about summary refs log tree commit diff
path: root/spec
AgeCommit message (Collapse)Author
2022-11-20Don't allow URLs that contain non-normalized paths to be verified (#20999)David Leadbeater
* Don't allow URLs that contain non-normalized paths to be verified This stops things like https://example.com/otheruser/../realuser where "/otheruser" appears to be the verified URL, but the actual URL being verified is "/realuser" due to the "/../". Also fix a test to use 'https', so it is testing the right thing, now that since #20304 https is required. * missing do
2022-11-17Fix style for hashes (#20518)Rose
* Fix style for hashes Make the style for hashes consistent. * New style More consistency
2022-11-17Support for import/export of instance-level domain blocks/allows for 4.x w/ ↵lenore gilbert
additional fixes (#20597) * Allow import/export of instance-level domain blocks/allows (#1754) * Allow import/export of instance-level domain blocks/allows. Fixes #15095 * Pacify circleci * Address simple code review feedback * Add headers to exported CSV * Extract common import/export functionality to AdminExportControllerConcern * Add additional fields to instance-blocked domain export * Address review feedback * Split instance domain block/allow import/export into separate pages/controllers * Address code review feedback * Pacify DeepSource * Work around Paperclip::HasAttachmentFile for Rails 6 * Fix deprecated API warning in export tests * Remove after_commit workaround (cherry picked from commit 94e98864e39c010635e839fea984f2b4893bef1a) * Add confirmation page when importing blocked domains (#1773) * Move glitch-soc-specific strings to glitch-soc-specific locale files * Add confirmation page when importing blocked domains (cherry picked from commit b91196f4b73fff91997b8077619ae25b6d04a59e) * Fix authorization check in domain blocks controller (cherry picked from commit 75279377583c6e2aa04cc8d7380c593979630b38) * Fix error strings for domain blocks and email-domain blocks Corrected issue with non-error message used for Mastodon:NotPermittedError in Domain Blocks Corrected issue Domain Blocks using the Email Domain Blocks message on ActionContoller::ParameterMissing Corrected issue with Email Domain Blocks using the not_permitted string from "custom emojii's" * Ran i18n-tasks normalize to address test failure * Removed unused admin.export_domain_blocks.not_permitted string Removing unused string as indicated by Check i18n * Fix tests (cherry picked from commit 9094c2f52c24e1c00b594e7c11cd00e4a07eb431) * Fix domain block export not exporting blocks with only media rejection (cherry picked from commit 26ff48ee48a5c03a2a4b0bd03fd322529e6bd960) * Fix various issues with domain block import - stop using Paperclip for processing domain allow/block imports - stop leaving temporary files - better error handling - assume CSV files are UTF-8-encoded (cherry picked from commit cad824d8f501b95377e4f0a957e5a00d517a1902) Co-authored-by: Levi Bard <taktaktaktaktaktaktaktaktaktak@gmail.com> Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2022-11-17Handle links with no href in VerifyLinkService (#20741)Joshua Wood
Before this change, the following error would cause VerifyAccountLinksWorker to fail: NoMethodError: undefined method `downcase' for nil:NilClass [PROJECT_ROOT]/app/services/verify_link_service.rb:31 :in `block in link_back_present?`
2022-11-14Fix rate limiting for paths with formats (#20675)Eugen Rochko
2022-11-14Move V2 Filter methods under /api/v2 prefix (#20622)trwnh
* Move V2 Filter methods under /api/v2 prefix * move over the tests too
2022-11-14Fix error when invalid domain name is submitted (#19474)Eugen Rochko
Fix #19175
2022-11-14Fix error when passing unknown filter param in REST API (#20626)Eugen Rochko
Fix #19156
2022-11-14Support UTF-8 Characters in Domains During CSV Import (#20592)Hampton Lintorn-Catlin
* Support UTF-8 Characters in Domains During Import * Update Changelong
2022-11-13Test blank account field verifiability (#20458)Emily Strickland
* Test blank account field verifiability This change tests the need for #20428, which ensures that we guard against a situation in which `at_xpath` returns `nil`. * Test verifiability of blank fields for remote account profiles This adds a counterpart test for remote account profiles' fields' verifiability when those fields are blank. I previously added the same test for local accounts.
2022-11-11Test the native_locale_name of a non-standard locale (#20284)F
`:en` is English for both `standard_locale_name` and `native_locale_name`, and so makes for a poor test candidate for differentiating between them.
