about summary refs log tree commit diff
path: root/app/controllers
AgeCommit message (Collapse)Author
2017-04-17Media controller specs (#2022)Matt Jankowski
* Add spec for media controller * Add MediaAttachment.attached scope * Simplify methods in media controller
2017-04-17Fix #1897 - Return reblogged: false on unreblog (was wrongly named variable) ↵Eugen
(#1989)
2017-04-17Improve handling of HTTP_ACCEPT for webfinger (#2008)Matt Jankowski
This change includes: - Improve the spec coverage for incoming request to the webfinger action - For requests without an accept header (ie, what a browser might look like), return a JSON response. - For requests with an explicit format of xml or json, return that format. - For requests using an accept header, return that format. Also adds failing spec showing webfinger does not return xml, which covers the issue described in: https://github.com/tootsuite/mastodon/issues/1983
2017-04-17Assign user locale on signup (#1982)saturday06
2017-04-16Onboarding modal (#1883)Eugen
* Basic onboarding modal that's shown to users once * Lay out pages 2 through 5, add images, style modals (#1509) * Lay out pages 2 through 5 Added images and laid out pages 2 through 5 in the jsx file. SCSS will come, still working on just seeing if this works at all. * Fix jsx errors, add images to modal pages, style modal pages * Add animations to onboarding pager changes, improve wording and styling * Finishing touches on the onboarding * Add missing propTypes * Update wording
2017-04-16I18n health warnings (#1949)Matt Jankowski
* Rename admin.domain_block to admin.domain_blocks in prep for i18n improvement * Use implicit controller/action path for i18n in admin/domain_blocks * Add DomainBlock#accounts has_many * Avoid i18n health warning for `en` locale by using symbol scope with :count * Remove unused i18n key: plaintext_secret_html * Remove unused i18n key two_factor_auth.warning * Remove final will_paginate i18n keys * Remove unused key two_factor_auth.recovery_codes * Remove unused key: admin.reports.comment.none * Remove unused reports. i18n namespace (moved to admin.reports) * Ignore keys from locales which override activemodel and activerecord errors * Revert "Remove unused key: admin.reports.comment.none" This reverts commit 350ef2685fadc069e619bb6d1066190de195d942. * Update i18n key reference to match moved location * Add missing `en` keys to i18n * Tell i18n-tasks to ignore missing attributes that dont need overwriting * Add i18n-tasks unused to travis
2017-04-16Make file attachment on MediaAttachment optional (#1865)Eugen
Create MediaAttachment but without actual file download when domain is blocked with reject_media set to true Clean up old media files when creating a new domain block with reject_media set to true Return remote_url in media attachments API if local file is not present Undo domain block action in admin UI Ability to enable reject_media from admin UI
2017-04-15ActiveRecord::NotFound is not defined (#1864)alpaca-tc
2017-04-15Give SINGLE_USER a chance to register (#1820)Marcin Cieślak
An attempt to open a brand new Mastodon instance configured as SINGLE_USER_MODE=true will cause an exception. Enable temporary registration if we have no users in the database Fixes #1817
2017-04-15Add password reset for users from admin accounts area (#1841)Matt Jankowski
2017-04-15Add recovery code support for two-factor auth (#1773)Patrick Figel
* Add recovery code support for two-factor auth When users enable two-factor auth, the app now generates ten single-use recovery codes. Users are encouraged to print the codes and store them in a safe place. The two-factor prompt during login now accepts both OTP codes and recovery codes. The two-factor settings UI allows users to regenerated lost recovery codes. Users who have set up two-factor auth prior to this feature being added can use it to generate recovery codes for the first time. Fixes #563 and fixes #987 * Set OTP_SECRET in test enviroment * add missing .html to view file names
2017-04-15Send initial state in a <script type="application/json"> tag (#1806)Joachim Viide
2017-04-15Allow running mastodon on a different domain as the one used for identifying ↵ThibG
users (#1267) * Allow running mastodon on a different domain as the one used for identifying users * Alter documentation of WEB_DOMAIN to make clear it shouldn't be used unless the admin knows what they are doing * Compare to web_domain instead of local_domain when dealing with feeds/API * Correctly identify mentions to local accounts Mentions URLs point to the person's web profile, i.e., the user page served on WEB_DOMAIN.
