about summary refs log tree commit diff
path: root/app/controllers
AgeCommit message (Collapse)Author
2023-01-18Merge branch 'main' into glitch-soc/merge-upstreamClaire
Conflicts: - `config/i18n-tasks.yml`: Upstream added new ignored strings, glitch-soc has extra ignored strings because of the theming system. Added upstream's changes.
2023-01-18Add more specific error messages to HTTP signature verification (#21617)Claire
* Return specific error on failure to parse Date header * Add error message when preferredUsername is not set * Change error report to be JSON and include more details * Change error report to differentiate unknown account and failed refresh * Add tests
2023-01-18Add confirmation screen when handling reports (#22375)Claire
* Add confirmation screen on moderation actions * Add flash notice when a report has been processed * Refactor tests * Add tests
2023-01-18Add support for editing media description and focus point of already-posted ↵Claire
statuses (#20878) * Add backend support for editing media attachments of existing posts * Allow editing media attachments of already-posted toots * Add tests
2023-01-18Fix /api/v1/admin/trends/tags using wrong serializer (#18943)Claire
* Fix /api/v1/admin/trends/tags using wrong serializer Fix regression from #18641 * Only use `REST::Admin::TagSerializer` when the user can `manage_taxonomies` * Fix admin trending hashtag component to not link if `id` is unknown
2023-01-18Change domain block CSV parsing to be more robust and handle more lists (#21470)Claire
* Change domain block CSV parsing to be more robust and handle more lists * Add some tests * Improve domain block import validation and reporting
2023-01-14Merge branch 'main' into glitch-soc/merge-upstreamClaire
Conflicts: - `app/views/layouts/mailer.html.haml`: Upstream removed a line close to one modified by glitch-soc. Removed the line as upstream did.
2023-01-13Allow changing hide_collections setting with the api (#22790)Carl Schwan
* Allow changing hide_collections setting with the api This is currently only possible with app/controllers/settings/profiles_controller.rb and is the only difference in the allowed parameter between the two controllers * Fix the lint issue * Use normal indent
2023-01-10Merge branch 'main' into glitch-soc/merge-upstreamClaire
Conflicts: - `config/environments/production.rb`: Upstream changed headers, and we have different ones. Ported upstream's change.
2023-01-10Change referrer-policy to no-referrer application-wide (#23014)Claire
2023-01-05Merge branch 'main' into glitch-soc/merge-upstreamClaire
Conflicts: - `README.md`: Upstream updated its README, while we have a completely different one. Kept our README. - `app/controllers/concerns/web_app_controller_concern.rb`: Conflict because of glitch-soc's theming system. Additionally, glitch-soc has different behavior regarding moved accounts. Ported some of the changes, but kept our overall behavior. - `app/javascript/packs/admin.js`: Code changes actually applied to `app/javascript/core/admin.js`
2023-01-05Add dropdown menu item to open admin interface for remote domains (#21895)Claire
* Allow /admin/instances/:domain to handle IDNs * Add dropdown menu item to open admin interface for remote domains
2023-01-05Fix PermalinkRedirector not applying to users with moved accounts (#22497)Claire
Fixes #22262
2022-12-15Merge branch 'main' into glitch-soc/merge-upstreamClaire
Conflicts: - `README.md`: Discarded upstream changes: we have our own README - `app/controllers/follower_accounts_controller.rb`: Port upstream's minor refactoring
2022-12-15Fix changing domain block severity not undoing individual account effects ↵Claire
(#22135) * Fix changing domain block severity not undoing individual account effects Fixes #22133 * Add tests
2022-12-15Fix single name variables on controller folder (#20092)David Vega
Co-authored-by: petrokoriakin1 <116151189+petrokoriakin1@users.noreply.github.com> Co-authored-by: petrokoriakin1 <116151189+petrokoriakin1@users.noreply.github.com> Co-authored-by: Effy Elden <effy@effy.space>
2022-12-15Change CSP directives on API to be tight and concise (#20960)Claire
2022-12-15Fix N+1 queries from in NotificationsController (#21202)nametoolong
Co-authored-by: Nonexistent <nx@example.org>
2022-12-15Allow adding relays while secure mode & limited federation mode are enabled ↵Effy Elden
(#22324)
2022-12-15Revoke all authorized applications on password reset (#21325)Francis Murillo
* Clear sessions on password change * Rename User::clear_sessions to revoke_access for a clearer meaning * Add reset paassword controller test * Use User.find instead of User.find_for_authentication for reset password test * Use redirect and render for better test meaning in reset password Co-authored-by: Effy Elden <effy@effy.space>
2022-12-07Merge branch 'main' into glitch-soc/merge-upstreamClaire
Conflicts: - `app/models/concerns/domain_materializable.rb`: Fixed a code style issue upstream in a PR that got merged in glitch-soc earlier. Changed the code to match upstream's.
