about summary refs log tree commit diff
path: root/app/controllers
AgeCommit message (Collapse)Author
2022-08-25Merge branch 'main' into glitch-soc/merge-upstreamClaire
2022-08-25Add ability to filter individual posts (#18945)Claire
* Add database table for status-specific filters * Add REST endpoints, entities and attributes * Show status filters in /filters interface * Perform server-side filtering for individual posts filters * Fix filtering on context mismatch * Refactor `toServerSideType` by moving it to its own module * Move loupe and delete icons to their own module * Add ability to filter individual posts from WebUI * Replace keyword list by warnings (expired, context mismatch) * Refactor server-side filtering code * Add tests
2022-08-24Add ability to block sign-ups from IP (#19037)Eugen Rochko
2022-07-22Merge branch 'main' into glitch-soc/merge-upstreamClaire
2022-07-20Fix /api/v1/tags/:id route constraints (#18854)Claire
The constraint was applied prior to decoding, and rejected anything containing the '%' character, which would be used for anything with non-ASCII unicode characters.
2022-07-17Merge branch 'main' into glitch-soc/merge-upstreamClaire
- `.env.production.sample`: Our sample config file is very different from upstream since it is much more complete. Upstream added documentation for a few env variables. Copied the new variables/documentation from upstream. - `app/lib/feed_manager.rb`: Upstream added a timeline type (hashtags), while glitch-soc already had an extra one (direct messages). Not really a conflict but textually close changes. Ported upstream's changes. - `app/models/custom_emoji.rb`: Upstream upped the custom emoji size limit, while glitch-soc had configurable limits. Upped the default limits accordingly. - `streaming/index.js`: Upstream reworked how hastags were normalized. Minor conflict due to glitch-soc's handling of instance-local posts. Ported upstream's changes.
2022-07-17Add ability to follow hashtags (#18809)Eugen Rochko
2022-07-13Change how hashtags are normalized (#18795)Eugen Rochko
* Change how hashtags are normalized * Fix tests
2022-07-05Fix authorization check in domain blocks controllerClaire
2022-07-05Merge branch 'main' into glitch-soc/merge-upstreamClaire
Conflicts: - `app/controllers/admin/base_controller.rb`: Minor conflict caused by glitch-soc's theming system. - `app/javascript/mastodon/initial_state.js`: Minor conflict caused by glitch-soc making use of max_toot_chars. - `app/models/form/admin_settings.rb`: Minor conflict caused by glitch-soc's theming system. - `app/models/trends.rb`: Minor conflict caused by glitch-soc having more granular notification settings for trends. - `app/views/admin/accounts/index.html.haml`: Minor conflict caused by glitch-soc's theming system. - `app/views/admin/instances/show.html.haml`: Minor conflict caused by glitch-soc's theming system. - `app/views/layouts/application.html.haml`: Minor conflict caused by glitch-soc's theming system. - `app/views/settings/preferences/notifications/show.html.haml`: Minor conflict caused by glitch-soc having more granular notification settings for trends. - `config/navigation.rb`: Minor conflict caused by glitch-soc having additional navigation items for the theming system while upstream slightly changed every line.
