about summary refs log tree commit diff
path: root/db/migrate
AgeCommit message (Collapse)Author
2022-03-01Change authorized applications page (#17656)Eugen Rochko
* Change authorized applications page * Hide revoke button for superapps and suspended accounts * Clean up db/schema.rb
2022-02-25Add trending statuses (#17431)Eugen Rochko
* Add trending statuses * Fix dangling items with stale scores in localized sets * Various fixes and improvements - Change approve_all/reject_all to approve_accounts/reject_accounts - Change Trends::Query methods to not mutate the original query - Change Trends::Query#skip to offset - Change follow recommendations to be refreshed in a transaction * Add tests for trending statuses filtering behaviour * Fix not applying filtering scope in controller
2022-02-24Change e-mail domain blocks to block IPs dynamically (#17635)Eugen Rochko
* Change e-mail domain blocks to block IPs dynamically * Update app/workers/scheduler/email_domain_block_refresh_scheduler.rb Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh> * Update app/workers/scheduler/email_domain_block_refresh_scheduler.rb Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh> Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
2022-02-22Fix various typos (#17621)luzpaz
Found via `codespell -q 3 -S ./CHANGELOG.md,./AUTHORS.md,./config/locales,./app/javascript/mastodon/locales -L ba,keypair,medias,ro`
2022-02-14Add appeals (#17364)Eugen Rochko
* Add appeals * Add ability to reject appeals and ability to browse pending appeals in admin UI * Add strikes to account page in settings * Various fixes and improvements - Add separate notification setting for appeals, separate from reports - Fix style of links in report/strike header - Change approving an appeal to not restore statuses (due to federation complexities) - Change style of successfully appealed strikes on account settings page - Change account settings page to only show unappealed or recently appealed strikes * Change appealed_at to overruled_at * Fix missing method error
2022-01-30Fix some old migration scripts (#17394)Claire
* Fix some old migration scripts * Fix edge case in two-step migration from older releases
2022-01-27Fix some old database migrations (#17379)Claire
2022-01-23Remove old duplicate index (#17245)Claire
Some Mastodon versions (v1.1 and v1.2) had a duplicate index in `db/schema.rb` without any migration script creating it. #2224 (included in v1.3) removed the duplicate index from the file but did not provide a migration script to remove it. This means that any instance that was installed from v1.1 or v1.2's source code has a duplicate index and a corresponding warning in PgHero. Instances set up using an earlier or later Mastodon version do not have this issue. This PR removes the duplicate index if it is present.
2022-01-19Add support for editing for published statuses (#16697)Eugen Rochko
* Add support for editing for published statuses * Fix references to stripped-out code * Various fixes and improvements * Further fixes and improvements * Fix updates being potentially sent to unauthorized recipients * Various fixes and improvements * Fix wrong words in test * Fix notifying accounts that were tagged but were not in the audience * Fix mistake
2022-01-17Add notifications for statuses deleted by moderators (#17204)Eugen Rochko
2022-01-16Remove IP tracking columns from users table (#16409)Eugen Rochko
2021-12-13Fix follow recommendation biased towards older accounts (#17126)Takeshi Umeda
2021-11-25Add trending links (#16917)Eugen Rochko
* Add trending links * Add overriding specific links trendability * Add link type to preview cards and only trend articles Change trends review notifications from being sent every 5 minutes to being sent every 2 hours Change threshold from 5 unique accounts to 15 unique accounts * Fix tests
