Age | Commit message (Collapse) | Author |
|
|
|
|
|
* Fix #3910 - Require OTP authentication to disable 2FA. Also, remove ability
to generate new OTP backup codes *after* initial backup codes were handed
out during activation
* Restore recovery code re-generation
* Improve display of some 2FA elements
|
|
|
|
Also domain_block fabricator now sets unique domains
|
|
* Add overview of active sessions
* Better display of browser/platform name
* Improve how browser information is stored and displayed for sessions overview
* Fix test
|
|
* feat: Revocable sessions
* fix: Tests using sign_in
* feat: Configuration entry for the maximum number of session activations
|
|
|
|
|
|
* Introduce domains method to Account relation
Account had followers_domains method, which was excessively specific.
Let relation of Account have domains method instead.
* Move follow_mapping in Account to AccountInteractions
* Introduce shared examples for AccountAvatar inclusion
* Cover Account more
|
|
* Fix regression from #3842
Simplify the query by omitting all direct statuses. Private statuses
are allowed because they are from accounts we are following (so
by definition)
Resolves #3887 (alternative)
* Adjust test
|
|
The classes using Status.as_home_timeline, namely Feed and
PrecomputeFeedService are expected to filter direct statuses as
FanOutWriteService does, but their filtering were incomplete or missing.
This commit solves the problem by filtering direct statuses in
as_home_timeline as the other similar methods such as as_public_timeline
does.
|
|
This fixes a random spec failures since commit
d55f207274648369cba30ff001aa3e354fa30dca.
|
|
This fixes below bugs:
* pipe characters being counted as RTL character
* only first word being checked
|
|
|
|
|
|
|
|
|
|
Rename Activitypub to ActivityPub
|
|
|
|
|
|
* Whitelist allowed classes for federated statuses
Allowed classes are currently:
- Any microformats class (h/p/u/dt/e-*)
- the classes mention, hashtag, ellipses and invisible.
this last one is somewhat suspect, but Mastodon currently uses it to render hidden link text.
resolved #3790
* Fix code style
|
|
|
|
ancestors/descendants even if the viewer is anonymous (#3752)
|
|
account before removing content for quicker feedback to end-users
|
|
* Make Pubsubhubbub::DistributionWorker handle both single stream entry
arguments, as well as arrays of stream entries
* Add BatchedRemoveStatusService, make SuspendAccountService use it
* Improve method names
* Add test
* Add more tests
* Use PuSH payloads of 100 to have a clear mapping of
1000 input statuses -> 10 PuSH payloads
It was nice while it lasted
|
|
* Add form for account deletion
* If avatar or header are gone from source, remove them
* Add option to have SuspendAccountService remove user record, add tests
* Exclude suspended accounts from search
|
|
* Fix #2619 - When redis feed is empty, fall back to database
* Use redis value to return feed from database only while RegenerationWorker
hasn't finished running
* Fix specs
* Replace usage of reject!
|
|
* Use I18n.locale instead of ":en"
* Reset I18n.locale value after locale changing tests
|
|
of delete Salmon (#3672)
* Fix removal of status sending the original status to mentioned users instead
of delete Salmon, add test
* Create remove_status_service_spec.rb
|
|
* Localize date in digest
* Cover NotificationMailer more
|
|
When case insensitivity is enabled via devise's `config.case_insensitive_keys` then `.find_for_authentication` method needs to be used instead of `.find_by` because second mentioned returns `nil` when valid email with different cases is passed.
More info https://github.com/plataformatec/devise/wiki/How-To:-Use-case-insensitive-emails
|
|
* Improve default language decision
This change allows to takes account of accepted language determined by
the user agent even if the custom default locale of the instance is
configured.
* Cover Localized more
* Fix code style
|
|
Each of mute, favourite, reblog has been updated to:
- Have a separate controller with just a create and destroy action
- Preserve historical route names to not break the API
- Mild refactoring to break up long methods
|
|
unique controllers (#3646)
* Add specs for api statuses routes
* Update favourited_by and reblogged_by api routes
* Move methods into new controllers
* Use load_accounts methods to simplify index actions
* Clean up load_accounts methods
* Clean up link header generation
* Check for link headers in specs
* Remove unused actions from api/v1/statuses controller
* Remove specs for moved actions
|
|
* Default to nil for statuses.language
* Language detection defaults to nil instead of instance UI default
|
|
* Fix db:seed - only run some validations when the field was changed
* Add tests
|
|
https://github.com/codeclimate/codeclimate-rubocop/blob/08f8de84ebfb39caa96391e23816877278f6441c/Gemfile.lock#L38
Code Climate is using RuboCop v0.46.0.
Change several rules to maintain compatibility.
|
|
* Move ApiController to Api/BaseController
* API controllers inherit from Api::BaseController
* Add coverage for various error cases in api/base controller
|
|
|
|
controller (#3625)
* Coverage for rate limit headers
* Move rate limit headers methods to concern
* Move throttle check to condition on before_action
* Move match_data variable into method
* Move utc timestamp to separate method
* Move header setting into smaller methods
* specs cleanup
|
|
|
|
* Sort results by the name
* Switch search method to simple `LIKE` matching instead of tsvector/tsquery
Previously we used scores from ts_rank_cd() to sort results, but it didn't work
because the function returns same score for all results. It's not for calculate
similarity of single words. Sometimes this bug even push out exact matching tag
from results.
Additionally, PostgreSQL supports prefix searching with standard btree index.
Using it offers simpler code, but also less index size and some speed.
|
|
* Add quotes ESLint rule
* Add jsx-quotes ESlint rule
* Sort ESLint rules
|
|
* Add a StatusFilter class to identify visibility of statuses by accounts
* Extract StatusThreadingConcern from Status
* Clarify purpose of checking for nil account
|
|
* Redirect to streaming_api_base_url
When Rails receives a request to streaming API, it most likely
means that there is another host which is configured to respond
to it. This is to redirect clients to that host if
`STREAMING_API_BASE_URL` is set as another host.
* Use the new Ruby 1.9 hash syntax
|
|
|
|
|
|
Closes https://github.com/tootsuite/mastodon/issues/3102
|
|
* Added support for configurable reserved usernames
* Added reserved usernames from mastodon issue 1355
* Fix reserved usernames
|