Age | Commit message (Collapse) | Author |
|
|
|
Same as #8220 but for reports
|
|
|
|
Fix #8785
|
|
Fixes #9995
|
|
|
|
|
|
|
|
* Add hashtag filter to profiles
GET /@:username/tagged/:hashtag
GET /api/v1/accounts/:id/statuses?tagged=:hashtag
* Display featured hashtags on public profile
* Use separate model for featured tags
* Update featured hashtag counters on-write
* Limit featured tags to 10
|
|
* Make storing and displaying application used to toot opt-in
* Revert to storing application info, and display it to the author via API
|
|
|
|
|
|
|
|
|
|
* Refactor signature verification a bit
* Rescue signature verification if recorded public key is invalid
Fixes #8822
* Always re-fetch AP signing key when HTTP Signature verification fails
But when the account is not marked as stale, avoid fetching collections and
media, and avoid webfinger round-trip.
* Apply stoplight to key/account update as well as initial key retrieval
|
|
* Change remote interaction dialog to use specific actions
Instead of just "interact", use different strings based on whether
it's a reply, reblog or favourite. Add explanation why the step
is necessary in the first place
* Remove obsolete strings
|
|
Fix #9627
|
|
Fix #9729
|
|
Fix #340
|
|
* Allow to show a specific status in the admin interface
* Let the front-end know the current account is a moderator
* Add admin links to status and account menus
If the current logged-in user is an admin, add quick links to the admin
interface in account and toot dropdown menu. Suggestion by @ashkitten
* Use @statuses.first instead of @statuses[0]
|
|
|
|
Fix #6893
Fix #9268
|
|
|
|
* Add local followers page to admin account UI
For moderation, I often find myself wondering who, locally, is following
a remote user. Currently, to see this, I have to go back to the web UI,
paste in their full handle, click their profile, and go to the
"Followers" tab (plus, this information is incidental, and if mastodon
ever decides to resolve all of the follower information, there will be
no place local followers are shown). This PR adds a new page which is
accessible via the "following" count on the admin's account view
page, which shows the local followers. (It has filter parameters for
account location to indicate that only local followers are shown, and
leave room for expansion if mastodon ever decides to store the entire
remote follow list).
* Normalize en.yml
|
|
Fix #9606
|
|
|
|
Fix regression from 3c033c4352f8b156887cd7157b4a89c23a545838
|
|
|
|
|
|
* Add REST API for creating an account
The method is available to apps with a token obtained via the client
credentials grant. It creates a user and account records, as well as
an access token for the app that initiated the request. The user is
unconfirmed, and an e-mail is sent as usual.
The method returns the access token, which the app should save for
later. The REST API is not available to users with unconfirmed
accounts, so the app must be smart to wait for the user to click a
link in their e-mail inbox.
The method is rate-limited by IP to 5 requests per 30 minutes.
* Redirect users back to app from confirmation if they were created with an app
* Add tests
* Return 403 on the method if registrations are not open
* Require agreement param to be true in the API when creating an account
|
|
|
|
To better align with the list of hashtags
|
|
* Add moderation warnings
Replace individual routes for disabling, silencing, and suspending
a user, as well as the report update route, with a unified account
action controller that allows you to select an action (none,
disable, silence, suspend) as well as whether it should generate an
e-mail notification with optional custom text. That notification,
with the optional custom text, is saved as a warning.
Additionally, there are warning presets you can configure to save
time when performing the above.
* Use Account#local_username_and_domain
|
|
(#9573)
Fix #7087
The same data is available over the ActivityPub outbox, RSS, and Atom, so
there is little benefit to keeping it limited in this method.
|
|
|
|
* Move #set_user to Admin::BaseController
* Rename Admin::TwoFactorAuthenticationsController
from `#set_user` to `#set_target_user` .
|
|
* Remove "most popular" tab from profile directory, add responsive design
* Remove unused translations
|
|
Define `Settings::BaseController#set_body_classes` so that sub classes
inherit `Settings::BaseController` don't need to define
`#set_body_classes` agein.
|
|
* Fix markup in admin/accounts/:id table for avatar
* Add admin ability to remove an user's header image
|
|
* Add instance-wide setting to disable profile directory
Fixes #9496
When the profile directory is disabled:
- The “discoverable” setting is hidden from users
- The “profile directory” link is not shown on public pages
- /explore returns 404
* Move Setting.profile_directory check to a before_action filter
|
|
* Add specs for ActivityPub::CollectionsController#show
* Raise ActiveRecord::RecordNotFound
Raising ActiveRecord::NotFound raises NameError: uninitialized constant
ActiveRecord::NotFound.
|
|
|
|
|
|
* Add setting to not aggregate reblogs
Fixes #9222
* Handle cases where user is nil in add_to_home and add_to_list
* Add hint for setting_aggregate_reblogs option
* Reword setting_aggregate_reblogs label
|
|
Fix #5578
|
|
* Add test that should currently fail
* Fix depth computation (will still fail if statuses have been filtered out)
* Fix handling of broken threads
|
|
* Improve overview of accounts in admin UI
- Display suspended status, role, last activity and IP prominently
- Default to showing local accounts
- Default to not showing suspended accounts
* Remove unused strings
* Fix tests
* Allow filtering accounts by IP mask
|
|
|
|
|
|
* Reduce connect timeout from 10s to 1s
* Limit failing signature verifications per source IP
|