about summary refs log tree commit diff
path: root/app
AgeCommit message (Collapse)Author
2021-08-25Fix authentication failures after going halfway through a sign-in attempt ↵Claire
(#16607) * Add tests * Add security-related tests My first (unpublished) attempt at fixing the issues introduced (extremely hard-to-exploit) security vulnerabilities, addressing them in a test. * Fix authentication failures after going halfway through a sign-in attempt * Refactor `authenticate_with_sign_in_token` and `authenticate_with_two_factor` to make the two authentication steps more obvious
2021-08-25Fix follow request count to dynamically update (#16652)matildepark
2021-08-25Fix undefined variable for Auth::OmniauthCallbacksController (#16654)Daniel
The addition of authentication history broke the omniauth login with the following error: method=GET path=/auth/auth/cas/callback format=html controller=Auth::OmniauthCallbacksController action=cas status=500 error='NameError: undefined local variable or method `user' for #<Auth::OmniauthCallbacksController:0x00000000036290> Did you mean? @user' duration=435.93 view=0.00 db=36.19 * app/controllers/auth/omniauth_callbacks_controller.rb: fix variable name to `@user`
2021-08-20Fix “discoverable” account setting being tied to profile directory (#16637)Claire
2021-08-20Fix remotely-suspended accounts' toots being merged back into timelines (#16628)Claire
* Fix remotely-suspended accounts' toots being merged back into timelines * Mark remotely-deleted accounts as remotely suspended
2021-08-20Fix #16603 (#16605)Holger
Fix issue #16603 undefined method `serialize_payload' for Unsuspend Account Service error. It seems that this service forgot to `include Payloadable` so that `serialize_payload` could not be found in this service.
2021-08-11Fix crash if a notification contains an unprocessed media attachment (#16573)Claire
* Refactor AttachmentList * Do not crash if a notification contains an unprocessed media attachment Fixes #16530 * Fix spacing in compact form
2021-08-11Fix download button color in audio player (#16572)Claire
Fixes #16571
2021-08-11Fix followers synchronization mechanism not working when URI has empty path ↵Claire
(#16510) * Fix followers synchronization mechanism not working when URI has empty path To my knowledge, there is no current implementation on the fediverse that can use bare domains (e.g., actor is at https://example.org instead of something like https://example.org/actor) that also plans to support the followers synchronization mechanism. However, Mastodon's current implementation would exclude such accounts from followers list. Also adds tests and rename them to reflect the proper method names. * Move url prefix regexp to its own constant
2021-08-11Fix crash when encountering invalid account fields (#16598)Claire
* Add test * Fix crash when encountering invalid account fields
2021-08-09Add feature to automatically delete old toots (#16529)Claire
* Add account statuses cleanup policy model * Record last inspected toot to delete to speed up successive calls to statuses_to_delete * Add service to cleanup a given account's statuses within a budget * Add worker to go through account policies and delete old toots * Fix last inspected status id logic All existing statuses older or equal to last inspected status id must be kept by the current policy. This is an invariant that must be kept so that resuming deletion from the last inspected status remains sound. * Add tests * Refactor scheduler and add tests * Add user interface * Add support for discriminating based on boosts/favs * Add UI support for min_reblogs and min_favs, rework UI * Address first round of review comments * Replace Snowflake#id_at_start with with_random parameter * Add tests * Add tests for StatusesCleanupController * Rework settings page * Adjust load-avoiding mechanisms * Please CodeClimate
2021-08-09Fix invalid blurhash handling in Create activity (#16583)Takeshi Umeda
2021-08-08Fix when MoveWorker cannot get locale from remote account (#16576)Takeshi Umeda
2021-08-08Fix owned account notes not being deleted when an account is deleted (#16579)Claire
* Add account_notes relationship * Add tests * Fix owned account notes not being deleted when an account is deleted * Add post-migration to clean up orphaned account notes
2021-08-06Fix logout link not working in safari (#16574)Takeshi Umeda
2021-08-05Fix trends layout (#16570)Jeong Arm
2021-07-25Add confirmation modal when closing media edit modal with unsaved changes ↵Claire
(#16518) * Add confirmation modal when closing media edit modal with unsaved changes * Move focal point media state to redux so it does not get erased by confirmation dialog * Change upload modal behavior to keep it open while saving changes Instead of closing it immediately and losing changes if they fail to save… * Make it work with react-intl 2.9
2021-07-25Fix “open” link of media modal not closing modal (#16524)Claire
2021-07-24Fix scoped order warning in RemoveStatusService (#16531)Claire
Fixes “Scoped order is ignored, it's forced to be batch order.”
