about summary refs log tree commit diff
path: root/app/controllers
AgeCommit message (Collapse)Author
2018-02-23New variable OAUTH_REDIRECT_AT_SIGN_IN + Ref #6538 (not only SAML ↵Ghislain Loaec
strategies) (#6540)
2018-02-22Redesign landing page (again) (#6486)Eugen Rochko
* Redesign landing page (again) * Move login form in small version to the right column * Display closed registrations message * Add site setting for the hero image * Fix test * Increase spacing, maximum width, change call to action section
2018-02-22Fix #6526: Only store redirect location if not in JSON format (#6528)Eugen Rochko
2018-02-22Focal points (#6520)Eugen Rochko
* Add focus param to media API, center thumbnails on focus point * Add UI for setting a focal point * Improve focal point icon on upload item * Use focal point in upload preview * Add focalPoint property to ActivityPub * Don't show focal point button for non-image attachments
2018-02-21Fix bug in relationships API introduced by #6482 (#6527)Eugen Rochko
It was merge when it needed to be deep_merge. And added some tests
2018-02-21Account archive download (#6460)Eugen Rochko
* Fix #201: Account archive download * Export actor and private key in the archive * Optimize BackupService - Add conversation to cached associations of status, because somehow it was forgotten and is source of N+1 queries - Explicitly call GC between batches of records being fetched (Model class allocations are the worst offender) - Stream media files into the tar in 1MB chunks (Do not allocate media file (up to 8MB) as string into memory) - Use #bytesize instead of #size to calculate file size for JSON (Fix FileOverflow error) - Segment media into subfolders by status ID because apparently GIF-to-MP4 media are all named "media.mp4" for some reason * Keep uniquely generated filename in Paperclip::GifTranscoder * Ensure dumped files do not overwrite each other by maintaing directory partitions * Give tar archives a good name * Add scheduler to remove week-old backups * Fix code style issue
2018-02-19Merge remote-tracking branch 'tootsuite/master' into glitchsoc/masterJenkins
2018-02-18add parameter locked to /api/v1/update_credentials (#6506)Konrad Pozniak
2018-02-17Merge remote-tracking branch 'tootsuite/master' into merge-upstreamDavid Yip
Conflicts: Gemfile config/locales/simple_form.pl.yml
2018-02-16Save video metadata and improve video OpenGraph tags (#6481)Eugen Rochko
* Save metadata from video attachments, put correct dimensions into OG tags * Add twitter:player for videos * Fix code style and test
2018-02-09Merge remote-tracking branch 'origin/master' into merge-upstreamDavid Yip
Conflicts: .travis.yml app/lib/user_settings_decorator.rb app/models/user.rb app/serializers/initial_state_serializer.rb app/views/stream_entries/_detailed_status.html.haml app/views/stream_entries/_simple_status.html.haml config/locales/simple_form.en.yml
2018-02-09Add preference to always display sensitive media (#6448)Eugen Rochko
2018-02-08Merge remote-tracking branch 'tootsuite/master' into glitchsoc/masterJenkins
2018-02-08Fix response of signature_verification_failure_reason (#6441)abcang
2018-02-04Merge remote-tracking branch 'origin/master' into merge-upstreamDavid Yip
Conflicts: .env.production.sample app/controllers/auth/confirmations_controller.rb db/schema.rb
2018-02-04Exclude nil from relationships array (#6427)abcang
2018-02-04Add option to show only local toots in timeline preview (#6292)Renato "Lond" Cerqueira
* Add option to show only local toots in timeline preview Right know, toots from all the known fediverse are shown in the main page of an instance. That however doesn't reflect the instance itself. With this option the admin may choose to display only local toots so that users checking the instance get a better idea of internal conversations. * Fix issues pointed by codeclimate and eslint * Add default message for community timeline * Update pl.yml
2018-02-04CAS + SAML authentication feature (#6425)Eugen Rochko
* Cas authentication feature * Config * Remove class_eval + Omniauth initializer * Codeclimate review * Codeclimate review 2 * Codeclimate review 3 * Remove uid/email reconciliation * SAML authentication * Clean up code * Improve login form * Fix code style issues * Add locales
2018-02-02Merge remote-tracking branch 'tootsuite/master' into merge-upstreamDavid Yip
Conflicts: app/javascript/styles/mastodon/components.scss
2018-02-02Allow HTTP caching of atom-rendered public toots (OStatus compatibility) (#6207)ThibG
2018-02-02Allow retrieval of private statuses (single or in outbox) using HTTP ↵puckipedia
signatures (#6225)
2018-02-02pam authentication (#5303)Alexander
* add pam support, without extra column * bugfixes for pam login * document options * fix code style * fix codestyle * fix tests * don't call remember_me without password * fix codestyle * improve checks for pam usage (should fix tests) * fix remember_me part 1 * add remember_token column because :rememberable requires either a password or this column. * migrate db for remember_token * move pam_authentication to the right place, fix logic bug in edit.html.haml * fix tests * fix pam authentication, improve username lookup, add comment * valid? is sometimes not honored, return nil instead trying to authenticate with pam * update devise_pam_authenticatable2 and adjust code. Fixes sideeffects observed in tests * update devise_pam_authenticatable gem, fixes for codeconventions, fix finding user * codeconvention fixes * code convention fixes * fix idention * update dependency, explicit conflict check * fix disabled password updates if in pam mode * fix check password if password is present, fix templates * block registration if account is maintained by pam * Revert "block registration if account is maintained by pam" This reverts commit 8e7a083d650240b6fac414926744b4b90b435f20. * fix identation error introduced by rebase * block usernames maintained by pam * document pam settings better * fix code style
2018-01-24Merge remote-tracking branch 'tootsuite/master' into glitchsoc/masterJenkins
2018-01-23Fix #6331 (#6341)Eugen Rochko
UserTrackingConcern is circumvented by SessionsController#create because it calls warden, which calls the User#update_tracked_fields! method directly. Move returning user logic to that method.
