about summary refs log tree commit diff
path: root/app/controllers
AgeCommit message (Collapse)Author
2020-06-09Add e-mail-based sign in challenge for users with disabled 2FA (#14013)Eugen Rochko
2020-06-09Add limit parameter to rss (#13743)Takeshi Umeda
2020-06-05Fix unpermitted operations on custom emojis leading to cryptic errors (#13951)ThibG
* Display appropriate error when performing unpermitted operation on custom emoji Fixes #13897 * Remove links to custom emoji actions not performable by moderators
2020-06-03Fix wrong route helper in encrypted messages controller (#13952)Eugen Rochko
And add `created_at` to encrypted message serializer
2020-06-03Fix account redirect confirmation message talking about moved followers (#13950)ThibG
Fixes #13949
2020-06-02Add E2EE API (#13820)Eugen Rochko
2020-05-31Hide local-only pinned toots from public profilesThibaut Girka
Fixes #1336 This also fixes federating pinned toots when some of them are local-only. Public profiles will not show public toots, whether you are logged in or not (this is consistent with local-only toots that are not pinned).
2020-05-20Merge branch 'master' into glitch-soc/merge-upstreamThibaut Girka
2020-05-14Fix webfinger returning wrong status code on malformed or missing param (#13759)ThibG
Fixes #13757
2020-05-13Merge branch 'master' into glitch-soc/merge-upstreamThibaut Girka
2020-05-11Fix sr locale being selected over sr-Latn (#13693)ThibG
* Fix sr locale being selected over sr-Latn * Update tests
2020-05-10Merge branch 'master' into glitch-soc/merge-upstreamThibaut Girka
Conflicts: - `Gemfile.lock`: Not a real conflict, just a glitch-soc-only dependency too close to a dependency that got updated upstream. Updated as well. - `app/models/status.rb`: Not a real conflict, just a change too close to glitch-soc-changed code for optionally showing boosts in public timelines. Applied upstream changes. - `app/views/layouts/application.html.haml`: Upstream a new, static CSS file, conflict due to glitch-soc's theming system, include the file regardless of the theme. - `config/initializers/content_security_policy.rb`: Upstream dropped 'unsafe-inline' from the 'style-src' directive, but both files are very different. Removed 'unsafe-inline' as well.
2020-05-10Add ability to remove identity proofs from account (#13682)Eugen Rochko
Fix #12613
2020-05-10Add remote only to public timeline (#13504)Takeshi Umeda
* Add remote only to public timeline * Fix code style
2020-05-10Remove confusing “You are already signed in.” flash message (#13547)ThibG
When attempting to access the log-in page while already logged in, Devise's `require_no_authentication` kicks in and sets a flash message “You are already signed in.” In almost all cases, this also causes a redirect to /web, which does not display or clear flash messages, thus leaving the message to a potentially much later date, like for instance, accessing /preferences several minutes after being redirected to /web.
2020-05-08Fix own following/followers not showing muted users (#13614)ThibG
Fixes #13612
2020-05-03Add more ActivityPub controller tests (#13590)Eugen Rochko
2020-05-03Merge branch 'master' into glitch-soc/merge-upstreamThibaut Girka
Conflicts: - `app/controllers/statuses_controller.rb`: Upstream disabled the embed controller for reblogs. Not a real conflict, but glitch-soc has an extra line to deal with its theming system. Ported upstream changes. - `app/javascript/packs/public.js`: Upstream made changes to get rid of most inline CSS, this changes javascript for public pages, which in glitch are split between different files. Ported those changes. - `app/models/status.rb`: Upstream changed the block check in `Status#permitted_for` to include domain-block checks. Not a real conflict with glitch-soc, but our scope is slightly different, as our scope for unauthenticated access do not include instance-local toots. Ported upstream changes. - `app/serializers/rest/instance_serializer.rb`: Not a real conflict, upstream added a new field to the instance serializer, the conflict is one line above since we added more of that. Ported upstream changes. - `app/views/settings/profiles/show.html.haml`: Upstream got rid of most inline CSS and moved hidden elements to data attributes in the process, in fields were we have different values. Ported upstream changes while keeping our glitch-specific values. - `app/views/statuses/_simple_status.html.haml`: Upstream got rid of inline CSS on an HAML line we treat differently, stripping empty text nodes. Ported upstream changes to the style attribute, keeping the empty text node stripping behavior.
2020-05-03Add more tests for ActivityPub controllers (#13585)Eugen Rochko
2020-04-20Merge branch 'master' into glitch-soc/merge-upstreamThibaut Girka
2020-04-20Allow users to delete their header and avatar (#13234)sternenseemann
This is achieved by sending a DELETE request to /settings/profile/pictures/{avatar,header} via a link that is part of the upload form's hint of the respective picture.
2020-04-18Add local only to hashtag timeline (#13502)Takeshi Umeda
2020-04-17Merge branch 'master' into glitch-soc/merge-upstreamThibaut Girka
2020-04-15Change delivery failure tracking to work with hostnames instead of URLs (#13437)Eugen Rochko
2020-04-05Merge branch 'master' into glitch-soc/merge-upstreamThibaut Girka
Conflicts: - `app/javascript/packs/public.js`: Upstream modified code that we split between multiple files due to glitch-soc's theming system. Ported those changes.
