about summary refs log tree commit diff
path: root/spec/controllers/api
AgeCommit message (Collapse)Author
2017-12-06Break out nested relationship API keys (#5887)aschmitz
* Break out nested relationship API keys This closes #5856 by restoring the existing behavior of the `muting` and `following` keys (returning booleans rather than truthy or false). It adds `showing_reblogs` and `muting_notifications` keys: * `showing_reblogs` returns true if: 1. You've requested to follow the user, with reblogs shown, or 2. You are following the user, with reblogs shown. * `muting_notifications` returns true if you have muted the user and their notifications as well. * Rubocop fix * Fix pulling reblog/mute status from relationships I could swear this had passed tests before, but apparently not. Works now. * More test fixes Really, you'd expect this to be more straightforward.
2017-11-28Allow hiding of reblogs from followed users (#5762)aschmitz
* Allow hiding of reblogs from followed users This adds a new entry to the account menu to allow users to hide future reblogs from a user (and then if they've done that, to show future reblogs instead). This does not remove or add historical reblogs from/to the user's timeline; it only affects new statuses. The API for this operates by sending a "reblogs" key to the follow endpoint. If this is sent when starting a new follow, it will be respected from the beginning of the follow relationship (even if the follow request must be approved by the followee). If this is sent when a follow relationship already exists, it will simply update the existing follow relationship. As with the notification muting, this will now return an object ({reblogs: [true|false]}) or false for each follow relationship when requesting relationship information for an account. This should cause few issues due to an object being truthy in many languages, but some modifications may need to be made in pickier languages. Database changes: adds a show_reblogs column (default true, non-nullable) to the follows and follow_requests tables. Because these are non-nullable, we use the existing MigrationHelpers to perform this change without locking those tables, although the tables are likely to be small anyway. Tests included. See also <https://github.com/glitch-soc/mastodon/pull/212>. * Rubocop fixes * Code review changes * Test fixes This patchset closes #648 and resolves #3271. * Rubocop fix * Revert reblogs defaulting in argument, fix tests It turns out we needed this for the same reason we needed it in muting: if nil gets passed in somehow (most usually by an API client not passing any value), we need to detect and handle it. We could specify a default in the parameter and then also catch nil, but there's no great reason to duplicate the default value.
2017-11-18Lists (#5703)Eugen Rochko
* Add structure for lists * Add list timeline streaming API * Add list APIs, bind list-account relation to follow relation * Add API for adding/removing accounts from lists * Add pagination to lists API * Add pagination to list accounts API * Adjust scopes for new APIs - Creating and modifying lists merely requires "write" scope - Fetching information about lists merely requires "read" scope * Add test for wrong user context on list timeline * Clean up tests
2017-11-15Optional notification muting (#5087)Surinna Curtis
* Add a hide_notifications column to mutes * Add muting_notifications? and a notifications argument to mute! * block notifications in notify_service from hard muted accounts * Add specs for how mute! interacts with muting_notifications? * specs testing that hide_notifications in mutes actually hides notifications * Add support for muting notifications in MuteService * API support for muting notifications (and specs) * Less gross passing of notifications flag * Break out a separate mute modal with a hide-notifications checkbox. * Convert profile header mute to use mute modal * Satisfy eslint. * specs for MuteService notifications params * add trailing newlines to files for Pork :) * Put the label for the hide notifications checkbox in a label element. * Add a /api/v1/mutes/details route that just returns the array of mutes. * Define a serializer for /api/v1/mutes/details * Add more specs for the /api/v1/mutes/details endpoint * Expose whether a mute hides notifications in the api/v1/relationships endpoint * Show whether muted users' notifications are muted in account lists * Allow modifying the hide_notifications of a mute with the /api/v1/accounts/:id/mute endpoint * make the hide/unhide notifications buttons work * satisfy eslint * In probably dead code, replace a dispatch of muteAccount that was skipping the modal with launching the mute modal. * fix a missing import * add an explanatory comment to AccountInteractions * Refactor handling of default params for muting to make code cleaner * minor code style fixes oops * Fixed a typo that was breaking the account mute API endpoint * Apply