about summary refs log tree commit diff
path: root/app/controllers
AgeCommit message (Collapse)Author
2022-12-15Merge branch 'main' into glitch-soc/merge-upstreamClaire
Conflicts: - `README.md`: Discarded upstream changes: we have our own README - `app/controllers/follower_accounts_controller.rb`: Port upstream's minor refactoring
2022-12-15Fix changing domain block severity not undoing individual account effects ↵Claire
(#22135) * Fix changing domain block severity not undoing individual account effects Fixes #22133 * Add tests
2022-12-15Fix single name variables on controller folder (#20092)David Vega
Co-authored-by: petrokoriakin1 <116151189+petrokoriakin1@users.noreply.github.com> Co-authored-by: petrokoriakin1 <116151189+petrokoriakin1@users.noreply.github.com> Co-authored-by: Effy Elden <effy@effy.space>
2022-12-15Change CSP directives on API to be tight and concise (#20960)Claire
2022-12-15Fix N+1 queries from in NotificationsController (#21202)nametoolong
Co-authored-by: Nonexistent <nx@example.org>
2022-12-15Allow adding relays while secure mode & limited federation mode are enabled ↵Effy Elden
(#22324)
2022-12-15Revoke all authorized applications on password reset (#21325)Francis Murillo
* Clear sessions on password change * Rename User::clear_sessions to revoke_access for a clearer meaning * Add reset paassword controller test * Use User.find instead of User.find_for_authentication for reset password test * Use redirect and render for better test meaning in reset password Co-authored-by: Effy Elden <effy@effy.space>
2022-12-07Merge branch 'main' into glitch-soc/merge-upstreamClaire
Conflicts: - `app/models/concerns/domain_materializable.rb`: Fixed a code style issue upstream in a PR that got merged in glitch-soc earlier. Changed the code to match upstream's.
2022-12-07Log admin approve and reject account (#22088)Francis Murillo
* Log admin approve and reject account * Add unit tests for approve and reject logging
2022-12-07Fix irreversible and whole_word parameters handling in /api/v1/filters (#21988)Claire
Fixes #21965
2022-12-01Merge branch 'main' into glitch-soc/merge-upstreamClaire
2022-12-01Fix some performance issues with /admin/instances (#21907)Claire
/admin/instances?availability=failing remains wholly unefficient
2022-11-22Merge branch 'main' into glitch-soc/merge-upstreamClaire
2022-11-21Fix not being able to follow more than one hashtag (#21285)Claire
Fixes regression from #20860
2022-11-18Merge branch 'main' into glitch-soc/merge-upstreamClaire
2022-11-17Fix form-action CSP directive for external login (#20962)Claire
2022-11-17Merge branch 'main' into glitch-soc/merge-upstreamClaire
2022-11-17Fix OAuth flow being broken by recent CSP change (#20958)Claire
2022-11-17Merge branch 'main' into glitch-soc/merge-upstreamClaire
Conflicts: - `.github/workflows/build-image.yml`: Upstream changed how docker images were built, including how they were cached. I don't know much about it, so applied upstream's changes. - `app/controllers/admin/domain_blocks_controller.rb`: The feature, that was in glitch-soc, got backported upstream. It also had a few fixes upstream, so those have been ported! - `app/javascript/packs/admin.js`: Glitch-soc changes have been backported upstream. As a result, some code from `app/javascript/core/admin.js` got added upstream. Kept our version since our shared Javascript already has that feature. - `app/models/user.rb`: Upstream added something to distinguish unusable and unusable-because-moved accounts, while glitch-soc considers moved accounts usable. Took upstream's code for `functional_or_moved?` and made `functional?` call it. - `app/views/statuses/_simple_status.html.haml`: Upstream cleaned up code style a bit, on a line that we had custom changes for. Applied upstream's change while keeping our change. - `config/initializers/content_security_policy.rb`: Upstream adopted one CSP directive we already had. The conflict is because of our files being structurally different, but the change itself was already part of glitch-soc. Kept our version.
