about summary refs log tree commit diff
path: root/app/models/user.rb
AgeCommit message (Collapse)Author
2018-01-05Fix email confirmation link not updating email (#6187)Patrick Figel
A change introduced in #6125 prevents `Devise::Models::Confirmable#confirm` from being called for existing users, which in turn leads to `email` not being set to `unconfirmed_email`, breaking email updates. This also adds a test that would've caught this issue.
2018-01-03Merge remote-tracking branch 'tootsuite/master' into glitchsoc/masterJenkins
2018-01-02Add confirmation step for email changes (#6071)Patrick Figel
* Add confirmation step for email changes This adds a confirmation step for email changes of existing users. Like the initial account confirmation, a confirmation link is sent to the new address. Additionally, a notification is sent to the existing address when the change is initiated. This message includes instruction to reset the password immediately or to contact the instance admin if the change was not initiated by the account owner. Fixes #3871 * Add review fixes
2017-12-30Merge remote-tracking branch 'origin/master' into merge-upstreamDavid Yip
Conflicts: app/controllers/auth/confirmations_controller.rb
2017-12-29Add more instance stats APIs (#6125)Eugen Rochko
* Add GET /api/v1/instance/peers API to reveal known domains * Add GET /api/v1/instance/activity API * Make new APIs disableable, exclude private statuses from activity stats * Fix code style issue * Fix week timestamps
2017-12-09add initial components based off of tootsuite pr #1507cwm
2017-12-04Merge branch 'gs-master' into glitch-themeDavid Yip
2017-12-03Rename themes -> flavours ? ?kibigo!
2017-11-30Skins supportkibigo!
2017-11-27Add consumable invites (#5814)Eugen Rochko
* Add consumable invites * Add UI for generating invite codes * Add tests * Display max uses and expiration in invites table, delete invite * Remove unused column and redundant validator - Default follows not used, probably bad idea - InviteCodeValidator is redundant because RegistrationsController checks invite code validity * Add admin setting to disable invites * Add admin UI for invites, configurable role for invite creation - Admin UI that lists everyone's invites, always available - Admin setting min_invite_role to control who can invite people - Non-admin invite UI only visible if users are allowed to * Do not remove invites from database, expire them instantly
2017-11-18Lists (#5703)Eugen Rochko
* Add structure for lists * Add list timeline streaming API * Add list APIs, bind list-account relation to follow relation * Add API for adding/removing accounts from lists * Add pagination to lists API * Add pagination to list accounts API * Adjust scopes for new APIs - Creating and modifying lists merely requires "write" scope - Fetching information about lists merely requires "read" scope * Add test for wrong user context on list timeline * Clean up tests
2017-11-15Delegate some methods of User to @settings (#5706)ysksn
* Move some tests of User into Settings::ScopedSettings * Add a test for User@settings
2017-11-12Update model annotations to use BIGINT for IDs (#5461)Daniel Hunsaker
All the migrations have been updated to use BIGINTs for ID fields in the DB, but ActiveRecord needs to be told to treat those values as BIGINT as well. This PR does that.
2017-11-11Add moderator role and add pundit policies for admin actions (#5635)Eugen Rochko
* Add moderator role and add pundit policies for admin actions * Add rake task for turning user into mod and revoking it again * Fix handling of unauthorized exception * Deliver new report e-mails to staff, not just admins * Add promote/demote to admin UI, hide some actions conditionally * Fix unused i18n
2017-11-07Add ability to disable login and mark accounts as memorial (#5615)Eugen Rochko
Fix #5597
2017-10-16Add option to reduce motion (#5393)Nolan Lawson
* Add option to reduce motion * Use HOC to wrap all Motion calls * fix case-sensitive issue * Avoid updating too frequently * Get rid of unnecessary change to _simple_status.html.haml
2017-09-19Add support for multiple themes (#4959)Andrew
* Add support for selecting a theme * Fix codeclimate issues * Look up site default style if current user is not available due to e.g. not being logged in * Remove outdated comment in common.js * Address requested changes in themes PR * Fix codeclimate issues * Explicitly check current_account in application controller and only check theme availability if non-nil * codeclimate * explicit precedence with && * Fix code style in application_controller according to @nightpool's suggestion, use default style in embedded.html.haml * codeclimate: indentation + return
2017-08-30Use request.remote_ip instead of request.ip (#4744)nullkal
2017-08-22Application prefs section (#2758)Colin Mitchell
