about summary refs log tree commit diff
path: root/app/controllers
AgeCommit message (Collapse)Author
2022-10-27Fix uncaught error when invalid date is supplied to API (#19480)Eugen Rochko
Fix #19213
2022-10-26Add ability to view previous edits of a status in admin UI (#19462)Eugen Rochko
* Add ability to view previous edits of a status in admin UI * Change moderator access to posts to be controlled by a separate policy
2022-10-26Change unauthenticated search to not support pagination in REST API (#19326)Eugen Rochko
- Only exact search matches for queries with < 5 characters - Do not support queries with `offset` (pagination) - Return HTTP 401 on truthy `resolve` instead of overriding to false
2022-10-25Fix IP blocks not having a unique index (#19456)Eugen Rochko
2022-10-22Fix `Settings::FeaturedTagsController` (#19418)Yamagishi Kazutoshi
Regression from #19409
2022-10-22Change featured tag updates to add/remove activity (#19409)Takeshi Umeda
* Change featured tag updates to add/remove activity * Fix to check for the existence of feature tag * Rename service and worker * Merge AddHashtagSerializer with AddSerializer * Undo removal of sidekiq_options
2022-10-22Change settings area to be separated into categories in admin UI (#19407)Eugen Rochko
And update all descriptions
2022-10-20Change public accounts pages to mount the web UI (#19319)Eugen Rochko
* Change public accounts pages to mount the web UI * Fix handling of remote usernames in routes - When logged in, serve web app - When logged out, redirect to permalink - Fix `app-body` class not being set sometimes due to name conflict * Fix missing `multiColumn` prop * Fix failing test * Use `discoverable` attribute to control indexing directives * Fix `<ColumnLoading />` not using `multiColumn` * Add `noindex` to accounts in REST API * Change noindex directive to not be rendered by default before a route is mounted * Add loading indicator for detailed status in web UI * Fix missing indicator appearing while account is loading in web UI
2022-10-20Add synchronization of remote featured tags (#19380)Takeshi Umeda
* Add LIMIT of featured tag to instance API response * Add featured_tags_collection_url to Account * Add synchronization of remote featured tags * Deliver update activity when updating featured tag * Remove featured_tags_collection_url * Revert "Add featured_tags_collection_url to Account" This reverts commit cff349fc27b104ded2df6bb5665132dc24dab09c. * Add hashtag sync from featured collections * Fix tag name normalize * Add target option to fetch featured collection * Refactor fetch_featured_tags_collection_service * Add LIMIT of featured tag to v1/instance API response
2022-10-15Make "No $entity selected" errors more accurate (#19356)prplecake
Previously all controllers would use the single "No accounts changed as none were selected" message. This commit changes them to read "tags", "posts", "emojis", etc. where necessary.
2022-10-13Change about page to be mounted in the web UI (#19345)Eugen Rochko
2022-10-08Add support for language preferences for trending statuses and links (#18288)Eugen Rochko
2022-10-08Change privacy policy to be rendered in web UI, add REST API (#19310)Eugen Rochko
Source string no longer localized, Markdown instead of raw HTML
2022-10-06Remove setting that disables account deletes (#17683)Eugen Rochko
2022-10-06Change public statuses pages to mount the web UI (#19301)Eugen Rochko
2022-10-06Remove previous landing page (#19300)Eugen Rochko
2022-10-05Add server rules to sign-up flow (#19296)Eugen Rochko
2022-10-05Change public timelines to be filtered by current locale by default (#19291)Eugen Rochko
In the absence of an opt-in to multiple specific languages in the preferences, it makes more sense to filter by the user's presumed language only (interface language or `lang` override)
2022-10-05Add server banner to web app, add `GET /api/v2/instance` to REST API (#19294)Eugen Rochko
2022-10-05Fix deleted pinned posts potentially counting towards the pinned posts limit ↵Claire
(#19005) Fixes #18938
2022-10-04Remove code for rendering public and hashtag timelines outside the web UI ↵Eugen Rochko
(#19257)
2022-09-29Change path of privacy policy page (#19249)Eugen Rochko
2022-09-29Add logged-out access to the web UI (#18961)Eugen Rochko
