about summary refs log tree commit diff
path: root/app/controllers
AgeCommit message (Collapse)Author
2019-01-07Improvements to signature verification (#9667)ThibG
* Refactor signature verification a bit * Rescue signature verification if recorded public key is invalid Fixes #8822 * Always re-fetch AP signing key when HTTP Signature verification fails But when the account is not marked as stale, avoid fetching collections and media, and avoid webfinger round-trip. * Apply stoplight to key/account update as well as initial key retrieval
2019-01-07Change remote interaction dialog to use specific actions (#9743)Eugen Rochko
* Change remote interaction dialog to use specific actions Instead of just "interact", use different strings based on whether it's a reply, reblog or favourite. Add explanation why the step is necessary in the first place * Remove obsolete strings
2019-01-07Add locale param to sign-up API (#9747)Eugen Rochko
Fix #9627
2019-01-06Add cache to custom emojis API (#9732)Eugen Rochko
Fix #9729
2019-01-05Add scheduled statuses (#9706)Eugen Rochko
Fix #340
2019-01-04Add quick links to the admin interface in the WebUI (#8545)ThibG
* Allow to show a specific status in the admin interface * Let the front-end know the current account is a moderator * Add admin links to status and account menus If the current logged-in user is an admin, add quick links to the admin interface in account and toot dropdown menu. Suggestion by @ashkitten * Use @statuses.first instead of @statuses[0]
2019-01-03Fix list of local followers showing remote followers in admin UI (#9700)Eugen Rochko
2019-01-02Merge branch 'master' into glitch-soc/merge-upstreamThibaut Girka
Conflicts manually resolved: - app/services/post_status_service.rb - config/locales/simple_form.pl.yml - config/routes.rb - config/webpack/loaders/sass.js - config/webpack/shared.js - package.json - yarn.lock
2019-01-01Add CSV export for lists and domain blocks (#9677)Eugen Rochko
Fix #6893 Fix #9268
2018-12-28Improve admin UI for account view (#9643)Eugen Rochko
2018-12-27Add local followers page to admin account UI (#9610)chr v1.x
* Add local followers page to admin account UI For moderation, I often find myself wondering who, locally, is following a remote user. Currently, to see this, I have to go back to the web UI, paste in their full handle, click their profile, and go to the "Followers" tab (plus, this information is incidental, and if mastodon ever decides to resolve all of the follower information, there will be no place local followers are shown). This PR adds a new page which is accessible via the "following" count on the admin's account view page, which shows the local followers. (It has filter parameters for account location to indicate that only local followers are shown, and leave room for expansion if mastodon ever decides to store the entire remote follow list). * Normalize en.yml
2018-12-27Add exclude_reblogs option to account statuses API (#9640)Eugen Rochko
Fix #9606
2018-12-27Redirect to reports overview instead of report after account action (#9639)Eugen Rochko
2018-12-26Fix account unsilencing and unsuspension (#9637)ThibG
Fix regression from 3c033c4352f8b156887cd7157b4a89c23a545838
2018-12-26Fix signature verification stoplight triggering on non-timeout errors (#9617)Eugen Rochko
2018-12-26Fix account unsilencing and unsuspensionThibaut Girka
Fix regression from 3c033c4352f8b156887cd7157b4a89c23a545838
2018-12-25Add error message with invalid email confirmation (#9625)Takeshi Umeda
2018-12-24Add REST API for creating an account (#9572)Eugen Rochko
* Add REST API for creating an account The method is available to apps with a token obtained via the client credentials grant. It creates a user and account records, as well as an access token for the app that initiated the request. The user is unconfirmed, and an e-mail is sent as usual. The method returns the access token, which the app should save for later. The REST API is not available to users with unconfirmed accounts, so the app must be smart to wait for the user to click a link in their e-mail inbox. The method is rate-limited by IP to 5 requests per 30 minutes. * Redirect users back to app from confirmation if they were created with an app * Add tests * Return 403 on the method if registrations are not open * Require agreement param to be true in the API when creating an account
2018-12-23Merge branch 'master' into glitch-soc/merge-upstreamThibaut Girka
Conflicts: - config/routes.rb Upstream changed some admin routes, conflict was because of an added :show action for statuses on our side. Kept it.
2018-12-23Sanitize and sandbox toot embeds (#9552)ThibG
2018-12-22Show 40 profiles per directory page instead of 30 (#9609)Eugen Rochko
To better align with the list of hashtags
2018-12-22Add moderation warnings (#9519)Eugen Rochko
* Add moderation warnings Replace individual routes for disabling, silencing, and suspending a user, as well as the report update route, with a unified account action controller that allows you to select an action (none, disable, silence, suspend) as well as whether it should generate an e-mail notification with optional custom text. That notification, with the optional custom text, is saved as a warning. Additionally, there are warning presets you can configure to save time when performing the above. * Use Account#local_username_and_domain
2018-12-20Add a per-user setting to hide followers countThibaut Girka
This is only available if the instance-wide setting isn't set and allows people to hide their own followers count. This does not hide others' to them.
