about summary refs log tree commit diff
path: root/app/controllers
AgeCommit message (Collapse)Author
2019-07-17Change terms and privacy policy pages to always be accessible (#11334)Eugen Rochko
Fix #11328
2019-07-17Fix custom CSS controller (#11336)ThibG
2019-07-17Fix caching headers in ActivityPub endpoints (#11331)ThibG
* Fix reverse-proxy caching in public fetch mode * Fix caching in ActivityPub-specific controllers
2019-07-16Add option to disable real-time updates in web UI (#9984)Eugen Rochko
Fix #9031 Fix #7913
2019-07-11Add ActivityPub secure mode (#11269)Eugen Rochko
* Add HTTP signature requirement for served ActivityPub resources * Change `SECURE_MODE` to `AUTHORIZED_FETCH` * Add 'Signature' to 'Vary' header and improve code style * Improve code style by adding `public_fetch_mode?` method
2019-07-09Refactor domain block checks (#11268)Eugen Rochko
2019-07-08Remove unused remote unfollow controller (#11250)Eugen Rochko
2019-07-08Refactor controllers for statuses, accounts, and more (#11249)Eugen Rochko
2019-07-07Remove Atom feeds and old URLs in the form of `GET /:username/updates/:id` ↵Eugen Rochko
(#11247)
2019-07-06Remove Salmon and PubSubHubbub (#11205)Eugen Rochko
* Remove Salmon and PubSubHubbub endpoints * Add error when trying to follow OStatus accounts * Fix new accounts not being created in ResolveAccountService
2019-07-05Remove deprecated REST API `GET /api/v1/statuses/:id/card` (#11213)Eugen Rochko
2019-07-05Remove deprecated REST API `GET /api/v1/timelines/direct` (#11212)Eugen Rochko
2019-06-28Add categories for custom emojis (#11196)Eugen Rochko
Fix #7940
2019-06-26Add option to disable blurhash previews (#11188)ThibG
* Add option to disable blurhash previews * Update option text * Change options order
2019-06-25Fix unnecessary SQL query performed on unauthenticated requests (#11179)Eugen Rochko
2019-06-22Change domain blocks to automatically support subdomains (#11138)Eugen Rochko
* Change domain blocks to automatically support subdomains If a more authoritative domain is blocked (example.com), then the same block will be applied to a subdomain (foo.example.com) * Match subdomains of existing accounts when blocking/unblocking domains * Improve code style
2019-06-20Add moderation API (#9387)Eugen Rochko
Fix #8580 Fix #7143
2019-06-20Fix layout of identity proofs settings (#11126)Acid Chicken (硫酸鶏)
2019-06-19Add audio uploads (#11123)Eugen Rochko
* Add audio uploads Fix #4827 Accept uploads of OGG, WAV, FLAC, OPUS and MP3 files, and converts them to OGG. Media attachments get a new `audio` type. In the UI, audio uploads are displayed identically to video uploads. * Improve code style
2019-06-10Fix login sometimes redirecting to paths that are not pages (#11019)Eugen Rochko
Fix #11016
2019-06-07Change /settings/preferences to redirect to appearance, add ↵Eugen Rochko
/settings/preferences/other (#10988)
2019-06-07Change preferences page into appearance, notifications, and other (#10977)Eugen Rochko
2019-06-07Add waiting time to list of pending accounts in admin UI (#10985)Eugen Rochko
2019-06-05Cleanup various controllers (#10972)ThibG
* Remove skip_session! as it is not supported in Rails 5 * Minor cleanup in StreamEntriesController * Remove redundant mark_cacheable! calls
2019-06-05Fix potential private status leak (#10969)ThibG
2019-06-04Fix poll API not requiring authentication on non-public polls (#10960)Eugen Rochko
* Fix poll API not requiring authentication on non-public polls That API does not reveal the content of the status, i.e. the question itself, nor who the author is, nor which status it belongs to, but it does reveal the poll options and how many answers they got Fix #10959 * Add test
2019-05-28Fix web push notifications for polls (#10864)ThibG
Fixes #10861
2019-05-25Add responsive panels to the single-column layout (#10820)Eugen Rochko
* Add responsive panels to the single-column layout * Fixes * Fix not being able to save the preference * Fix code style issues * Set max-height on the compose textarea and add a link to relationship manager
2019-05-23Move signature verification stoplight to the requests themselves (#10813)ThibG
* Move signature verification stoplight to the requests themselves This avoids blocking messages from known keys for 5 minutes when only one fails… * Put the stoplight on the actual client IP, not a potential reverse proxy
2019-05-21Add `account_id` param to `GET /api/v1/notifications` (#10796)Paul Woolcock
* Add `from_account` to notifications API this adds the ability to filter notifications by the account they originated from * passing a non-existent user should cause none to be returned * Fix codeclimate warnings * fix more codeclimate warnings * make requested changes: * use account id instead of user@domain * name the param `account_id` instead of `from_account` * Don't use `return` in a lambda
2019-05-14Record account suspend/silence time and keep track of domain blocks (#10660)ThibG