white-space: nowrap to account relationships icons * Fix code style issues * Remove superfluous blank line * Rename /api/v1/mutes/details -> /api/v2/mutes * Don't serialize "account" in MuteSerializer Doing so is somewhat unnecessary since it's always the current user's account. * Fix wrong variable name in api/v2/mutes * Use Toggle in place of checkbox in the mute modal. * Make the Toggle in the mute modal look better * Code style changes in specs and removed an extra space * Code review suggestions from akihikodaki Also fixed a syntax error in tests for AccountInteractions. * Make AddHideNotificationsToMute Concurrent It's not clear how much this will benefit instances in practice, as the number of mutes tends to be pretty small, but this should prevent any blocking migrations nonetheless. * Fix up migration things * Remove /api/v2/mutes
2017-10-09Fix pagination in Api::V1::BlocksController (#5285)Akihiko Odaki
2017-10-03Fix HTTP responses for salmon and ActivityPub inbox processing (#5200)ThibG
* Return sensible HTTP status for ActivityPub inbox processing * Return sensible HTTP status for salmon slap processing * Return additional information to debug signature verification failures
2017-09-30Fix #5104 - GET /api/v1/apps/verify_credentials to confirm app works (#5112)Eugen Rochko
2017-09-28Add ability to specify alternative text for media attachments (#5123)Eugen Rochko
* Fix #117 - Add ability to specify alternative text for media attachments - POST /api/v1/media accepts `description` straight away - PUT /api/v1/media/:id to update `description` (only for unattached ones) - Serialized as `name` of Document object in ActivityPub - Uploads form adjusted for better performance and description input * Add tests * Change undo button blend mode to difference
2017-09-23New API: GET /api/v1/custom_emojis to get a server's custom emojis (#5051)Eugen Rochko
2017-09-20Change IDs to strings rather than numbers in API JSON output (#5019)aschmitz
* Fix JavaScript interface with long IDs Somewhat predictably, the JS interface handled IDs as numbers, which in JS are IEEE double-precision floats. This loses some precision when working with numbers as large as those generated by the new ID scheme, so we instead handle them here as strings. This is relatively simple, and doesn't appear to have caused any problems, but should definitely be tested more thoroughly than the built-in tests. Several days of use appear to support this working properly. BREAKING CHANGE: The major(!) change here is that IDs are now returned as strings by the REST endpoints, rather than as integers. In practice, relatively few changes were required to make the existing JS UI work with this change, but it will likely hit API clients pretty hard: it's an entirely different type to consume. (The one API client I tested, Tusky, handles this with no problems, however.) Twitter ran into this issue when introducing Snowflake IDs, and decided to instead introduce an `id_str` field in JSON responses. I have opted to *not* do that, and instead force all IDs to 64-bit integers represented by strings in one go. (I believe Twitter exacerbated their problem by rolling out the changes three times: once for statuses, once for DMs, and once for user IDs, as well as by leaving an integer ID value in JSON. As they said, "If you’re using the `id` field with JSON in a Javascript-related language, there is a very high likelihood that the integers will be silently munged by Javascript interpreters. In most cases, this will result in behavior such as being unable to load or delete a specific direct message, because the ID you're sending to the API is different than the actual identifier associated with the message." [1]) However, given that this is a significant change for API users, alternatives or a transition time may be appropriate. 1: https://blog.twitter.com/developer/en_us/a/2011/direct-messages-going-snowflake-on-sep-30-2011.html * Additional fixes for stringified IDs in JSON These should be the last two. These were identified using eslint to try to identify any plain casts to JavaScript numbers. (Some such casts are legitimate, but these were not.) Adding the following to .eslintrc.yml will identify casts to numbers: ~~~ no-restricted-syntax: - warn - selector: UnaryExpression[operator='+'] > :not(Literal) message: Avoid the use of unary + - selector: CallExpression[callee.name='Number'] message: Casting with Number() may coerce string IDs to numbers ~~~ The remaining three casts appear legitimate: two casts to array indices, one in a server to turn an environment variable into a number. * Back out RelationshipsController Change This was made to make a test a bit less flakey, but has nothing to do with this branch. * Change internal streaming payloads to stringified IDs as well Per https://github.com/tootsuite/mastodon/pull/5019#issuecomment-330736452 we need these changes to send deleted status IDs as strings, not integers.
