| Age | Commit message (Collapse) | Author |
|---|
|
* Add recovery code support for two-factor auth
When users enable two-factor auth, the app now generates ten
single-use recovery codes. Users are encouraged to print the codes
and store them in a safe place.
The two-factor prompt during login now accepts both OTP codes and
recovery codes.
The two-factor settings UI allows users to regenerated lost
recovery codes. Users who have set up two-factor auth prior to
this feature being added can use it to generate recovery codes
for the first time.
Fixes #563 and fixes #987
* Set OTP_SECRET in test enviroment
* add missing .html to view file names
|
|
|
|
* Simplify admin/reports controller filtering for index
* Rename parameter to resolved
* Fix issue where reports view could not access filter_link_to
* Add coverage for admin/reports controller
* DRY up resolution of related reports for target account
* Clean up admin/reports routes
* Add Report#statuses method
* DRY up current account action taken params
* Rubocop styles
|
|
* Remove unused account_params method in admin/accounts controller
* Introduce AccountFilter to find accounts
* Use AccountFilter in admin/accounts controller
* Use more restful routes admin silence and suspension area
* Add admin/silences and admin/suspensions controllers
|
|
* Refactor Export to take an account and know about the export types
* Use Export instance in settings/exports#show
|
|
* Allow export of mutes list
* Allow importing of mutes list
* Refactor to use Settings::Exports::BaseController and DRY up exports code
|
|
* Add basic coverage for settings/exports controller
* Remove unused @account variable from settings/exports controller
* Add coverage for download export actions
* Remove deprecated `render :text` in favor of `send_data` for csv downloads
* Add model to handle exports
* Use Export class in settings/exports controller
* Simplify settings/exports controller methods
* Move settings/export to more restful routes
|
|
|
|
|
|
* When avatar/header are GIF, generate static versions.
Account API returns "avatar"/"avatar_static", "header"/"header_static"
Static version is the same as original for other cases
Web UI de-animates avatars in toots, lists of users
Fix #441, fix #596, prerequisite for #1064
* Fix JS test
* Add rake task to generate static avatars/headers from GIF ones, add test
|
|
* Add exclude_types param to /api/v1/notifications
* Exclude notification types in web UI through exclude_types in the API
|
|
* Consolidate webfinger string creation under Account#to_webfinger_s
* Introduce Account#local_username_and_domain for consolidation
|
|
|
|
* Clean up SQL output in Tag and Account search methods
* Add basic coverage for Tag.search_for
* Add coverage for Account.search_for
* Add coverage for Account.advanced_search_for
|
|
* Fix #795, fix #704, fix #835 - 2FA requires confirmation to be enabled
TOTP secret is not shown again after 2FA is enabled
* Clean up
|
|
Checking reblog vs original status was happening in multiple places
across the app. For views, this logic was encapsulated in a helper
method named `proper_status` but in the other layers of the app, the
logic was duplicated.
Because the logic is used at all layers of the app, we extracted it into
a `Status#proper` method on the model and changed all uses of the logic
to use this method. There is now a single source of truth for this
condition.
We added test coverage to untested methods that got refactored.
|
|
(#1124)
* Rewrite Atom generation from stream entries to use Ox instead of Nokogiri::Builder
StreamEntry is now limited to only statuses, which allows some optimization. Removed
extra queries on AccountsController#show. AtomSerializer instead of AtomBuilderHelper
used in AccountsController#show, StreamEntriesController#show, StreamEntryRenderer
and PubSubHubbub::DistributionWorker
PubSubHubbub::DistributionWorker moves n+1 DomainBlock query to PubSubHubbub::DeliveryWorker
instead.
All Salmon slaps that aren't based on StreamEntry still use AtomBuilderHelper and Nokogiri
* All Salmon slaps now use Ox instead of Nokogiri. No touch from status on account
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
index,
add ability to open status by URL from search (fix #53)
|
|
this merge is necessary,
|
|
|
|
Returns accounts, statuses, hashtags arrays
|
|
|
|
results
|
|
|
|
adjusted to allow choosing it, yet
|
|
|
|
|
|
(Because postgres can tell that count(*) needs no extra checks, but
counting a specific column requires them)
|
|
|
|
|
|
|
|
Fix anchor tags in some wikipedia URLs being matches as a hashtag
|
|
exclude_replies
Redirect /:username to /users/:username
Redirect /:username/:id to /users/:username/updates/:id
Updated API documentation and sponsors
|
|
before. In the API, attachments now can be either image, video or gifv. Gifv
is to be treated like images in terms of behaviour, but are videos by file
type.
|
|
|
|
|
|
|
|
Add ability to search accounts by display name
|
|
|
|
"whole known network" which is what public timeline used to be
Only domain blocks with suspend severity will block PuSH subscriptions
Silenced accounts should not appear in conversations unless followed
|
|
|