2022-07-05Add customizable user roles (#18641)Eugen Rochko
* Add customizable user roles * Various fixes and improvements * Add migration for old settings and fix tootctl role management
2022-06-28Merge branch 'main' into glitch-soc/merge-upstreamClaire
Conflicts: - `.github/workflows/build-image.yml`: Fix erroneous deletion in a previous merge. - `Gemfile`: Conflict caused by glitch-soc-only hCaptcha dependency - `app/controllers/auth/sessions_controller.rb`: Minor conflict due to glitch-soc's theming system. - `app/controllers/filters_controller.rb`: Minor conflict due to glitch-soc's theming system. - `app/serializers/rest/status_serializer.rb`: Minor conflict due to glitch-soc having an extra `local_only` property
2022-06-28Revamp post filtering system (#18058)Claire
* Add model for custom filter keywords * Use CustomFilterKeyword internally Does not change the API * Fix /filters/edit and /filters/new * Add migration tests * Remove whole_word column from custom_filters (covered by custom_filter_keywords) * Redesign /filters Instead of a list, present a card that displays more information and handles multiple keywords per filter. * Redesign /filters/new and /filters/edit to add and remove keywords This adds a new gem dependency: cocoon, as well as a npm dependency: cocoon-js-vanilla. Those are used to easily populate and remove form fields from the user interface when manipulating multiple keyword filters at once. * Add /api/v2/filters to edit filter with multiple keywords Entities: - `Filter`: `id`, `title`, `filter_action` (either `hide` or `warn`), `context` `keywords` - `FilterKeyword`: `id`, `keyword`, `whole_word` API endpoits: - `GET /api/v2/filters` to list filters (including keywords) - `POST /api/v2/filters` to create a new filter `keywords_attributes` can also be passed to create keywords in one request - `GET /api/v2/filters/:id` to read a particular filter - `PUT /api/v2/filters/:id` to update a new filter `keywords_attributes` can also be passed to edit, delete or add keywords in one request - `DELETE /api/v2/filters/:id` to delete a particular filter - `GET /api/v2/filters/:id/keywords` to list keywords for a filter - `POST /api/v2/filters/:filter_id/keywords/:id` to add a new keyword to a filter - `GET /api/v2/filter_keywords/:id` to read a particular keyword - `PUT /api/v2/filter_keywords/:id` to edit a particular keyword - `DELETE /api/v2/filter_keywords/:id` to delete a particular keyword * Change from `irreversible` boolean to `action` enum * Remove irrelevent `irreversible_must_be_within_context` check * Fix /filters/new and /filters/edit with update for filter_action * Fix Rubocop/Codeclimate complaining about task names * Refactor FeedManager#phrase_filtered? This moves regexp building and filter caching to the `CustomFilter` class. This does not change the functional behavior yet, but this changes how the cache is built, doing per-custom_filter regexps so that filters can be matched independently, while still offering caching. * Perform server-side filtering and output result in REST API * Fix numerous filters_changed events being sent when editing multiple keywords at once * Add some tests * Use the new API in the WebUI - use client-side logic for filters we have fetched rules for. This is so that filter changes can be retroactively applied without reloading the UI. - use server-side logic for filters we haven't fetched rules for yet (e.g. network error, or initial timeline loading) * Minor optimizations and refactoring * Perform server-side filtering on the streaming server * Change the wording of filter action labels * Fix issues pointed out by linter * Change design of “Show anyway” link in accordence to review comments * Drop “irreversible” filtering behavior * Move /api/v2/filter_keywords to /api/v1/filters/keywords * Rename `filter_results` attribute to `filtered` * Rename REST::LegacyFilterSerializer to REST::V1::FilterSerializer * Fix systemChannelId value in streaming server * Simplify code by removing client-side filtering code The simplifcation comes at a cost though: filters aren't retroactively applied anymore.
2022-06-23Add /api/v1/admin/domain_allows (#18668)Claire
- `GET /api/v1/admin/domain_allows` lists allowed domains - `GET /api/v1/admin/domain_allows/:id` shows one by ID - `DELETE /api/v1/admin/domain_allows/:id` deletes a given domain from the list of allowed domains - `POST /api/v1/admin/domain_allows` to allow a new domain: if that domain is already allowed, the existing DomainAllow will be returned
2022-06-23use Notification::TYPES for api push subscription alerts (#18709)tateisu
2022-06-21Fix suspicious sign-in mails never being sent (#18599)Claire
* Add tests * Fix suspicious sign-in mails never being sent
2022-06-10Merge branch 'main' into glitch-soc/merge-upstreamClaire
2022-06-09Add administrative webhooks (#18510)Eugen Rochko
* Add administrative webhooks * Fix error when webhook is deleted before delivery worker runs
2022-06-02Merge branch 'main' into glitch-soc/merge-upstreamClaire
Conflicts: - `app/javascript/styles/fonts/montserrat.scss`: Code style changes upstream, path changes in glitch-soc. Applied upstream's code style changes. - `app/javascript/styles/fonts/roboto-mono.scss`: Code style changes upstream, path changes in glitch-soc. Applied upstream's code style changes. - `app/javascript/styles/fonts/roboto.scss`: Code style changes upstream, path changes in glitch-soc. Applied upstream's code style changes. - `app/models/account.rb`: Textual conflict only caused by glitch-soc using a different value for character limits in a nearby line. Applied upstream's changes. - `app/views/statuses/_simple_status.html.haml`: Attribute added to a tag modified by glitch-soc. Added upstream's attributes. - `yarn.lock`: Upstream added/updated dependencies close to glitch-soc-only ones. Updated/added upstream dependencies.