2017-09-11Fix error when following locked accounts (#4896)Eugen Rochko
2017-09-10Fix POST /api/v1/follows error when already following (#4878)Eugen Rochko
2017-09-05Fix #4794 - Fake instant follow in API response when account is believed ↵Eugen Rochko
unlocked (#4799)
2017-09-02Raise an error for remote url in StatusFinder (#4776)unarist
* Raise an error for remote url in StatusFinder Previous implementation had allowed remote url with status id which also exists on local. Then that bug leads /api/web/embed to return wrong embed url. * Fix oembed_controller_spec
2017-08-25Pinned statuses (#4675)Eugen Rochko
* Pinned statuses * yarn manage:translations
2017-08-24Minor performance improvement for test suite (#4678)Eugen Rochko
2017-08-21Fix #4637 - Re-add missing doorkeeper_authorize for ↵Eugen Rochko
/api/v1/verify_credentials (#4650)
2017-08-18Don't send Link header when don't know prev and next links (#4633)Yamagishi Kazutoshi
2017-08-14Hook up URL-based resource look-up to ActivityPub (#4589)Eugen Rochko
2017-08-13ActivityPub delivery (#4566)Eugen Rochko
* Deliver ActivityPub Like * Deliver ActivityPub Undo-Like * Deliver ActivityPub Create/Announce activities * Deliver ActivityPub creates from mentions * Deliver ActivityPub Block/Undo-Block * Deliver ActivityPub Accept/Reject-Follow * Deliver ActivityPub Undo-Follow * Deliver ActivityPub Follow * Deliver ActivityPub Delete activities Incidentally fix #889 * Adjust BatchedRemoveStatusService for ActivityPub * Add tests for ActivityPub workers * Add tests for FollowService * Add tests for FavouriteService, UnfollowService and PostStatusService * Add tests for ReblogService, BlockService, UnblockService, ProcessMentionsService * Add tests for AuthorizeFollowService, RejectFollowService, RemoveStatusService * Add tests for BatchedRemoveStatusService * Deliver updates to a local account to ActivityPub followers * Minor adjustments
2017-07-28Cover Api::V1:FavouritesController more (#4409)Akihiko Odaki
2017-07-27Introduce access token fabricators (#4401)Akihiko Odaki
2017-07-27Remove redundant fabrication in the spec for Api::V1::FavouritesController ↵Akihiko Odaki
(#4391)
2017-07-23feat: Enable push subscription for mobile devices by default (#4321)Sorin Davidoi
2017-07-20Fix webfinger retries (#4275)Eugen Rochko
* Do not raise unretryable exceptions in ResolveRemoteAccountService * Removed fatal exceptions from ResolveRemoteAccountService Exceptions that cannot be retried should not be raised. New exception class for those that can be retried (Mastodon::UnexpectedResponseError)
2017-07-15Improve ActivityPub representations (#3844)Eugen Rochko
* Improve webfinger templates and make tests more flexible * Clean up AS2 representation of actor * Refactor outbox * Create activities representation * Add representations of followers/following collections, do not redirect /users/:username route if format is empty * Remove unused translations * ActivityPub endpoint for single statuses, add ActivityPub::TagManager for better URL/URI generation * Add ActivityPub::TagManager#to * Represent all attachments as Document instead of Image/Video specifically (Because for remote ones we may not know for sure) Add mentions and hashtags representation to AP notes * Add AP-resolvable hashtag URIs * Use ActiveModelSerializers for ActivityPub * Clean up unused translations * Separate route for object and activity * Adjust cc/to matrices * Add to/cc to activities, ensure announce activity embeds target status and not the wrapper status, add "id" to all collections
2017-07-14Fix #2672 - Connect signed PuSH subscription requests to instance domain (#4205)Eugen Rochko
* Fix #2672 - Connect signed PuSH subscription requests to instance domain Resolves #2739 * Fix return of locate_subscription * Fix tests
2017-07-13Web Push Notifications (#3243)Sorin Davidoi
