about summary refs log tree commit diff
path: root/app/controllers
AgeCommit message (Collapse)Author
2021-07-03Fix anonymous access to outbox not being cached by the reverse proxy (#16458)Claire
* Fix anonymous access to outbox not being cached by the reverse proxy Up until now, anonymous access to outbox was marked as public, but with a 0 duration for caching, which means remote proxies would only serve from cache when the server was completely overwhelmed. Changed that cache duration to one minute, so that repeated anonymous access to one account's outbox can be appropriately cached. Also added `Signature` to the `Vary` header in case a page is requested, so that authenticated fetches are never served from cache (which only contains public toots). * Remove Vary: Accept header from webfinger controller Indeed, we have stopped returning xrd, and only ever return jrd, so the Accept request header does not matter anymore. * Cache negative webfinger hits for 3 minutes
2021-06-23Fix login date not showing up in login history by using “public” packClaire
2021-06-23Merge branch 'main' into glitch-soc/merge-upstreamClaire
2021-06-21Fix serialization of followers/following counts when user hides their ↵Claire
network (#16418) * Add tests * Fix serialization of followers/following counts when user hides their network Fixes #16382 Signed-off-by: Claire <claire.github-309c@sitedethib.com>
2021-06-21Add authentication history (#16408)Eugen Rochko
2021-06-03Merge branch 'main' into glitch-soc/merge-upstreamClaire
2021-06-02Fix e-mail confirmations API not working correctly (#16348)Eugen Rochko
* Fix e-mail confirmations API not working correctly * Fix typo
2021-05-31Fix some IDs in instance actor outbox (#16343)Claire
2021-05-31Merge branch 'main' into glitch-soc/merge-upstreamClaire
2021-05-30Remove set-cookie header on custom.css (#16314)Jeong Arm
* Remove set-cookie header on custom.css * Additional fix for set-cookie
2021-05-27Merge branch 'main' into glitch-soc/merge-upstreamClaire
Conflicts: - `README.md`: Upstream's README got updated, but we have a completely different one. Kept ours.
2021-05-22Fix media proxy RedisLocks auto-releasing too fast (#16291)Claire
Follow-up to #16276
2021-05-07Merge branch 'main' into glitch-soc/merge-upstreamClaire
- `app/views/statuses/_simple_status.html.haml`: Small markup change in glitch-soc, on a line that has been modified by upstream. Ported upstream changes.
2021-05-07Change trending hashtags to be affected be reblogs (#16164)Eugen Rochko
If a status with a hashtag becomes very popular, it stands to reason that the hashtag should have a chance at trending Fix no stats being recorded for hashtags that are not allowed to trend, and stop ignoring bots Remove references to hashtags in profile directory from the code and the admin UI
2021-05-06Add Ruby 3.0 support (#16046)Claire
* Fix issues with POSIX::Spawn, Terrapin and Ruby 3.0 Also improve the Terrapin monkey-patch for the stderr/stdout issue. * Fix keyword argument handling throughout the codebase * Monkey-patch Paperclip to fix keyword arguments handling in validators * Change validation_extensions to please CodeClimate * Bump microformats from 4.2.1 to 4.3.1 * Allow Ruby 3.0 * Add Ruby 3.0 test target to CircleCI * Add test for admin dashboard warnings * Fix admin dashboard warnings on Ruby 3.0
2021-05-05Add management of delivery availability in Federation settings (#15771)Takeshi Umeda
* Add management of delivery availavility in Federation settings * fix translate * Remove useless object creation * Fix DeepSource issue * Add shortcut for all * Fix DeepSource(skipcq) * Change 'remove' to 'clear' * Fix style * Change class method name (exhausted_deliveries_key_by)
2021-05-05Fix error when trying to render component for media without meta (#16112)Eugen Rochko
2021-05-05Fix database serialization failure returning HTTP 500 (#16101)Eugen Rochko
Database serialization failure occurs when a read-replica is used and a query takes long enough that rows on the primary database become unavailable. It should return HTTP 503 as it is temporary. Re-order rescue definitions according to their status codes
2021-05-03Change confirmations controller to redirect to / for approved users (#16151)Claire
Clicking the confirmation link multiple times currently leads to entering account settings, which can be confusing. This commit changes that so that it redirects to the root path, so it behaves the same way as clicking only once in most cases.
2021-04-26Further improve the media attached status query for accounts (#16106)abcang
2021-04-25Improve media attached status query (#16105)abcang
2021-04-24Change auto-following admin-selected accounts, show in recommendations (#16078)Eugen Rochko
2021-04-20Merge branch 'main' into glitch-soc/merge-upstreamClaire
Conflicts: - `README.md`: Upstream updated copyright year, we don't mention it so kept our version. - `app/controllers/admin/dashboard_controller.rb`: Not really a conflict, upstream change (removing the spam checker) too close to glitch-soc changes. Ported upstream changes. - `app/models/form/admin_settings.rb`: Same. - `app/services/remove_status_service.rb`: Same. - `app/views/admin/settings/edit.html.haml`: Same. - `config/settings.yml`: Same. - `config/environments/production.rb`: Not a real conflict, upstream added a default HTTP header, but we have extra headers in glitch-soc. Added the header.