2021-08-09Add feature to automatically delete old toots (#16529)Claire
* Add account statuses cleanup policy model * Record last inspected toot to delete to speed up successive calls to statuses_to_delete * Add service to cleanup a given account's statuses within a budget * Add worker to go through account policies and delete old toots * Fix last inspected status id logic All existing statuses older or equal to last inspected status id must be kept by the current policy. This is an invariant that must be kept so that resuming deletion from the last inspected status remains sound. * Add tests * Refactor scheduler and add tests * Add user interface * Add support for discriminating based on boosts/favs * Add UI support for min_reblogs and min_favs, rework UI * Address first round of review comments * Replace Snowflake#id_at_start with with_random parameter * Add tests * Add tests for StatusesCleanupController * Rework settings page * Adjust load-avoiding mechanisms * Please CodeClimate
2021-07-13Change references to tootsuite/mastodon to mastodon/mastodon (#16491)Claire
* Change references to tootsuite/mastodon to mastodon/mastodon * Remove obsolete test fixture * Replace occurrences of tootsuite/mastodon with mastodon/mastodon in CHANGELOG And a few other places
2021-07-08Add ability to skip sign-in token authentication for specific users (#16427)Eugen Rochko
Remove "active within last two weeks" exception for sign in token requirement Change admin reset password to lock access until the password is reset
2021-06-30Fix missing on_delete: :cascade for canonical_email_blocks foreign key (#16448)Claire
2021-06-21Add authentication history (#16408)Eugen Rochko
2021-06-02Fix migration script not being able to run if it fails midway (#16312)Claire
* Fix migration script not being able to run if it fails midway * Fix old migration script * Fix old migration script * Refactor CorruptionError
2021-05-07Do not populate AccountSummaries and FollowRecommendation views on migration ↵Claire
(#16173) Materializing those views can take a while, and they are currently refreshed anyway each time they are actually used, in the FollowRecommendationsScheduler.
2021-05-05Improve performance of follow recommendation scheduler (#16159)Claire
Express follow_recommendations in terms of account_summaries rather than accounts, integrate filters that are unconditionally used, and materialize the resulting view. This should result in the bulk of the computation being performed only once instead of **once per recommendation language**.
2021-04-26Further improve the media attached status query for accounts (#16106)abcang
2021-04-25Improve tag search query (#16104)abcang
2021-04-17Add canonical e-mail blocks for suspended accounts (#16049)Eugen Rochko
Prevent new accounts from being created using the same underlying e-mail as a suspended account using extensions and period permutations. Stores e-mails as a SHA256 hash
2021-04-15Change account ids to snowflake ids (#15844)Claire
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
2021-04-12Add cold-start follow recommendations (#15945)Eugen Rochko
2021-03-19Further preparation for Rails 6 (#15916)Claire
* Use ActiveRecord::Result#to_ary instead of deprecated to_hash They do the same thing, and to_hash has been removed from Rails 6.1 * Explicitly name polymorphic indexes to workaround a bug in Rails 6.1 cf. https://github.com/rails/rails/issues/41693 * Fix incorrect usage of “foreign_key” in migration script * Use `ActiveModel::Errors#delete` instead of deprecated clear method * Fix link headers tests on Rails 6.1 Rails 6.1 adds values to the Link header by default, thus it is not a LinkHeader object anymore. Fix the test to parse the Link header instead of assuming it is a LinkHeader.