2018-12-20Add admin setting to disable followers countThibaut Girka
2018-12-20Refactor followers_accounts_controllerThibaut Girka
2018-12-20Allow unauthenticated REST API access to GET /api/v1/accounts/:id/statuses ↵Eugen Rochko
(#9573) Fix #7087 The same data is available over the ActivityPub outbox, RSS, and Atom, so there is little benefit to keeping it limited in this method.
2018-12-18Merge branch 'master' into glitch-soc/merge-upstreamThibaut Girka
Conflicts: - app/controllers/admin/base_controller.rb Some refactoring made upstream, no real conflict. - app/javascript/mastodon/features/compose/components/compose_form.js Updated using upstream's code but using maxChars instead of the hardcoded length of 500 characters per toot. - app/javascript/styles/mastodon/components.scss Upstream redesigned the onboarding modal. Not sure why we had a conflict there.
2018-12-18fix CSP / X-Frame-Options for media embeds (#9558)jomo
2018-12-17Move #set_user to Admin::BaseController (#9470)ysksn
* Move #set_user to Admin::BaseController * Rename Admin::TwoFactorAuthenticationsController from `#set_user` to `#set_target_user` .
2018-12-17Remove "most popular" tab from profile directory, add responsive design (#9539)Eugen Rochko
* Remove "most popular" tab from profile directory, add responsive design * Remove unused translations
2018-12-15Merge branch 'master' into glitch-soc/merge-upstreamThibaut Girka
Conflicts: - app/controllers/directories_controller.rb - app/controllers/settings/applications_controller.rb - app/controllers/settings/base_controller.rb - app/controllers/settings/deletes_controller.rb - app/controllers/settings/exports_controller.rb - app/controllers/settings/follower_domains_controller.rb - app/controllers/settings/imports_controller.rb - app/controllers/settings/migrations_controller.rb - app/controllers/settings/notifications_controller.rb - app/controllers/settings/preferences_controller.rb - app/controllers/settings/sessions_controller.rb - app/controllers/settings/two_factor_authentication/confirmations_controller.rb - app/controllers/settings/two_factor_authentication/recovery_codes_controller.rb - app/controllers/settings/two_factor_authentications_controller.rb Conflicts were due to some refactoring already made in glitch-soc when introducing flavours.
2018-12-12Create Settings::BaseController (#9507)ysksn
Define `Settings::BaseController#set_body_classes` so that sub classes inherit `Settings::BaseController` don't need to define `#set_body_classes` agein.
2018-12-11Add admin ability to remove an user's header image (#9495)ThibG
* Fix markup in admin/accounts/:id table for avatar * Add admin ability to remove an user's header image
2018-12-11Add instance-wide setting to disable profile directory (#9497)ThibG
* Add instance-wide setting to disable profile directory Fixes #9496 When the profile directory is disabled: - The “discoverable” setting is hidden from users - The “profile directory” link is not shown on public pages - /explore returns 404 * Move Setting.profile_directory check to a before_action filter
2018-12-10Add specs for activitypub collections controller (#9484)ysksn
* Add specs for ActivityPub::CollectionsController#show * Raise ActiveRecord::RecordNotFound Raising ActiveRecord::NotFound raises NameError: uninitialized constant ActiveRecord::NotFound.
2018-12-10Remove RemoteAccountControllerConcern never used (#9482)ysksn
2018-12-10Fix Admin::TagsController#unhide (#9481)ysksn
2018-12-09Fix directory controller in glitch-socThibaut Girka
2018-12-09Merge branch 'master' into glitch-soc/merge-upstreamThibaut Girka
Conflicts: - app/javascript/packs/public.js - app/models/user.rb - config/settings.yml - db/schema.rb Moved public.js changes to settings.js.
2018-12-09Add setting to not aggregate reblogs (#9248)ThibG
* Add setting to not aggregate reblogs Fixes #9222 * Handle cases where user is nil in add_to_home and add_to_list * Add hint for setting_aggregate_reblogs option * Reword setting_aggregate_reblogs label
2018-12-06Add profile directory (#9427)Eugen Rochko
Fix #5578
2018-12-06Merge branch 'master' into glitch-soc/merge-upstreamThibaut Girka
2018-12-05Fix thread depth computation in statuses_controller (#9426)ThibG
* Add test that should currently fail * Fix depth computation (will still fail if statuses have been filtered out) * Fix handling of broken threads
2018-11-28Add backend support to read and update list-specific show_replies settingsThibaut Girka
2018-11-27Merge branch 'master' into glitch-soc/merge-upstreamThibaut Girka
Conflicts: - app/models/status.rb Resolved by taking both changes (not a real conflict, just changes too close to each other).
2018-11-26Redesign admin accounts index (#9340)Eugen Rochko
* Improve overview of accounts in admin UI - Display suspended status, role, last activity and IP prominently - Default to showing local accounts - Default to not showing suspended accounts * Remove unused strings * Fix tests * Allow filtering accounts by IP mask
2018-11-19Extract counters from accounts table to account_stats table (#9295)Eugen Rochko
2018-11-16Remove intermediary arrays when creating hash maps from results (#9291)Eugen Rochko
2018-11-13Exclude local-only toots from atom feedsThibaut Girka
2018-11-09Merge branch 'master' into glitch-soc/merge-upstreamThibaut Girka