about summary refs log tree commit diff
path: root/spec/controllers
AgeCommit message (Collapse)Author
2021-11-26Fix admin statuses order(#16937) (#16969)Jeong Arm
* Fix #16937 * Add test for statuses order
2021-11-26Remove Keybase integration (#17045)Eugen Rochko
2021-11-25Merge branch 'main' into glitch-soc/merge-upstreamClaire
Conflicts: - `app/views/admin/tags/index.html.haml`: Removed upstream while it had changes in glitch-soc to accomodate for the theming system. Additional changes to accomodate for the theming system: - `app/views/admin/trends/links/preview_card_providers/index.html.haml` - `app/views/admin/trends/links/index.html.haml` - `app/views/admin/trends/tags/index.html.haml` - `app/views/admin/tags/show.html.haml`
2021-11-25Add trending links (#16917)Eugen Rochko
* Add trending links * Add overriding specific links trendability * Add link type to preview cards and only trend articles Change trends review notifications from being sent every 5 minutes to being sent every 2 hours Change threshold from 5 unique accounts to 15 unique accounts * Fix tests
2021-11-06Merge branch 'main' into glitch-soc/merge-upstreamClaire
2021-11-06Fix AccountNote not having a maximum length (#16942)Claire
2021-10-25Merge branch 'main' into glitch-soc/merge-upstreamClaire
Conflicts: - `.env.production.sample`: Upstream added new configuration options, uncommented by default. Commented them. - `Gemfile.lock`: Upstream updated dependencies textually close to glitch-soc-specific dependencies. Updated those upstream dependencies.
2021-10-18Add remove from followers api (#16864)Takeshi Umeda
* Add followed_by? to account_interactions * Add RemoveFromFollowersService * Fix AccountBatch to use RemoveFromFollowersService * Add remove from followers API
2021-10-13Merge branch 'main' into glitch-soc/merge-upstreamClaire
Conflicts: - `package.json`: Not really a conflict, just a glitch-soc-only dependency textually too close to an updated upstream one. - `yarn.lock`: Not really a conflict, just a glitch-soc-only dependency textually too close to an updated upstream one.
2021-10-13Fix error when rendering public pages with media attachments (#16763)Claire
* Add tests * Fix error when rendering public pages with media attachments * Add tests * Fix tests * Please CodeClimate
2021-09-30Merge branch 'main' into glitch-soc/merge-upstreamClaire
2021-09-30Fix webauthn secure key authentication (#16792)Claire
* Add tests * Fix webauthn secure key authentication Fixes #16769
2021-09-26Merge branch 'main' into glitch-soc/merge-upstreamClaire
Conflicts: - `streaming/index.js`: Filtering code for streaming notifications has been refactored upstream, but glitch-soc had similar code for local-only toots in the same places. Ported upstream changes, but did not refactor local-only filtering.
2021-09-26Change routing paths to use usernames in web UI (#16171)Eugen Rochko
2021-09-19Merge branch 'main' into glitch-soc/merge-upstreamClaire
2021-09-15Fix followers synchronization mechanism not working when URI has empty path ↵Claire
(#16744) Follow-up to #16510, forgot the controller exposing the actual followers…
2021-09-14Merge branch 'main' into glitch-soc/merge-upstreamClaire
2021-09-13Stop setting a shortcode to newly-created media attachments (#16730)Claire
* Stop setting a shortcode to newly-created media attachments The WebUI has stopped using the “short media URL” in ages. This isn't used anywhere except for mail notifications. Deprecating it would allow us to eventually get rid of at least a database column and corruption-prone index, as well as a controller. * Fix tests
2021-08-27Merge branch 'main' into glitch-soc/merge-upstreamClaire
2021-08-25Fix authentication failures after going halfway through a sign-in attempt ↵Claire
(#16607) * Add tests * Add security-related tests My first (unpublished) attempt at fixing the issues introduced (extremely hard-to-exploit) security vulnerabilities, addressing them in a test. * Fix authentication failures after going halfway through a sign-in attempt * Refactor `authenticate_with_sign_in_token` and `authenticate_with_two_factor` to make the two authentication steps more obvious
2021-08-09Merge branch 'main' into glitch-soc/merge-upstreamClaire
Conflicts: - `Gemfile.lock`: Not a real conflict, upstream-updated dependency (redis) textually too close to glitch-soc-only dependecy. Updated redis gem like upstream did.