* feat: Register push subscription * feat: Notify when mentioned * feat: Boost, favourite, reply, follow, follow request * feat: Notification interaction * feat: Handle change of public key * feat: Unsubscribe if things go wrong * feat: Do not send normal notifications if push is enabled * feat: Focus client if open * refactor: Move push logic to WebPushSubscription * feat: Better title and body * feat: Localize messages * chore: Fix lint errors * feat: Settings * refactor: Lazy load * fix: Check if push settings exist * feat: Device-based preferences * refactor: Simplify logic * refactor: Pull request feedback * refactor: Pull request feedback * refactor: Create /api/web/push_subscriptions endpoint * feat: Spec PushSubscriptionController * refactor: WebPushSubscription => Web::PushSubscription * feat: Spec Web::PushSubscription * feat: Display first media attachment * feat: Support direction * fix: Stuff broken while rebasing * refactor: Integration with session activations * refactor: Cleanup * refactor: Simplify implementation * feat: Set VAPID keys via environment * chore: Comments * fix: Crash when no alerts * fix: Set VAPID keys in testing environment * fix: Follow link * feat: Notification actions * fix: Delete previous subscription * chore: Temporary logs * refactor: Move migration to a later date * fix: Fetch the correct session activation and misc bugs * refactor: Move migration to a later date * fix: Remove follow request (no notifications) * feat: Send administrator contact to push service * feat: Set time-to-live * fix: Do not show sensitive images * fix: Reducer crash in error handling * feat: Add badge * chore: Fix lint error * fix: Checkbox label overlap * fix: Check for payload support * fix: Rename action "type" (crash in latest Chrome) * feat: Action to expand notification * fix: Lint errors * fix: Unescape notification body * fix: Do not allow boosting if the status is hidden * feat: Add VAPID keys to the production sample environment * fix: Strip HTML tags from status * refactor: Better error messages * refactor: Handle browser not implementing the VAPID protocol (Samsung Internet) * fix: Error when target_status is nil * fix: Handle lack of image * fix: Delete reference to invalid subscriptions * feat: Better error handling * fix: Unescape HTML characters after tags are striped * refactor: Simpify code * fix: Modify to work with #4091 * Sort strings alphabetically * i18n: Updated Polish translation it annoys me that it's not fully localized :P * refactor: Use current_session in PushSubscriptionController * fix: Rebase mistake * fix: Set cacheName to mastodon * refactor: Pull request feedback * refactor: Remove logging statements * chore(yarn): Fix conflicts with master * chore(yarn): Copy latest from master * chore(yarn): Readd offline-plugin * refactor: Use save! and update! * refactor: Send notifications async * fix: Allow retry when push fails * fix: Save track for failed pushes * fix: Minify sw.js * fix: Remove account_id from fabricator
2017-06-27Fix #1624 - Send e-mail notifications to admins about new reports (#3949)Eugen Rochko
2017-06-19Rename FollowRemoteAccountService to ResolveRemoteAccountService (#3847)Eugen Rochko
Rename Activitypub to ActivityPub
2017-06-10Move create/destroy actions for api/v1/statuses to namespace (#3678)Matt Jankowski
Each of mute, favourite, reblog has been updated to: - Have a separate controller with just a create and destroy action - Preserve historical route names to not break the API - Mild refactoring to break up long methods
2017-06-09Move reblogged_by and favourited_by actions out of api/v1/statuses and into ↵Matt Jankowski
unique controllers (#3646) * Add specs for api statuses routes * Update favourited_by and reblogged_by api routes * Move methods into new controllers * Use load_accounts methods to simplify index actions * Clean up load_accounts methods * Clean up link header generation * Check for link headers in specs * Remove unused actions from api/v1/statuses controller * Remove specs for moved actions
2017-06-07Clean up for api/base controller (#3629)Matt Jankowski
* Move ApiController to Api/BaseController * API controllers inherit from Api::BaseController * Add coverage for various error cases in api/base controller
2017-06-05Redirect to streaming_api_base_url (#3579)Daigo 3 Dango
* Redirect to streaming_api_base_url When Rails receives a request to streaming API, it most likely means that there is another host which is configured to respond to it. This is to redirect clients to that host if `STREAMING_API_BASE_URL` is set as another host. * Use the new Ruby 1.9 hash syntax
2017-05-31Spec coverage and refactor for the api/v1/accounts controllers (#3451)Matt Jankowski
2017-05-31Improve spec coverage and clean up api/v1/blocks controller (#3464)Matt Jankowski
2017-05-31Improve spec coverage and clean up api/v1/follow_requests controller (#3465)Matt Jankowski