2017-04-15Improve i18n chooser (#1804)Matt Jankowski
* Add locale spec with failing locale plus region check * Use a more accurate locale when supplied by browser headers Previously we were using a matching option which would use the first locale available which matched the locale portion, even if a region was specified. This changes to first try to find an exact match, and then fall back to the region, and then fall back to the default. * Clean up default_locale method
2017-04-14Admin reports controller improvements (#1714)Matt Jankowski
* Simplify admin/reports controller filtering for index * Rename parameter to resolved * Fix issue where reports view could not access filter_link_to * Add coverage for admin/reports controller * DRY up resolution of related reports for target account * Clean up admin/reports routes * Add Report#statuses method * DRY up current account action taken params * Rubocop styles
2017-04-13Clean up well-known routes/controllers (#1649)Matt Jankowski
* Add request spec for host meta route returning xml * Add routing spec for xrd routes * Update well-known routes * Move webfinger and host-meta actions to their own controllers
2017-04-13Admin accounts controller cleanup (#1664)Matt Jankowski
* Remove unused account_params method in admin/accounts controller * Introduce AccountFilter to find accounts * Use AccountFilter in admin/accounts controller * Use more restful routes admin silence and suspension area * Add admin/silences and admin/suspensions controllers
2017-04-13Settings export refactor (#1646)Matt Jankowski
* Refactor Export to take an account and know about the export types * Use Export instance in settings/exports#show
2017-04-12Quick best practice cleanup of views/helpers (#1546)Matt Jankowski
* Remove trailing whitespace * Use query methods instead of explicit .blank? checks
2017-04-12Webfinger resource to extract username from resource string (#1607)Matt Jankowski
* Add WebfingerResource class to extract usernames * Use WebfingerResource in xrd#webfinger
2017-04-12Allow import/export of mutes list (#1541)Matt Jankowski
* Allow export of mutes list * Allow importing of mutes list * Refactor to use Settings::Exports::BaseController and DRY up exports code
2017-04-12Simplify the way the embed view is created (#1590)Matt Jankowski
* Add coverage for embedded status view * Refactor embed view to eliminate @external_links variable
2017-04-12Default to json type for webfinger requests (#1583)Matt Jankowski
2017-04-11Refactor exports controller (#1567)Matt Jankowski
* Add basic coverage for settings/exports controller * Remove unused @account variable from settings/exports controller * Add coverage for download export actions * Remove deprecated `render :text` in favor of `send_data` for csv downloads * Add model to handle exports * Use Export class in settings/exports controller * Simplify settings/exports controller methods * Move settings/export to more restful routes
2017-04-11Merge branch 'master' of https://github.com/blackle/mastodon into blackle-masterEugen Rochko
2017-04-11Allow user to disable the boost confirm dialog in preferencesblackle
2017-04-11Pagination improvements (#1445)Matt Jankowski
* Replace will_paginate with kaminari * Use #page instead of #paginate in controllers * Replace will_paginate.page_gap with pagination.truncate in i18n * Customize kaminari views to match prior styles * Set kaminari options to match prior behavior * Replace will_paginate with paginate in views
2017-04-10API param to exclude notification types from response (#1341)Eugen
* Add exclude_types param to /api/v1/notifications * Exclude notification types in web UI through exclude_types in the API
2017-04-10Clean up generation of account webfinger string (#1477)Matt Jankowski
* Consolidate webfinger string creation under Account#to_webfinger_s * Introduce Account#local_username_and_domain for consolidation
2017-04-10Admin base controller (#1465)Matt Jankowski
