about summary refs log tree commit diff
path: root/spec/controllers
AgeCommit message (Collapse)Author
2020-05-14Fix webfinger returning wrong status code on malformed or missing param (#13759)ThibG
Fixes #13757
2020-05-12Bump doorkeeper from 5.3.3 to 5.4.0 (#13733)dependabot-preview[bot]
* Bump doorkeeper from 5.3.3 to 5.4.0 Bumps [doorkeeper](https://github.com/doorkeeper-gem/doorkeeper) from 5.3.3 to 5.4.0. - [Release notes](https://github.com/doorkeeper-gem/doorkeeper/releases) - [Changelog](https://github.com/doorkeeper-gem/doorkeeper/blob/master/CHANGELOG.md) - [Commits](https://github.com/doorkeeper-gem/doorkeeper/compare/v5.3.3...v5.4.0) Signed-off-by: dependabot-preview[bot] <support@dependabot.com> * Fix tests * Fix use of Doorkeeper::AccessToken.find_or_create_for * Fix tests? Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com> Co-authored-by: Thibaut Girka <thib@sitedethib.com>
2020-05-11Fix sr locale being selected over sr-Latn (#13693)ThibG
* Fix sr locale being selected over sr-Latn * Update tests
2020-05-10Refactor monkey-patching of Goldfinger (#12561)Eugen Rochko
2020-05-10Add ability to remove identity proofs from account (#13682)Eugen Rochko
Fix #12613
2020-05-08Fix own following/followers not showing muted users (#13614)ThibG
Fixes #13612
2020-05-03Add more ActivityPub controller tests (#13590)Eugen Rochko
2020-05-03Add more tests for ActivityPub controllers (#13585)Eugen Rochko
2020-03-21Fix reported accounts not being whitelisted when resolving a spamcheck ↵ThibG
report (#13289)
2020-03-08Add specific rate limits for posting and following (#13172)Eugen Rochko
2020-02-27Fix leak of arbitrary statuses through unfavourite action in REST API (#13161)Eugen Rochko
2020-02-16Fix sign-ups without checked user agreement being accepted through the web ↵ThibG
form (#13088) * Fix user agreement not being verified * Fix tests * Fix up agreement field being dismissed
2020-02-03Change signature verification to ignore signatures with invalid host (#13033)Eugen Rochko
Instead of returning a signature verification error, pretend there was no signature (i.e., this does not allow access to resources that need a valid signature), so public resources can still be fetched Fix #13011
2020-01-23Add announcements (#12662)Eugen Rochko
* Add announcements Fix #11006 * Add reactions to announcements * Add admin UI for announcements * Add unit tests * Fix issues - Add `with_dismissed` param to announcements API - Fix end date not being formatted when time range is given - Fix announcement delete causing reactions to send streaming updates - Fix announcements container growing too wide and mascot too small - Fix `all_day` being settable when no time range is given - Change text "Update" to "Announcement" * Fix scheduler unpublishing announcements before they are due * Fix filter params not being passed to announcements filter
2020-01-04Fix base64-encoded file uploads not being possible (#12748)Eugen Rochko
Fix #3804, Fix #5776
2019-12-31Hide blocked users from more places (#12733)ThibG
* Hide blocked, muted, and blocked-by users from toot favourite lists * Hide blocked, muted, and blocked-by users from toot reblog lists * Hide blocked, muted, and blocked-by users from followers/following (API) * Fix tests * Hide blocked, muted, and blocked-by users from followers/following on public pages
2019-12-17Fixes featured hashtag setting page erroring out instead of rejecting ↵ThibG
invalid tags (#12436) * Revert "Fix ignoring whole status because of one invalid hashtag (#11621)" This reverts commit dff46b260b2f7d765d254c84a4b89105c7de5e97. * Fix statuses being rejected because of invalid hashtag names * Add spec for invalid hashtag names in statuses * Add test for featured tags controller
2019-11-17Support min_id-based pagination for bookmarks (#12381)Gomasy
* Support min_id-based pagination for bookmarks * Fix spec