2022-11-10Change link verification to ignore IDN domains (#20295)Eugen Rochko
Fix #3833
2022-11-09Fix being able to spoof link verification (#20217)Eugen Rochko
- Change verification to happen in `default` queue - Change verification worker to only be queued if there's something to do - Add `link` tags from metadata fields to page header of profiles
2022-11-08Fix typos (#19849)luzpaz
Found via `codespell -q 3 -S ./yarn.lock,./CHANGELOG.md,./AUTHORS.md,./config/locales,./app/javascript/mastodon/locales -L ba,followings,keypair,medias,pattens,pixelx,rememberable,ro,te`
2022-11-08Fix grammar (#20106)Roni Laukkarinen
2022-11-07Fix validation error in SynchronizeFeaturedTagsCollectionWorker (#20018)Claire
* Fix followers count not being updated when migrating follows Fixes #19900 * Fix validation error in SynchronizeFeaturedTagsCollectionWorker Also saves remote user's chosen case for hashtags * Limit remote featured tags before validation
2022-11-07Fix filter handling in status cache hydration (#19963)Claire
2022-11-07Fix followers count not being updated when migrating follows (#19998)Claire
Fixes #19900
2022-11-04Fix additional issues with status cache hydration (#19747)Claire
* Spare one SQL query when hydrating polls * Improve tests * Fix more discrepancies * Fix possible crash when the status has no application set
2022-11-04Fix various issues with store hydration (#19746)Claire
- Improve tests - Fix possible crash when application of a reblogged post isn't set - Fix discrepancies around favourited and reblogged attributes - Fix discrepancies around pinned attribute - Fix polls not being hydrated
2022-11-04Add caching for payload serialization during fan-out (#19642)Eugen Rochko
2022-11-04Change mentions of blocked users to not be processed (#19725)Claire
Fixes #19698
2022-11-03Change flaky AccountSearchService test (#19650)Claire
2022-11-03Fix admin action logs page (#19649)Claire
* Add tests * Fix crash when trying to display orphaned action logs * Add migration for older admin action logs
2022-11-01png optimization(loss less) (#19630)pea-sys
2022-11-01Change max. thumbnail dimensions to 640x360px (360p) (#19619)Eugen Rochko
2022-10-30Fix account action type validation (#19476)Eugen Rochko
* Fix account action type validation Fix #19143 * Fix #19145 * Fix code style issues
2022-10-26Add ability to view previous edits of a status in admin UI (#19462)Eugen Rochko
* Add ability to view previous edits of a status in admin UI * Change moderator access to posts to be controlled by a separate policy
2022-10-26Fix vacuum scheduler missing lock, locks never expiring (#19458)Eugen Rochko
Remove vacuuming of orphaned preview cards
2022-10-26Change unauthenticated search to not support pagination in REST API (#19326)Eugen Rochko
- Only exact search matches for queries with < 5 characters - Do not support queries with `offset` (pagination) - Return HTTP 401 on truthy `resolve` instead of overriding to false
2022-10-22Change settings area to be separated into categories in admin UI (#19407)Eugen Rochko
And update all descriptions
2022-10-21Fix `FetchFeaturedCollectionService` spec (#19401)Yamagishi Kazutoshi
Regression from #19380
2022-10-20Change public accounts pages to mount the web UI (#19319)Eugen Rochko
* Change public accounts pages to mount the web UI * Fix handling of remote usernames in routes - When logged in, serve web app - When logged out, redirect to permalink - Fix `app-body` class not being set sometimes due to name conflict * Fix missing `multiColumn` prop * Fix failing test * Use `discoverable` attribute to control indexing directives * Fix `<ColumnLoading />` not using `multiColumn` * Add `noindex` to accounts in REST API * Change noindex directive to not be rendered by default before a route is mounted * Add loading indicator for detailed status in web UI * Fix missing indicator appearing while account is loading in web UI
2022-10-13Change about page to be mounted in the web UI (#19345)Eugen Rochko
2022-10-13Add image processing and generate blurhash for server thumbnail (#19348)Eugen Rochko
Remove separate server hero setting
2022-10-12Redirect non-logged-in user to owner statuses on single user mode (#19333)Yamagishi Kazutoshi
2022-10-08Add support for language preferences for trending statuses and links (#18288)Eugen Rochko
2022-10-06Remove setting that disables account deletes (#17683)Eugen Rochko
2022-10-06Change public statuses pages to mount the web UI (#19301)Eugen Rochko
2022-10-06Remove previous landing page (#19300)Eugen Rochko
2022-10-05Change public timelines to be filtered by current locale by default (#19291)Eugen Rochko
In the absence of an opt-in to multiple specific languages in the preferences, it makes more sense to filter by the user's presumed language only (interface language or `lang` override)
2022-10-05Add server banner to web app, add `GET /api/v2/instance` to REST API (#19294)Eugen Rochko
2022-10-04Remove code for rendering public and hashtag timelines outside the web UI ↵Eugen Rochko
(#19257)
2022-09-29Change path of privacy policy page (#19249)Eugen Rochko
2022-09-29Add logged-out access to the web UI (#18961)Eugen Rochko
2022-09-27Add retention policy for cached content and media (#19232)Eugen Rochko
2022-09-24Add tests to ActivityPub::FetchRemoteKeyService (#19226)Claire
2022-09-21Fix various rspec warnings in ReportService tests (#19189)Claire
* Fix various rspec warnings in ReportService tests * Add tests to ReportService
2022-09-21Refactor ActivityPub handling to prepare for non-Account actors (#19212)Claire
* Move ActivityPub::FetchRemoteAccountService to ActivityPub::FetchRemoteActorService ActivityPub::FetchRemoteAccountService is kept as a wrapper for when the actor is specifically required to be an Account * Refactor SignatureVerification to allow non-Account actors * fixup! Move ActivityPub::FetchRemoteAccountService to ActivityPub::FetchRemoteActorService * Refactor ActivityPub::FetchRemoteKeyService to potentially return non-Account actors * Refactor inbound ActivityPub payload processing to accept non-Account actors * Refactor inbound ActivityPub processing to accept activities relayed through non-Account * Refactor how Account key URIs are built * Refactor Request and drop unused key_id_format parameter * Rename ActivityPub::Dereferencer `signature_account` to `signature_actor`
2022-09-20Add ability to filter followed accounts' posts by language (#19095)Eugen Rochko