2022-11-17Fix various issues with domain block import (#1944)Claire
- stop using Paperclip for processing domain allow/block imports - stop leaving temporary files - better error handling - assume CSV files are UTF-8-encoded
2022-11-17Support for import/export of instance-level domain blocks/allows for 4.x w/ ↵lenore gilbert
additional fixes (#20597) * Allow import/export of instance-level domain blocks/allows (#1754) * Allow import/export of instance-level domain blocks/allows. Fixes #15095 * Pacify circleci * Address simple code review feedback * Add headers to exported CSV * Extract common import/export functionality to AdminExportControllerConcern * Add additional fields to instance-blocked domain export * Address review feedback * Split instance domain block/allow import/export into separate pages/controllers * Address code review feedback * Pacify DeepSource * Work around Paperclip::HasAttachmentFile for Rails 6 * Fix deprecated API warning in export tests * Remove after_commit workaround (cherry picked from commit 94e98864e39c010635e839fea984f2b4893bef1a) * Add confirmation page when importing blocked domains (#1773) * Move glitch-soc-specific strings to glitch-soc-specific locale files * Add confirmation page when importing blocked domains (cherry picked from commit b91196f4b73fff91997b8077619ae25b6d04a59e) * Fix authorization check in domain blocks controller (cherry picked from commit 75279377583c6e2aa04cc8d7380c593979630b38) * Fix error strings for domain blocks and email-domain blocks Corrected issue with non-error message used for Mastodon:NotPermittedError in Domain Blocks Corrected issue Domain Blocks using the Email Domain Blocks message on ActionContoller::ParameterMissing Corrected issue with Email Domain Blocks using the not_permitted string from "custom emojii's" * Ran i18n-tasks normalize to address test failure * Removed unused admin.export_domain_blocks.not_permitted string Removing unused string as indicated by Check i18n * Fix tests (cherry picked from commit 9094c2f52c24e1c00b594e7c11cd00e4a07eb431) * Fix domain block export not exporting blocks with only media rejection (cherry picked from commit 26ff48ee48a5c03a2a4b0bd03fd322529e6bd960) * Fix various issues with domain block import - stop using Paperclip for processing domain allow/block imports - stop leaving temporary files - better error handling - assume CSV files are UTF-8-encoded (cherry picked from commit cad824d8f501b95377e4f0a957e5a00d517a1902) Co-authored-by: Levi Bard <taktaktaktaktaktaktaktaktaktak@gmail.com> Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2022-11-17Fix invalid/empty RSS feed link on account pages (#20772)Claire
Fixes #20770
2022-11-17Make tag following idempotent (#20860)trwnh
2022-11-17Change automatic post deletion configuration to be accessible to redirected ↵Claire
users (#20774) Fixes #20550
2022-11-17Fix pagination of followed tags (#20861)trwnh
* Fix missing pagination headers on followed tags * Fix typo
2022-11-16Merge branch 'main' into glitch-soc/merge-upstreamClaire
Conflicts: - `config/initializers/content_security_policy.rb`: Our config file is pretty different from upstream. Upstream changed CSP directive `script-src` to include `wasm-unsafe-eval` instead of `unsafe-eval`, which we did not include. Added `wasm-unsafe-eval` to `script-src` to fix execution of the OCR web worker. - `package.json`: Upstream updated a dependency (`array-includes`) textually adjacent to a glitch-soc-only dependency (`atrament`). Updated `array-includes` as upstream did.
2022-11-16Add 'private' to Cache-Control, match Rails expectations (#20608)Daniel Axtens
Several controlers set quite intricate Cache-Control headers in order to hopefully not be cached by any intermediate proxies or local caches. Unfortunately, these headers are processed by ActionDispatch::HTTP::Cache in a way that squashes and discards any values set alongside no-store other than private: https://github.com/rails/rails/blob/8015c2c2cf5c8718449677570f372ceb01318a32/actionpack/lib/action_dispatch/http/cache.rb#L207-L209 We want to preserve no-store on these responses, but we might as well remove parts that are going to be dropped anyway. As many of the endpoints in these controllers are private to a particular user, we should also add "private", which will be preserved alongside no-store.