2021-07-23Fix crashes with Microsoft Translate on Microsoft Edge (#16525)Claire
Fixes #16509 Microsoft Edge with translation enabled rewrites the DOM in ways that confuse react and prevent it from working properly. Wrapping the offending parts in a span avoids this issue.
2021-07-21Add logging of S3-related errors (#16381)Claire
2021-07-17Fix replying from modal (#16516)Claire
Fixes #16515 Not using a router object somehow made `this.history` lag behind the real browser history whenever pushing a new history item in `replyCompose`. Not using the context-provided router in this case was an oversight made when porting glitch-soc changes in #16499.
2021-07-15Fix inefficiencies in auto-linking code (#16506)Claire
The auto-linking code basically rewrote the whole string escaping non-ascii characters in an inefficient way, and building a full character offset map between the unescaped and escaped texts before sending the contents to TwitterText's extractor. Instead of doing that, this commit changes the TwitterText regexps to include valid IRI characters in addition to valid URI characters.
2021-07-14Fix minor code quality issues (#16502)Claire
2021-07-14Fix user email address being banned on self-deletion (#16503)Claire
* Add tests * Fix user email address being banned on self-deletion Fixes #16498
2021-07-13Change references to tootsuite/mastodon to mastodon/mastodon (#16491)Claire
* Change references to tootsuite/mastodon to mastodon/mastodon * Remove obsolete test fixture * Replace occurrences of tootsuite/mastodon with mastodon/mastodon in CHANGELOG And a few other places
2021-07-13Improve modal flow and back button handling (#16499)Claire
* Refactor shouldUpdateScroll passing So far, shouldUpdateScroll has been manually passed down from the very top of the React component hierarchy even though it is a static function common to all ScrollContainer instances, so replaced that with a custom class extending ScrollContainer. * Generalize “press back to close modal” to any modal and to public pages * Fix boost confirmation modal closing media modal
2021-07-11Add ability to filter reports by origin of target account (#16487)Eugen Rochko
2021-07-10Add `configuration` attribute to `GET /api/v1/instance` (#16485)Eugen Rochko
List various values like file size limits and supported mime types
2021-07-08Add ability to skip sign-in token authentication for specific users (#16427)Eugen Rochko
Remove "active within last two weeks" exception for sign in token requirement Change admin reset password to lock access until the password is reset
2021-07-07Fix upgrade path from 3.4.0 (#16465)Claire
3.4.1 dropped account_stats.lock_version, but in a way breaking the usual upgrade path by requiring services to be reloaded after the post-migrations. Indeed, `self.locking_column = nil` was not enough for Rails to ignore the `lock_version` column when preparing statements on application load, resulting in some ActiveRecord queries (typically those involving `includes(:account_stat)`) erroring out with: ActiveRecord::StatementInvalid (PG::UndefinedColumn: ERROR: column account_stats.lock_version does not exist
2021-07-07Change number_to_human calls to always use 3-digits precision (#16469)Claire
Fixes #16435
2021-07-05Fix pop-in player display when poster has long username or handle (#16468)Claire
2021-07-03Fix anonymous access to outbox not being cached by the reverse proxy (#16458)Claire
* Fix anonymous access to outbox not being cached by the reverse proxy Up until now, anonymous access to outbox was marked as public, but with a 0 duration for caching, which means remote proxies would only serve from cache when the server was completely overwhelmed. Changed that cache duration to one minute, so that repeated anonymous access to one account's outbox can be appropriately cached. Also added `Signature` to the `Vary` header in case a page is requested, so that authenticated fetches are never served from cache (which only contains public toots). * Remove Vary: Accept header from webfinger controller Indeed, we have stopped returning xrd, and only ever return jrd, so the Accept request header does not matter anymore. * Cache negative webfinger hits for 3 minutes
2021-07-02Fix not being able to suspend accounts that already have a canonical e-mail ↵Eugen Rochko
block (#16455)
2021-06-27Fix #16407 (#16432)David Sterry
2021-06-25Fix styling of boost button in media modal not reflecting ability to boost ↵Claire
(#16387)
2021-06-25Fix WebUI crash when a toot with a playing video gets deleted (#16384)Claire
* Fix WebUI crash when a toot with a playing video gets deleted * Fix pop-up player not closing the moment a status is deleted
2021-06-23Fix newlines in accout notes added by the Move handler (#16415)Claire
* Fix newlines in account notes added by the move handler * Make MoveWorker more robust
2021-06-23Add full user agent in tooltips for login activities (#16428)Claire
Also adds timestamp in HTML itself to not rely on javascript
2021-06-21Fix serialization of followers/following counts when user hides their ↵Claire
network (#16418) * Add tests * Fix serialization of followers/following counts when user hides their network Fixes #16382 Signed-off-by: Claire <claire.github-309c@sitedethib.com>
2021-06-21Add authentication history (#16408)Eugen Rochko
2021-06-15Fix OCR failure when erroneous lang data is in cache (#16386)Claire
Fixes #15472 If the Tesseract worker fails at any point, re-try with cache settings that overwrite the cache. It is difficult to catch more precise errors as those are pretty opaque and do not occur when loading lang data but when trying to detect text.