2021-03-19Use more robust hook for loading timestamp_id function into database (#15919)Claire
2021-03-19Prepare Mastodon for zeitwerk autoloader (#15917)Claire
* Prepare Mastodon for zeitwerk autoloader (Rails 6) Add inflections and rename/move a few classes. In particular, app/lib/exceptions.rb and app/lib/sanitize_config.rb were manually loaded while still in autoload paths. * Add inflection for Url → URL
2021-03-12Bump sidekiq-unique-jobs from 6.0.25 to 7.0.1 (#15627)dependabot[bot]
* Bump sidekiq-unique-jobs from 6.0.25 to 7.0.1 Bumps [sidekiq-unique-jobs](https://github.com/mhenrixon/sidekiq-unique-jobs) from 6.0.25 to 7.0.1. - [Release notes](https://github.com/mhenrixon/sidekiq-unique-jobs/releases) - [Changelog](https://github.com/mhenrixon/sidekiq-unique-jobs/blob/master/CHANGELOG.md) - [Commits](https://github.com/mhenrixon/sidekiq-unique-jobs/compare/v6.0.25...v7.0.1) Signed-off-by: dependabot[bot] <support@github.com> * Fix migration being broken by sidekiq-unique-jobs update * Fix migration script following API changes in dependency * Fixup Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: ThibG <thib@sitedethib.com>
2021-02-21Add server rules (#15769)Eugen Rochko
2020-12-18Fix old migration script not being able to run if it fails midway (#15361)ThibG
* Fix old migration script not being able to run if it fails midway Improve the robustness of a migration script likely to fail because of database corruption so it can run again once database corruptions are fixed. * Display a specific error message in case of index corruption Co-authored-by: Eugen Rochko <eugen@zeonfederated.com> Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2020-12-18Add option to obfuscate domain name in public list of domain blocks (#15355)Eugen Rochko
- Replace the middle of the domain with * characters (except for periods) - Add SHA-256 digest of the domain name in tooltip
2020-12-15Add indication to admin UI of whether a report has been forwarded (#13237)ThibG
* Add indication to admin UI of whether a report has been forwarded * Rework how forwarded status is displayed Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2020-12-14Fix performance on instances list in admin UI (#15282)Eugen Rochko
- Reduce duplicate queries - Remove n+1 queries - Add accounts count to detailed view - Add separate action log entry for updating existing domain blocks
2020-11-08Add support for reversible suspensions through ActivityPub (#14989)Eugen Rochko
2020-11-04Add account sensitized (#14361)Takeshi Umeda
* Add account sensitized * Fix i18n normalize * Fix description and spec * Fix spec * Fix wording
2020-10-13Add duration parameter to muting. (#13831)OSAMU SATO
* Adding duration to muting. * Remove useless checks
2020-10-12Add IP-based rules (#14963)Eugen Rochko
2020-09-18Add option to be notified when a followed user posts (#13546)Eugen Rochko
* Add bell button Fix #4890 * Remove duplicate type from post-deployment migration * Fix legacy class type mappings * Improve query performance with better index * Fix validation * Remove redundant index from notifications
2020-09-15Change account suspensions to be reversible by default (#14726)Eugen Rochko
2020-09-01Add configuration option to filter replies in lists (#9205)ThibG
* Add database support for list show-reply preferences * Add backend support to read and update list-specific show_replies settings * Add basic UI to set list replies setting * Add specs for list replies policy * Switch "cycling" reply policy link to a set of radio inputs * Capitalize replies_policy strings * Change radio button design to be consistent with that of the directory explorer
2020-08-24Add WebAuthn as an alternative 2FA method (#14466)santiagorodriguez96
* feat: add possibility of adding WebAuthn security keys to use as 2FA This adds a basic UI for enabling WebAuthn 2FA. We did a little refactor to the Settings page for editing the 2FA methods – now it will list the methods that are available to the user (TOTP and WebAuthn) and from there they'll be able to add or remove any of them. Also, it's worth mentioning that for enabling WebAuthn it's required to have TOTP enabled, so the first time that you go to the 2FA Settings page, you'll be asked to set it up. This work was inspired by the one donde by Github in their platform, and despite it could be approached in different ways, we decided to go with this one given that we feel that this gives a great UX. Co-authored-by: Facundo Padula <facundo.padula@cedarcode.com> * feat: add request for WebAuthn as second factor at login if enabled This commits adds the feature for using WebAuthn as a second factor for login when enabled. If users have WebAuthn enabled, now a page requesting for the use of