about summary refs log tree commit diff
path: root/config/initializers
AgeCommit message (Collapse)Author
2018-03-09Merge remote-tracking branch 'tootsuite/master' into glitchsoc/masterJenkins
2018-03-07Add additional first_name and last_name SAML attribute statement options, ↵Effy Elden
and modify Omniauthable concern to use full_name or first_name + last_name if not available (#6669)
2018-03-02Merge remote-tracking branch 'origin/master' into merge-upstreamDavid Yip
Conflicts: README.md app/controllers/follower_accounts_controller.rb app/controllers/following_accounts_controller.rb app/serializers/rest/instance_serializer.rb app/views/stream_entries/_simple_status.html.haml config/locales/simple_form.ja.yml
2018-03-02fix logic for pam_controlled_service (#6599)Alexander
2018-02-28Fix #942: Seamless LDAP login (#6556)Eugen Rochko
2018-02-24Raise Mastodon::HostValidationError when host for HTTP request is private ↵Akihiko Odaki
(#6410)
2018-02-23Merge branch 'master' of https://github.com/tootsuite/mastodonimncls
# Conflicts: # app/controllers/settings/exports_controller.rb # app/models/media_attachment.rb # app/models/status.rb # app/views/about/show.html.haml # docker_entrypoint.sh # spec/views/about/show.html.haml_spec.rb
2018-02-23New variable OAUTH_REDIRECT_AT_SIGN_IN + Ref #6538 (not only SAML ↵Ghislain Loaec
strategies) (#6540)
2018-02-22New env variable: SAML_SECURITY_ASSUME_EMAIL_IS_VERIFIED + fixes #6533 (#6538)Ghislain Loaec
2018-02-20Fix #6509: Use pull queue for chewy jobs (#6513)Eugen Rochko
2018-02-11Merge remote-tracking branch 'tootsuite/master' into glitchsoc/masterJenkins
2018-02-11Fix URLs incorrectly having trailing hyphen removed (#6465)Daniel King
In cases where a URL has a trailing hyphen the FetchLinkCardService incorrectly removes the hyphen when it is parsed The hyphen is not a reserved character in the URI spec https://tools.ietf.org/html/rfc3986#section-2.2
2018-02-11Fix Chewy trying to update index with the wrong strategy (#6464)Eugen Rochko
2018-02-11Merge remote-tracking branch 'tootsuite/master' into glitchsoc/masterJenkins
2018-02-09Full-text search for authorized statuses (#6423)Eugen Rochko
* Add full-text search for authorized statuses - Search API will return statuses that match the query - Only for logged in users - Only if you are author of the status, - Or you were mentioned in it - Or you favourited or reblogged it - Configuration over `ES_ENABLED`, `ES_HOST`, `ES_PORT`, `ES_PREFIX` - Run `rails chewy:deploy` to create & populate index Fix #5880 Fix #4293 Fix #1152 * Add commented out docker-compose configuration for ES container * Optimize index import, filter search results * Add basic normalization to the index * Add better stemming and normalization to the index * Skip webfinger request if search query includes both @ and a space * Fix code style * Visually separate search result sections * Fix code style issues
2018-02-04Merge remote-tracking branch 'origin/master' into merge-upstreamDavid Yip
Conflicts: .env.production.sample app/controllers/auth/confirmations_controller.rb db/schema.rb
2018-02-04Make PAM gem optional, allow configuration over environment (#6415)Eugen Rochko
2018-02-04CAS + SAML authentication feature (#6425)Eugen Rochko
* Cas authentication feature * Config * Remove class_eval + Omniauth initializer * Codeclimate review * Codeclimate review 2 * Codeclimate review 3 * Remove uid/email reconciliation * SAML authentication * Clean up code * Improve login form * Fix code style issues * Add locales
2018-02-02Merge remote-tracking branch 'tootsuite/master' into merge-upstreamDavid Yip
Conflicts: app/javascript/styles/mastodon/components.scss
2018-02-02pam authentication (#5303)Alexander
* add pam support, without extra column * bugfixes for pam login * document options * fix code style * fix codestyle * fix tests * don't call remember_me without password * fix codestyle * improve checks for pam usage (should fix tests) * fix remember_me part 1 * add remember_token column because :rememberable requires either a password or this column. * migrate db for remember_token * move pam_authentication to the right place, fix logic bug in edit.html.haml * fix tests * fix pam authentication, improve username lookup, add comment * valid? is sometimes not honored, return nil instead trying to authenticate with pam * update devise_pam_authenticatable2 and adjust code. Fixes sideeffects observed in tests * update devise_pam_authenticatable gem, fixes for codeconventions, fix finding user * codeconvention fixes * code convention fixes * fix idention * update dependency, explicit conflict check * fix disabled password updates if in pam mode * fix check password if password is present, fix templates * block registration if account is maintained by pam * Revert "block registration if account is maintained by pam" This reverts commit 8e7a083d650240b6fac414926744b4b90b435f20. * fix identation error introduced by rebase * block usernames maintained by pam * document pam settings better * fix code style
2018-01-15Merge remote-tracking branch 'origin/master' into gs-masterDavid Yip
Conflicts: Gemfile.lock
2018-01-16HTML e-mails for UserMailer (#6256)Eugen Rochko
- premailer gem to turn CSS into inline styles automatically - rework UserMailer templates - reword UserMailer templates
2018-01-15Merge remote-tracking branch 'tootsuite/master' into glitchsoc/masterJenkins
2018-01-15Suppress CSRF token warnings (#6240)Patrick Figel
CSRF token checking was enabled for API controllers in #6223, producing "Can't verify CSRF token authenticity" log spam. This disables logging of failed CSRF checks. This also changes the protection strategy for PushSubscriptionsController to use exceptions, making it consistent with other controllers that use sessions.
