about summary refs log tree commit diff
path: root/app/models
AgeCommit message (Collapse)Author
2017-11-25status: preserve visibility attribute when reblogging (infoleak fix) (#5789)William Pitcock
this should fix *all* remaining visibility-related mastodon ostatus infoleaks. thanks to @csaurus@gnusocial.de for pointing out the infoleak.
2017-11-24Fix unnecessary order (#5807)abcang
2017-11-24Merge remote-tracking branch 'tootsuite/master' into glitchsoc/masterJenkins
2017-11-24Add logging of admin actions (#5757)Eugen Rochko
* Add logging of admin actions * Update brakeman whitelist * Log creates, updates and destroys with history of changes * i18n: Update Polish translation (#5782) Signed-off-by: Marcin Mikołajczak <me@m4sk.in> * Split admin navigation into moderation and administration * Redesign audit log page * 🇵🇱 (#5795) * Add color coding to audit log * Change dismiss->resolve, log all outcomes of report as resolve * Update terminology (e-mail blacklist) (#5796) * Update terminology (e-mail blacklist) imho looks better * Update en.yml * Fix code style issues * i18n-tasks normalize
2017-11-19Merge remote-tracking branch 'tootsuite/master' into glitchsoc/masterJenkins
2017-11-19Fix N+1 at notification (#5752)abcang
2017-11-19Merge remote-tracking branch 'tootsuite/master'David Yip
2017-11-19Add “staff” badge to admin user pages (#5735)Yamagishi Kazutoshi
* Allow staff badge to change from setting to hidden * i18n: Update Polish translation
2017-11-18Profile redirect notes (#5746)Eugen Rochko
* Serialize moved accounts into REST and ActivityPub APIs * Parse federated moved accounts from ActivityPub * Add note about moved accounts to public profiles * Add moved account message to web UI * Fix code style issues
2017-11-18Merge pull request #208 from yipdw/keyword-mutebeatrix
Run keyword mutes on hashtags
2017-11-17Update annotations on Follow, FollowRequest, and Mute.David Yip
Follow and FollowRequest had conflicts in their schema annotations, so I ran latest migrations and let annotate_models fix them up.
2017-11-17Merge remote-tracking branch 'origin/master' into merge-upstreamDavid Yip
2017-11-18Lists (#5703)Eugen Rochko
* Add structure for lists * Add list timeline streaming API * Add list APIs, bind list-account relation to follow relation * Add API for adding/removing accounts from lists * Add pagination to lists API * Add pagination to list accounts API * Adjust scopes for new APIs - Creating and modifying lists merely requires "write" scope - Fetching information about lists merely requires "read" scope * Add test for wrong user context on list timeline * Clean up tests
2017-11-16Merge remote-tracking branch 'origin/master' into gs-masterDavid Yip
2017-11-17Fix some rubocop style issues (#5730)Eugen Rochko
2017-11-17Display moderator badge (green), admin badge changed to red (#5728)Eugen Rochko
2017-11-16Fix AccountFinderConcern::AccountFinder#with_usernames (#5722)ysksn
2017-11-16Merge tootsuite/master at 30237259367a0ef2b20908518b86bbeb358999b5Surinna Curtis
2017-11-15Replace =~ with #matches?. #208.David Yip
=~ made sense when we were passing it through to a regex, but we're no longer doing that: TagMatcher looks at individual tags and returns a value that *looks* like what you get out of #=~ but really isn't that meaningful. Probably a good idea to not subvert convention like this and instead use a name with guessable intent.
2017-11-15Prefix cache keys with the matcher type. #208.David Yip
We already know about one regex limitation, which is that they cannot segment words in e.g. Japanese, Chinese, or Thai. It may also end up that regex matching is too slow compared to other methods. However, the regex is an implementation detail. We still want the ability to switch between "occurs anywhere" and "match whole word", and caching the matcher result is likely to still be important (since the matcher itself won't change nearly as often as status ingress rate). Therefore, we ought to be able to change the cache keys to reflect a change of data structure. (Old cache keys expire within minutes, so they shouldn't be too big of an issue. Old cache keys could also be explicitly removed by an instance administrator.)