a WebAuthn credential for log in will appear, although a link redirecting to the old page for logging in using a two-factor code will also be present. Co-authored-by: Facundo Padula <facundo.padula@cedarcode.com> * feat: add possibility of deleting WebAuthn Credentials Co-authored-by: Facundo Padula <facundo.padula@cedarcode.com> * feat: disable WebAuthn when an Admin disables 2FA for a user Co-authored-by: Facundo Padula <facundo.padula@cedarcode.com> * feat: remove ability to disable TOTP leaving only WebAuthn as 2FA Following examples form other platforms like Github, we decided to make Webauthn 2FA secondary to 2FA with TOTP, so that we removed the possibility of removing TOTP authentication only, leaving users with just WEbAuthn as 2FA. Instead, users will have to click on 'Disable 2FA' in order to remove second factor auth. The reason for WebAuthn being secondary to TOPT is that in that way, users will still be able to log in using their code from their phone's application if they don't have their security keys with them – or maybe even lost them. * We had to change a little the flow for setting up TOTP, given that now it's possible to setting up again if you already had TOTP, in order to let users modify their authenticator app – given that now it's not possible for them to disable TOTP and set it up again with another authenticator app. So, basically, now instead of storing the new `otp_secret` in the user, we store it in the session until the process of set up is finished. This was because, as it was before, when users clicked on 'Edit' in the new two-factor methods lists page, but then went back without finishing the flow, their `otp_secret` had been changed therefore invalidating their previous authenticator app, making them unable to log in again using TOTP. Co-authored-by: Facundo Padula <facundo.padula@cedarcode.com> * refactor: fix eslint errors The PR build was failing given that linting returning some errors. This commit attempts to fix them. * refactor: normalize i18n translations The build was failing given that i18n translations files were not normalized. This commits fixes that. * refactor: avoid having the webauthn gem locked to a specific version * refactor: use symbols for routes without '/' * refactor: avoid sending webauthn disabled email when 2FA is disabled When an admins disable 2FA for users, we were sending two mails to them, one notifying that 2FA was disabled and the other to notify that WebAuthn was disabled. As the second one is redundant since the first email includes it, we can remove it and send just one email to users. * refactor: avoid creating new env variable for webauthn_origin config * refactor: improve flash error messages for webauthn pages Co-authored-by: Facundo Padula <facundo.padula@cedarcode.com>
2020-07-08Fix RemoveDuplicatedIndexesPghero to check for the existence of the index ↵Takeshi Umeda
(#14259)
2020-07-07Fix media attachments enumeration (#14254)Eugen Rochko
* Fix media attachment enumeration * Switch media_attachments id to snowflake ids Co-authored-by: Thibaut Girka <thib@sitedethib.com>
2020-06-30Add user notes on accounts (#14148)ThibG
* Add UserNote model * Add UI for user notes * Put comment in relationships entity * Add API to create user notes * Copy user notes to new account when receiving a Move activity * Address some of the review remarks * Replace modal by inline edition * Please CodeClimate * Button design changes * Change design again * Cancel note edition when pressing Escape * Fixes * Tweak design again * Move “Add note” item, and allow users to add notes to themselves * Rename UserNote into AccountNote, rename “comment” Relationship attribute to “note”
2020-06-29Add customizable thumbnails for audio and video attachments (#14145)Eugen Rochko
- Change audio files to not be stripped of metadata - Automatically extract cover art from audio if it exists - Add `thumbnail` parameter to `POST /api/v1/media`, `POST /api/v2/media` and `PUT /api/v1/media/:id` - Add `icon` to represent it in attachments in ActivityPub - Fix `preview_url` containing URL of missing missing image when there is no thumbnail instead of null - Fix duration of audio not being displayed on public pages until the file is loaded
2020-06-25remove duplicated indexes according to pghero (#13695)Lerk
2020-06-21Fix unique username constraint for local users not being enforced in ↵ThibG
database (#14099) This should not be an issue in practice because of the Rails-level uniqueness check, but local accounts having a NULL domain means the uniqueness constraint did not apply to them (since no two NULL values are considered equal).
2020-06-09Add e-mail-based sign in challenge for users with disabled 2FA (#14013)Eugen Rochko