2018-01-09Merge remote-tracking branch 'origin/master' into merge-upstreamDavid Yip
Conflicts: db/schema.rb
2018-01-09Increase rate limit on protected paths (#6229)Eugen Rochko
Previously each protected path had a separate rate limit. Now they're all in the same bucket, so people are more likely to hit one with register->login. Increasing to 25 per 5 minutes should be fine.
2018-01-05Merge remote-tracking branch 'tootsuite/master' into glitchsoc/masterJenkins
2018-01-05Fix enforce HTTPS in production. (#6180)Naoki Kosaka
2018-01-03Merge remote-tracking branch 'tootsuite/master' into glitchsoc/masterJenkins
2018-01-02Add confirmation step for email changes (#6071)Patrick Figel
* Add confirmation step for email changes This adds a confirmation step for email changes of existing users. Like the initial account confirmation, a confirmation link is sent to the new address. Additionally, a notification is sent to the existing address when the change is initiated. This message includes instruction to reset the password immediately or to contact the instance admin if the change was not initiated by the account owner. Fixes #3871 * Add review fixes
2017-12-22Merge remote-tracking branch 'tootsuite/master' into glitchsoc/masterJenkins
2017-12-22enforce LOCAL_HTTPS=true in production (#6061)nightpool
* enforce https in production * note changes in production env sample * typo fix
2017-12-13Merge remote-tracking branch 'tootsuite/master' into glitchsoc/masterJenkins
2017-12-13Change streaming API URL when remote development (#5942)Yamagishi Kazutoshi
* Change streaming API URL when remote development * Use STREAMING_API_BASE_URL when dev env
2017-12-12Merge remote-tracking branch 'tootsuite/master' into merge-upstreamDavid Yip
2017-12-11Apply a 25x rate limit by IP even to authenticated requests (#5948)Eugen Rochko
2017-12-10Ruby intl8n for themeskibigo!
2017-12-09Missing require 'authorization_decorator'. (#5947)Naoki Kosaka
2017-12-09Rate limit by user instead of IP when API user is authenticated (#5923)Eugen Rochko
* Fix #668 - Rate limit by user instead of IP when API user is authenticated * Fix code style issue * Use request decorator provided by Doorkeeper
2017-12-09Fix typo in paperclip.rb (#5936)THE BOSS ♨
2017-12-09Revert fog-aws (ref #5604) (#5934)Yamagishi Kazutoshi
2017-12-06Remove rabl dependency (#5894)Eugen Rochko
* Remove rabl dependency * Replicate old Oj configuration
2017-11-15Allow specifying STATSD_NAMESPACE (#5700)Eugen Rochko
2017-11-07Fix spell miss (SWIIFT_OBJECT_URL -> SWIFT_OBJECT_URL) (#5617)MitarashiDango
2017-11-07Unify file upload to using fog (#5604)Yamagishi Kazutoshi
2017-10-09Remove timestamps on any option (#5282)Jeong Arm
2017-10-09Fix migration failure due to StrongMigrations on production env (#5283)unarist
2017-10-04adjust public profile pages 2 (#5223)Lynx Kotoura
2017-09-30Fix Paperclip::Fog always responds Not Found in OpenStack-v2 like ConoHa (#5155)Nishi, Keisuke
2017-09-29Replace self-rolled statsd instrumention with localshred/nsa (#5118)Eugen Rochko