Age | Commit message (Collapse) | Author |
|
* add og:url to stream_item view
* add og:url and text to about/show
* add og:url to profile, followers and follows pages
|
|
* Add html lang attributes around statuses
* Remove urls from language detection
|
|
* Add spec coverage for settings/two_factor_auth area
* extract setup method for qr code
* Move otp required check to before action
* Merge method only used once
* Remove duplicate view
* Consolidate creation of @codes for backup
* Move settings/2fq#recovery_codes to settings/recovery_codes#create
* Rename settings/two_factor_auth#disable to #destroy
* Add coverage for the otp required path on 2fa#show
* Clean up the recovery codes list styles
* Move settings/two_factor_auth to settings/two_factor_authentication
* Reorganize the settings two factor auth area
Updated to use a flow like:
- settings/two_factor_authentication goes to a #show view which has a button
either enable or disable 2fa on the account
- the disable button turns off the otp requirement for the user
- the enable button cycles the user secret and redirects to a confirmation page
- the confirmation page is a #new view which shows the QR code for user
- that page posts to #create which verifies the code, and creates the recovery
codes
- that create action shares a view with a recovery codes controller which can be
used separately to reset codes if needed
|
|
We used some random Arabic characters to test that the various RTL
conditions got triggered.
|
|
* Add user spec for settings, highlight global default mutation issue
* Fix mutation issue caused by settings/preferences spec
|
|
* Add missing fields group on preferences page
* Clean up settings/preferences controller
* Extract a UserSettingsDecorator
|
|
* Add render_views for admin/settings spec
* Add coverage for admin/settings#update
* Add coverage for admin/settings typecasting open_registrations setting
* Simplify how admin/settings finds the value for updating
* Rely on activerecord to not update a value that hasnt changed
* Add coverage for non-existent setting
* Use a constant for boolean settings
|
|
|
|
* Fix #2108 - Fix gif uploads
Add specs for media attachment gifv conversion
* Add ffmpeg to travis
* Make travis install ffmpeg, not libav
* Switch travis to trusty
|
|
* Fix possibility of unrightful webfinger redirect
* Add more tests for FollowRemoteAccountService
|
|
* fix character escaping in URL
* add tests
* put a comma after the last item
* add HTML escape test
|
|
* Add routing specs for accounts followers and following actions
* Use more restful route naming for public account follow pages
Moves two actions:
- accounts#followers to accounts/follower_accounts#index
- accounts#following to accounts/following_accounts#index
Adds routing spec to ensure prior URLs are preserved.
|
|
|
|
|
|
* Extract detect_language to separate class
* Use default locale, not just en
* Add spec to confirm that whatlanguage cant identify empty string
* Allow account locale to override default in language detector
* PostStatusService supplies an account to detect language
|
|
|
|
* Add admin/instances index action
* Add link to instances admin page
* View lists instances
* Instances, grouped by domain, ordered by count
* Use Account.remote scope
* Extract method: Account.by_domain_accounts
|
|
* Add a ReportFilter class
* Add reports and targeted_reports relationships to Account
* Use ReportFilter from admin/reports controller
* Link to admin/reports filtered views from admin account show view
* Add indexes to reports.account_id and reports.target_account_id
|
|
* Remove unused method #set_counters_maps from api controller
* Remove unused method #set_account_counters_maps from api controller
* Remove unused method Account#followers_domains
* Remove unused User.prolific scope
* Add mastodon:users:admins task to list all admin emails
* Use interpolated query style in Account.triadic_closures
* Coverage for Account.triadic_closures
|
|
|
|
* Move site title helper to instance helper (name change only)
* Remove newline in <title> tag
* Add site_hostname helper method to wrap up local_domain value
* Use site_hostname helper in places that need local_domain value
|
|
These were being skipped with `xit`, but we also just added the `unused` task to
the CI server, and it will be caught there. That seems good enough for this,
instead of requiring a full keys check on every local spec suite run.
|
|
* Add spec for media controller
* Add MediaAttachment.attached scope
* Simplify methods in media controller
|
|
This change includes:
- Improve the spec coverage for incoming request to the webfinger action
- For requests without an accept header (ie, what a browser might look like),
return a JSON response.
- For requests with an explicit format of xml or json, return that format.
- For requests using an accept header, return that format.
