about summary refs log tree commit diff
path: root/app/validators
AgeCommit message (Collapse)Author
2022-02-24Change e-mail domain blocks to block IPs dynamically (#17635)Eugen Rochko
* Change e-mail domain blocks to block IPs dynamically * Update app/workers/scheduler/email_domain_block_refresh_scheduler.rb Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh> * Update app/workers/scheduler/email_domain_block_refresh_scheduler.rb Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh> Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
2022-02-08Remove language detection through cld3 (#17478)Eugen Rochko
* Remove language detection through cld3 * Update app/helpers/languages_helper.rb Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh> Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
2022-01-17Add support for private pinned posts (#16954)Claire
* Add support for private pinned toots * Allow local user to pin private toots * Change wording to avoid "direct message"
2021-10-14Minor memory optimizations (#16507)Claire
Reduce constant memory usage by ~100kB and further reduce boot-up memory allocations and temporary memory use by a further ~200kB.
2021-07-10Add `configuration` attribute to `GET /api/v1/instance` (#16485)Eugen Rochko
List various values like file size limits and supported mime types
2021-05-04Fix existing username validator not allowing multiple accounts (#16153)Eugen Rochko
Fix #16107
2021-04-24Change auto-following admin-selected accounts, show in recommendations (#16078)Eugen Rochko
2021-04-17Add canonical e-mail blocks for suspended accounts (#16049)Eugen Rochko
Prevent new accounts from being created using the same underlying e-mail as a suspended account using extensions and period permutations. Stores e-mails as a SHA256 hash
2021-03-19Bypass MX validation for explicitly allowed domains (#15930)Claire
* Bypass MX validation for explicitly allowed domains This spares some lookups and prevent issues in some edge cases with local domains. * Add tests * Fix test
2021-03-19Prepare Mastodon for zeitwerk autoloader (#15917)Claire
* Prepare Mastodon for zeitwerk autoloader (Rails 6) Add inflections and rename/move a few classes. In particular, app/lib/exceptions.rb and app/lib/sanitize_config.rb were manually loaded while still in autoload paths. * Add inflection for Url → URL
2021-03-04Fix URL scanning in note length validator and preview card fetching (#15827)Claire
* Add tests * Fix URL scanning in note length validator and preview card fetching
2021-03-02Update twitter-text from 1.14 to 3.1.0 and fix toot character counting (#15382)Claire
* Update twitter-text from 1.14 to 3.1.0 * Disable emoji parsing * Properly depend on twitter-text for url detection * Fix some URLs being wrongly detected client-side * Add test for server-side validation of non-autolinkable URLs * Fix server-side status length counting
2021-03-01Add `details` to error response for `POST /api/v1/accounts` in REST API (#15803)Eugen Rochko
2021-01-22Optimize some regex matching (#15528)luigi
* Use Regex#match? * Replace =~ too * Avoid to call match? from Nil * Keep value of Regexp.last_match
2021-01-10Optimize map { ... }.compact calls (#15513)luigi
* Optimize map { ... }.compact using Enumerable#filter_map, supported since Ruby 2.7 * Add poyfill for Enumerable#filter_map
2020-12-18Fix follow limit preventing re-following of a moved account (#14207)Eugen Rochko
2020-12-10Add honeypot fields and minimum fill-out time for sign-up form (#15276)ThibG
* Add honeypot fields to limit non-specialized spam Add two honeypot fields: a fake website input and a fake password confirmation one. The label/placeholder/aria-label tells not to fill them, and they are hidden in CSS, so legitimate users should not fall into these. This should cut down on some non-Mastodon-specific spambots. * Require a 3 seconds delay before submitting the registration form * Fix tests * Move registration form time check to model validation * Give people a chance to clear the honeypot fields * Refactor honeypot translation strings Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2020-08-12Improve email address validation (#14565)ThibG
* Increase DNS timeout from 1 second to 5 seconds for MX check 1 seconds is rather short when using a recursive DNS resolver which hasn't got a cached result already available. Use 5 seconds instead, which is the timeout value we use for outgoing HTTP queries. * Add more precise error messages for invalid e-mail addresses
2020-06-02Add E2EE API (#13820)Eugen Rochko
2020-04-02Improve polls: option lengths & redesign (#13257)Sasha Sorokin
This commit redesign the polls and increases characters limit for the options from 25 to 50 characters, giving pollsters more freedom. Summarizing, the redesign is making the polls more adaptive for upcoming changes to the options characters limit: the bar, or a "chart", is now displayed separately from the option itself; vote check mark is moved next to the option text, making the percentages take less space. Option lengths are taken into account and text is wrapped to multiple lines if necessary to avoid overflow.
