| Age | Commit message (Collapse) | Author |
|---|
|
* Coverage for api push controller
* Refactor the api/push controller
|
|
|
|
* Set domain_block by before_action
* Cast value with ActiveRecord::Type
* Batch update
|
|
Height 640 is too big for most toots.
Twitter use null value to support flexible height.
|
|
|
|
* Remove best_in_place
* Replace best_in_place usage with rails helpers
* Move admin/settings#index to #edit action
* Remove click_to__edit from i18n
|
|
Fix #2196 - Respond with 201 when Salmon accepted, 400 when unverified
Fix #2629 - Correctly handle confirm_domain? for local accounts
Unify rules for extracting author acct from XML, prefer <email>, fall back
to <name> + <uri> (see also #2017, #2172)
|
|
* Add a spec for signing out
* Add spec showing that suspended user gets a 403 forbidden on sign out
* Allow suspended account users to sign out
|
|
* Add option to disable two factor auth in admin accounts panel.
Closes #2578
* Add @mjankowski's suggestions.
* Moves destroy actions behind User#disable_two_factor!
* Adds spec coverage for Admin:TwoFactorAuthenticationsController and User#disable_two_factor!
|
|
|
|
* Add coverage for create with empty acct value
* Add coverage for create with webfinger failure
* Add coverage for create with webfinger providing bad values
* Add coverage for create when webfinger is good
* Add coverage for session[:remote_follow] having data
* Simplify how remote follow pulls acct from session
* Remote follow behaves more like model
* Move the discovery portions of remote follow out of controller
* Check for suspended accounts
|
|
* Use respond_with_error for forbidden errors
* Wrap up common error code into single method
|
|
* Naive approached to timeline filtering
* Convert allowed_languages into a db column
* Allow users to choose languages to see statuses in
* Style list items as two columns
* Add a hint to explain language filtering preference
|
|
* disable Bundler/OrderedGems
* fix rubocop Lint/UselessAssignment
* fix rubocop Style/BlockDelimiters
* fix rubocop Style/AlignHash
* fix rubocop Style/AlignParameters, Style/EachWithObject
* fix rubocop Style/SpaceInLambdaLiteral
|
|
|
|
* Add coverage for admin/confirmations controller
* Coverage for statuses controller show action
* Add coverage for admin/domain_blocks controller
* Add coverage for settings/profiles#update
|
|
* downgrade rubocop 0.48.1 => 0.46.0
* exclude vendor/**/* from rubocop target files
* add frozen_string_literal comment line
* fix percent literal delimited by ( and )
* fix alignment
* remove comment disabling unknown cop
|
|
|
|
|
|
* Fix Doorkeeper error
* use Doorkeeper::OAuth::Scopes.from_string
|
|
|
|
* OEmbed support for PreviewCard
* Improve ProviderDiscovery code failure treatment
* Do not crawl links if there is a content warning, since those
don't display a link card anyway
* Reset db schema
* Fresh migrate
* Fix rubocop style issues
Fix #1681 - return existing access token when applicable instead of creating new
* Fix test
* Extract http client to helper
* Improve oembed controller
|
|
|
|
This PR fixes I18n.locale for rake middlewares. Mastodon uses Devise that depends on Warden.
Warden::Manager can be found in rake middleware. It is outside of the controller.
In the case of authentication failed, warden calls throw(:warden). At the time Warden::Manager
delegates request to failure_app to generate response and flash[:alert] after catching it.
Unfortunately, I18n.locale is already reset then because I18n.with_locale is enabled only
inside the controller. If we used I18n.locale=, Devise::FailureApp could get the current locale.
|
|
changes. (#2410)
* Change ActivityPub paging to match spec. Clean up ActivityPub outbox changes.
* Fix code style and test failures for OutboxController.
* Attempt to fix CI errors.
|
|
(#2419)
duplicates. Web UI regenerates UUID for that header every time the compose
form is changed or successfully submitted
Also, fix Farsi i18n overwriting the English one
|
|
* Fix #2119 - Whenever about to send a HTTP request, normalize the URI
* Add test for IDN request in FetchLinkCardService
* Perform IDN normalization on domains before they are stored in the DB
|
|
|
|
* Make private toots get PuSHed to subscription URLs that belong to domains where you have approved followers
* Authorized followers controller, stub for bulk action
* Soft block in the background
* Add simple test for new controller
* Rename Settings::FollowersController to Settings::FollowerDomainsController, paginate results,
rename "private" post setting to "followers-only", fix pagination style, improve post privacy
preferences style, improve warning style
* Extract compose form warnings into own container, show warning when posting to followers-only with unlocked account
|
|
Create/Announce Activities (#2197)
* Clean up collapsible components
* Expose user Outboxes and AS2 representations of statuses
* Save work thus far.
