about summary refs log tree commit diff
path: root/app/controllers
AgeCommit message (Collapse)Author
2023-03-16Replace `Status#translatable?` with language matrix in separate endpoint ↵Christian Schmidt
(#24037)
2023-03-16Autofix Rubocop Style/RedundantArgument (#23798)Nick Schonning
2023-03-15Fix misleading error code when receiving invalid WebAuthn credentials (#23568)Claire
2023-03-15Redirect users to SLO at the IdP after logging them out of Mastodon. (#24020)CSDUMMI
2023-03-13Prefer the stored location as after_sign_in_path in Omniauth Callback ↵CSDUMMI
Controller (#24073)
2023-03-03Fix server error when failing to follow back followers from `/relationships` ↵Claire
(#23787)
2023-03-03Fix “Remove all followers from the selected domains” being more ↵Claire
destructive than it claims (#23805)
2023-02-21Autofix Rubocop Rails/FindById (#23762)Nick Schonning
2023-02-20Autofix Rubocop remaining Layout rules (#23679)Nick Schonning
2023-02-20Enable Rubocop HTTP status rules (#23717)Nick Schonning
2023-02-19Autofix Rubocop Style/RedundantBegin (#23703)Nick Schonning
2023-02-18Autofix Rubocop Style/TrailingCommaInArguments (#23694)Nick Schonning
2023-02-18Autofix Rubocop Style/IfUnlessModifier (#23697)Nick Schonning
2023-02-18Autofix Rubocop Lint/AmbiguousOperatorPrecedence (#23681)Nick Schonning
2023-02-13Add API parameter to safeguard unexpect mentions in new posts (#18350)Claire
2023-02-08Remove posts count and last posts from ActivityPub representation of hashtag ↵Claire
collections (#23460)
2023-02-08Apply Rubocop Style/NegatedIfElseCondition (#23451)Nick Schonning
2023-02-08Apply Rubocop Performance/RedundantSplitRegexpArgument (#23443)Nick Schonning
* Apply Rubocop Performance/RedundantSplitRegexpArgument * Update app/controllers/concerns/signature_verification.rb
2023-02-02Change `POST /settings/applications/:id` to regenerate token on scopes ↵Claire
change (#23359) Fixes #23096
2023-02-01Change notifications per page from 15 to 40 in REST API (#23348)Eugen Rochko
2023-01-18Add more specific error messages to HTTP signature verification (#21617)Claire
* Return specific error on failure to parse Date header * Add error message when preferredUsername is not set * Change error report to be JSON and include more details * Change error report to differentiate unknown account and failed refresh * Add tests
2023-01-18Add confirmation screen when handling reports (#22375)Claire
* Add confirmation screen on moderation actions * Add flash notice when a report has been processed * Refactor tests * Add tests
2023-01-18Add support for editing media description and focus point of already-posted ↵Claire
statuses (#20878) * Add backend support for editing media attachments of existing posts * Allow editing media attachments of already-posted toots * Add tests
2023-01-18Fix /api/v1/admin/trends/tags using wrong serializer (#18943)Claire
* Fix /api/v1/admin/trends/tags using wrong serializer Fix regression from #18641 * Only use `REST::Admin::TagSerializer` when the user can `manage_taxonomies` * Fix admin trending hashtag component to not link if `id` is unknown
2023-01-18Change domain block CSV parsing to be more robust and handle more lists (#21470)Claire
* Change domain block CSV parsing to be more robust and handle more lists * Add some tests * Improve domain block import validation and reporting
2023-01-13Allow changing hide_collections setting with the api (#22790)Carl Schwan
* Allow changing hide_collections setting with the api This is currently only possible with app/controllers/settings/profiles_controller.rb and is the only difference in the allowed parameter between the two controllers * Fix the lint issue * Use normal indent
2023-01-10Change referrer-policy to no-referrer application-wide (#23014)Claire
2023-01-05Add dropdown menu item to open admin interface for remote domains (#21895)Claire
* Allow /admin/instances/:domain to handle IDNs * Add dropdown menu item to open admin interface for remote domains
2023-01-05Fix PermalinkRedirector not applying to users with moved accounts (#22497)Claire
Fixes #22262
2022-12-15Fix changing domain block severity not undoing individual account effects ↵Claire
(#22135) * Fix changing domain block severity not undoing individual account effects Fixes #22133 * Add tests
2022-12-15Fix single name variables on controller folder (#20092)David Vega
Co-authored-by: petrokoriakin1 <116151189+petrokoriakin1@users.noreply.github.com> Co-authored-by: petrokoriakin1 <116151189+petrokoriakin1@users.noreply.github.com> Co-authored-by: Effy Elden <effy@effy.space>
2022-12-15Change CSP directives on API to be tight and concise (#20960)Claire
2022-12-15Fix N+1 queries from in NotificationsController (#21202)nametoolong
Co-authored-by: Nonexistent <nx@example.org>
2022-12-15Allow adding relays while secure mode & limited federation mode are enabled ↵Effy Elden
(#22324)