2021-06-03Update emoji codepoint mappings to v13.1 (#16352)Claire
2021-06-02New Crowdin updates (#16288)Eugen Rochko
* New translations en.yml (Galician) [ci skip] * New translations activerecord.en.yml (Galician) [ci skip] * New translations en.yml (Japanese) [ci skip] * New translations simple_form.en.yml (Chinese Traditional) [ci skip] * New translations en.yml (Swedish) [ci skip] * New translations en.yml (Swedish) [ci skip] * New translations en.yml (Swedish) [ci skip] * New translations en.yml (Swedish) [ci skip] * New translations en.yml (Swedish) [ci skip] * New translations en.yml (Swedish) [ci skip] * New translations en.yml (Swedish) [ci skip] * New translations devise.en.yml (Swedish) [ci skip] * New translations doorkeeper.en.yml (Swedish) [ci skip] * New translations en.json (Dutch) [ci skip] * New translations en.json (Dutch) [ci skip] * New translations en.yml (Dutch) [ci skip] * New translations simple_form.en.yml (Dutch) [ci skip] * New translations activerecord.en.yml (Dutch) [ci skip] * New translations doorkeeper.en.yml (Dutch) [ci skip] * New translations en.json (Swedish) [ci skip] * New translations en.yml (Swedish) [ci skip] * New translations en.yml (Swedish) [ci skip] * New translations en.json (Swedish) [ci skip] * New translations en.json (Swedish) [ci skip] * New translations en.json (Swedish) [ci skip] * New translations en.json (Chinese Simplified) [ci skip] * New translations en.yml (Japanese) [ci skip] * New translations simple_form.en.yml (French) [ci skip] * New translations en.yml (French) [ci skip] * New translations en.yml (Romanian) [ci skip] * New translations en.yml (Norwegian Nynorsk) [ci skip] * New translations en.yml (Welsh) [ci skip] * New translations en.yml (Telugu) [ci skip] * New translations en.yml (Malay) [ci skip] * New translations en.yml (Hindi) [ci skip] * New translations en.yml (Latvian) [ci skip] * New translations en.yml (Estonian) [ci skip] * New translations en.yml (Kazakh) [ci skip] * New translations en.yml (Croatian) [ci skip] * New translations en.yml (Uyghur) [ci skip] * New translations en.yml (Thai) [ci skip] * New translations en.yml (Marathi) [ci skip] * New translations en.yml (Bengali) [ci skip] * New translations en.yml (Spanish, Mexico) [ci skip] * New translations en.yml (Spanish, Argentina) [ci skip] * New translations en.yml (Tamil) [ci skip] * New translations en.yml (Persian) [ci skip] * New translations en.yml (Esperanto) [ci skip] * New translations en.yml (Chinese Traditional, Hong Kong) [ci skip] * New translations en.yml (Portuguese, Brazilian) [ci skip] * New translations en.yml (Sorani (Kurdish)) [ci skip] * New translations en.yml (Silesian) [ci skip] * New translations en.yml (Taigi) [ci skip] * New translations en.yml (Ido) [ci skip] * New translations en.yml (Kabyle) [ci skip] * New translations en.yml (Sanskrit) [ci skip] * New translations en.yml (Sardinian) [ci skip] * New translations en.yml (Corsican) [ci skip] * New translations en.yml (Serbian (Latin)) [ci skip] * New translations en.yml (Tatar) [ci skip] * New translations en.yml (Occitan) [ci skip] * New translations en.yml (Asturian) [ci skip] * New translations en.yml (Scottish Gaelic) [ci skip] * New translations en.yml (Kannada) [ci skip] * New translations en.yml (Cornish) [ci skip] * New translations en.yml (Sinhala) [ci skip] * New translations en.yml (Breton) [ci skip] * New translations en.yml (Malayalam) [ci skip] * New translations en.yml (Indonesian) [ci skip] * New translations en.yml (Icelandic) [ci skip] * New translations en.yml (Greek) [ci skip] * New translations en.yml (Italian) [ci skip] * New translations en.yml (Armenian) [ci skip] * New translations en.yml (Hungarian) [ci skip] * New translations en.yml (Hebrew) [ci skip] * New translations en.yml (Finnish) [ci skip] * New translations en.yml (Basque) [ci skip] * New translations en.yml (German) [ci skip] * New translations en.yml (Korean) [ci skip] * New translations en.yml (Danish) [ci skip] * New