about summary refs log tree commit diff
path: root/app/models
AgeCommit message (Collapse)Author
2020-04-15Fix confusing error when failing to add an alias to an unknown account (#13480)ThibG
Follow-up to #13452, fixing broken `uri.nil?` test. Also remove the separate check for `uri` presence, as that would result in a “Please review 2 errors below” while only one would be listed.
2020-04-15Change delivery failure tracking to work with hostnames instead of URLs (#13437)Eugen Rochko
2020-04-15Fix “Email changed” notification sometimes having wrong e-mail (#13475)ThibG
* Fix “Email changed” notification sometimes having wrong e-mail Fixes #6778 The root of the issue is that `send_devise_notification` was called before the changes were properly commited to the database, causing the mailer to pick previous values if running too early. Devise's documentation provides guidance on how to handle that[1][2], however, I have found it to not be working, as the following happens, in that order: - `send_devise_notification` is called for the `email_changed` notification. In that case, `changed?` is false and `saved_changes?` is true, so if we use the former, we have the same issue. - the `after_commit` hook is called - `send_devise_notification` is called for the `confirmation_instructions` notification. In that case, `changed?` is still false, and `saved_changes?` still true, so if we use the latter, that second notification email is simply not going to be sent (as we would be queuing the notification *after* executing the after_commit hook). This is because it may be called from either an `after_update` or `after_commit` hook, the difference not being a call to `save` but the transaction actually being committed to the database. This may arguably be a bug in Devise, or Devise's notification. The proposed workaround is inspired by Devise's documentation but checks whether a transaction is open to make the call whether to immediately send the notification or defer it to the `after_commit` hook. [1]: https://www.rubydoc.info/github/plataformatec/devise/Devise%2FModels%2FAuthenticatable:send_devise_notification [2]: https://github.com/heartcombo/devise/blob/406915cb781e38255a30ad2a0609e33952b9ec50/lib/devise/models/authenticatable.rb#L133-L194 * Fix cases when sending notifications without changing the model * Defer sending if and only if in transaction including current record
2020-04-13Fix account aliases page (#13452)ThibG
* Fix error not being displayed when adding an account alias, add error for self-references Co-Authored-By: Mélanie Chauvel (ariasuni) <perso@hack-libre.org> * Add “You have no aliases.” note in confusing empty aliases table Co-Authored-By: Mélanie Chauvel (ariasuni) <perso@hack-libre.org> Co-authored-by: Mélanie Chauvel (ariasuni) <perso@hack-libre.org>
2020-04-05Add rate limit for reporting (#13390)Eugen Rochko
2020-04-05Fix PostgreSQL load when linking in announcements (#13250)ThibG
* Fix PostgreSQL load when linking in announcements Fixes #13245 by caching status lookups Since statuses are supposed to be known already and we only need their URLs and a few other things, caching them should be fine. Since it's only used by announcements so far, there won't be much statuses to cache. * Perform status lookup when saving announcements, not when rendering them * Change EntityCache#status to fetch URLs instead of looking into the database * Move announcement link lookup to publishing worker * Address issues pointed out during review
2020-04-03Add ability to filter audit log in admin UI (#13381)Eugen Rochko
2020-03-26Change `tootctl media remove-orphans` to work for all classes (#13316)Eugen Rochko
Change `tootctl media lookup` to not use an interactive prompt
2020-03-21Make bookmarks also searchable (#13271)Jeong Arm
2020-03-21Fix reported accounts not being whitelisted when resolving a spamcheck ↵ThibG
report (#13289)
2020-03-12Add option to include resolved DNS records when blacklisting e-mail domains ↵Eugen Rochko
in admin UI (#13254) * Add shortcuts to blacklist a user's e-mail domain in admin UI * Add option to blacklist resolved MX and IP records for e-mail domains
2020-03-12Add titles to warning presets in admin UI (#13252)Eugen Rochko
2020-03-10Fix videos with unsupported colorspace not being transcoded (#13242)ThibG
2020-03-09Fix MP4 (H264 + AAC) video files being needlessly re-encoded (#13239)ThibG
2020-03-09Change video uploads to always be converted to H264/MP4 (#13220)Eugen Rochko
Even if the container format is the same (.mp4), the codec could be different and not playable in web browsers
2020-03-09Change video uploads to enforce certain limits (#13218)Eugen Rochko
- Dimensions at most 1920x1200 - Frame rate at most 60
2020-03-09Add federation support for the "hide network" preference (#11673)ThibG
* Change ActivityPub follower/following collections to not link first page * Add support for hiding followers and following of remote users * Switch to using a single `hide_collections` column * Address code style remarks
2020-03-08Change local media attachments to perform heavy processing asynchronously ↵Eugen Rochko
(#13210) Fix #9106
2020-03-08Add support for links to statuses in announcements to be opened in web UI ↵ThibG
(#13212) * Add support for links to public statuses in announcements to be opened in WebUI * Please CodeClimate
2020-03-08Add sorting by username, creation and last activity in moderation view (#13076)ThibG
* Add ability to order accounts in moderation view * Display last status date in “Most recent activity” for remote users
2020-03-08Add specific rate limits for posting and following (#13172)Eugen Rochko
2020-03-05Fix "tootctl media remove-orphans" crashing when encountering invalid media ↵Eugen Rochko
(#13170) Fixes #13168
2020-02-28Fix announcements with fully-qualified mention to local user crashing WebUI ↵ThibG
(#13164)
2020-02-03Fix remote convertible media attachments not being saved (#13032)Eugen Rochko
Because the file name was set after loading the file, Paperclip was flagging the differing file extension as content type spoofing Fix #12938
2020-02-01Search account domain in lowercase (#13016)abcang
* Search account domain in lowercase * fix rubocop error * fix spec/models/account_spec.rb
2020-01-27Add publish/unpublish controls to announcements in admin UI (#12967)Eugen Rochko
2020-01-26Fix expired announcements being re-published (#12964)Eugen Rochko
2020-01-26Add streaming API updates for announcements being modified or deleted (#12963)Eugen Rochko
Change `all_day` to be a visual client-side cue only Publish immediately if `scheduled_at` is in the past Add `published_at` and `updated_at` to announcements JSON
2020-01-25Fix user disabling changing activity timestamps, fix nil error (#12943)Eugen Rochko
2020-01-24Fix password change/reset not immediately invalidating other sessions (#12928)Eugen Rochko
While making browser requests in the other sessions after a password change or reset does not allow you to be logged in and correctly invalidates the session making the request, sessions have API tokens associated with them, which can still be used until that session is invalidated. This is a security issue for accounts that were already compromised some other way because it makes it harder to throw out the hijacker.