2017-11-15Match keyword mute filter on hashtags. #208.David Yip
It is reasonable to expect someone to enter #foo to mute hashtag #foo. However, tags are recorded on statuses without the preceding #. To adjust for this, we build a separate tag matcher and use Tag::HASHTAG_RE to extract a hashtag from the hashtag syntax.
2017-11-15Merge pull request #212 from aschmitz/feat/mute-reblogsbeatrix
Allow hiding reblogs on a per-follow basis
2017-11-15Delegate some methods of User to @settings (#5706)ysksn
* Move some tests of User into Settings::ScopedSettings * Add a test for User@settings
2017-11-15Optional notification muting (#5087)Surinna Curtis
* Add a hide_notifications column to mutes * Add muting_notifications? and a notifications argument to mute! * block notifications in notify_service from hard muted accounts * Add specs for how mute! interacts with muting_notifications? * specs testing that hide_notifications in mutes actually hides notifications * Add support for muting notifications in MuteService * API support for muting notifications (and specs) * Less gross passing of notifications flag * Break out a separate mute modal with a hide-notifications checkbox. * Convert profile header mute to use mute modal * Satisfy eslint. * specs for MuteService notifications params * add trailing newlines to files for Pork :) * Put the label for the hide notifications checkbox in a label element. * Add a /api/v1/mutes/details route that just returns the array of mutes. * Define a serializer for /api/v1/mutes/details * Add more specs for the /api/v1/mutes/details endpoint * Expose whether a mute hides notifications in the api/v1/relationships endpoint * Show whether muted users' notifications are muted in account lists * Allow modifying the hide_notifications of a mute with the /api/v1/accounts/:id/mute endpoint * make the hide/unhide notifications buttons work * satisfy eslint * In probably dead code, replace a dispatch of muteAccount that was skipping the modal with launching the mute modal. * fix a missing import * add an explanatory comment to AccountInteractions * Refactor handling of default params for muting to make code cleaner * minor code style fixes oops * Fixed a typo that was breaking the account mute API endpoint * Apply white-space: nowrap to account relationships icons * Fix code style issues * Remove superfluous blank line * Rename /api/v1/mutes/details -> /api/v2/mutes * Don't serialize "account" in MuteSerializer Doing so is somewhat unnecessary since it's always the current user's account. * Fix wrong variable name in api/v2/mutes * Use Toggle in place of checkbox in the mute modal. * Make the Toggle in the mute modal look better * Code style changes in specs and removed an extra space * Code review suggestions from akihikodaki Also fixed a syntax error in tests for AccountInteractions. * Make AddHideNotificationsToMute Concurrent It's not clear how much this will benefit instances in practice, as the number of mutes tends to be pretty small, but this should prevent any blocking migrations nonetheless. * Fix up migration things * Remove /api/v2/mutes
2017-11-14Add uniqueness to block email domains (#5692)Yamagishi Kazutoshi
2017-11-13Maintain case-insensitivity when merging multiple matchers (#213)David Yip
When given two regexps, Regexp.union preserves the options set (or not set) on each regex; this meant that none of the multiline (m), case-insensitivity (i), or extended syntax (x) options were set. Our regexps are written expecting the m, i, and x options were set on all of them, so we need to make sure that we preserve that behavior.
2017-11-12Update model annotations to use BIGINT for IDs (#5461)Daniel Hunsaker
All the migrations have been updated to use BIGINTs for ID fields in the DB, but ActiveRecord needs to be told to treat those values as BIGINT as well. This PR does that.
2017-11-11Updates per code reviewaschmitz
Thanks, @valerauko!
