about summary refs log tree commit diff
path: root/config/routes.rb
AgeCommit message (Collapse)Author
2017-05-04Replace best_in_place editor on admin settings page (#2789)Matt Jankowski
* Remove best_in_place * Replace best_in_place usage with rails helpers * Move admin/settings#index to #edit action * Remove click_to__edit from i18n
2017-05-02Add option to disable two factor auth in admin accounts panel. (#2584)Kaylee
* Add option to disable two factor auth in admin accounts panel. Closes #2578 * Add @mjankowski's suggestions. * Moves destroy actions behind User#disable_two_factor! * Adds spec coverage for Admin:TwoFactorAuthenticationsController and User#disable_two_factor!
2017-04-27Add spec coverage and refactor authorize_follows controller (#2505)Matt Jankowski
2017-04-24Followers-only post federation (#2111)Eugen
* Make private toots get PuSHed to subscription URLs that belong to domains where you have approved followers * Authorized followers controller, stub for bulk action * Soft block in the background * Add simple test for new controller * Rename Settings::FollowersController to Settings::FollowerDomainsController, paginate results, rename "private" post setting to "followers-only", fix pagination style, improve post privacy preferences style, improve warning style * Extract compose form warnings into own container, show warning when posting to followers-only with unlocked account
2017-04-23ActivityPub: Add basic, read-only support for Outboxes, Notes, and ↵Evan Minto
Create/Announce Activities (#2197) * Clean up collapsible components * Expose user Outboxes and AS2 representations of statuses * Save work thus far. * Fix bad merge. * Save my work * Clean up pagination. * First test working. * Add tests. * Add Forbidden error template. * Revert yarn.lock changes. * Fix code style deviations and use localized instead of hardcoded English text.
2017-04-23Admin UI for confirming users (#2245)Ash Furrow
* Shows confirmed status in list. * Adds ability to confirm users in admin UI. * Added new english translations. * Addresses feedback from #2245. * More feedback.
2017-04-222FA controller cleanup (#2296)Matt Jankowski
* Add spec coverage for settings/two_factor_auth area * extract setup method for qr code * Move otp required check to before action * Merge method only used once * Remove duplicate view * Consolidate creation of @codes for backup * Move settings/2fq#recovery_codes to settings/recovery_codes#create * Rename settings/two_factor_auth#disable to #destroy * Add coverage for the otp required path on 2fa#show * Clean up the recovery codes list styles * Move settings/two_factor_auth to settings/two_factor_authentication * Reorganize the settings two factor auth area Updated to use a flow like: - settings/two_factor_authentication goes to a #show view which has a button either enable or disable 2fa on the account - the disable button turns off the otp requirement for the user - the enable button cycles the user secret and redirects to a confirmation page - the confirmation page is a #new view which shows the QR code for user - that page posts to #create which verifies the code, and creates the recovery codes - that create action shares a view with a recovery codes controller which can be used separately to reset codes if needed
2017-04-22Added API for single notification dismissal (#2251)Ashley
* Added API backend for notification dismissal * Added render statement * Changed statement
2017-04-19Restful refactor of accounts/ routes (#2133)Matt Jankowski
* Add routing specs for accounts followers and following actions * Use more restful route naming for public account follow pages Moves two actions: - accounts#followers to accounts/follower_accounts#index - accounts#following to accounts/following_accounts#index Adds routing spec to ensure prior URLs are preserved.
2017-04-18Instances list in admin (#2095)Matt Jankowski
* Add admin/instances index action * Add link to instances admin page * View lists instances * Instances, grouped by domain, ordered by count * Use Account.remote scope * Extract method: Account.by_domain_accounts
2017-04-17Improve handling of HTTP_ACCEPT for webfinger (#2008)Matt Jankowski
This change includes: - Improve the spec coverage for incoming request to the webfinger action - For requests without an accept header (ie, what a browser might look like), return a JSON response. - For requests with an explicit format of xml or json, return that format. - For requests using an accept header, return that format. Also adds failing spec showing webfinger does not return xml, which covers the issue described in: https://github.com/tootsuite/mastodon/issues/1983
2017-04-16Make file attachment on MediaAttachment optional (#1865)Eugen
Create MediaAttachment but without actual file download when domain is blocked with reject_media set to true Clean up old media files when creating a new domain block with reject_media set to true Return remote_url in media attachments API if local file is not present Undo domain block action in admin UI Ability to enable reject_media from admin UI
2017-04-15Add password reset for users from admin accounts area (#1841)Matt Jankowski
2017-04-15Add recovery code support for two-factor auth (#1773)Patrick Figel
* Add recovery code support for two-factor auth When users enable two-factor auth, the app now generates ten single-use recovery codes. Users are encouraged to print the codes and store them in a safe place. The two-factor prompt during login now accepts both OTP codes and recovery codes. The two-factor settings UI allows users to regenerated lost recovery codes. Users who have set up two-factor auth prior to this feature being added can use it to generate recovery codes for the first time. Fixes #563 and fixes #987 * Set OTP_SECRET in test enviroment * add missing .html to view file names
