From 0ae5c6312fa4c65b6b7bd7a00eb8960b8a69e951 Mon Sep 17 00:00:00 2001 From: Eugen Rochko Date: Fri, 6 Mar 2020 01:29:38 +0100 Subject: Remove useless `respond_to` calls (#13208) --- app/controllers/api/v1/accounts/follower_accounts_controller.rb | 2 -- app/controllers/api/v1/accounts/following_accounts_controller.rb | 2 -- app/controllers/api/v1/accounts/identity_proofs_controller.rb | 2 -- app/controllers/api/v1/accounts/lists_controller.rb | 2 -- app/controllers/api/v1/accounts/pins_controller.rb | 2 -- app/controllers/api/v1/accounts/relationships_controller.rb | 2 -- app/controllers/api/v1/accounts/search_controller.rb | 2 -- app/controllers/api/v1/accounts/statuses_controller.rb | 2 -- app/controllers/api/v1/accounts_controller.rb | 2 -- app/controllers/api/v1/apps/credentials_controller.rb | 2 -- app/controllers/api/v1/blocks_controller.rb | 2 -- app/controllers/api/v1/bookmarks_controller.rb | 2 -- app/controllers/api/v1/conversations_controller.rb | 2 -- app/controllers/api/v1/custom_emojis_controller.rb | 2 -- app/controllers/api/v1/domain_blocks_controller.rb | 2 -- app/controllers/api/v1/endorsements_controller.rb | 2 -- app/controllers/api/v1/favourites_controller.rb | 2 -- app/controllers/api/v1/featured_tags/suggestions_controller.rb | 3 --- app/controllers/api/v1/filters_controller.rb | 2 -- app/controllers/api/v1/instances/activity_controller.rb | 2 -- app/controllers/api/v1/instances/peers_controller.rb | 2 -- app/controllers/api/v1/instances_controller.rb | 2 -- app/controllers/api/v1/media_controller.rb | 2 -- app/controllers/api/v1/mutes_controller.rb | 2 -- app/controllers/api/v1/notifications_controller.rb | 2 -- app/controllers/api/v1/polls/votes_controller.rb | 2 -- app/controllers/api/v1/polls_controller.rb | 2 -- app/controllers/api/v1/preferences_controller.rb | 2 -- app/controllers/api/v1/reports_controller.rb | 2 -- app/controllers/api/v1/statuses/bookmarks_controller.rb | 2 -- app/controllers/api/v1/statuses/favourited_by_accounts_controller.rb | 2 -- app/controllers/api/v1/statuses/favourites_controller.rb | 2 -- app/controllers/api/v1/statuses/mutes_controller.rb | 2 -- app/controllers/api/v1/statuses/pins_controller.rb | 2 -- app/controllers/api/v1/statuses/reblogged_by_accounts_controller.rb | 2 -- app/controllers/api/v1/statuses/reblogs_controller.rb | 2 -- app/controllers/api/v1/statuses_controller.rb | 2 -- app/controllers/api/v1/streaming_controller.rb | 2 -- app/controllers/api/v1/suggestions_controller.rb | 2 -- app/controllers/api/v1/timelines/home_controller.rb | 2 -- app/controllers/api/v1/timelines/public_controller.rb | 2 -- app/controllers/api/v1/timelines/tag_controller.rb | 2 -- app/controllers/api/v1/trends_controller.rb | 2 -- app/controllers/api/v2/search_controller.rb | 2 -- app/controllers/api/web/embeds_controller.rb | 2 -- app/controllers/api/web/push_subscriptions_controller.rb | 2 -- app/controllers/api/web/settings_controller.rb | 2 -- 47 files changed, 95 deletions(-) (limited to 'app/controllers') diff --git a/app/controllers/api/v1/accounts/follower_accounts_controller.rb b/app/controllers/api/v1/accounts/follower_accounts_controller.rb index e360b8a92..850702cca 100644 --- a/app/controllers/api/v1/accounts/follower_accounts_controller.rb +++ b/app/controllers/api/v1/accounts/follower_accounts_controller.rb @@ -5,8 +5,6 @@ class Api::V1::Accounts::FollowerAccountsController < Api::BaseController before_action :set_account after_action :insert_pagination_headers - respond_to :json - def index @accounts = load_accounts render json: @accounts, each_serializer: REST::AccountSerializer diff --git a/app/controllers/api/v1/accounts/following_accounts_controller.rb b/app/controllers/api/v1/accounts/following_accounts_controller.rb index a405b365f..830dcd8a1 100644 --- a/app/controllers/api/v1/accounts/following_accounts_controller.rb +++ b/app/controllers/api/v1/accounts/following_accounts_controller.rb @@ -5,8 +5,6 @@ class Api::V1::Accounts::FollowingAccountsController < Api::BaseController before_action :set_account after_action :insert_pagination_headers - respond_to :json - def index @accounts = load_accounts render