* Fix bad merge.
* Save my work
* Clean up pagination.
* First test working.
* Add tests.
* Add Forbidden error template.
* Revert yarn.lock changes.
* Fix code style deviations and use localized instead of hardcoded English text.
|
|
* Shows confirmed status in list.
* Adds ability to confirm users in admin UI.
* Added new english translations.
* Addresses feedback from #2245.
* More feedback.
|
|
The force_ssl method from controllers does not add all of the options that the
sitewide configuration in a config block does. For example, HSTS enforcement is
not added by the controller method, but is added by this style.
|
|
* Add spec coverage for settings/two_factor_auth area
* extract setup method for qr code
* Move otp required check to before action
* Merge method only used once
* Remove duplicate view
* Consolidate creation of @codes for backup
* Move settings/2fq#recovery_codes to settings/recovery_codes#create
* Rename settings/two_factor_auth#disable to #destroy
* Add coverage for the otp required path on 2fa#show
* Clean up the recovery codes list styles
* Move settings/two_factor_auth to settings/two_factor_authentication
* Reorganize the settings two factor auth area
Updated to use a flow like:
- settings/two_factor_authentication goes to a #show view which has a button
either enable or disable 2fa on the account
- the disable button turns off the otp requirement for the user
- the enable button cycles the user secret and redirects to a confirmation page
- the confirmation page is a #new view which shows the QR code for user
- that page posts to #create which verifies the code, and creates the recovery
codes
- that create action shares a view with a recovery codes controller which can be
used separately to reset codes if needed
|
|
* Added API backend for notification dismissal
* Added render statement
* Changed statement
|
|
* Fix #2195 - Set locale to error pages
* Fix #2195 - Cut duplicate process into one method
|
|
* Add missing fields group on preferences page
* Clean up settings/preferences controller
* Extract a UserSettingsDecorator
|
|
* Add render_views for admin/settings spec
* Add coverage for admin/settings#update
* Add coverage for admin/settings typecasting open_registrations setting
* Simplify how admin/settings finds the value for updating
* Rely on activerecord to not update a value that hasnt changed
* Add coverage for non-existent setting
* Use a constant for boolean settings
|
|
* Fix #2120 - Use Status#as_tag_timeline on public hashtag page
* Update tags_controller.rb
|
|
|
|
* Add routing specs for accounts followers and following actions
* Use more restful route naming for public account follow pages
Moves two actions:
- accounts#followers to accounts/follower_accounts#index
- accounts#following to accounts/following_accounts#index
Adds routing spec to ensure prior URLs are preserved.
|
|
|
|
* Add admin/instances index action
* Add link to instances admin page
* View lists instances
* Instances, grouped by domain, ordered by count
* Use Account.remote scope
* Extract method: Account.by_domain_accounts
|
|
* Add a ReportFilter class
* Add reports and targeted_reports relationships to Account
* Use ReportFilter from admin/reports controller
* Link to admin/reports filtered views from admin account show view
* Add indexes to reports.account_id and reports.target_account_id
|
|
|
|
|
|
|
|
* Remove unused method #set_counters_maps from api controller
* Remove unused method #set_account_counters_maps from api controller
* Remove unused method Account#followers_domains
* Remove unused User.prolific scope
* Add mastodon:users:admins task to list all admin emails
* Use interpolated query style in Account.triadic_closures
* Coverage for Account.triadic_closures
|
|
* Add spec for media controller
* Add MediaAttachment.attached scope
* Simplify methods in media controller
|
|
(#1989)
|
|
This change includes:
- Improve the spec coverage for incoming request to the webfinger action
- For requests without an accept header (ie, what a browser might look like),
return a JSON response.
- For requests with an explicit format of xml or json, return that format.
- For requests using an accept header, return that format.
Also adds failing spec showing webfinger does not return xml, which covers the
issue described in: https://github.com/tootsuite/mastodon/issues/1983
|