2022-06-01Add /api/v1/admin/domain_blocks (#18247)Claire
* Add /api/v1/admin/domain_blocks Fixes #18140 - `GET /api/v1/admin/domain_blocks` lists domain blocks - `GET /api/v1/admin/domain_blocks/:id` shows one by ID - `DELETE /api/v1/admin/domain_blocks/:id` deletes a given domain block - `POST /api/v1/admin/domain_blocks` to create a new domain block: if it conflicts with an existing one, returns an error with an attribute `existing_domain_block` with the rendered domain block * Simplify conflict handling as suggested in review
2022-05-27Fix incorrect permission check for notifications destroy/dismiss endpoints ↵Claire
(#1787)
2022-05-26Merge branch 'main' into glitch-soc/merge-upstreamClaire
2022-05-26Fix suspended users being able to access APIs that don't require a user (#18524)Eugen Rochko
2022-05-26Fix confirmation redirect to app without `Location` header (#18523)Eugen Rochko
2022-05-26Merge branch 'main' into glitch-soc/merge-upstreamClaire
2022-05-26Change unapproved and unconfirmed account to not be accessible in the REST ↵Claire
API (#17530) * Change unapproved and unconfirmed account to not be accessible in the REST API * Change Account#searchable? to reject unconfirmed and unapproved users * Disable search for unapproved and unconfirmed users in Account.search_for * Disable search for unapproved and unconfirmed users in Account.advanced_search_for * Remove unconfirmed and unapproved accounts from Account.searchable scope * Prevent mentions to unapproved/unconfirmed accounts * Fix some old tests for Account.advanced_search_for * Add some Account.advanced_search_for tests for existing behaviors * Add some tests for Account.search_for * Add Account.advanced_search_for tests unconfirmed and unapproved accounts * Add Account.searchable tests * Fix Account.without_unapproved scope potentially messing with previously-applied scopes * Allow lookup of unconfirmed/unapproved accounts through /api/v1/accounts/lookup This is so that the API can still be used to check whether an username is free to use.
2022-05-16Add confirmation page when importing blocked domains (#1773)Claire
* Move glitch-soc-specific strings to glitch-soc-specific locale files * Add confirmation page when importing blocked domains
2022-05-16Merge branch 'main' into glitch-soc/merge-upstreamClaire
Conflicts: - `app/services/remove_status_service.rb`: Conflict due to glitch-soc having extra code for a proper direct visibility timeline, in a part of the code upstream refactored. Restored glitch-soc's extra code in the refactored bit.
2022-05-16Allow import/export of instance-level domain blocks/allows (#1754)Levi Bard
* Allow import/export of instance-level domain blocks/allows. Fixes #15095 * Pacify circleci * Address simple code review feedback * Add headers to exported CSV * Extract common import/export functionality to AdminExportControllerConcern * Add additional fields to instance-blocked domain export * Address review feedback * Split instance domain block/allow import/export into separate pages/controllers * Address code review feedback * Pacify DeepSource * Work around Paperclip::HasAttachmentFile for Rails 6 * Fix deprecated API warning in export tests * Remove after_commit workaround
2022-05-13Refactor how Redis locks are created (#18400)Eugen Rochko
* Refactor how Redis locks are created * Fix autorelease duration on account deletion lock
2022-05-11Merge branch 'main' into glitch-soc/merge-upstreamClaire
Conflicts: - `package.json`: Not really a conflict, upstream updated a dependency textually adjacent to a glitch-soc-only one. Updated the dependency as upstream did.
2022-05-09Change RSS feeds (#18356)Eugen Rochko
* Change RSS feeds - Use date and time for titles instead of ellipsized text - Use full content in body, even when there is a content warning - Use media extensions * Change feed icons and add width and height attributes to custom emojis * Fix custom emoji animate on hover breaking * Fix tests
2022-05-03Merge branch 'main' into glitch-soc/merge-upstreamClaire
Conflicts: - `package.json`: Not really a conflict, upstream updated a dependency textually adjacent to a glitch-soc-only one. Updated the dependency as upstream did.