2017-11-11Add moderator role and add pundit policies for admin actions (#5635)Eugen Rochko
* Add moderator role and add pundit policies for admin actions * Add rake task for turning user into mod and revoking it again * Fix handling of unauthorized exception * Deliver new report e-mails to staff, not just admins * Add promote/demote to admin UI, hide some actions conditionally * Fix unused i18n
2017-11-10Per-user reblog hiding implementation/fixes/testsaschmitz
Note that this will only hide/show *future* reblogs by a user, and does nothing to remove/add reblogs that are already in the timeline. I don't think that's a particularly confusing behavior, and it's a lot easier to implement (similar to mutes, I believe).
2017-11-09"Show reblogs" per-follower UI/database changesaschmitz
TODO: * Tests (particularly for FollowRequests). * Anything to respect the setting when putting reblogs in timelines.
2017-11-09Add and Remove tests for FollowRequest (#5622)ysksn
* Add a test for FollowRequest#authorize! * Remove tests There is no need to test ActiveModel::Validations::ClassMethods#validates. * Make an alias of destroy! as reject! Instead of defining the method, make an alias of destroy! as reject! because of reducing test.
2017-11-07Twidere mention workaround (#5552)ThibG
* Work around Twidere and Tootdon bug Tootdon and Twidere construct @user@domain handles from mentions in toots based solely on the mention text and account URI's domain without performing any webfinger call or retrieving account info from the Mastodon server. As a result, when a remote user has WEB_DOMAIN ≠ LOCAL_DOMAIN, Twidere and Tootdon will construct the mention as @user@WEB_DOMAIN. Now, this will usually resolve to the correct account (since the recommended configuration is to have WEB_DOMAIN perform webfinger redirections to LOCAL_DOMAIN) when processing mentions, but won't do so when displaying them (as it does not go through the whole account resolution at that time). This change rewrites mentions to the resolved account, so that displaying the mentions will work. * Use lookbehind instead of non-capturing group in MENTION_RE Indeed, substitutions with the previous regexp would erroneously eat any preceding whitespace, which would lead to concatenated mentions in the previous commit. Note that users will “lose” up to one character space per mention for their toots, as that regexp is also used to remove the domain-part of mentioned users for character counting purposes, and it also erroneously removed the preceding character if it was a space.
2017-11-07Add ability to disable login and mark accounts as memorial (#5615)Eugen Rochko
Fix #5597
2017-11-07 Show the local couterpart of emoji when it exists in /admin/custom_emojis ↵nullkal
(#5467) * Show the local couterpart of emoji when it exists in admin/custom_emojis * Fix indentation * Fix error * Add class table-action-link to Overwrite link * Make it enable to overwrite emojis * Make Code Climate happy
2017-10-27Merge branch 'master' into gs-masterDavid Yip
2017-10-27Feature: Unlisted custom emojis (#5485)nullkal
2017-10-25Merge pull request #179 from glitch-soc/keyword-mutebeatrix
Keyword muting
2017-10-25Merge remote-tracking branch 'STJrInuyasha/feature/direct-timeline' into ↵David Yip
gs-direct-timeline
2017-10-24Remove nil check in Glitch::KeywordMute#=~.David Yip
@regex can no longer be nil, so we don't need to check it.
2017-10-24Switch to Regexp.union for building the mute expression.David Yip
Also make the keyword-building methods private: they always probably should have been private, but now I have encoded enough fun and games into them that it now seems wrong for them to *not* be private.
2017-10-23Only cache the regex text, not the regex itself.David Yip
It is possible to cache a Regexp object, but I'm not sure what happens if e.g. that object remains in cache across two different Ruby versions. Caching a string seems to raise fewer questions.
2017-10-22Added a timeline for Direct statusesMatthew Walsh
* Lists all Direct statuses you've sent and received * Displayed in Getting Started * Streaming server support for direct TL
2017-10-22KeywordMute matcher: more closely mimic Regexp#=~ behavior.David Yip
Regexp#=~ returns nil if it does not match. An empty mute set does not match any status, so KeywordMute::Matcher#=~ ought to return nil also.