* Add Admin::BaseController to wrap admin area Extracts the setting of the `admin` layout and verifying that users are admins to a common base class for the admin/ controllers. * Add basic coverage for admin/reports and admin/settings controllers
2017-04-09Do not store last visited URL from API controllers (#1330)Eugen
Sign-in redirects you back to last visited URL, but in case of API requests, this sometimes redirected users to an API URL that, of course, greeted them with an {"error":"The access token is invalid"}
2017-04-09Fix /api/v1/accounts/update_credentials tests (#1357)Eugen
2017-04-09Use HTTP Accept-Language to detect locale (#1166)David Authier
* Use HTTP Accept-Language to detect locale * Fix gem order to comply with codeclimate * Sort gem to comply with rubocop * I18n.default_locale fallback when there is no accept-language header
2017-04-09Allow users to update their Account in the API (#1179)David Celis
* Allow users to update their Account in the API It would be nice for API clients to be able to allow users to update their accounts without having to wrap Mastodon in a web view. This patch adds an API endpoint to let users submit a PATCH for their account. Signed-off-by: David Celis <me@davidcel.is> * Add /api/v1/accounts/update_credentials to the API docs Signed-off-by: David Celis <me@davidcel.is>
2017-04-09Clean up about page (#1282)Matt Jankowski
* Add InstancePresenter to expose site details * Clean up about controller, use instance presenter
2017-04-08Make public timelines API not require user context/app credentials (#1291)Eugen
* Make /api/v1/timelines/public and /api/v1/timelines/tag/:id public Fix #1156 - respect query params when generating pagination links in API * Apply pagination fix to more APIs
2017-04-08Fix #795, fix #704, fix #835 - 2FA requires confirmation to be enabled (#1278)Eugen
* Fix #795, fix #704, fix #835 - 2FA requires confirmation to be enabled TOTP secret is not shown again after 2FA is enabled * Clean up
2017-04-08Fix #1165 - before_action was called before protect_from_forgeryEugen Rochko
2017-04-07Allow setting of default language through configEugen Rochko
Setting of locale in controller extracted to Localized concern, the doorkeeper authorized applications controller moved under custom namespace with inclusion of Localized, which resolves the "it sometimes appears in a different random language" bug
2017-04-07Rewrite Atom generation from stream entries to use Ox instead of Nokogiri ↵Eugen
(#1124) * Rewrite Atom generation from stream entries to use Ox instead of Nokogiri::Builder StreamEntry is now limited to only statuses, which allows some optimization. Removed extra queries on AccountsController#show. AtomSerializer instead of AtomBuilderHelper used in AccountsController#show, StreamEntriesController#show, StreamEntryRenderer and PubSubHubbub::DistributionWorker PubSubHubbub::DistributionWorker moves n+1 DomainBlock query to PubSubHubbub::DeliveryWorker instead. All Salmon slaps that aren't based on StreamEntry still use AtomBuilderHelper and Nokogiri * All Salmon slaps now use Ox instead of Nokogiri. No touch from status on account
2017-04-04Remote follow improvementsDrew DeVault
This stores the @username@instance you provide in your session and reuses it the next time you remote follow someone from this instance.
2017-04-04New admin setting: open/close registrations, with custom message, from the ↵Eugen Rochko
admin UI
2017-04-04Only call regeneration worker after first login after a 14 day breakEugen Rochko
2017-04-04Fix ActionController::Parameters in API issueEugen Rochko
2017-04-03Add basic logging of who resolved reportEugen Rochko
2017-04-03When taking action on a report (silence/suspend), it dismisses all otherEugen Rochko
reports for that user automatically
2017-04-03Make default admin UI page reports. Add admin UI for creating a domain blockEugen Rochko
2017-04-02Catching rack timeout from rails doesn't workEugen Rochko
2017-04-02Add proper error page for request timeoutsEugen Rochko
2017-04-02Fix wording "show reblogs" -> "show boosts", order reports chronologically inEugen Rochko
admin UI