017-12-09Limit users to 50 lists, remove pagination from lists API (#5933)Eugen Rochko
2017-12-07Skins shouldn't apply to fallback flavourskibigo!
2017-12-06Fix common packs when other pack also therekibigo!
2017-12-06Use settings pack for InvitesController (#229)David Yip
2017-12-06Merge pull request #229 from glitch-soc/glitch-themebeatrix
Advanced Next-Level Flavours And Skins For Mastodon™
2017-12-06Prepend check_enabled_deletion to Settings::DeletesController (#229)David Yip
The specs for Settings::DeletesController include an example that sets Settings.open_deletion to false and expects the "if deletion is not available, redirect to root" logic to run. However, this spec does not set up a user, which means that the spec (intentionally or otherwise) expects this redirection to work with unauthenticated access. We should preserve that behavior. To do so, we prepend the deletion check to the action chain set up by Settings::BaseController, so that said check occurs before the authenticate_user! check.
2017-12-06Merge remote-tracking branch 'tootsuite/master' into glitchsoc/masterJenkins
2017-12-06Using double splat operator (#5859)Yamagishi Kazutoshi
2017-12-06Remove rabl dependency (#5894)Eugen Rochko
* Remove rabl dependency * Replicate old Oj configuration
2017-12-05Add list of lists component to web UI (#5811)Eugen Rochko
* Add list of lists component to web UI * Add list adding * Add list removing * List editor modal * Add API account search limited by following=true relation * Rework list editor modal * Remove mandatory pagination of GET /api/v1/lists/:id/accounts * Adjust search input placeholder * Fix rspec (#5890) * i18n: (zh-CN) Add missing translations for #5811 (#5891) * i18n: (zh-CN) yarn manage:translations -- zh-CN * i18n: (zh-CN) Add missing translations for #5811 * Fix some issues - Display loading/missing state for list timelines - Order lists alphabetically in overview - Fix async list editor reset - Redirect to /lists after deleting unpinned list - Redirect to / after pinning a list * Remove dead list columns when a list is deleted or fetch returns 404
2017-12-04Various fixeskibigo!
2017-12-04Merge branch 'gs-master' into glitch-themeDavid Yip
2017-12-03Rename themes -> flavours ? ?kibigo!
2017-12-03Fixed typoskibigo!
2017-12-02Merge remote-tracking branch 'tootsuite/master' into glitchsoc/masterJenkins