translations en.yml (Czech) [ci skip] * New translations en.yml (Catalan) [ci skip] * New translations en.yml (Bulgarian) [ci skip] * New translations en.yml (Arabic) [ci skip] * New translations en.yml (Afrikaans) [ci skip] * New translations en.yml (Spanish) [ci skip] * New translations en.yml (Georgian) [ci skip] * New translations en.yml (Lithuanian) [ci skip] * New translations en.yml (Galician) [ci skip] * New translations en.yml (Serbian (Cyrillic)) [ci skip] * New translations en.yml (Vietnamese) [ci skip] * New translations en.yml (Urdu (Pakistan)) [ci skip] * New translations en.yml (Chinese Traditional) [ci skip] * New translations en.yml (Chinese Simplified) [ci skip] * New translations en.yml (Ukrainian) [ci skip] * New translations en.yml (Turkish) [ci skip] * New translations en.yml (Albanian) [ci skip] * New translations en.yml (Macedonian) [ci skip] * New translations en.yml (Slovenian) [ci skip] * New translations en.yml (Slovak) [ci skip] * New translations en.yml (Russian) [ci skip] * New translations en.yml (Portuguese) [ci skip] * New translations en.yml (Polish) [ci skip] * New translations en.yml (Punjabi) [ci skip] * New translations en.yml (Norwegian) [ci skip] * New translations en.yml (Standard Moroccan Tamazight) [ci skip] * Update source file en.yml [ci skip] * New translations en.yml (French) [ci skip] * New translations en.yml (French) [ci skip] * New translations en.yml (French) [ci skip] * New translations en.yml (Swedish) [ci skip] * New translations en.yml (Polish) [ci skip] * New translations en.yml (Thai) [ci skip] * New translations en.json (Lithuanian) [ci skip] * New translations en.json (Lithuanian) [ci skip] * New translations en.json (Chinese Simplified) [ci skip] * New translations en.yml (Thai) [ci skip] * New translations en.json (Korean) [ci skip] * New translations en.json (Chinese Simplified) [ci skip] * New translations en.yml (Chinese Simplified) [ci skip] * New translations en.yml (Chinese Simplified) [ci skip] * New translations simple_form.en.yml (Chinese Simplified) [ci skip] * New translations devise.en.yml (Chinese Simplified) [ci skip] * New translations doorkeeper.en.yml (Chinese Simplified) [ci skip] * New translations en.yml (Chinese Simplified) [ci skip] * New translations simple_form.en.yml (Chinese Simplified) [ci skip] * New translations en.json (Portuguese) [ci skip] * New translations en.json (Malayalam) [ci skip] * New translations en.json (Malayalam) [ci skip] * New translations en.json (Persian) [ci skip] * New translations en.yml (Persian) [ci skip] * New translations en.json (Chinese Traditional) [ci skip] * New translations en.yml (Chinese Traditional) [ci skip] * New translations en.json (Chinese Traditional) [ci skip] * New translations en.yml (Chinese Traditional) [ci skip] * New translations simple_form.en.yml (Chinese Traditional) [ci skip] * New translations activerecord.en.yml (Chinese Traditional) [ci skip] * New translations devise.en.yml (Chinese Traditional) [ci skip] * New translations en.yml (Chinese Traditional) [ci skip] * New translations simple_form.en.yml (Chinese Traditional) [ci skip] * New translations doorkeeper.en.yml (Chinese Traditional) [ci skip] * New translations devise.en.yml (Chinese Traditional) [ci skip] * New translations en.yml (Chinese Traditional) [ci skip] * New translations en.json (Croatian) [ci skip] * New translations en.json (Telugu) [ci skip] * New translations en.json (Malay) [ci skip] * New translations en.json (Hindi) [ci skip] * New translations en.json (Latvian) [ci skip] * New translations en.json (Estonian) [ci skip] * New translations en.json (Kazakh) [ci skip] * New translations en.json (Norwegian Nynorsk) [ci skip] * New translations en.json (Marathi) [ci skip] * New translations en.json (Esperanto) [ci skip] * New translations en.json (Bengali) [ci skip] * New translations en.json (Tamil) [ci skip] * New translations en.json (Portuguese, Brazilian) [ci skip] * New translations en.json (Welsh) [ci