2019-11-16make it not return http 400 when passing and empty source argument (#12259)Jennifer Glauche
* make it not return http 400 when passing and empty source argument * create a spec for the empty source hash bug * compact checks for nil, empty? parameters * use nil.blank? instead checking for nil
2019-11-13Add bookmarks (#7107)ThibG
* Add backend support for bookmarks Bookmarks behave like favourites, except they aren't shared with other users and do not have an associated counter. * Add spec for bookmark endpoints * Add front-end support for bookmarks * Introduce OAuth scopes for bookmarks * Add bookmarks to archive takeout * Fix migration * Coding style fixes * Fix rebase issue * Update bookmarked_statuses to latest UI changes * Update bookmark actions to properly reflect status changes in state * Add bookmarks item to single-column layout * Make active bookmarks red
2019-11-13Change to always returns html document in error pages (#12214)Yamagishi Kazutoshi
2019-09-29Add a nodeinfo endpoint (#12002)Eugen Rochko
* Add nodeinfo endpoint * dont commit stuff from my local dev * consistant naming since we implimented 2.1 schema * Add some additional node info stuff * Add nodeinfo endpoint * dont commit stuff from my local dev * consistant naming since we implimented 2.1 schema * expanding this to include federation info * codeclimate feedback * CC feedback * using activeserializers seems like a good idea... * get rid of draft 2.1 version * Reimplement 2.1, also fix metaData -> metadata * Fix metaData -> metadata here too * Fix nodeinfo 2.1 tests * Implement cache for monthly user aggregate * Useless * Remove ostatus from the list of supported protocols * Fix nodeinfo's open_registration reading obsolete setting variable * Only serialize domain blocks with user-facing limitations * Do not needlessly list noop severity in nodeinfo * Only serialize domain blocks info in nodeinfo when they are set to be displayed to everyone * Enable caching for nodeinfo endpoints * Fix rendering nodeinfo * CodeClimate fixes * Please CodeClimate * Change InstancePresenter#active_user_count_months for clarity * Refactor NodeInfoSerializer#metadata * Remove nodeinfo 2.1 support as the schema doesn't exist * Clean-up
2019-09-19Add account migration UI (#11846)Eugen Rochko
Fix #10736 - Change data export to be available for non-functional accounts - Change non-functional accounts to include redirecting accounts
2019-09-18Add password challenge to 2FA settings, e-mail notifications (#11878)Eugen Rochko
Fix #3961
2019-09-18Fix TOTP codes not being filtered from logs during enabling/disabling (#11877)Eugen Rochko
Not a serious issue because they are meaningless past single use
2019-09-15Fix 2FA challenge and password challenge for non-database users (#11831)Eugen Rochko
* Fix 2FA challenge not appearing for non-database users Fix #11685 * Fix account deletion not working when using external login Fix #11691
2019-09-13Remove deprecated `GET /api/v1/search` API (#11823)Eugen Rochko
Use `GET /api/v2/search` instead
2019-09-11Change deletes to preserve soft-deleted statuses in unresolved reports (#11805)Eugen Rochko
Change all account actions except "none" to resolve all unresolved reports Refactor `SuspendAccountService` to be more readable
2019-09-11add admin setting for default search engine indexing (fix #11750) (#11804)Tao Bror Bojlén
2019-09-10Add updated relationship to follow request API responses (#11800)ThibG
Fixes #11747
2019-09-09Add batch actions and categories to admin UI for custom emojis (#11793)Eugen Rochko
2019-09-06Add timeline read markers API (#11762)Eugen Rochko
Fix #4093
2019-08-30Fix uncaught domain normalization error in remote follow (#11703)Eugen Rochko
2019-08-30Fix uncaught parameter missing exceptions and missing error templates (#11702)Eugen Rochko