2021-08-09Add feature to automatically delete old toots (#16529)Claire
* Add account statuses cleanup policy model * Record last inspected toot to delete to speed up successive calls to statuses_to_delete * Add service to cleanup a given account's statuses within a budget * Add worker to go through account policies and delete old toots * Fix last inspected status id logic All existing statuses older or equal to last inspected status id must be kept by the current policy. This is an invariant that must be kept so that resuming deletion from the last inspected status remains sound. * Add tests * Refactor scheduler and add tests * Add user interface * Add support for discriminating based on boosts/favs * Add UI support for min_reblogs and min_favs, rework UI * Address first round of review comments * Replace Snowflake#id_at_start with with_random parameter * Add tests * Add tests for StatusesCleanupController * Rework settings page * Adjust load-avoiding mechanisms * Please CodeClimate
2021-07-17Merge branch 'main' into glitch-soc/merge-upstreamClaire
2021-07-14Fix user email address being banned on self-deletion (#16503)Claire
* Add tests * Fix user email address being banned on self-deletion Fixes #16498
2021-07-08Merge branch 'main' into glitch-soc/merge-upstreamClaire
Conflicts: - `app/helpers/accounts_helper.rb`: Conflict due to upstream changing how followers count is displayed while we have an option to hide followers count. Ported upstream change. - `app/views/accounts/_header.html.haml`: Conflict due to upstream changing how followers count is displayed while we have an option to hide followers count. Ported upstream change. - `app/views/directories/index.html.haml`: Conflict due to upstream changing how followers count is displayed while we have an option to hide followers count. Ported upstream change.
2021-07-08Add ability to skip sign-in token authentication for specific users (#16427)Eugen Rochko
Remove "active within last two weeks" exception for sign in token requirement Change admin reset password to lock access until the password is reset
2021-07-03Fix anonymous access to outbox not being cached by the reverse proxy (#16458)Claire
* Fix anonymous access to outbox not being cached by the reverse proxy Up until now, anonymous access to outbox was marked as public, but with a 0 duration for caching, which means remote proxies would only serve from cache when the server was completely overwhelmed. Changed that cache duration to one minute, so that repeated anonymous access to one account's outbox can be appropriately cached. Also added `Signature` to the `Vary` header in case a page is requested, so that authenticated fetches are never served from cache (which only contains public toots). * Remove Vary: Accept header from webfinger controller Indeed, we have stopped returning xrd, and only ever return jrd, so the Accept request header does not matter anymore. * Cache negative webfinger hits for 3 minutes
2021-06-23Merge branch 'main' into glitch-soc/merge-upstreamClaire
2021-06-21Fix serialization of followers/following counts when user hides their ↵Claire
network (#16418) * Add tests * Fix serialization of followers/following counts when user hides their network Fixes #16382 Signed-off-by: Claire <claire.github-309c@sitedethib.com>
2021-05-08Merge branch 'main' into glitch-soc/merge-upstreamClaire
2021-05-07Remove PubSubHubbub-related columns from accounts table (#16170)Eugen Rochko
2021-05-07Merge branch 'main' into glitch-soc/merge-upstreamClaire
- `app/views/statuses/_simple_status.html.haml`: Small markup change in glitch-soc, on a line that has been modified by upstream. Ported upstream changes.
2021-05-06Add Ruby 3.0 support (#16046)Claire
* Fix issues with POSIX::Spawn, Terrapin and Ruby 3.0 Also improve the Terrapin monkey-patch for the stderr/stdout issue. * Fix keyword argument handling throughout the codebase * Monkey-patch Paperclip to fix keyword arguments handling in validators * Change validation_extensions to please CodeClimate * Bump microformats from 4.2.1 to 4.3.1 * Allow Ruby 3.0 * Add Ruby 3.0 test target to CircleCI * Add test for admin dashboard warnings * Fix admin dashboard warnings on Ruby 3.0
2021-05-03Change confirmations controller to redirect to / for approved users (#16151)Claire
Clicking the confirmation link multiple times currently leads to entering account settings, which can be confusing. This commit changes that so that it redirects to the root path, so it behaves the same way as clicking only once in most cases.