2022-12-07Log admin approve and reject account (#22088)Francis Murillo
* Log admin approve and reject account * Add unit tests for approve and reject logging
2022-12-07Fix irreversible and whole_word parameters handling in /api/v1/filters (#21988)Claire
Fixes #21965
2022-12-01Merge branch 'main' into glitch-soc/merge-upstreamClaire
2022-12-01Fix some performance issues with /admin/instances (#21907)Claire
/admin/instances?availability=failing remains wholly unefficient
2022-11-22Merge branch 'main' into glitch-soc/merge-upstreamClaire
2022-11-21Fix not being able to follow more than one hashtag (#21285)Claire
Fixes regression from #20860
2022-11-18Merge branch 'main' into glitch-soc/merge-upstreamClaire
2022-11-17Fix form-action CSP directive for external login (#20962)Claire
2022-11-17Merge branch 'main' into glitch-soc/merge-upstreamClaire
2022-11-17Fix OAuth flow being broken by recent CSP change (#20958)Claire
2022-11-17Merge branch 'main' into glitch-soc/merge-upstreamClaire
Conflicts: - `.github/workflows/build-image.yml`: Upstream changed how docker images were built, including how they were cached. I don't know much about it, so applied upstream's changes. - `app/controllers/admin/domain_blocks_controller.rb`: The feature, that was in glitch-soc, got backported upstream. It also had a few fixes upstream, so those have been ported! - `app/javascript/packs/admin.js`: Glitch-soc changes have been backported upstream. As a result, some code from `app/javascript/core/admin.js` got added upstream. Kept our version since our shared Javascript already has that feature. - `app/models/user.rb`: Upstream added something to distinguish unusable and unusable-because-moved accounts, while glitch-soc considers moved accounts usable. Took upstream's code for `functional_or_moved?` and made `functional?` call it. - `app/views/statuses/_simple_status.html.haml`: Upstream cleaned up code style a bit, on a line that we had custom changes for. Applied upstream's change while keeping our change. - `config/initializers/content_security_policy.rb`: Upstream adopted one CSP directive we already had. The conflict is because of our files being structurally different, but the change itself was already part of glitch-soc. Kept our version.
2022-11-17Fix various issues with domain block import (#1944)Claire
- stop using Paperclip for processing domain allow/block imports - stop leaving temporary files - better error handling - assume CSV files are UTF-8-encoded
2022-11-17Support for import/export of instance-level domain blocks/allows for 4.x w/ ↵lenore gilbert
additional fixes (#20597) * Allow import/export of instance-level domain blocks/allows (#1754) * Allow import/export of instance-level domain blocks/allows. Fixes #15095 * Pacify circleci * Address simple code review feedback * Add headers to exported CSV * Extract common import/export functionality to AdminExportControllerConcern * Add additional fields to instance-blocked domain export * Address review feedback * Split instance domain block/allow import/export into separate pages/controllers * Address code review feedback * Pacify DeepSource * Work around Paperclip::HasAttachmentFile for Rails 6 * Fix deprecated API warning in export tests * Remove after_commit workaround (cherry picked from commit 94e98864e39c010635e839fea984f2b4893bef1a) * Add confirmation page when importing blocked domains (#1773) * Move glitch-soc-specific strings to glitch-soc-specific locale files * Add confirmation page when importing blocked domains (cherry picked from commit b91196f4b73fff91997b8077619ae25b6d04a59e) * Fix authorization check in domain blocks controller (cherry picked from commit 75279377583c6e2aa04cc8d7380c593979630b38) * Fix error strings for domain blocks and email-domain blocks Corrected issue with non-error message used for Mastodon:NotPermittedError in Domain Blocks Corrected issue Domain Blocks using the Email Domain Blocks message on ActionContoller::ParameterMissing Corrected issue with Email Domain Blocks using the not_permitted string from "custom emojii's" * Ran i18n-tasks normalize to address test failure * Removed unused admin.export_domain_blocks.not_permitted string Removing unused string as indicated by Check i18n * Fix tests (cherry