2019-08-22Fix remote and staff-removed statuses leaving media behind for a day (#11638)Eugen Rochko
The reason for unattaching media instead of removing it is to support delete & redraft functionality, but remote or staff-removed statuses will never be redrafted, so the media should be deleted immediately
2019-08-16Fix blurhash and autoplay not working on public pages (#11585)Eugen Rochko
2019-08-06Bump faker from 1.9.6 to 2.1.0 and update faker api (#11489)Yusuke Nakamura
* Bump faker from 1.9.6 to 2.1.0 Bumps [faker](https://github.com/stympy/faker) from 1.9.6 to 2.1.0. - [Release notes](https://github.com/stympy/faker/releases) - [Changelog](https://github.com/stympy/faker/blob/master/CHANGELOG.md) - [Commits](https://github.com/stympy/faker/compare/1.9.6...v2.1.0) Signed-off-by: dependabot-preview[bot] <support@dependabot.com> * Use faker api v2 https://github.com/stympy/faker/releases/tag/2.0
2019-08-05Change admin UI for hashtags and add back whitelisted trends (#11490)Eugen Rochko
Fix #271 Add back the `GET /api/v1/trends` API with the caveat that it does not return tags that have not been allowed to trend by the staff. When a hashtag begins to trend (internally) and that hashtag has not been previously reviewed by the staff, the staff is notified. The new admin UI for hashtags allows filtering hashtags by where they are used (e.g. in the profile directory), whether they have been reviewed or are pending reviewal, they show by how many people the hashtag is used in the directory, how many people used it today, how many statuses with it have been created today, and it allows fixing the name of the hashtag to make it more readable. The disallowed hashtags feature has been reworked. It is now controlled from the admin UI for hashtags instead of from the file `config/settings.yml`
2019-08-01Remove XML version of Webfinger and remove links to Atom feeds (#11460)Eugen Rochko
Fix #11453
2019-07-22Change unconfirmed user login behaviour (#11375)Eugen Rochko
Allow access to account settings, 2FA, authorized applications, and account deletions to unconfirmed and pending users, as well as users who had their accounts disabled. Suspended users cannot update their e-mail or password or delete their account. Display account status on account settings page, for example, when an account is frozen, limited, unconfirmed or pending review. After sign up, login users straight away and show a simple page that tells them the status of their account with links to account settings and logout, to reduce onboarding friction and allow users to correct wrongly typed e-mail addresses. Move the final sign-up step of SSO integrations to be the same as above to reduce code duplication.
2019-07-21Change locale detection to run once per session (#8657)Eugen Rochko
Fix #6462
2019-07-11Add ActivityPub secure mode (#11269)Eugen Rochko
* Add HTTP signature requirement for served ActivityPub resources * Change `SECURE_MODE` to `AUTHORIZED_FETCH` * Add 'Signature' to 'Vary' header and improve code style * Improve code style by adding `public_fetch_mode?` method
2019-07-11Add HTTP signatures to all outgoing ActivityPub GET requests (#11284)Eugen Rochko
2019-07-08Remove unused remote unfollow controller (#11250)Eugen Rochko
2019-07-08Refactor controllers for statuses, accounts, and more (#11249)Eugen Rochko
2019-07-07Remove Atom feeds and old URLs in the form of `GET /:username/updates/:id` ↵Eugen Rochko
(#11247)
2019-07-06Remove Salmon and PubSubHubbub (#11205)Eugen Rochko
* Remove Salmon and PubSubHubbub endpoints * Add error when trying to follow OStatus accounts * Fix new accounts not being created in ResolveAccountService
2019-07-05Remove deprecated REST API `GET /api/v1/statuses/:id/card` (#11213)Eugen Rochko
2019-07-05Remove deprecated REST API `GET /api/v1/timelines/direct` (#11212)Eugen Rochko
2019-06-20Add moderation API (#9387)Eugen Rochko
Fix #8580 Fix #7143