2017-05-31Improve spec coverage and clean up api/v1/domain_blocks controller (#3466)Matt Jankowski
2017-05-31Improve spec coverage and clean up api/v1/favourites controller (#3472)Matt Jankowski
2017-05-31Improve spec coverage and clean up api/v1/mutes controller (#3481)Matt Jankowski
2017-05-30Improve spec coverage and clean up api/v1/media controller (#3467)Matt Jankowski
2017-05-31Clean up api/subscriptions controller (#3448)Matt Jankowski
2017-05-30Improve api oembed controller (#3450)Matt Jankowski
* Add StreamEntryFinder class to parse URLs * Use StreamEntryFinder and clean up api/oembed controller
2017-05-30Clean up api/salmon controller (#3449)Matt Jankowski
2017-05-23Refactor of API timeline actions (#3263)Matt Jankowski
- Increase coverage to exercise all parts of each action - Move into namespace to share common code - Misc refactor of each action for smaller methods, simpler code
2017-05-22Coverage for api/web/settings controller (#3238)Matt Jankowski
2017-05-20Enable and fill in JSON response test in API::AccountsController (#3157)Jack Jennings
2017-05-19Add coverage for api/v1 controllers (#3155)Matt Jankowski
2017-05-19Account domain blocks (#2381)Eugen Rochko
* Add <ostatus:conversation /> tag to Atom input/output Only uses ref attribute (not href) because href would be the alternate link that's always included also. Creates new conversation for every non-reply status. Carries over conversation for every reply. Keeps remote URIs verbatim, generates local URIs on the fly like the rest of them. * Conversation muting - prevents notifications that reference a conversation (including replies, favourites, reblogs) from being created. API endpoints /api/v1/statuses/:id/mute and /api/v1/statuses/:id/unmute Currently no way to tell when a status/conversation is muted, so the web UI only has a "disable notifications" button, doesn't work as a toggle * Display "Dismiss notifications" on all statuses in notifications column, not just own * Add "muted" as a boolean attribute on statuses JSON For now always false on contained reblogs, since it's only relevant for statuses returned from the notifications endpoint, which are not nested Remove "Disable notifications" from detailed status view, since it's only relevant in the notifications column * Up max class length * Remove pending test for conversation mute * Add tests, clean up * Rename to "mute conversation" and "unmute conversation" * Raise validation error when trying to mute/unmute status without conversation * Adding account domain blocks that filter notifications and public timelines * Add tests for domain blocks in notifications, public timelines Filter reblogs of blocked domains from home * Add API for listing and creating account domain blocks * API for creating/deleting domain blocks, tests for Status#ancestors and Status#descendants, filter domain blocks from them * Filter domains in streaming API * Update account_domain_block_spec.rb
2017-05-15Feature conversations muting (#3017)Eugen Rochko
* Add <ostatus:conversation /> tag to Atom input/output Only uses ref attribute (not href) because href would be the alternate link that's always included also. Creates new conversation for every non-reply status. Carries over conversation for every reply. Keeps remote URIs verbatim, generates local URIs on the fly like the rest of them. * Conversation muting - prevents notifications that reference a conversation (including replies, favourites, reblogs) from being created. API endpoints /api/v1/statuses/:id/mute and /api/v1/statuses/:id/unmute Currently no way to tell when a status/conversation is muted, so the web UI only has a "disable notifications" button, doesn't work as a toggle * Display "Dismiss notifications" on all statuses in notifications column, not just own * Add "muted" as a boolean attribute on statuses JSON For now always false on contained reblogs, since it's only relevant for statuses returned from the notifications endpoint, which are not nested Remove "Disable notifications" from detailed status view, since it's only relevant in the notifications column * Up max class length * Remove pending test for conversation mute * Add tests, clean up * Rename to "mute conversation" and "unmute conversation" * Raise validation error when trying to mute/unmute status without conversation