2022-09-23Add user content translations with configurable backends (#19218)Eugen Rochko
2022-09-21Refactor ActivityPub handling to prepare for non-Account actors (#19212)Claire
* Move ActivityPub::FetchRemoteAccountService to ActivityPub::FetchRemoteActorService ActivityPub::FetchRemoteAccountService is kept as a wrapper for when the actor is specifically required to be an Account * Refactor SignatureVerification to allow non-Account actors * fixup! Move ActivityPub::FetchRemoteAccountService to ActivityPub::FetchRemoteActorService * Refactor ActivityPub::FetchRemoteKeyService to potentially return non-Account actors * Refactor inbound ActivityPub payload processing to accept non-Account actors * Refactor inbound ActivityPub processing to accept activities relayed through non-Account * Refactor how Account key URIs are built * Refactor Request and drop unused key_id_format parameter * Rename ActivityPub::Dereferencer `signature_account` to `signature_actor`
2022-09-21Fix typo in SignatureVerification (#19209)Claire
Fix regression from #15605
2022-09-20Add ability to filter followed accounts' posts by language (#19095)Eugen Rochko
2022-09-20Improve error reporting and logging when processing remote accounts (#15605)Claire
* Add a more descriptive PrivateNetworkAddressError exception class * Remove unnecessary exception class to rescue clause * Remove unnecessary include to JsonLdHelper * Give more neutral error message when too many webfinger redirects * Remove unnecessary guard condition * Rework how “ActivityPub::FetchRemoteAccountService” handles errors Add “suppress_errors” keyword argument to avoid raising errors in ActivityPub::FetchRemoteAccountService#call (default/previous behavior). * Rework how “ActivityPub::FetchRemoteKeyService” handles errors Add “suppress_errors” keyword argument to avoid raising errors in ActivityPub::FetchRemoteKeyService#call (default/previous behavior). * Fix Webfinger::RedirectError not being a subclass of Webfinger::Error * Add suppress_errors option to ResolveAccountService Defaults to true (to preserve previous behavior). If set to false, errors will be raised instead of caught, allowing the caller to be informed of what went wrong. * Return more precise error when failing to fetch account signing AP payloads * Add tests * Fixes * Refactor error handling a bit * Fix various issues * Add specific error when provided Digest is not 256 bits of base64-encoded data * Please CodeClimate * Improve webfinger error reporting
2022-09-08Fix REST API sometimes returning HTML on error (#19135)Claire
Fixes #19115
2022-08-28Change search API to be accessible without being logged in (#18963)Eugen Rochko
But with the resolve option turned off
2022-08-28Change following and followers API to be accessible without being logged in ↵Eugen Rochko
(#18964)
2022-08-28Add admin API for managing e-mail domain blocks (#19066)Eugen Rochko
2022-08-28Add admin API for managing canonical e-mail blocks (#19067)Eugen Rochko
2022-08-27Add admin API for managing IP blocks (#19065)Eugen Rochko
2022-08-25Remove digest e-mails (#17985)Eugen Rochko
* Remove digest e-mails * Remove digest-related code
2022-08-25Add ability to select all accounts matching search for batch actions (#19053)Eugen Rochko
2022-08-25Add audit log entries for user roles (#19040)Eugen Rochko
* Refactor audit log schema * Add audit log entries for user roles
2022-08-25Add ability to filter individual posts (#18945)Claire
* Add database table for status-specific filters * Add REST endpoints, entities and attributes * Show status filters in /filters interface * Perform server-side filtering for individual posts filters * Fix filtering on context mismatch * Refactor `toServerSideType` by moving it to its own module * Move loupe and delete icons to their own module * Add ability to filter individual posts from WebUI * Replace keyword list by warnings (expired, context mismatch) * Refactor server-side filtering code * Add tests
2022-08-24Add ability to block sign-ups from IP (#19037)Eugen Rochko
2022-07-20Fix /api/v1/tags/:id route constraints (#18854)Claire
The constraint was applied prior to decoding, and rejected anything containing the '%' character, which would be used for anything with non-ASCII unicode characters.