json: @accounts, each_serializer: REST::AccountSerializer diff --git a/app/controllers/api/v1/accounts/identity_proofs_controller.rb b/app/controllers/api/v1/accounts/identity_proofs_controller.rb index bea51ae11..8dad6fee9 100644 --- a/app/controllers/api/v1/accounts/identity_proofs_controller.rb +++ b/app/controllers/api/v1/accounts/identity_proofs_controller.rb @@ -4,8 +4,6 @@ class Api::V1::Accounts::IdentityProofsController < Api::BaseController before_action :require_user! before_action :set_account - respond_to :json - def index @proofs = @account.identity_proofs.active render json: @proofs, each_serializer: REST::IdentityProofSerializer diff --git a/app/controllers/api/v1/accounts/lists_controller.rb b/app/controllers/api/v1/accounts/lists_controller.rb index 72392453c..ccb751f8f 100644 --- a/app/controllers/api/v1/accounts/lists_controller.rb +++ b/app/controllers/api/v1/accounts/lists_controller.rb @@ -5,8 +5,6 @@ class Api::V1::Accounts::ListsController < Api::BaseController before_action :require_user! before_action :set_account - respond_to :json - def index @lists = @account.lists.where(account: current_account) render json: @lists, each_serializer: REST::ListSerializer diff --git a/app/controllers/api/v1/accounts/pins_controller.rb b/app/controllers/api/v1/accounts/pins_controller.rb index 0a0239c42..3915b5669 100644 --- a/app/controllers/api/v1/accounts/pins_controller.rb +++ b/app/controllers/api/v1/accounts/pins_controller.rb @@ -7,8 +7,6 @@ class Api::V1::Accounts::PinsController < Api::BaseController before_action :require_user! before_action :set_account - respond_to :json - def create AccountPin.create!(account: current_account, target_account: @account) render json: @account, serializer: REST::RelationshipSerializer, relationships: relationships_presenter diff --git a/app/controllers/api/v1/accounts/relationships_controller.rb b/app/controllers/api/v1/accounts/relationships_controller.rb index ab8a0461f..1d3992a28 100644 --- a/app/controllers/api/v1/accounts/relationships_controller.rb +++ b/app/controllers/api/v1/accounts/relationships_controller.rb @@ -4,8 +4,6 @@ class Api::V1::Accounts::RelationshipsController < Api::BaseController before_action -> { doorkeeper_authorize! :read, :'read:follows' } before_action :require_user! - respond_to :json - def index accounts = Account.where(id: account_ids).select('id') # .where doesn't guarantee that our results are in the same order diff --git a/app/controllers/api/v1/accounts/search_controller.rb b/app/controllers/api/v1/accounts/search_controller.rb index 4217b527a..3061fcb7e 100644 --- a/app/controllers/api/v1/accounts/search_controller.rb +++ b/app/controllers/api/v1/accounts/search_controller.rb @@ -4,8 +4,6 @@ class Api::V1::Accounts::SearchController < Api::BaseController before_action -> { doorkeeper_authorize! :read, :'read:accounts' } before_action :require_user! - respond_to :json - def show @accounts = account_search render json: @accounts, each_serializer: REST::AccountSerializer diff --git a/app/controllers/api/v1/accounts/statuses_controller.rb b/app/controllers/api/v1/accounts/statuses_controller.rb index 333db9618..114ee0a82 100644 --- a/app/controllers/api/v1/accounts/statuses_controller.rb +++ b/app/controllers/api/v1/accounts/statuses_controller.rb @@ -6,8 +6,6 @@ class Api::V1::Accounts::StatusesController < Api::BaseController after_action :insert_pagination_headers, unless: -> { truthy_param?(:pinned) } - respond_to :json - def index @statuses = load_statuses render json: @statuses, each_serializer: REST::StatusSerializer, relationships: StatusRelationshipsPresenter.new(@statuses, current_user&.account_id) diff --git a/app/controllers/api/v1/accounts_controller.rb b/app/controllers/api/v1/accounts_controller.rb index d68d2715f..f5b06862b 100644 --- a/app/controllers/api/v1/accounts_controller.rb +++ b/app/controllers/api/v1/accounts_controller.rb @@ -14,8 +14,6 @@ class Api::V1::AccountsController < Api::BaseController skip_before_action :require_authenticated_user!, only: :create - respond_to :json - def show render json: @account, serializer: REST::AccountSerializer end diff --git