2020-04-05Add rate limit for reporting (#13390)Eugen Rochko
2020-04-04Merge branch 'master' into glitch-soc/merge-upstreamThibaut Girka
2020-04-03Add ability to filter audit log in admin UI (#13381)Eugen Rochko
2020-04-02Merge branch 'master' into glitch-soc/merge-upstreamThibaut Girka
Conflicts: - `app/javascript/mastodon/features/compose/components/poll_form.js`: Upstream bumped poll option character limit, but we already had a higher one, kept ours. - `app/validators/poll_validator.rb`: Upstream bumped poll option character limit, but we already had a higher one, kept ours. - `config/initializers/content_security_policy.rb`: Upstream added a rule, the way we compute ours is different, but that added rule has been ported. - `package.json`: No real conflict, dependency update. Performed the same update. - `yarn.lock`: No real conflict, dependency update. Performed the same update.
2020-03-31Fix ImportsController param to permit :mode (#13347)Takeshi Umeda
2020-03-28Fix 404 and 410 API errors being silently discarded in WebUI (#13279)ThibG
* Fix 404 and 410 API errors being silently discarded in WebUI Fixes #13278 * Return more appropriate error when user replies to a deleted toot * Please CodeClimate * Fix 404/410 errors on fetching account timelines & identity proofs * Refactor error handling * Move error message string to statuses.errors
2020-03-22Merge branch 'master' into glitch-soc/merge-upstreamThibaut Girka
Conflicts: - `README.md`: Our README.md files are completely different. Discarded upstream changes. - `app/javascript/core/admin.js`: Updating rails-ujs, no real conflict, but a comment to close to changed code. Various glitch-soc-only files have been updated to match those changes, though. - `package.json`: No real conflict, just an additional dependency in glitch-soc that was too close to something updated upstream. Took upstream's changes.
2020-03-12Add option to include resolved DNS records when blacklisting e-mail domains ↵Eugen Rochko
in admin UI (#13254) * Add shortcuts to blacklist a user's e-mail domain in admin UI * Add option to blacklist resolved MX and IP records for e-mail domains
2020-03-12Add titles to warning presets in admin UI (#13252)Eugen Rochko
2020-03-09Add federation support for the "hide network" preference (#11673)ThibG
* Change ActivityPub follower/following collections to not link first page * Add support for hiding followers and following of remote users * Switch to using a single `hide_collections` column * Address code style remarks
2020-03-08Change local media attachments to perform heavy processing asynchronously ↵Eugen Rochko
(#13210) Fix #9106
2020-03-08Merge branch 'master' into glitch-soc/merge-upstreamThibaut Girka
Conflicts: - `app/controllers/api/v1/statuses_controller.rb`: Conflict due to upstream adding a new parameter (with_rate_limit), too close to glitch-soc's own additional parameter (content_type). Added upstream's parameter. - `app/services/post_status_service.rb`: Conflict due to upstream adding a new parameter (rate_limit), too close to glitch-soc's own additional parameter (content_type). Added upstream's parameter. - `app/views/settings/preferences/appearance/show.html.haml`: Conflict due to us not exposing theme settings here (as we have a different flavour/skin menu). Took upstream change, while still not exposing theme settings. - `config/webpack/shared.js`: Coding style fixes for a part we have rewritten. Discarded upstream changes.
2020-03-08Add ability to delete files uploaded for settings in admin UI (#13192)ThibG
* Allow deleting site uploads * Refactor and move links into hints * Fix i18n tests * Fix HTML output of site_upload_delete_hint
2020-03-08Add specific rate limits for posting and following (#13172)Eugen Rochko
2020-03-06Remove useless `respond_to` calls (#13208)Eugen Rochko
2020-02-27Merge branch 'master' into glitch-soc/merge-upstreamThibaut Girka
2020-02-27Fix leak of arbitrary statuses through unfavourite action in REST API (#13161)Eugen Rochko
2020-02-25Merge branch 'master' into glitch-soc/merge-upstreamThibaut Girka
2020-02-24Fix dismissing an announcement twice raising an obscure error (#13124)ThibG
2020-02-19Merge branch 'master' into glitch-soc/merge-upstreamThibaut Girka
2020-02-19Fix account JSON/RSS not being cacheable due to wrong mime type comparison ↵ThibG
(#13116) `request.format` is not a symbol but a `Mime::Type`, so the condition actually never matched, and a session was created even for those requests, preventing caching.
2020-02-16Fix sign-ups without checked user agreement being accepted through the web ↵ThibG
form (#13088) * Fix user agreement not being verified * Fix tests * Fix up agreement field being dismissed
2020-02-09Merge branch 'master' into glitch-soc/merge-upstreamThibaut Girka
Conflicts: - `Gemfile`: We updated httplog in a separate commit. Took upstream's change which updated it further. - `Gemfile.lock`: We updated httplog in a separate commit. Took upstream's change which updated it further. - `app/lib/sanitize_config.rb`: Upstream added better unsupported link stripping, while we had different sanitizing configs. Took only upstream's link stripping code. - `config/locales/simple_form.pl.yml`: Strings unused in glitch-soc had been removed from glitch-soc, reintroduced them even if they are not useful, to reduce the risk of later merge conflicts.
2020-02-08Fix unfiltered params error when generating ActivityPub tag pagination (#13049)Eugen Rochko
2020-02-07Fix malformed HTML causing uncaught error (#13042)Eugen Rochko
Fix OEmbed preview API leaking existence of private statuses (see #12930)