2022-05-02Fix error when looking handle with surrounding spaces (#18225)Claire
2022-05-01Merge branch 'main' into glitch-soc/merge-upstreamClaire
Conflicts: - `app/javascript/packs/admin.js`: Conflicts due to glitch-soc's theming system. Upstream changes have been ported to `app/javascript/core/admin.js` - `app/models/trends/statuses.rb`: Minor conflict due to glitch-soc's option to allow CWed toots in trends. Ported upstream changes.
2022-05-01Fix double render error when authorizing interaction (#18203)Eugen Rochko
2022-05-01Fix error when trying to revoke OAuth token without supplying a token (#18205)Eugen Rochko
2022-04-28Merge branch 'main' into glitch-soc/merge-upstreamClaire
2022-04-28Fix 500 error when a bookmark or favorite has been reported and deleted (#18174)Claire
2022-04-28Merge branch 'main' into glitch-soc/merge-upstreamClaire
2022-04-28Fix single Redis connection being used across all threads (#18135)Eugen Rochko
* Fix single Redis connection being used across all Sidekiq threads * Fix tests
2022-04-08Merge branch 'main' into glitch-soc/merge-upstreamClaire
2022-04-08Fix error resposes for `from` search prefix (#17963)0x2019
* Fix error responses in `from` search prefix (addresses mastodon/mastodon#17941) Using unsupported prefixes now reports a 422; searching for posts from an account the instance is not aware of reports a 404. TODO: The UI for this on the front end is abysmal. Searching `from:username@domain` now succeeds when `domain` is the local domain; searching `from:@username(@domain)?` now works as expected. * Remove unused methods on new Error classes as they are not being used Currently when `raise`d there are error messages being supplied, but this is not actually being used. The associated `raise`s have been edited accordingly. * Remove needless comments * Satisfy rubocop * Try fixing tests being unable to find AccountFindingConcern methods * Satisfy rubocop * Simplify `from` prefix logic This incorporates @ClearlyClaire's suggestion (see https://github.com/mastodon/mastodon/pull/17963#pullrequestreview-933986737). Accepctable account strings in `from:` clauses are more lenient than before this commit; for example, `from:@user@example.org@asnteo +cat` will not error, and return posts by @user@example.org containing the word "cat". This is more consistent with how Mastodon matches mentions in statuses. In addition, `from` clauses will not be checked for syntatically invalid usernames or domain names, simply 404ing when `Account.find_remote!` raises ActiveRecord::NotFound. New code for this PR that is no longer used has been removed.
2022-04-08Merge branch 'main' into glitch-soc/merge-upstreamClaire
Conflicts: - `Gemfile.lock`: Not a real conflict, just an upstream dependency udpated textually too close to a glitch-soc-only dependency. Updated dependencies like upstream. - `app/controllers/settings/preferences_controller.rb`: Upstream added settings where we had extra glitch-soc-specific settings. Added upstream's new settings. - `app/models/user.rb`: Upstream added settings where we had extra glitch-soc-specific settings. Added upstream's new settings. - `config/i18n-tasks.yml`: Not a real conflict, just a new upstream line too textually close to a glitch-soc-only line. Ported upstream's change.
2022-04-08Fix extremely rare race condition when deleting a toot or account (#17994)Claire
2022-04-08Change e-mail notifications to only be sent when recipient is offline (#17984)Eugen Rochko
* Change e-mail notifications to only be sent when recipient is offline Change the default for follow and mention notifications back on * Add preference to always send e-mail notifications * Change wording
2022-04-07Fix pagination header on empty trends responses in REST API (#17986)Eugen Rochko
2022-04-06Merge branch 'main' into glitch-soc/merge-upstreamClaire
Conflicts: - `app/controllers/concerns/sign_in_token_authentication_concern.rb`: Upstream removed this file, while glitch-soc had changes to deal with its theming system. Removed the file like upstream did.
2022-04-06Remove sign-in token authentication, instead send e-mail about new sign-in ↵Eugen Rochko
(#17970)
2022-04-06Fix admin API unconditionally requiring CSRF token (#17975)Claire
Fixes #17898 Since #17204, the admin API has only been available through the web application because of the unconditional requirement to provide a valid CSRF token. This commit changes it back to `null_session`, which should make it work both with session-based authentication (provided a CSRF token) and with a bearer token.