2020-01-24Fix relationships page not showing results in admin UI (#12934)Eugen Rochko
Follow-up to #12927
2020-01-23Add announcements (#12662)Eugen Rochko
* Add announcements Fix #11006 * Add reactions to announcements * Add admin UI for announcements * Add unit tests * Fix issues - Add `with_dismissed` param to announcements API - Fix end date not being formatted when time range is given - Fix announcement delete causing reactions to send streaming updates - Fix announcements container growing too wide and mascot too small - Fix `all_day` being settable when no time range is given - Change text "Update" to "Announcement" * Fix scheduler unpublishing announcements before they are due * Fix filter params not being passed to announcements filter
2020-01-23Fix media attachments without file being uploadable (#12562)Eugen Rochko
Fix #12554
2020-01-23Add “account timeline” filter category (#12918)ThibG
* Add “account timeline” filter category Previously, no filter category applied to account timelines. * Rename “Account timelines” into “Profiles”
2020-01-23Change followers page to relationships page in admin UI (#12927)Eugen Rochko
Allow browsing and filtering all relationships instead of just followers, unify the codebase with the user-facing relationship manager, add ability to see who the user invited
2020-01-20Fix not all of account's active IPs showing up in admin UI (#12909)Eugen Rochko
2020-01-20Fix search by IP not using alternative browser sessions in admin UI (#12904)Eugen Rochko
2020-01-20Various fixes and improvements (#12878)Eugen Rochko
* Fix unused role routes being generated * Remove unused JavaScript code * Refactor filters code to be DRYer * Fix `.count == 0` comparisons to `.empty?` in views * Fix filters in views
2020-01-13Fix file names being obfuscated on update when file didn't change (#12857)Eugen Rochko
Fix #12849
2020-01-11Remove dependency on OStatus2 gem (#12822)ThibG
2020-01-11Refactor StatusThreadingConcern (#9626)ysksn
* Remove #filter_from_context? * Create scope Status.with_accounts Retrieving AR objects should be their model's scope
2020-01-11improve status title (#8596)Alexander
* improve shown status title, useful for atom/rss * use single quotes to satisfy codeclimate * fix tests, make message more pretty * fix tests * fix codestyle * fix codestyle * remove atom_serializer_spec Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
2020-01-08Allow blocking TLDs, and fix TLD blocks not being editable (#12805)ThibG
Fixes #12795 It was already possible to create domain blocks for TLDs, but those weren't enforced, nor editable. This commit changes it so that they are enforced and editable.
2020-01-04Fix base64-encoded file uploads not being possible (#12748)Eugen Rochko
Fix #3804, Fix #5776
2019-12-30Fix IDN mentions not being processed, IDN domains not being rendered (#12715)Eugen Rochko
This changes the REST API to return unicode domains in the `acct` attribute instead of punycode, and to render unicode instead of punycode on public HTML pages as well. Fix #7812, fix #12246
2019-12-18Fix custom emoji category creation silently erroring out on duplicate ↵ThibG
category (#12647) Instead, just re-use the existing category if any. Fixes #12608
2019-12-17Fixes featured hashtag setting page erroring out instead of rejecting ↵ThibG
invalid tags (#12436) * Revert "Fix ignoring whole status because of one invalid hashtag (#11621)" This reverts commit dff46b260b2f7d765d254c84a4b89105c7de5e97. * Fix statuses being rejected because of invalid hashtag names * Add spec for invalid hashtag names in statuses * Add test for featured tags controller
2019-12-17Increase max backup size (#12602)scd31
* Increased max backup size * partially reverted schema.rb
2019-12-16Admin setting to disable default follows (#12566)Alice Gaudon
2019-12-08Add `tootctl media remove-orphans` (#12568)Eugen Rochko