Age | Commit message (Collapse) | Author |
|
* Prevent selection of unacceptable Content-Type files
* replace hard code
* media_attachments accept content-types in initial state
|
|
* add haml_lint to Gemfile
* add .haml-lint.yml
* fix warnings of haml_lint
|
|
|
|
* Naive approached to timeline filtering
* Convert allowed_languages into a db column
* Allow users to choose languages to see statuses in
* Style list items as two columns
* Add a hint to explain language filtering preference
|
|
* Make private toots get PuSHed to subscription URLs that belong to domains where you have approved followers
* Authorized followers controller, stub for bulk action
* Soft block in the background
* Add simple test for new controller
* Rename Settings::FollowersController to Settings::FollowerDomainsController, paginate results,
rename "private" post setting to "followers-only", fix pagination style, improve post privacy
preferences style, improve warning style
* Extract compose form warnings into own container, show warning when posting to followers-only with unlocked account
|
|
* Add spec coverage for settings/two_factor_auth area
* extract setup method for qr code
* Move otp required check to before action
* Merge method only used once
* Remove duplicate view
* Consolidate creation of @codes for backup
* Move settings/2fq#recovery_codes to settings/recovery_codes#create
* Rename settings/two_factor_auth#disable to #destroy
* Add coverage for the otp required path on 2fa#show
* Clean up the recovery codes list styles
* Move settings/two_factor_auth to settings/two_factor_authentication
* Reorganize the settings two factor auth area
Updated to use a flow like:
- settings/two_factor_authentication goes to a #show view which has a button
either enable or disable 2fa on the account
- the disable button turns off the otp requirement for the user
- the enable button cycles the user secret and redirects to a confirmation page
- the confirmation page is a #new view which shows the QR code for user
- that page posts to #create which verifies the code, and creates the recovery
codes
- that create action shares a view with a recovery codes controller which can be
used separately to reset codes if needed
|
|
|
|
* Add missing fields group on preferences page
* Clean up settings/preferences controller
* Extract a UserSettingsDecorator
|
|
* Simplify render in mailer views
* Simplify render in about/more view
* Simplify render in accounts follow views
* Simplify render in recovery code views
* Simplify render in stream entry embed
* Simplify render in stream entries status partial
* Simplify render in authorize follow new view
|
|
|
|
This introduces a new per-user preference called
"Auto-play animated GIFs", which is enabled by default. When a
user disables this setting, gifs in toots become click-to-play.
Previews of animated gifs were changed to display the video play
button so that users can distinguish them from regular images.
This setting also affects account avatars in the detailed account
view, which was changed to use the same hover-to-play mechanism
that is used for animated avatars in timelines.
Fixes #1652
|
|
* Remove overflow because it blocks scrolling on mobile safari.
* Add “-webkit-overflow-scrolling: touch;” to enable smooth scroll on mobile safari and other webkit browsers.
* Use radio buttons in user setting page.
Because select tags with long text are not fit in the width of mobile devices.
* Add flex property to fit labels to devise width.
* Change font size of select.
It causes auto zooming on mobile safari.
|
|
* Use local vars in accounts/header partial
* Use local variable in 2fa recovery codes partial
|
|
|
|
* Add recovery code support for two-factor auth
When users enable two-factor auth, the app now generates ten
single-use recovery codes. Users are encouraged to print the codes
and store them in a safe place.
The two-factor prompt during login now accepts both OTP codes and
recovery codes.
The two-factor settings UI allows users to regenerated lost
recovery codes. Users who have set up two-factor auth prior to
this feature being added can use it to generate recovery codes
for the first time.
Fixes #563 and fixes #987
* Set OTP_SECRET in test enviroment
* add missing .html to view file names
|
|
* Refactor Export to take an account and know about the export types
* Use Export instance in settings/exports#show
|
|
* Allow export of mutes list
* Allow importing of mutes list
* Refactor to use Settings::Exports::BaseController and DRY up exports code
|
|
* Add basic coverage for settings/exports controller
* Remove unused @account variable from settings/exports controller
* Add coverage for download export actions
* Remove deprecated `render :text` in favor of `send_data` for csv downloads
* Add model to handle exports
* Use Export class in settings/exports controller
* Simplify settings/exports controller methods
* Move settings/export to more restful routes
|
|
|
|
* Fix #795, fix #704, fix #835 - 2FA requires confirmation to be enabled
TOTP secret is not shown again after 2FA is enabled
* Clean up
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Add ability to search accounts by display name
|
|
|
|
to only those from local users; Add link to "extended information" to
getting started in the UI; Add defaults for posting privacy; Change
how publish button looks depending on posting privacy chosen
|
|
settings forms
|
|
|
|
|
|
global settings
with YAML-defined defaults. Add admin page for editing global settings. Add "site_description"
setting that would show as a paragraph on the frontpage
|
|
|
|
|
|
|
|
Reflect "requested" relationship in API and UI
Reflect inability of private posts to be reblogged in the UI
Disable Webfinger for locked accounts
|
|
force-unfollow blocked users
|
|
Fix #233, fix #268
|
|
don't follow you
|
|
public timeline
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|