picked from commit 9094c2f52c24e1c00b594e7c11cd00e4a07eb431) * Fix domain block export not exporting blocks with only media rejection (cherry picked from commit 26ff48ee48a5c03a2a4b0bd03fd322529e6bd960) * Fix various issues with domain block import - stop using Paperclip for processing domain allow/block imports - stop leaving temporary files - better error handling - assume CSV files are UTF-8-encoded (cherry picked from commit cad824d8f501b95377e4f0a957e5a00d517a1902) Co-authored-by: Levi Bard <taktaktaktaktaktaktaktaktaktak@gmail.com> Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2022-11-17Fix invalid/empty RSS feed link on account pages (#20772)Claire
Fixes #20770
2022-11-17Make tag following idempotent (#20860)trwnh
2022-11-17Change automatic post deletion configuration to be accessible to redirected ↵Claire
users (#20774) Fixes #20550
2022-11-17Fix pagination of followed tags (#20861)trwnh
* Fix missing pagination headers on followed tags * Fix typo
2022-11-16Merge branch 'main' into glitch-soc/merge-upstreamClaire
Conflicts: - `config/initializers/content_security_policy.rb`: Our config file is pretty different from upstream. Upstream changed CSP directive `script-src` to include `wasm-unsafe-eval` instead of `unsafe-eval`, which we did not include. Added `wasm-unsafe-eval` to `script-src` to fix execution of the OCR web worker. - `package.json`: Upstream updated a dependency (`array-includes`) textually adjacent to a glitch-soc-only dependency (`atrament`). Updated `array-includes` as upstream did.
2022-11-16Add 'private' to Cache-Control, match Rails expectations (#20608)Daniel Axtens
Several controlers set quite intricate Cache-Control headers in order to hopefully not be cached by any intermediate proxies or local caches. Unfortunately, these headers are processed by ActionDispatch::HTTP::Cache in a way that squashes and discards any values set alongside no-store other than private: https://github.com/rails/rails/blob/8015c2c2cf5c8718449677570f372ceb01318a32/actionpack/lib/action_dispatch/http/cache.rb#L207-L209 We want to preserve no-store on these responses, but we might as well remove parts that are going to be dropped anyway. As many of the endpoints in these controllers are private to a particular user, we should also add "private", which will be preserved alongside no-store.
2022-11-14Merge branch 'main' into glitch-soc/merge-upstreamClaire
Conflicts: - `app/views/admin/announcements/edit.html.haml`: Upstream change too close to theming-related glitch-soc change. Ported upstream changes. - `app/views/admin/announcements/new.html.haml` Upstream change too close to theming-related glitch-soc change. Ported upstream changes.
2022-11-14Move V2 Filter methods under /api/v2 prefix (#20622)trwnh
* Move V2 Filter methods under /api/v2 prefix * move over the tests too
2022-11-14Fix error when passing unknown filter param in REST API (#20626)Eugen Rochko
Fix #19156
2022-11-14Fix `role_ids` not accepting arrays in admin API (#20625)Eugen Rochko
Fix #19157
2022-11-12Merge branch 'main' into glitch-soc/merge-upstreamClaire
Conflicts: - `app/models/account.rb`: Conflict because we (glitch-soc) have disabled trending of posts without review. Discarded that upstream change. - `app/views/admin/settings/discovery/show.html.haml`: Just an extra setting in glitch-soc. Kept that extra setting.
2022-11-12Add back missing glitch-soc admin settings (#1919)Claire
Fixes #1890
2022-11-10Remove dead code and refactor status threading code (#20357)Claire
* Remove dead code * Remove unneeded/broken parameters and refactor descendant computation
2022-11-10Change logged out /api/v1/statuses/:id/context logged out limits (#20355)Claire
2022-11-10Merge branch 'main' into glitch-soc/merge-upstreamClaire
Conflicts: - `app/models/custom_emoji.rb`: Not a real conflict, just upstream changing a line too close to a glitch-soc-specific validation. Applied upstream changes. - `app/models/public_feed.rb`: Not a real conflict, just upstream changing a line too close to a glitch-soc-specific parameter documentation. Applied upstream changes.
2022-11-10Improve performance by avoiding regex construction (#20215)James Tucker
```ruby 10.times { p /#{FOO}/.object_id } 10.times { p FOO_RE.object_id } ```