2017-10-22Don't add \b to whole-word keywords that don't start with word characters.David Yip
Ditto for ending with \b. Consider muting the phrase "(hot take)". I stipulate it is reasonable to enter this with the default "match whole word" behavior. Under the old behavior, this would be encoded as \b\(hot\ take\)\b However, if \b is before the first character in the string and the first character in the string is not a word character, then the match will fail. Ditto for after. In our example, "(" is not a word character, so this will not match statuses containing "(hot take)", and that's a very surprising behavior. To address this, we only add leading and trailing \b to keywords that start or end with word characters.
2017-10-21Apply keyword mutes to reblogs.David Yip
2017-10-21Move KeywordMute into Glitch namespace.David Yip
There are two motivations for this: 1. It looks like we're going to add other features that require server-side storage (e.g. user notes). 2. Namespacing glitchsoc modifications is a good idea anyway: even if we do not end up doing (1), if upstream introduces a keyword-mute feature that also uses a "KeywordMute" model, we can avoid some merge conflicts this way and work on the more interesting task of choosing which implementation to use.
2017-10-21Allow keywords to match either substrings or whole words.David Yip
Word-boundary matching only works as intended in English and languages that use similar word-breaking characters; it doesn't work so well in (say) Japanese, Chinese, or Thai. It's unacceptable to have a feature that doesn't work as intended for some languages. (Moreso especially considering that it's likely that the largest contingent on the Mastodon bit of the fediverse speaks Japanese.) There are rules specified in Unicode TR29[1] for word-breaking across all languages supported by Unicode, but the rules deliberately do not cover all cases. In fact, TR29 states For example, reliable detection of word boundaries in languages such as Thai, Lao, Chinese, or Japanese requires the use of dictionary lookup, analogous to English hyphenation. So we aren't going to be able to make word detection work with regexes within Mastodon (or glitchsoc). However, for a first pass (even if it's kind of punting) we can allow the user to choose whether they want word or substring detection and warn about the limitations of this implementation in, say, docs. [1]: https://unicode.org/reports/tr29/ https://web.archive.org/web/20171001005125/https://unicode.org/reports/tr29/
2017-10-21Invalidate cached matcher objects on KeywordMute commit. #164.David Yip
2017-10-21Use more idiomatic string concatentation. #164.David Yip
The intent of the previous concatenation was to minimize object allocations, which can end up being a slow killer. However, it turns out that under MRI 2.4.x, the shove-strings-in-an-array-and-join method is not only arguably more common but (in this particular case) actually allocates *fewer* objects than the string concatenation. Or, at least, that's what I gather by running this: words = %w(palmettoes nudged hibernation bullish stockade's tightened Hades Dixie's formalize superego's commissaries Zappa's viceroy's apothecaries tablespoonful's barons Chennai tollgate ticked expands) a = Account.first KeywordMute.transaction do words.each { |w| KeywordMute.create!(keyword: w, account: a) } GC.start s1 = GC.stat re = String.new.tap do |str| scoped = KeywordMute.where(account: a) keywords = scoped.select(:id, :keyword) count = scoped.count keywords.find_each.with_index do |kw, index| str << Regexp.escape(kw.keyword.strip) str << '|' if index < count - 1 end end s2 = GC.stat puts s1.inspect, s2.inspect raise ActiveRecord::Rollback end vs this: words = %w( palmettoes nudged hibernation bullish stockade's tightened Hades Dixie's formalize superego's commissaries Zappa's viceroy's apothecaries tablespoonful's barons Chennai tollgate ticked expands ) a = Account.first KeywordMute.transaction do words.each { |w| KeywordMute.create!(keyword: w, account: a) } GC.start s1 = GC.stat re = [].tap do |arr| KeywordMute.where(account: a).select(:keyword, :id).find_each do |m| arr << Regexp.escape(m.keyword.strip) end end.join('|') s2 = GC.stat puts s1.inspect, s2.inspect raise ActiveRecord::Rollback end Using rails r, here is a comparison of the total_allocated_objects and malloc_increase_bytes GC stat data: total_allocated_objects malloc_increase_bytes string concat 3200241 -> 3201428 (+1187) 1176 -> 45216 (44040) array join 3200380 -> 3201299 (+919) 1176 -> 36448 (35272)