2022-12-15Revoke all authorized applications on password reset (#21325)Francis Murillo
* Clear sessions on password change * Rename User::clear_sessions to revoke_access for a clearer meaning * Add reset paassword controller test * Use User.find instead of User.find_for_authentication for reset password test * Use redirect and render for better test meaning in reset password Co-authored-by: Effy Elden <effy@effy.space>
2022-12-07Log admin approve and reject account (#22088)Francis Murillo
* Log admin approve and reject account * Add unit tests for approve and reject logging
2022-12-07Fix irreversible and whole_word parameters handling in /api/v1/filters (#21988)Claire
Fixes #21965
2022-12-01Fix some performance issues with /admin/instances (#21907)Claire
/admin/instances?availability=failing remains wholly unefficient
2022-11-21Fix not being able to follow more than one hashtag (#21285)Claire
Fixes regression from #20860
2022-11-17Fix form-action CSP directive for external login (#20962)Claire
2022-11-17Fix OAuth flow being broken by recent CSP change (#20958)Claire
2022-11-17Support for import/export of instance-level domain blocks/allows for 4.x w/ ↵lenore gilbert
additional fixes (#20597) * Allow import/export of instance-level domain blocks/allows (#1754) * Allow import/export of instance-level domain blocks/allows. Fixes #15095 * Pacify circleci * Address simple code review feedback * Add headers to exported CSV * Extract common import/export functionality to AdminExportControllerConcern * Add additional fields to instance-blocked domain export * Address review feedback * Split instance domain block/allow import/export into separate pages/controllers * Address code review feedback * Pacify DeepSource * Work around Paperclip::HasAttachmentFile for Rails 6 * Fix deprecated API warning in export tests * Remove after_commit workaround (cherry picked from commit 94e98864e39c010635e839fea984f2b4893bef1a) * Add confirmation page when importing blocked domains (#1773) * Move glitch-soc-specific strings to glitch-soc-specific locale files * Add confirmation page when importing blocked domains (cherry picked from commit b91196f4b73fff91997b8077619ae25b6d04a59e) * Fix authorization check in domain blocks controller (cherry picked from commit 75279377583c6e2aa04cc8d7380c593979630b38) * Fix error strings for domain blocks and email-domain blocks Corrected issue with non-error message used for Mastodon:NotPermittedError in Domain Blocks Corrected issue Domain Blocks using the Email Domain Blocks message on ActionContoller::ParameterMissing Corrected issue with Email Domain Blocks using the not_permitted string from "custom emojii's" * Ran i18n-tasks normalize to address test failure * Removed unused admin.export_domain_blocks.not_permitted string Removing unused string as indicated by Check i18n * Fix tests (cherry picked from commit 9094c2f52c24e1c00b594e7c11cd00e4a07eb431) * Fix domain block export not exporting blocks with only media rejection (cherry picked from commit 26ff48ee48a5c03a2a4b0bd03fd322529e6bd960) * Fix various issues with domain block import - stop using Paperclip for processing domain allow/block imports - stop leaving temporary files - better error handling - assume CSV files are UTF-8-encoded (cherry picked from commit cad824d8f501b95377e4f0a957e5a00d517a1902) Co-authored-by: Levi Bard <taktaktaktaktaktaktaktaktaktak@gmail.com> Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2022-11-17Fix invalid/empty RSS feed link on account pages (#20772)Claire
Fixes #20770
2022-11-17Make tag following idempotent (#20860)trwnh
2022-11-17Change automatic post deletion configuration to be accessible to redirected ↵Claire
users (#20774) Fixes #20550
2022-11-17Fix pagination of followed tags (#20861)trwnh
* Fix missing pagination headers on followed tags * Fix typo
2022-11-16Add 'private' to Cache-Control, match Rails expectations (#20608)Daniel Axtens
Several controlers set quite intricate Cache-Control headers in order to hopefully not be cached by any intermediate proxies or local caches. Unfortunately, these headers are processed by ActionDispatch::HTTP::Cache in a way that squashes and discards any values set alongside no-store other than private: https://github.com/rails/rails/blob/8015c2c2cf5c8718449677570f372ceb01318a32/actionpack/lib/action_dispatch/http/cache.rb#L207-L209 We want to preserve no-store on these responses, but we might as well remove parts that are going to be dropped anyway. As many of the endpoints in these controllers are private to a particular user, we should also add "private", which will be preserved alongside no-store.
2022-11-14Move V2 Filter methods under /api/v2 prefix (#20622)trwnh
* Move V2 Filter methods under /api/v2 prefix * move over the tests too
2022-11-14Fix error when passing unknown filter param in REST API (#20626)Eugen Rochko
Fix #19156
2022-11-14Fix `role_ids` not accepting arrays in admin API (#20625)Eugen Rochko
Fix #19157