Also adds failing spec showing webfinger does not return xml, which covers the
issue described in: https://github.com/tootsuite/mastodon/issues/1983
|
|
|
|
|
|
Create MediaAttachment but without actual file download when domain is blocked with reject_media set to true
Clean up old media files when creating a new domain block with reject_media set to true
Return remote_url in media attachments API if local file is not present
Undo domain block action in admin UI
Ability to enable reject_media from admin UI
|
|
* Add option to disable verify partial doubles
* Add show_landing_strip? helper method
* Use show_landing_strip? helper in accounts and stream entries views
* Fix naming in view specs
|
|
|
|
* Correct site_contact_email typo
* Separate about more page into partials, add specs
|
|
Devise changed their approach -
https://github.com/plataformatec/devise/commit/3f3ec236bb50a2ae8b0eede90d8f7ecd201d7dbb
This change silences a deprecation warning about `TestHelpers`
|
|
* Add recovery code support for two-factor auth
When users enable two-factor auth, the app now generates ten
single-use recovery codes. Users are encouraged to print the codes
and store them in a safe place.
The two-factor prompt during login now accepts both OTP codes and
recovery codes.
The two-factor settings UI allows users to regenerated lost
recovery codes. Users who have set up two-factor auth prior to
this feature being added can use it to generate recovery codes
for the first time.
Fixes #563 and fixes #987
* Set OTP_SECRET in test enviroment
* add missing .html to view file names
|
|
* Begin coverage for account search service
* Coverage for hashtag query
* Coverage for calling local vs remote find based on domain presence
* Spec to check that exact matches are not duped
* Coverage of resolve option
* Coverage for account being provided
* Start to refactor account search service
* Isolate query username and domain methods
* Isolate exact_match method
* Extract methods for local and remote results
* Simplify local vs remote and account isoliation
* Extract methods for local and remote results
* Simplify de-dupe of exact match
* Simplify logic to check for non exact remotes
* Cache some methods
* Remove nil from exact_match from results array
* Return exact matches first
* Use find_remote even with no domain
Account.find_local is just an alias for Account.find_remote(user, nil) - so we
can not bother with the conditional here, and call find_remote directly.
|
|
* Refresh local info for remote accounts when webfinger returns new values
It only refreshes account info if one of the URLs or the public-key changes,
in which cases it refreshes the full info, re-downloading the feeds from that
user.
Some special handling should probably be done when the public key changes,
but I have been unable to find any use for it in Mastodon yet.
* Re-fetch remote users we aren't subscribed to.
This might induce performance issues, we might want to only do that for users
we explicitly attempted to subscribe but failed to.
* Refactor changes
* Do not refresh existing remote account details more than once a day
* Avoid re-fetching webfinger info in tests unless otherwise specified
|
|
- Add some spec coverage for both methods
- Add explicit constant call-outs for where the params are from
|
|
as suggested, moving to view tests rather than a controller test
replaces https://github.com/tootsuite/mastodon/pull/1786 which i will
close momentary
|
|
This commit introduces Capybara and the first feature spec.
I focused on coverage for log in for the first feature spec because that would
have prevented 624a9a7136159d460228a0c2f5df18a9ead3b7f2 causing #1236.
|
|
* Add locale spec with failing locale plus region check
* Use a more accurate locale when supplied by browser headers
Previously we were using a matching option which would use the first locale
available which matched the locale portion, even if a region was specified.
This changes to first try to find an exact match, and then fall back to the
region, and then fall back to the default.
* Clean up default_locale method
|
|
* Simplify admin/reports controller filtering for index
* Rename parameter to resolved
* Fix issue where reports view could not access filter_link_to
* Add coverage for admin/reports controller
* DRY up resolution of related reports for target account
* Clean up admin/reports routes
* Add Report#statuses method
* DRY up current account action taken params
* Rubocop styles
|
|
* Add `Presenters` group to SimpleCov configuration
* Move validators to app/validators, add to simplecov config
|
|
|
|
* Add request spec for host meta route returning xml
* Add routing spec for xrd routes
* Update well-known routes
* Move webfinger and host-meta actions to their own controllers
|
|
* Remove unused account_params method in admin/accounts controller
* Introduce AccountFilter to find accounts
* Use AccountFilter in admin/accounts controller
* Use more restful routes admin silence and suspension area
* Add admin/silences and admin/suspensions controllers
|
|
* Refactor Export to take an account and know about the export types
* Use Export instance in settings/exports#show
|
|
* Remote spec for non-existent entry_classes helper method
This method no longer exists, and is handled by a local variable in a partial
instead.
* Remove spec for non-existent Account#ping! method
|
|
|
|
* Add WebfingerResource class to extract usernames
* Use WebfingerResource in xrd#webfinger
|
|
* Allow export of mutes list
* Allow importing of mutes list
* Refactor to use Settings::Exports::BaseController and DRY up exports code
|
|
|
|
* Add coverage for embedded status view
* Refactor embed view to eliminate @external_links variable
|