about summary refs log tree commit diff
path: root/app/validators
AgeCommit message (Collapse)Author
2021-03-04Fix URL scanning in note length validator and preview card fetching (#15827)Claire
* Add tests * Fix URL scanning in note length validator and preview card fetching
2021-03-02Update twitter-text from 1.14 to 3.1.0 and fix toot character counting (#15382)Claire
* Update twitter-text from 1.14 to 3.1.0 * Disable emoji parsing * Properly depend on twitter-text for url detection * Fix some URLs being wrongly detected client-side * Add test for server-side validation of non-autolinkable URLs * Fix server-side status length counting
2021-03-01Add `details` to error response for `POST /api/v1/accounts` in REST API (#15803)Eugen Rochko
2021-01-22Optimize some regex matching (#15528)luigi
* Use Regex#match? * Replace =~ too * Avoid to call match? from Nil * Keep value of Regexp.last_match
2021-01-10Optimize map { ... }.compact calls (#15513)luigi
* Optimize map { ... }.compact using Enumerable#filter_map, supported since Ruby 2.7 * Add poyfill for Enumerable#filter_map
2020-12-18Fix follow limit preventing re-following of a moved account (#14207)Eugen Rochko
2020-12-10Add honeypot fields and minimum fill-out time for sign-up form (#15276)ThibG
* Add honeypot fields to limit non-specialized spam Add two honeypot fields: a fake website input and a fake password confirmation one. The label/placeholder/aria-label tells not to fill them, and they are hidden in CSS, so legitimate users should not fall into these. This should cut down on some non-Mastodon-specific spambots. * Require a 3 seconds delay before submitting the registration form * Fix tests * Move registration form time check to model validation * Give people a chance to clear the honeypot fields * Refactor honeypot translation strings Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2020-08-12Improve email address validation (#14565)ThibG
* Increase DNS timeout from 1 second to 5 seconds for MX check 1 seconds is rather short when using a recursive DNS resolver which hasn't got a cached result already available. Use 5 seconds instead, which is the timeout value we use for outgoing HTTP queries. * Add more precise error messages for invalid e-mail addresses
2020-06-02Add E2EE API (#13820)Eugen Rochko
2020-04-02Improve polls: option lengths & redesign (#13257)Sasha Sorokin
This commit redesign the polls and increases characters limit for the options from 25 to 50 characters, giving pollsters more freedom. Summarizing, the redesign is making the polls more adaptive for upcoming changes to the options characters limit: the bar, or a "chart", is now displayed separately from the option itself; vote check mark is moved next to the option text, making the percentages take less space. Option lengths are taken into account and text is wrapped to multiple lines if necessary to avoid overflow.
2020-02-01Search account domain in lowercase (#13016)abcang
* Search account domain in lowercase * fix rubocop error * fix spec/models/account_spec.rb
2020-01-25Fix validations of reactions limit (#12955)Eugen Rochko
2020-01-25Add limit of 8 different reaction types per announcement (#12950)Eugen Rochko
2020-01-23Add announcements (#12662)Eugen Rochko
* Add announcements Fix #11006 * Add reactions to announcements * Add admin UI for announcements * Add unit tests * Fix issues - Add `with_dismissed` param to announcements API - Fix end date not being formatted when time range is given - Fix announcement delete causing reactions to send streaming updates - Fix announcements container growing too wide and mascot too small - Fix `all_day` being settable when no time range is given - Change text "Update" to "Announcement" * Fix scheduler unpublishing announcements before they are due * Fix filter params not being passed to announcements filter
2020-01-12Fix invalid votes from the API being accepted (#12601)ThibG
* Fix invalid votes from the API being accepted Fixes #12556 - Ensure `choice` is an integer instead of silently converting to 0 - Ensure `choice` corresponds to an actual choice of the poll * Please CodeClimate
2019-08-30Fix uncaught domain normalization error in remote follow (#11703)Eugen Rochko
2019-08-30Fix encoding error when checking e-mail MX records (#11696)Eugen Rochko
2019-08-08Fix crash when saving invalid domain name (#11528)Eugen Rochko
Fix #7629
2019-08-05Change admin UI for hashtags and add back whitelisted trends (#11490)Eugen Rochko
Fix #271 Add back the `GET /api/v1/trends` API with the caveat that it does not return tags that have not been allowed to trend by the staff. When a hashtag begins to trend (internally) and that hashtag has not been previously reviewed by the staff, the staff is notified. The new admin UI for hashtags allows filtering hashtags by where they are used (e.g. in the profile directory), whether they have been reviewed or are pending reviewal, they show by how many people the hashtag is used in the directory, how many people used it today, how many statuses with it have been created today, and it allows fixing the name of the hashtag to make it more readable. The disallowed hashtags feature has been reworked. It is now controlled from the admin UI for hashtags instead of from the file `config/settings.yml`
2019-07-24 Don't delete periods when validating username uniqueness (#11392) (#11400)Rey Tucker
* Check to make sure usernames with '.' cannot be created * Add test for instance actor account name conflicts This makes sure that migration 20190715164535_add_instance_actor won't fail if there's already an account that is named the same as the domain (minus the .) * Put the test into the correct context... * Add another test to split this into two validations * Don't delete periods when validating username uniqueness (#11392) The 20190715164535_add_instance_actor migration fails if there's already a username similar to the domain name, e.g. if you are 'vulpine.club' and have a user named 'vulpineclub', validation fails. Upon further review, usernames with periods are dropped by the regular expression in the Account class, so we don't need to worry about it here. Fixes #11392