2022-07-17Add ability to follow hashtags (#18809)Eugen Rochko
2022-07-13Change how hashtags are normalized (#18795)Eugen Rochko
* Change how hashtags are normalized * Fix tests
2022-07-05Add customizable user roles (#18641)Eugen Rochko
* Add customizable user roles * Various fixes and improvements * Add migration for old settings and fix tootctl role management
2022-06-28Revamp post filtering system (#18058)Claire
* Add model for custom filter keywords * Use CustomFilterKeyword internally Does not change the API * Fix /filters/edit and /filters/new * Add migration tests * Remove whole_word column from custom_filters (covered by custom_filter_keywords) * Redesign /filters Instead of a list, present a card that displays more information and handles multiple keywords per filter. * Redesign /filters/new and /filters/edit to add and remove keywords This adds a new gem dependency: cocoon, as well as a npm dependency: cocoon-js-vanilla. Those are used to easily populate and remove form fields from the user interface when manipulating multiple keyword filters at once. * Add /api/v2/filters to edit filter with multiple keywords Entities: - `Filter`: `id`, `title`, `filter_action` (either `hide` or `warn`), `context` `keywords` - `FilterKeyword`: `id`, `keyword`, `whole_word` API endpoits: - `GET /api/v2/filters` to list filters (including keywords) - `POST /api/v2/filters` to create a new filter `keywords_attributes` can also be passed to create keywords in one request - `GET /api/v2/filters/:id` to read a particular filter - `PUT /api/v2/filters/:id` to update a new filter `keywords_attributes` can also be passed to edit, delete or add keywords in one request - `DELETE /api/v2/filters/:id` to delete a particular filter - `GET /api/v2/filters/:id/keywords` to list keywords for a filter - `POST /api/v2/filters/:filter_id/keywords/:id` to add a new keyword to a filter - `GET /api/v2/filter_keywords/:id` to read a particular keyword - `PUT /api/v2/filter_keywords/:id` to edit a particular keyword - `DELETE /api/v2/filter_keywords/:id` to delete a particular keyword * Change from `irreversible` boolean to `action` enum * Remove irrelevent `irreversible_must_be_within_context` check * Fix /filters/new and /filters/edit with update for filter_action * Fix Rubocop/Codeclimate complaining about task names * Refactor FeedManager#phrase_filtered? This moves regexp building and filter caching to the `CustomFilter` class. This does not change the functional behavior yet, but this changes how the cache is built, doing per-custom_filter regexps so that filters can be matched independently, while still offering caching. * Perform server-side filtering and output result in REST API * Fix numerous filters_changed events being sent when editing multiple keywords at once * Add some tests * Use the new API in the WebUI - use client-side logic for filters we have fetched rules for. This is so that filter changes can be retroactively applied without reloading the UI. - use server-side logic for filters we haven't fetched rules for yet (e.g. network error, or initial timeline loading) * Minor optimizations and refactoring * Perform server-side filtering on the streaming server * Change the wording of filter action labels * Fix issues pointed out by linter * Change design of “Show anyway” link in accordence to review comments * Drop “irreversible” filtering behavior * Move /api/v2/filter_keywords to /api/v1/filters/keywords * Rename `filter_results` attribute to `filtered` * Rename REST::LegacyFilterSerializer to REST::V1::FilterSerializer * Fix systemChannelId value in streaming server * Simplify code by removing client-side filtering code The simplifcation comes at a cost though: filters aren't retroactively applied anymore.
2022-06-23Add /api/v1/admin/domain_allows (#18668)Claire
- `GET /api/v1/admin/domain_allows` lists allowed domains - `GET /api/v1/admin/domain_allows/:id` shows one by ID - `DELETE /api/v1/admin/domain_allows/:id` deletes a given domain from the list of allowed domains - `POST /api/v1/admin/domain_allows` to allow a new domain: if that domain is already allowed, the existing DomainAllow will be returned
2022-06-23use Notification::TYPES for api push subscription alerts (#18709)tateisu
2022-06-21Fix suspicious sign-in mails never being sent (#18599)Claire
* Add tests * Fix suspicious sign-in mails never being sent
2022-06-09Add administrative webhooks (#18510)Eugen Rochko
* Add administrative webhooks * Fix error when webhook is deleted before delivery worker runs
2022-06-01Add /api/v1/admin/domain_blocks (#18247)Claire
* Add /api/v1/admin/domain_blocks Fixes #18140 - `GET /api/v1/admin/domain_blocks` lists domain blocks - `GET /api/v1/admin/domain_blocks/:id` shows one by ID - `DELETE /api/v1/admin/domain_blocks/:id` deletes a given domain block - `POST /api/v1/admin/domain_blocks` to create a new domain block: if it conflicts with an existing one, returns an error with an attribute `existing_domain_block` with the rendered domain block * Simplify conflict handling as suggested in review
2022-05-26Fix suspended users being able to access APIs that don't require a user (#18524)Eugen Rochko