2021-04-20Merge branch 'main' into glitch-soc/merge-upstreamClaire
Conflicts: - `README.md`: Upstream updated copyright year, we don't mention it so kept our version. - `app/controllers/admin/dashboard_controller.rb`: Not really a conflict, upstream change (removing the spam checker) too close to glitch-soc changes. Ported upstream changes. - `app/models/form/admin_settings.rb`: Same. - `app/services/remove_status_service.rb`: Same. - `app/views/admin/settings/edit.html.haml`: Same. - `config/settings.yml`: Same. - `config/environments/production.rb`: Not a real conflict, upstream added a default HTTP header, but we have extra headers in glitch-soc. Added the header.
2021-04-15Fix app name, website and redirect URIs not having a maximum length (#16042)Eugen Rochko
Fix app scopes not being validated
2021-04-15Add `policy` param to `POST /api/v1/push/subscriptions` (#16040)Eugen Rochko
With possible values `all`, `followed`, `follower`, and `none`, control from whom notifications will generate a Web Push alert
2021-04-05Fix glitch-soc-specific health check specClaire
2021-03-31Merge branch 'main' into glitch-soc/merge-upstreamClaire
2021-03-26Fix /admin/tags/:id crashing since Rails 6.1 update (#15953)Claire
Raw SQL passed to `pluck` now has to be explicitly marked as SQL via Arel.sql, see https://github.com/rails/rails/pull/27947
2021-03-24Merge branch 'main' into glitch-soc/merge-upstreamClaire
2021-03-24Update Mastodon to Rails 6.1 (#15910)Claire
* Update devise-two-factor to unreleased fork for Rails 6 support Update tests to match new `rotp` version. * Update nsa gem to unreleased fork for Rails 6 support * Update rails to 6.1.3 and rails-i18n to 6.0 * Update to unreleased fork of pluck_each for Ruby 6 support * Run "rails app:update" * Add missing ActiveStorage config file * Use config.ssl_options instead of removed ApplicationController#force_ssl Disabled force_ssl-related tests as they do not seem to be easily testable anymore. * Fix nonce directives by removing Rails 5 specific monkey-patching * Fix fixture_file_upload deprecation warning * Fix yield-based test failing with Rails 6 * Use Rails 6's index_with when possible * Use ActiveRecord::Cache::Store#delete_multi from Rails 6 This will yield better performances when deleting an account * Disable Rails 6.1's automatic preload link headers Since Rails 6.1, ActionView adds preload links for javascript files in the Links header per default. In our case, that will bloat headers too much and potentially cause issues with reverse proxies. Furhermore, we don't need those links, as we already output them as HTML link tags. * Switch to Rails 6.0 default config * Switch to Rails 6.1 default config * Do not include autoload paths in the load path
2021-03-19Merge branch 'main' into glitch-soc/merge-upstreamClaire
2021-03-18Fix cache_collection crashing when given an empty collection (#15921)Claire
* Fix cache_collection crashing when given an empty collection * Add tests
2021-03-17Prepare Mastodon for Rails 6 (#15911)Claire
* Fix misuse of foreign_type * Fix use of removed "add_template_helper" * Use response.media_type instead of response.content_type in tests * Fix CSV export controller test on Rails 6 Rails 6 sets a "filename*" field in the Content-Disposition header to explicitly encode the filename as UTF-8. This changes checks the first part of the Content-Disposition header so it matches in both Rails 5 and Rails 6. * Fix emoji formatting with Rails 6 * Make emoji output more idiomatic and robust * Switch from redis-rails gem to built-in Rails redis cache storage
2021-03-02Merge branch 'main' into glitch-soc/merge-upstreamClaire
Conflicts: - `app/validators/status_length_validator.rb`: Upstream changes too close to glitch-soc MAX_CHARS changes, but not a real conflict. Applied upstream changes. - `package.json`: glitch-soc-only dependency textually too close to a dependency updated upstream, not a real conflict. Applied upstream changes.
2021-03-01Add `details` to error response for `POST /api/v1/accounts` in REST API (#15803)Eugen Rochko
2021-02-24Change ResolveAccountService's handling of skip_webfinger (#15750)Claire
* Change ResolveAccountService's handling of skip_webfinger Change it so it never makes any webfinger query, as the name would imply. * Add tests * Change FollowService to not take an URI for target_account * Restore domain-block check in FollowService * Fix tests
2021-02-03Merge branch 'main' into glitch-soc/merge-upstreamClaire
2021-02-02Fix race conditions on account migration creation (#15597)ThibG
* Atomically check for processing lock in Move handler * Prevent race condition when creating account migrations Fixes #15595 * Add tests Co-authored-by: Claire <claire.github-309c@sitedethib.com>