* Add code for creating/managing apps to settings section * Add specs for app changes * Fix controller spec * Fix view file I pasted over by mistake * Add locale strings. Add 'my apps' to nav * Add Client ID/Secret to App page. Add some visual separation * Fix rubocop warnings * Fix embarrassing typo I lost an `end` statement while fixing a merge conflict. * Add code for creating/managing apps to settings section - Add specs for app changes - Add locale strings. Add 'my apps' to nav - Add Client ID/Secret to App page. Add some visual separation - Fix some bugs/warnings * Update to match code standards * Trigger notification * Add warning about not sharing API secrets * Tweak spec a bit * Cleanup fixture creation by using let! * Remove unused key * Add foreign key for application<->user
2017-07-23Add rake task mastodon:feeds:build to regenerate all active users' feeds (#4303)Eugen Rochko
2017-07-18Add unfollow modal (optional) (#4246)Yamagishi Kazutoshi
* Add unfollow modal * unfollowing someone * remove unnecessary prop
2017-07-14Add option to opt out of search engines on public profile/status pages (#4199)Eugen Rochko
2017-07-13Web Push Notifications (#3243)Sorin Davidoi
* feat: Register push subscription * feat: Notify when mentioned * feat: Boost, favourite, reply, follow, follow request * feat: Notification interaction * feat: Handle change of public key * feat: Unsubscribe if things go wrong * feat: Do not send normal notifications if push is enabled * feat: Focus client if open * refactor: Move push logic to WebPushSubscription * feat: Better title and body * feat: Localize messages * chore: Fix lint errors * feat: Settings * refactor: Lazy load * fix: Check if push settings exist * feat: Device-based preferences * refactor: Simplify logic * refactor: Pull request feedback * refactor: Pull request feedback * refactor: Create /api/web/push_subscriptions endpoint * feat: Spec PushSubscriptionController * refactor: WebPushSubscription => Web::PushSubscription * feat: Spec Web::PushSubscription * feat: Display first media attachment * feat: Support direction * fix: Stuff broken while rebasing * refactor: Integration with session activations * refactor: Cleanup * refactor: Simplify implementation * feat: Set VAPID keys via environment * chore: Comments * fix: Crash when no alerts * fix: Set VAPID keys in testing environment * fix: Follow link * feat: Notification actions * fix: Delete previous subscription * chore: Temporary logs * refactor: Move migration to a later date * fix: Fetch the correct session activation and misc bugs * refactor: Move migration to a later date * fix: Remove follow request (no notifications) * feat: Send administrator contact to push service * feat: Set time-to-live * fix: Do not show sensitive images * fix: Reducer crash in error handling * feat: Add badge * chore: Fix lint error * fix: Checkbox label overlap * fix: Check for payload support * fix: Rename action "type" (crash in latest Chrome) * feat: Action to expand notification * fix: Lint errors * fix: Unescape notification body * fix: Do not allow boosting if the status is hidden * feat: Add VAPID keys to the production sample environment * fix: Strip HTML tags from status * refactor: Better error messages * refactor: Handle browser not implementing the VAPID protocol (Samsung Internet) * fix: Error when target_status is nil * fix: Handle lack of image * fix: Delete reference to invalid subscriptions * feat: Better error handling * fix: Unescape HTML characters after tags are striped * refactor: Simpify code * fix: Modify to work with #4091 * Sort strings alphabetically * i18n: Updated Polish translation it annoys me that it's not fully localized :P * refactor: Use current_session in PushSubscriptionController * fix: Rebase mistake * fix: Set cacheName to mastodon * refactor: Pull request feedback * refactor: Remove logging statements * chore(yarn): Fix conflicts with master * chore(yarn): Copy latest from master * chore(yarn): Readd offline-plugin * refactor: Use save! and update! * refactor: Send notifications async * fix: Allow retry when push fails * fix: Save track for failed pushes * fix: Minify sw.js * fix: Remove account_id from fabricator
2017-07-13Fix boolean columns sometimes having a null value (#4162)Eugen Rochko
* Fix boolean columns sometimes having a null value * Fix wrong value being set instead of null
2017-07-10Add setting a always mark media as sensitive (#4136)Yamagishi Kazutoshi
2017-07-06Add a setting allowing the use of system's default font in Web UI (#4033)Damien Erambert
* add a system_font_ui setting on the server * Plug the system_font_ui on the front-end * add EN/FR locales for the new setting * put Roboto after all other fonts * remove trailing whitespace so CodeClimate is happy * fix user_spec.rb * correctly write user_spect this time * slightly better way of adding the classes * add comments to the system-font stack for clarification * use .system-font for the class instead * don't use multiple lines for comments * remove trailing whitespace * use the classnames module for consistency * use `mastodon-font-sans-serif` instead of Roboto directly
2017-06-25Add overview of active sessions (#3929)Eugen Rochko
* Add overview of active sessions * Better display of browser/platform name * Improve how browser information is stored and displayed for sessions overview * Fix test