2018-01-22Rename ResolveRemoteAccountService to ResolveAccountService (#6327)Akihiko Odaki
The service used to be named ResolveRemoteAccountService resolves local accounts as well.
2018-01-21Merge remote-tracking branch 'origin/master' into merge-upstreamDavid Yip
Conflicts: app/controllers/settings/two_factor_authentication/confirmations_controller.rb
2018-01-21Redirect to 2FA creation page when otp_secret is not available (#6314)Aboobacker MK
2018-01-19Merge remote-tracking branch 'origin/master' into merge-upstreamDavid Yip
Conflicts: app/javascript/styles/mastodon/components.scss app/javascript/styles/mastodon/modal.scss
2018-01-18Fix regeneration marker not expiring (#6290)Eugen Rochko
* Fix regeneration key not getting expired * Add rake task to remove old regeneration markers
2018-01-17Merge remote-tracking branch 'origin/master' into merge-upstreamDavid Yip
Conflicts: app/javascript/styles/mastodon/components.scss
2018-01-17Fix home regeneration (#6251)Eugen Rochko
* Fix regeneration marker not being removed after completion * Return HTTP 206 from /api/v1/timelines/home if regeneration in progress Prioritize RegenerationWorker by putting it into default queue * Display loading indicator and poll home timeline while it regenerates * Add graphic to regeneration message * Make "not found" indicator consistent with home regeneration
2018-01-17Merge remote-tracking branch 'tootsuite/master' into glitchsoc/masterJenkins
2018-01-17implement web share target (#6278)りんすき
* web share target * fix * fix
2018-01-15Merge remote-tracking branch 'tootsuite/master' into glitchsoc/masterJenkins
2018-01-15Suppress CSRF token warnings (#6240)Patrick Figel
CSRF token checking was enabled for API controllers in #6223, producing "Can't verify CSRF token authenticity" log spam. This disables logging of failed CSRF checks. This also changes the protection strategy for PushSubscriptionsController to use exceptions, making it consistent with other controllers that use sessions.
2018-01-10Thank you, Officer MurphyDavid Yip
2018-01-10The flavour parameter is unused, so omit it (#317)David Yip
2018-01-10Allow for user object to be empty. Fixes #317.David Yip
If a flavour has only one skin, the skin selector will be omitted. This omits the user[setting_skin] field, and because that's the only user[...] field on the page, the entire user object will not be present in the request handler's params object. This commit accounts for that scenario by avoiding params.require(:user) and instead picking out what we need from the params hash.
2018-01-09Merge remote-tracking branch 'tootsuite/master' into glitchsoc/masterJenkins
2018-01-08Refactor /api/web APIs to use the centralized axios instance (#6223)nightpool
Also adds the ability to decouple the centralized axios logic from the state dispatcher
2018-01-08Merge remote-tracking branch 'tootsuite/master' into glitchsoc/masterJenkins
2018-01-08Revert #5772 (#6221)Eugen Rochko
2018-01-07Merge remote-tracking branch 'personal/merge/tootsuite/master' into gs-masterDavid Yip
2018-01-07Use error pack when rendering error pages. Fixes #305.David Yip
2018-01-07Merge remote-tracking branch 'tootsuite/master' into glitchsoc/masterJenkins
2018-01-07Fix force_ssl conditional (#6201)Yamagishi Kazutoshi
2018-01-07Fix unintended cache (#6214)Yamagishi Kazutoshi
2018-01-07Merge remote-tracking branch 'ykzts/fix-unintended-cache' into gs-masterDavid Yip
2018-01-07Fix unintended cacheYamagishi Kazutoshi
2018-01-05Merge remote-tracking branch 'tootsuite/master' into glitchsoc/masterJenkins