2019-05-19Fix “invited by” not showing up for invited accounts in admin interface ↵ThibG
(#10791)
2019-05-03Change e-mail whitelist/blacklist to not be checked when invited (#10683)Eugen Rochko
* Change e-mail whitelist/blacklist to not be checked when invited And only when creating an account, not when updating it later Fix #10648 * Fix test
2019-04-10Change HTML validator to ignore all errors except unmatched tags (#10534)Eugen Rochko
2019-04-09Allow set the voting period to just 5 minutes (#10525)Hinaloe
* Add spec of PollValidator for #10190 * Raise fraction less than 1 second * format * simplify time initialize
2019-04-06Fix admin validation being too strict about usernames (#10449)Eugen Rochko
* Fix admin validation being too strict about usernames Fix #10446 * Strip Setting.site_contact_username consistently throughout the codebase
2019-03-26Fix HTML validation (#10354)ThibG
* Fix HTML validation * Report first HTML error instead on validation error
2019-03-23Add validations to admin settings (#10348)Eugen Rochko
* Add validations to admin settings - Validate correct HTML markup - Validate presence of contact username & e-mail - Validate that all usernames are valid - Validate that enums have expected values * Fix code style issue * Fix tests
2019-03-06Fix poll validation issues (#10186)Eugen Rochko
- Fix missing interpolation argument in PollValidator - Fix PollValidator rejecting exact allowed min/max durations
2019-03-04Widen allowed time windows for polls (#10162)ThibG
2019-03-03Fix vote validation for polls with multiple choices (#10138)Eugen Rochko
2019-03-03Add polls (#10111)Eugen Rochko
* Add polls Fix #1629 * Add tests * Fixes * Change API for creating polls * Use name instead of content for votes * Remove poll validation for remote polls * Add polls to public pages * When updating the poll, update options just in case they were changed * Fix public pages showing both poll and other media
2019-02-12Add support for IPv6 only MXes in Email validation (#10009)Franck Zoccolo
* Add support for IPv6 only MXes * Fixed email validator tests
2019-01-05Change note length validation to ignore mention domains and URLs (#9717)Eugen Rochko
Fix #4419
2019-01-03Add specs for UnreservedUsernameValidator (#9698)ysksn
* Add specs for UnreservedUsernameValidator * Use instance variable
2018-12-29Add specs for BlackListedEmailValidator (#9651)ysksn
* Add specs for BlackListedEmailValidator * Use instance variable
2018-12-29Add specs for DisallowedHashtagsValidator (#9653)ysksn
In order to implement tests easier, `#select_tags` created.
2018-12-28Add pending specs for StatusLengthValidator (#9647)ysksn
* Add pending specs of StatusLengthValidator * Use instance variable
2018-12-10Improve e-mail MX validator and add tests (#9489)Eugen Rochko
2018-11-08Fix follow limit validator reporting lower number past threshold (#9230)Eugen Rochko
* Fix follow limit validator reporting lower number past threshold * Avoid floating point follow limit
2018-10-04Limit the number of people that can be followed from one account (#8807)Eugen Rochko
Configurable soft limit of 7,500, and above that, configurable ratio of 1.1 * followers, controlled by: - MAX_FOLLOWS_THRESHOLD - MAX_FOLLOWS_RATIO Fix #2311
2018-07-26Call address instead of exchange (#8076)abcang
2018-07-05In e-mail validator, fallback from MX to A record (#7955)Eugen Rochko
Fix #7831
2018-05-28fix: Don't validate MX record in development (#7654)takayamaki
2018-05-27Validate that e-mail resolves with MX and it's not blacklisted (#7631)Eugen Rochko
Original patch by @j-a4
2018-04-23Implement the ability for instances to define a list of disallowed hashtags ↵Emelia Smith
(#7176) The goal here isn't to prevent these hashtags from existing, but just to strongly curtail their usage; The hashtags may still exist in the database via federated status, or from being created prior to this feature.
2018-04-12Allow more than the max pins if account is not local (#7105)Renato "Lond" Cerqueira
Sidekiq sometimes throws errors for users that have more pinned items than the allowed by the local instance. It should only validate the number of pins for local accounts.
2018-03-27Fix UniqueUsernameValidator comparison (#6926)Eugen Rochko
Comparison was downcasing only one side, therefore if previously existing account had a non-lowercase spelling, it would be ignored when checking for duplicates. New rake task `mastodon:maintenance:find_duplicate_usernames` will help find constraint violations that might have occured from the presence of this bug. Bump version to 2.3.3
2018-03-21Permit dots in usernames with conditions (#6844)Eugen Rochko
* Permit dots in usernames with conditions - Dot cannot be the start or end of username - a.lice and al.ice are considered the same during sign-up * Fix regex mixin flags
2018-02-04Validation of count works even when text of status is nil (#6429)abcang
2018-02-02pam authentication (#5303)Alexander
* add pam support, without extra column * bugfixes for pam login * document options * fix code style * fix codestyle * fix tests * don't call remember_me without password * fix codestyle * improve checks for pam usage (should fix tests) * fix remember_me part 1 * add remember_token column because :rememberable requires either a password or this column. * migrate db for remember_token * move pam_authentication to the right place, fix logic bug in edit.html.haml * fix tests * fix pam authentication, improve username lookup, add comment * valid? is sometimes not honored, return nil instead trying to authenticate with pam * update devise_pam_authenticatable2 and adjust code. Fixes sideeffects observed in tests * update devise_pam_authenticatable gem, fixes for codeconventions, fix finding user * codeconvention fixes * code convention fixes * fix idention * update dependency, explicit conflict check * fix disabled password updates if in pam mode * fix check password if password is present, fix templates * block registration if account is maintained by pam * Revert "block registration if account is maintained by pam" This reverts commit 8e7a083d650240b6fac414926744b4b90b435f20. * fix identation error introduced by rebase * block usernames maintained by pam * document pam settings better * fix code style