2017-04-14Admin reports controller improvements (#1714)Matt Jankowski
* Simplify admin/reports controller filtering for index * Rename parameter to resolved * Fix issue where reports view could not access filter_link_to * Add coverage for admin/reports controller * DRY up resolution of related reports for target account * Clean up admin/reports routes * Add Report#statuses method * DRY up current account action taken params * Rubocop styles
2017-04-13Clean up well-known routes/controllers (#1649)Matt Jankowski
* Add request spec for host meta route returning xml * Add routing spec for xrd routes * Update well-known routes * Move webfinger and host-meta actions to their own controllers
2017-04-13Admin accounts controller cleanup (#1664)Matt Jankowski
* Remove unused account_params method in admin/accounts controller * Introduce AccountFilter to find accounts * Use AccountFilter in admin/accounts controller * Use more restful routes admin silence and suspension area * Add admin/silences and admin/suspensions controllers
2017-04-12Allow import/export of mutes list (#1541)Matt Jankowski
* Allow export of mutes list * Allow importing of mutes list * Refactor to use Settings::Exports::BaseController and DRY up exports code
2017-04-12Default to json type for webfinger requests (#1583)Matt Jankowski
2017-04-11Refactor exports controller (#1567)Matt Jankowski
* Add basic coverage for settings/exports controller * Remove unused @account variable from settings/exports controller * Add coverage for download export actions * Remove deprecated `render :text` in favor of `send_data` for csv downloads * Add model to handle exports * Use Export class in settings/exports controller * Simplify settings/exports controller methods * Move settings/export to more restful routes
2017-04-09Allow users to update their Account in the API (#1179)David Celis
* Allow users to update their Account in the API It would be nice for API clients to be able to allow users to update their accounts without having to wrap Mastodon in a web view. This patch adds an API endpoint to let users submit a PATCH for their account. Signed-off-by: David Celis <me@davidcel.is> * Add /api/v1/accounts/update_credentials to the API docs Signed-off-by: David Celis <me@davidcel.is>
2017-04-09Clean up about page (#1282)Matt Jankowski
* Add InstancePresenter to expose site details * Clean up about controller, use instance presenter
2017-04-09Ignore implied formats for catch all route requests (#1340)Matt Jankowski
A request to `/test` would show the custom 404 page, but a request to `/test.test` would return a 404 with an empty body. This change ignores the format on incoming catch all route requests, so that the html 404 page is returned on these requests.
2017-04-08Fix #795, fix #704, fix #835 - 2FA requires confirmation to be enabled (#1278)Eugen
* Fix #795, fix #704, fix #835 - 2FA requires confirmation to be enabled TOTP secret is not shown again after 2FA is enabled * Clean up
2017-04-07Allow setting of default language through configEugen Rochko
Setting of locale in controller extracted to Localized concern, the doorkeeper authorized applications controller moved under custom namespace with inclusion of Localized, which resolves the "it sometimes appears in a different random language" bug
2017-04-03Make default admin UI page reports. Add admin UI for creating a domain blockEugen Rochko
2017-03-30Import feature for following/blocking lists (addresses #62, #177, #201, #454)Eugen Rochko
2017-03-22Prettier account and stream entry URLsEugen Rochko
2017-03-22New API method: /api/v1/searchEugen Rochko
Returns accounts, statuses, hashtags arrays
2017-03-19Export follow/block lists as CSVEugen Rochko
2017-03-15Fix #525 - Add instance information APIEugen Rochko
2017-03-15Merge branch 'master' into mastodon-site-apiEugen
2017-03-05Improved /api/v1/accounts/:id/statuses with new params: only_media, ↵Eugen Rochko
exclude_replies Redirect /:username to /users/:username Redirect /:username/:id to /users/:username/updates/:id Updated API documentation and sponsors
2017-03-01Mute button progress so far. WIP, doesn't entirely work correctly.Kit Redgrave
2017-02-27Adds site metadata access to the APIKibigo
2017-02-27Fix #104 - Style OAuth authorized applications pageEugen Rochko
Add ability to search accounts by display name
2017-02-17Add GET /api/v1/accounts/:id/statuses/media that returns only statuses with ↵Eugen Rochko
media attachments Make replies default to privacy settings of the status being replied to
2017-02-17Add UI to view report details, remove reported statuses, quick links to ↵Eugen Rochko
resolve/silence/suspend from report
2017-02-16Adding index overview for reports in admin UIEugen Rochko
2017-02-15Fix admin UI for accounts somewhatEugen Rochko
2017-02-14Adding POST /api/v1/reports API, and a UI for submitting reportsEugen Rochko
2017-02-12Stop trying to shoehorn all Salmon updates into the poor database-connectedEugen Rochko
StreamEntry model. Simply render Salmon slaps as they are needed
2017-02-05Removing failed push notification API, make context loads use cacheEugen Rochko
2017-02-02Cleaning up format of broadcast real-time messages, removingEugen Rochko
redis-backed "mentions" timeline as redundant (given notifications)
2017-01-29API for apps to register for push notificationsEugen Rochko
2017-01-27Added optional two-factor authenticationEugen Rochko
2017-01-26Add redirect for /admin => /admin/settingsEffy Elden
2017-01-23Add /api/v1/notifications/clear, non-existing link cards for statuses willEugen Rochko
now return empty hash instead of throwing a 404 error. When following, merge into timeline will filter statuses
2017-01-21Fix code styleEugen Rochko
2017-01-21Merge branch 'master' of https://github.com/ineffyble/mastodon into ↵Eugen Rochko
ineffyble-master