2021-04-15Add `policy` param to `POST /api/v1/push/subscriptions` (#16040)Eugen Rochko
With possible values `all`, `followed`, `follower`, and `none`, control from whom notifications will generate a Web Push alert
2021-04-12Add cold-start follow recommendations (#15945)Eugen Rochko
2021-04-11Remove spam check and dependency on nilsimsa gem (#16011)Eugen Rochko
2021-04-05Merge branch 'main' into glitch-soc/merge-upstreamClaire
2021-04-03Add system checks to dashboard in admin UI (#15989)Eugen Rochko
2021-04-03Change health check (#15988)Eugen Rochko
2021-03-31Merge branch 'main' into glitch-soc/merge-upstreamClaire
2021-03-26Fix /admin/tags/:id crashing since Rails 6.1 update (#15953)Claire
Raw SQL passed to `pluck` now has to be explicitly marked as SQL via Arel.sql, see https://github.com/rails/rails/pull/27947
2021-03-26Add warning in admin dashboard if some required queues are not handled (#15954)Claire
2021-03-25Add `email` param to `POST /api/v1/emails/confirmations` (#15949)Eugen Rochko
Allow changing e-mail as long as the account is unconfirmed
2021-03-24Merge branch 'main' into glitch-soc/merge-upstreamClaire
2021-03-24Update Mastodon to Rails 6.1 (#15910)Claire
* Update devise-two-factor to unreleased fork for Rails 6 support Update tests to match new `rotp` version. * Update nsa gem to unreleased fork for Rails 6 support * Update rails to 6.1.3 and rails-i18n to 6.0 * Update to unreleased fork of pluck_each for Ruby 6 support * Run "rails app:update" * Add missing ActiveStorage config file * Use config.ssl_options instead of removed ApplicationController#force_ssl Disabled force_ssl-related tests as they do not seem to be easily testable anymore. * Fix nonce directives by removing Rails 5 specific monkey-patching * Fix fixture_file_upload deprecation warning * Fix yield-based test failing with Rails 6 * Use Rails 6's index_with when possible * Use ActiveRecord::Cache::Store#delete_multi from Rails 6 This will yield better performances when deleting an account * Disable Rails 6.1's automatic preload link headers Since Rails 6.1, ActionView adds preload links for javascript files in the Links header per default. In our case, that will bloat headers too much and potentially cause issues with reverse proxies. Furhermore, we don't need those links, as we already output them as HTML link tags. * Switch to Rails 6.0 default config * Switch to Rails 6.1 default config * Do not include autoload paths in the load path
2021-03-19Merge branch 'main' into glitch-soc/merge-upstreamClaire
2021-03-19Further preparation for Rails 6 (#15916)Claire
* Use ActiveRecord::Result#to_ary instead of deprecated to_hash They do the same thing, and to_hash has been removed from Rails 6.1 * Explicitly name polymorphic indexes to workaround a bug in Rails 6.1 cf. https://github.com/rails/rails/issues/41693 * Fix incorrect usage of “foreign_key” in migration script * Use `ActiveModel::Errors#delete` instead of deprecated clear method * Fix link headers tests on Rails 6.1 Rails 6.1 adds values to the Link header by default, thus it is not a LinkHeader object anymore. Fix the test to parse the Link header instead of assuming it is a LinkHeader.
2021-03-18Fix cache_collection crashing when given an empty collection (#15921)Claire
* Fix cache_collection crashing when given an empty collection * Add tests
2021-03-02Merge branch 'main' into glitch-soc/merge-upstreamClaire
Conflicts: - `app/validators/status_length_validator.rb`: Upstream changes too close to glitch-soc MAX_CHARS changes, but not a real conflict. Applied upstream changes. - `package.json`: glitch-soc-only dependency textually too close to a dependency updated upstream, not a real conflict. Applied upstream changes.
2021-03-01Add `POST /api/v1/emails/confirmations` to REST API (#15816)Eugen Rochko
Only available to the application the user originally signed-up with
2021-03-01Add `details` to error response for `POST /api/v1/accounts` in REST API (#15803)Eugen Rochko
2021-02-26Fix crash on receiving requests with missing Digest header (#15782)Claire
* Fix crash on receiving requests with missing Digest header Return an error pointing out that Digest is missing, instead of crashing. Fixes #15743 * Fix from review feedback
2021-02-22Merge branch 'main' into glitch-soc/merge-upstreamClaire
2021-02-21Add server rules (#15769)Eugen Rochko
2021-02-19replace all instances of "ends_with?" with "end_with?" (#15745)Justin Tracey
The "ends_with?" method is just a Rails alias of Ruby's "end_with?" method. Using the latter makes the code less brittle.
2021-02-16Add `GET /api/v1/accounts/lookup` REST API (#15740)Eugen Rochko
2021-02-12Merge branch 'main' into glitch-soc/merge-upstreamClaire
Conflicts: - `app/javascript/styles/mastodon/modal.scss`: For some reason we changed the file loading path in glitch-soc, but now upstream has completely changed how the logo is loaded. Applied upstream changes.
2021-02-12Refactor Api::Web::SettingsController (#15717)Eugen Rochko
2021-02-11Onion service related changes to HTTPS handling (#15560)Cecylia Bocovich
* Enable secure cookie flag for https only * Disable force_ssl for .onion hosts only Co-authored-by: Aiden McClelland <me@drbonez.dev>
2021-02-09Create instance actor if it hasn't been properly seeded (#15693)Claire
An uncommon but somewhat difficult to digagnose issue is dealing with improperly-seeded databases. In such cases, instance-signed fetches will fail with a ActiveRecord::RecordNotFound error, usually caught and handled as generic 404, leading people to think the remote resource itself has not been found, while it's the local instance actor that does not exist. This commit changes the code so that failure to find the instance actor automatically creates a new one, so that improperly-seeded databases do not cause any issue.