2017-06-23Revocable sessions (#3616)Sorin Davidoi
* feat: Revocable sessions * fix: Tests using sign_in * feat: Configuration entry for the maximum number of session activations
2017-06-09Correct validators so that existing error messages would look correct (#3668)Eugen Rochko
2017-06-08Fix db:seed - only run some validations when the field was changed (#3592)Eugen Rochko
* Fix db:seed - only run some validations when the field was changed * Add tests
2017-06-01Update Rails to version 5.1.1 (#3121)Matt Jankowski
* Update rails to version 5.1.1 * Run `rails app:update` * Remove the override of polymorphic activity relationship * Silence warning about otp_secret attribute being unknown to rails * We will only introduce form_with where we want to use remote data
2017-05-30Refactor User and spec (#3431)Akihiko Odaki
* Protect send_devise_notification of User * Improve spec for User
2017-05-29Add preference setting for delete toot modal (#3368)Atsushi Yamamoto
* Set delete_modal preference to true by default * Does not show confirmation modal if delete_modal is false * Add ja translation for preference setting page
2017-05-22Add coverage for ReportFilter and AccountFilter (#3236)Matt Jankowski
2017-05-22Specs for cleanup workers (#3235)Matt Jankowski
* Add spec files for feed and media cleanup workers * Add coverage for feed and media cleanup schedulers * Clean up feed and media cleanup workers
2017-05-20Filter languages with opt out (#3175)Matt Jankowski
* Remove allowed_languages and add filtered_languages * Use filtered_languages instead of allowed_languages
2017-05-19Conditional validations no longer accept strings for if/unless (#3124)Matt Jankowski
2017-05-16Order by symbol value (#3077)alpaca-tc
2017-05-08Improve allowed language handling (#2897)Matt Jankowski
* Dont allow empty value in user allowed languages * Sanitize language input to reject blank values in array
2017-05-02Add option to disable two factor auth in admin accounts panel. (#2584)Kaylee
* Add option to disable two factor auth in admin accounts panel. Closes #2578 * Add @mjankowski's suggestions. * Moves destroy actions behind User#disable_two_factor! * Adds spec coverage for Admin:TwoFactorAuthenticationsController and User#disable_two_factor!
2017-05-02annotate models (#2697)yhirano
* add annotate to Gemfile * rails g annotate:install * configure annotate_models * add schema info to models * fix rubocop to add frozen_string_literal
2017-04-23Admin UI for confirming users (#2245)Ash Furrow
* Shows confirmed status in list. * Adds ability to confirm users in admin UI. * Added new english translations. * Addresses feedback from #2245. * More feedback.
2017-04-18Merge branch 'pause-gif' of git://github.com/patf/mastodon into patf-pause-gifEugen Rochko
2017-04-18Remove unused methods (#1730)Matt Jankowski
* Remove unused method #set_counters_maps from api controller * Remove unused method #set_account_counters_maps from api controller * Remove unused method Account#followers_domains * Remove unused User.prolific scope * Add mastodon:users:admins task to list all admin emails * Use interpolated query style in Account.triadic_closures * Coverage for Account.triadic_closures
2017-04-17Required foreign keys (#2003)alpaca-tc
* Add `required: true` option to foreign column * Fixes NoMethodError ``` > Favourite.new.valid? NoMethodError: undefined method `reblog?' for nil:NilClass ```
2017-04-17Add gif auto-play/pause preferencePatrick Figel
This introduces a new per-user preference called "Auto-play animated GIFs", which is enabled by default. When a user disables this setting, gifs in toots become click-to-play. Previews of animated gifs were changed to display the video play button so that users can distinguish them from regular images. This setting also affects account avatars in the detailed account view, which was changed to use the same hover-to-play mechanism that is used for animated avatars in timelines. Fixes #1652
2017-04-15Add recovery code support for two-factor auth (#1773)Patrick Figel
* Add recovery code support for two-factor auth When users enable two-factor auth, the app now generates ten single-use recovery codes. Users are encouraged to print the codes and store them in a safe place. The two-factor prompt during login now accepts both OTP codes and recovery codes. The two-factor settings UI allows users to regenerated lost recovery codes. Users who have set up two-factor auth prior to this feature being added can use it to generate recovery codes for the first time. Fixes #563 and fixes #987 * Set OTP_SECRET in test enviroment * add missing .html to view file names
2017-04-11Allow user to disable the boost confirm dialog in preferencesblackle
2017-03-04Add digest e-mailsEugen Rochko
2017-02-06Add API modifiers to limit returned toots from public/hashtag timelinesEugen Rochko
to only those from local users; Add link to "extended information" to getting started in the UI; Add defaults for posting privacy; Change how publish button looks depending on posting privacy chosen