skip] * New translations en.json (Uyghur) [ci skip] * New translations en.json (Urdu (Pakistan)) [ci skip] * New translations en.json (Sorani (Kurdish)) [ci skip] * New translations en.json (Silesian) [ci skip] * New translations en.json (Taigi) [ci skip] * New translations en.json (Ido) [ci skip] * New translations en.json (Kabyle) [ci skip] * New translations en.json (Sanskrit) [ci skip] * New translations en.json (Sardinian) [ci skip] * New translations en.json (Serbian (Latin)) [ci skip] * New translations en.json (Chinese Traditional, Hong Kong) [ci skip] * New translations en.json (Occitan) [ci skip] * New translations en.json (Asturian) [ci skip] * New translations en.json (Kannada) [ci skip] * New translations en.json (Cornish) [ci skip] * New translations en.json (Sinhala) [ci skip] * New translations en.json (Breton) [ci skip] * New translations en.json (Tatar) [ci skip] * New translations en.json (Romanian) [ci skip] * New translations en.json (Thai) [ci skip] * New translations en.json (Persian) [ci skip] * New translations en.json (Arabic) [ci skip] * New translations en.json (Afrikaans) [ci skip] * New translations en.json (Bulgarian) [ci skip] * New translations en.json (Serbian (Cyrillic)) [ci skip] * New translations en.json (Macedonian) [ci skip] * New translations en.json (Slovenian) [ci skip] * New translations en.json (Slovak) [ci skip] * New translations en.json (Punjabi) [ci skip] * New translations en.json (Norwegian) [ci skip] * New translations en.json (Georgian) [ci skip] * New translations en.json (Armenian) [ci skip] * New translations en.json (Hebrew) [ci skip] * New translations en.json (Finnish) [ci skip] * New translations en.json (Greek) [ci skip] * New translations en.json (Standard Moroccan Tamazight) [ci skip] * New translations simple_form.en.yml (Scottish Gaelic) [ci skip] * New translations en.yml (Scottish Gaelic) [ci skip] * New translations activerecord.en.yml (Scottish Gaelic) [ci skip] * New translations en.yml (Scottish Gaelic) [ci skip] * New translations simple_form.en.yml (Scottish Gaelic) [ci skip] * New translations doorkeeper.en.yml (Scottish Gaelic) [ci skip] * New translations en.json (Scottish Gaelic) [ci skip] * New translations devise.en.yml (Scottish Gaelic) [ci skip] * New translations en.yml (Spanish, Argentina) [ci skip] * New translations en.json (Spanish, Argentina) [ci skip] * New translations simple_form.en.yml (Spanish, Argentina) [ci skip] * New translations activerecord.en.yml (Spanish, Argentina) [ci skip] * New translations doorkeeper.en.yml (Spanish, Argentina) [ci skip] * New translations en.json (Thai) [ci skip] * i18n-tasks normalize * yarn manage:translations Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
2021-06-02Fix e-mail confirmations API not working correctly (#16348)Eugen Rochko
* Fix e-mail confirmations API not working correctly * Fix typo
2021-06-02Fix account deletion sometimes failing because of optimistic locks (#16317)Claire
* Fix account deletion sometimes failing because of optimistic locks In some rare occasions[1], deleting accounts would fail with a `StaleObjectError` exception. Indeed, account deletion manually sets the `AccountStat` values without handling cases where the optimistic locking on `AccountStat` would fail. To my knowledge, with the rewrite of account counters in #15913, the `DeleteAccountService` is now the only place that changes the counters in a way that is not atomic. Since in this specific case, we do not care about the previous values of the account counters, it appears we don't need locking at all for this table anymore. [1]: https://discourse.joinmastodon.org/t/account-cant-be-deleted/3602 * Bump MAX_SUPPORTED_VERSION in maintenance script
2021-06-01Fix deprecated slash as division in SASS files (#16347)Claire
Fixes #16293
2021-06-01Add assets from Twemoji 13.1.0 (#16345)Eugen Rochko
* Add assets from Twemoji 13.1.0 * Update emoji-mart
2021-05-31Fix some IDs in instance actor outbox (#16343)Claire