2020-02-01Search account domain in lowercase (#13016)abcang
* Search account domain in lowercase * fix rubocop error * fix spec/models/account_spec.rb
2020-01-25Fix validations of reactions limit (#12955)Eugen Rochko
2020-01-25Add limit of 8 different reaction types per announcement (#12950)Eugen Rochko
2020-01-23Add announcements (#12662)Eugen Rochko
* Add announcements Fix #11006 * Add reactions to announcements * Add admin UI for announcements * Add unit tests * Fix issues - Add `with_dismissed` param to announcements API - Fix end date not being formatted when time range is given - Fix announcement delete causing reactions to send streaming updates - Fix announcements container growing too wide and mascot too small - Fix `all_day` being settable when no time range is given - Change text "Update" to "Announcement" * Fix scheduler unpublishing announcements before they are due * Fix filter params not being passed to announcements filter
2020-01-12Fix invalid votes from the API being accepted (#12601)ThibG
* Fix invalid votes from the API being accepted Fixes #12556 - Ensure `choice` is an integer instead of silently converting to 0 - Ensure `choice` corresponds to an actual choice of the poll * Please CodeClimate
2019-08-30Fix uncaught domain normalization error in remote follow (#11703)Eugen Rochko
2019-08-30Fix encoding error when checking e-mail MX records (#11696)Eugen Rochko
2019-08-08Fix crash when saving invalid domain name (#11528)Eugen Rochko
Fix #7629
2019-08-05Change admin UI for hashtags and add back whitelisted trends (#11490)Eugen Rochko
Fix #271 Add back the `GET /api/v1/trends` API with the caveat that it does not return tags that have not been allowed to trend by the staff. When a hashtag begins to trend (internally) and that hashtag has not been previously reviewed by the staff, the staff is notified. The new admin UI for hashtags allows filtering hashtags by where they are used (e.g. in the profile directory), whether they have been reviewed or are pending reviewal, they show by how many people the hashtag is used in the directory, how many people used it today, how many statuses with it have been created today, and it allows fixing the name of the hashtag to make it more readable. The disallowed hashtags feature has been reworked. It is now controlled from the admin UI for hashtags instead of from the file `config/settings.yml`
2019-07-24 Don't delete periods when validating username uniqueness (#11392) (#11400)Rey Tucker
* Check to make sure usernames with '.' cannot be created * Add test for instance actor account name conflicts This makes sure that migration 20190715164535_add_instance_actor won't fail if there's already an account that is named the same as the domain (minus the .) * Put the test into the correct context... * Add another test to split this into two validations * Don't delete periods when validating username uniqueness (#11392) The 20190715164535_add_instance_actor migration fails if there's already a username similar to the domain name, e.g. if you are 'vulpine.club' and have a user named 'vulpineclub', validation fails. Upon further review, usernames with periods are dropped by the regular expression in the Account class, so we don't need to worry about it here. Fixes #11392
2019-05-19Fix “invited by” not showing up for invited accounts in admin interface ↵ThibG
(#10791)
2019-05-03Change e-mail whitelist/blacklist to not be checked when invited (#10683)Eugen Rochko
* Change e-mail whitelist/blacklist to not be checked when invited And only when creating an account, not when updating it later Fix #10648 * Fix test
2019-04-10Change HTML validator to ignore all errors except unmatched tags (#10534)Eugen Rochko
2019-04-09Allow set the voting period to just 5 minutes (#10525)Hinaloe
* Add spec of PollValidator for #10190 * Raise fraction less than 1 second * format * simplify time initialize
2019-04-06Fix admin validation being too strict about usernames (#10449)Eugen Rochko
* Fix admin validation being too strict about usernames Fix #10446 * Strip Setting.site_contact_username consistently throughout the codebase
2019-03-26Fix HTML validation (#10354)ThibG
* Fix HTML validation * Report first HTML error instead on validation error
2019-03-23Add validations to admin settings (#10348)Eugen Rochko
* Add validations to admin settings - Validate correct HTML markup - Validate presence of contact username & e-mail - Validate that all usernames are valid - Validate that enums have expected values * Fix code style issue * Fix tests
2019-03-06Fix poll validation issues (#10186)Eugen Rochko
- Fix missing interpolation argument in PollValidator - Fix PollValidator rejecting exact allowed min/max durations
2019-03-04Widen allowed time windows for polls (#10162)ThibG
2019-03-03Fix vote validation for polls with multiple choices (#10138)Eugen Rochko
2019-03-03Add polls (#10111)Eugen Rochko
* Add polls Fix #1629 * Add tests * Fixes * Change API for creating polls * Use name instead of content for votes * Remove poll validation for remote polls * Add polls to public pages * When updating the poll, update options just in case they were changed * Fix public pages showing both poll and other media
2019-02-12Add support for IPv6 only MXes in Email validation (#10009)Franck Zoccolo
* Add support for IPv6 only MXes * Fixed email validator tests
2019-01-05Change note length validation to ignore mention domains and URLs (#9717)Eugen Rochko
Fix #4419
2019-01-03Add specs for UnreservedUsernameValidator (#9698)ysksn
* Add specs for UnreservedUsernameValidator * Use instance variable
2018-12-29Add specs for BlackListedEmailValidator (#9651)ysksn
* Add specs for BlackListedEmailValidator * Use instance variable
2018-12-29Add specs for DisallowedHashtagsValidator (#9653)ysksn
In order to implement tests easier, `#select_tags` created.
2018-12-28Add pending specs for StatusLengthValidator (#9647)ysksn
* Add pending specs of StatusLengthValidator * Use instance variable
2018-12-10Improve e-mail MX validator and add tests (#9489)Eugen Rochko
2018-11-08Fix follow limit validator reporting lower number past threshold (#9230)Eugen Rochko
* Fix follow limit validator reporting lower number past threshold * Avoid floating point follow limit
2018-10-04Limit the number of people that can be followed from one account (#8807)Eugen Rochko
Configurable soft limit of 7,500, and above that, configurable ratio of 1.1 * followers, controlled by: - MAX_FOLLOWS_THRESHOLD - MAX_FOLLOWS_RATIO Fix #2311