* Record account suspend/silence time and keep track of domain blocks * Also unblock users who were suspended/silenced before dates were recorded * Add tests * Keep track of suspending date for users suspended through the CLI * Show accurate number of accounts that would be affected by unsuspending an instance * Change migration to set silenced_at and suspended_at * Revert "Also unblock users who were suspended/silenced before dates were recorded" This reverts commit a015c65d2d1e28c7b7cfab8b3f8cd5fb48b8b71c. * Switch from using suspended and silenced to suspended_at and silenced_at * Add post-deployment migration script to remove `suspended` and `silenced` columns * Use Account#silence! and Account#suspend! instead of updating the underlying property * Add silenced_at and suspended_at migration to post-migration * Change account fabricator to translate suspended and silenced attributes * Minor fixes * Make unblocking domains always retroactive
2019-05-11Add toot source to delete result to ease Delete & Redraft (#10669)ThibG
* Return Status with raw text in raw_content when deleting a status * Use raw content if available on delete & redraft * Rename raw_content to text; do not serialize formatted content when source is requested
2019-05-09Add some caching for HTML versions of statuses pages (#10701)ThibG
2019-05-03Explicitly disable storage of REST API results (#10655)ThibG
Fixes #10652
2019-05-03Provide a link to existing domain block when trying to block an ↵ThibG
already-blocked domain (#10663) * When trying to block an already-blocked domain, provide a link to the block * Fix styling for links in flash messages * Allow blocks to be upgraded but not downgraded
2019-05-02Check that an invite link is valid before bypassing approval mode (#10657)ThibG
* Check that an invite link is valid before bypassing approval mode Fixes #10656 * Add tests * Only consider valid invite links in registration controller * fixup
2019-04-25Fix not being able to save e-mail preference for new pending accounts (#10622)Eugen Rochko
2019-04-10compare usernames case-insensitively on new proof creation flow (#10544)Alex Gessner
* compare usernames case-insensitively on new proof creation flow * Fix code style issue
2019-04-10Add invite request to pending account notification e-mail (#10528)Eugen Rochko
Fix sorting of the pending accounts page
2019-04-10Add preference to disable e-mails about new pending accounts (#10529)Eugen Rochko
2019-04-09Add "why do you want to join" field to invite requests (#10524)Eugen Rochko
* Add "why do you want to join" field to invite requests Fix #10512 * Remove unused translations * Fix broken registrations when no invite request text is submitted
2019-04-09Fix permission denied bug on approve all/reject all pending accounts (#10519)Eugen Rochko
2019-04-08Fix batch actions not working on pending accounts (#10508)ThibG
2019-04-07Improve blocked view of profiles (#10491)Eugen Rochko
* Revert "Fix filtering of favourited_by, reblogged_by, followers and following (#10447)" This reverts commit 120544067fcca4bf6e71ba1ffb276c451c17c656. * Revert "Hide blocking accounts from blocked users (#10442)" This reverts commit 62bafa20a112ccdddaedb25723fc819dbbcd8e9a. * Improve blocked view of profiles - Change "You are blocked" to "Profile unavailable" - Hide following/followers in API when blocked - Disable follow button and show "Profile unavailable" on public profile as well
2019-04-06Add batch actions for approving and rejecting pending accounts (#10469)Eugen Rochko
2019-04-06Fix admin validation being too strict about usernames (#10449)Eugen Rochko
* Fix admin validation being too strict about usernames Fix #10446 * Strip Setting.site_contact_username consistently throughout the codebase
2019-04-04Cache featured collections, as well as outbox, followers and following (#10467)ThibG
2019-04-01Hide blocking accounts from blocked users (#10442)ThibG
* Revert "Add indication that you have been blocked in web UI (#10420)" This reverts commit bd02ec6daa974dcd3231e73826a56e08dbeedadc. * Revert "Add `blocked_by` relationship to the REST API (#10373)" This reverts commit 9745de883b198375ba23f7fde879f6d75ce2df0f. * Hide blocking accounts from search results * Filter blocking accouts from account followers * Filter blocking accouts from account's following accounts * Filter blocking accounts from “reblogged by” and “favourited by” lists * Remove blocking account from URL search * Return 410 on trying to fetch user data from a user who blocked us * Return 410 in /api/v1/account/statuses for suspended or blocking accounts * Fix status filtering when performing URL search * Restore some React improvements Restore some cleanup from bd02ec6daa974dcd3231e73826a56e08dbeedadc * Refactor by adding `without_blocking` scope
2019-03-31Ensure request.body isn't emptied out before signature verification (#10432)ThibG
Fixes #10429
2019-03-28squashed identity proof updates (#10375)Alex Gessner