2022-11-14Merge branch 'main' into glitch-soc/merge-upstreamClaire
Conflicts: - `app/views/admin/announcements/edit.html.haml`: Upstream change too close to theming-related glitch-soc change. Ported upstream changes. - `app/views/admin/announcements/new.html.haml` Upstream change too close to theming-related glitch-soc change. Ported upstream changes.
2022-11-14Move V2 Filter methods under /api/v2 prefix (#20622)trwnh
* Move V2 Filter methods under /api/v2 prefix * move over the tests too
2022-11-14Fix error when passing unknown filter param in REST API (#20626)Eugen Rochko
Fix #19156
2022-11-14Fix `role_ids` not accepting arrays in admin API (#20625)Eugen Rochko
Fix #19157
2022-11-12Merge branch 'main' into glitch-soc/merge-upstreamClaire
Conflicts: - `app/models/account.rb`: Conflict because we (glitch-soc) have disabled trending of posts without review. Discarded that upstream change. - `app/views/admin/settings/discovery/show.html.haml`: Just an extra setting in glitch-soc. Kept that extra setting.
2022-11-12Add back missing glitch-soc admin settings (#1919)Claire
Fixes #1890
2022-11-10Remove dead code and refactor status threading code (#20357)Claire
* Remove dead code * Remove unneeded/broken parameters and refactor descendant computation
2022-11-10Change logged out /api/v1/statuses/:id/context logged out limits (#20355)Claire
2022-11-10Merge branch 'main' into glitch-soc/merge-upstreamClaire
Conflicts: - `app/models/custom_emoji.rb`: Not a real conflict, just upstream changing a line too close to a glitch-soc-specific validation. Applied upstream changes. - `app/models/public_feed.rb`: Not a real conflict, just upstream changing a line too close to a glitch-soc-specific parameter documentation. Applied upstream changes.
2022-11-10Improve performance by avoiding regex construction (#20215)James Tucker
```ruby 10.times { p /#{FOO}/.object_id } 10.times { p FOO_RE.object_id } ```
2022-11-10Revert filtering public timelines by locale by default (#20294)Eugen Rochko
2022-11-08Make account endorsements idempotent (fix #19045) (#20118)trwnh
* Make account endorsements idempotent (fix #19045) * Accept suggestion to use exists? instead of find_by + nil check Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh> * fix logic (unless, not if) * switch to using `find_or_create_by!` Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
2022-11-08Fix uncaught 500 error on invalid `replies_policy` (Fix #19097) (#20126)trwnh
2022-11-07Merge branch 'main' into glitch-soc/merge-upstreamClaire
2022-11-07Fix crash when external auth provider has no display_name set (#19962)Claire
Fixes #19913
2022-11-07Merge branch 'main' into glitch-soc/merge-upstreamClaire
2022-11-07Fix crash in legacy filter creation controller (#19878)Claire
2022-11-06Merge branch 'main' into glitch-soc/merge-upstreamClaire
Conflicts: - `app/javascript/mastodon/features/compose/components/poll_form.js`: glitch-soc change because of having changed the default number of available poll options. Applied upstream's changes while keeping glitch-soc's default number of poll options. - `public/oops.png`: We had a minor graphics change, probably not worth diverging from upstream. Took upstream version.
2022-11-05Change `AUTHORIZED_FETCH` to not block unauthenticated REST API access (#19803)Eugen Rochko
New environment variable `DISALLOW_UNAUTHENTICATED_API_ACCESS`
2022-11-04Fix reblogs being discarded after the reblogged status (#19731)Claire
2022-11-02Fix inaccurate admin log entry for re-sending confirmation e-mails (#19674)Claire
Fixes #19593
2022-11-02Allow number of trending hashtags to be customizable (#1884)prplecake
2022-11-01Change post-processing to be deferred only for large media types (#19617)Eugen Rochko