a/app/controllers/api/v1/apps/credentials_controller.rb b/app/controllers/api/v1/apps/credentials_controller.rb index 8b63d0490..0475b2d4a 100644 --- a/app/controllers/api/v1/apps/credentials_controller.rb +++ b/app/controllers/api/v1/apps/credentials_controller.rb @@ -3,8 +3,6 @@ class Api::V1::Apps::CredentialsController < Api::BaseController before_action -> { doorkeeper_authorize! :read } - respond_to :json - def show render json: doorkeeper_token.application, serializer: REST::ApplicationSerializer, fields: %i(name website vapid_key) end diff --git a/app/controllers/api/v1/blocks_controller.rb b/app/controllers/api/v1/blocks_controller.rb index 4cff04cad..a2baeef90 100644 --- a/app/controllers/api/v1/blocks_controller.rb +++ b/app/controllers/api/v1/blocks_controller.rb @@ -5,8 +5,6 @@ class Api::V1::BlocksController < Api::BaseController before_action :require_user! after_action :insert_pagination_headers - respond_to :json - def index @accounts = load_accounts render json: @accounts, each_serializer: REST::AccountSerializer diff --git a/app/controllers/api/v1/bookmarks_controller.rb b/app/controllers/api/v1/bookmarks_controller.rb index e1b244e76..c15212f0a 100644 --- a/app/controllers/api/v1/bookmarks_controller.rb +++ b/app/controllers/api/v1/bookmarks_controller.rb @@ -5,8 +5,6 @@ class Api::V1::BookmarksController < Api::BaseController before_action :require_user! after_action :insert_pagination_headers - respond_to :json - def index @statuses = load_statuses render json: @statuses, each_serializer: REST::StatusSerializer, relationships: StatusRelationshipsPresenter.new(@statuses, current_user&.account_id) diff --git a/app/controllers/api/v1/conversations_controller.rb b/app/controllers/api/v1/conversations_controller.rb index b19f27ebf..bc8013379 100644 --- a/app/controllers/api/v1/conversations_controller.rb +++ b/app/controllers/api/v1/conversations_controller.rb @@ -9,8 +9,6 @@ class Api::V1::ConversationsController < Api::BaseController before_action :set_conversation, except: :index after_action :insert_pagination_headers, only: :index - respond_to :json - def index @conversations = paginated_conversations render json: @conversations, each_serializer: REST::ConversationSerializer diff --git a/app/controllers/api/v1/custom_emojis_controller.rb b/app/controllers/api/v1/custom_emojis_controller.rb index 4e6d5d7c6..08b3474cc 100644 --- a/app/controllers/api/v1/custom_emojis_controller.rb +++ b/app/controllers/api/v1/custom_emojis_controller.rb @@ -1,8 +1,6 @@ # frozen_string_literal: true class Api::V1::CustomEmojisController < Api::BaseController - respond_to :json - skip_before_action :set_cache_headers def index diff --git a/app/controllers/api/v1/domain_blocks_controller.rb b/app/controllers/api/v1/domain_blocks_controller.rb index af9e7a20f..5bb02d834 100644 --- a/app/controllers/api/v1/domain_blocks_controller.rb +++ b/app/controllers/api/v1/domain_blocks_controller.rb @@ -8,8 +8,6 @@ class Api::V1::DomainBlocksController < Api::BaseController before_action :require_user! after_action :insert_pagination_headers, only: :show - respond_to :json - def show @blocks = load_domain_blocks render json: @blocks.map(&:domain) diff --git a/app/controllers/api/v1/endorsements_controller.rb b/app/controllers/api/v1/endorsements_controller.rb index 2770c7aef..c87dbc4ce 100644 --- a/app/controllers/api/v1/endorsements_controller.rb +++ b/app/controllers/api/v1/endorsements_controller.rb @@ -5,8 +5,6 @@ class Api::V1::EndorsementsController < Api::BaseController before_action :require_user! after_action :insert_pagination_headers - respond_to :json - def index @accounts = load_accounts render json: @accounts, each_serializer: REST::AccountSerializer diff --git a/app/controllers/api/v1/favourites_controller.rb b/app/controllers/api/v1/favourites_controller.rb index db827f9d4..3e242905d 100644 --- a/app/controllers/api/v1/favourites_controller.rb +++ b/app/controllers/api/v1/favourites_controller.rb @@ -5,8 +5,6 @@ class Api::V1::FavouritesController < Api::BaseController before_action :require_user! after_action :insert_pagination_headers - respond_to :json - def index @statuses = load_statuses render json: @statuses, each_serializer: REST::StatusSerializer, relationships: StatusRelationshipsPresenter.new(@statuses, current_user&.account_id) diff --git a/app/controllers/api/v1/featured_tags/suggestions_controller.rb b/app/controllers/api/v1/featured_tags/suggestions_controller.rb index fb27ef88b..8c1b81a0f 100644 --- a/app/controllers/api/v1/featured_tags/suggestions_controller.rb +++ b/app/controllers/api/v1/featured_tags/suggestions_controller.rb @@ -2,12 +2,9 @@ class Api::V1::FeaturedTags::SuggestionsController < Api::BaseController before_action -> { doorkeeper_authorize! :read, :'read:accounts' }, only: :index - before_action :require_user! before_action :set_most_used_tags, only: :index - respond_to :json - def index render json: @most_used_tags, each_serializer: REST::TagSerializer end diff --git a/app/controllers/api/v1/filters_controller.rb b/app/controllers/api/v1/filters_controller.rb index e5ebaff4d..b0ace3af0 100644 --- a/app/controllers/api/v1/filters_controller.rb +++ b/app/controllers/api/v1/filters_controller.rb @@ -7,8 +7,6 @@ class Api::V1::FiltersController < Api::BaseController before_action :set_filters, only: :index before_action :set_filter, only: [:show, :update, :destroy] - respond_to :json - def index render json: @filters, each_serializer: REST::FilterSerializer end diff --git a/app/controllers/api/v1/instances/activity_controller.rb b/app/controllers/api/v1/instances/activity_controller.rb index b30e8464c..4f6b4bcbf 100644 --- a/app/controllers/api/v1/instances/activity_controller.rb +++ b/app/controllers/api/v1/instances/activity_controller.rb @@ -6,8 +6,6 @@ class Api::V1::Instances::ActivityController < Api::BaseController skip_before_action :set_cache_headers skip_before_action :require_authenticated_user!, unless: :whitelist_mode? - respond_to :json - def show expires_in 1.day, public: true render_with_cache json: :activity, expires_in: 1.day diff --git a/app/controllers/api/v1/instances/peers_controller.rb b/app/controllers/api/v1/instances/peers_controller.rb index cc00d8a6b..9fa440935 100644 --- a/app/controllers/api/v1/instances/peers_controller.rb +++ b/app/controllers/api/v1/instances/peers_controller.rb @@ -6,8 +6,6 @@ class Api::V1::Instances::PeersController < Api::BaseController skip_before_action :set_cache_headers skip_before_action :require_authenticated_user!, unless: :whitelist_mode? - respond_to :json - def index expires_in 1.day, public: true render_with_cache(expires_in: 1.day) { Account.remote.domains } diff --git a/app/controllers/api/v1/instances_controller.rb b/app/controllers/api/v1/instances_controller.rb index c323b60b4..5b5058a7b 100644 --- a/app/controllers/api/v1/instances_controller.rb +++ b/app/controllers/api/v1/instances_controller.rb @@ -1,8 +1,6 @@ # frozen_string_literal: true class Api::V1::InstancesController < Api::BaseController - respond_to :json - skip_before_action :set_cache_headers skip_before_action :require_authenticated_user!, unless: :whitelist_mode? diff --git a/app/controllers/api/v1/media_controller.rb b/app/controllers/api/v1/media_controller.rb index 81825db15..d87d7b946 100644 --- a/app/controllers/api/v1/media_controller.rb +++ b/app/controllers/api/v1/media_controller.rb @@ -4,8 +4,6 @@ class Api::V1::MediaController < Api::BaseController before_action -> { doorkeeper_authorize! :write, :'write:media' } before_action :require_user! - respond_to :json - def create @media = current_account.media_attachments.create!(media_params) render json: @media, serializer: REST::MediaAttachmentSerializer diff --git a/app/controllers/api/v1/mutes_controller.rb b/app/controllers/api/v1/mutes_controller.rb index df6c8e86c..65439fe9b 100644 --- a/app/controllers/api/v1/mutes_controller.rb +++ b/app/controllers/api/v1/mutes_controller.rb @@ -5,8 +5,6 @@ class Api::V1::MutesController < Api::BaseController before_action :require_user! after_action :insert_pagination_headers - respond_to :json - def index @accounts = load_accounts render json: @accounts, each_serializer: REST::AccountSerializer diff --git a/app/controllers/api/v1/notifications_controller.rb b/app/controllers/api/v1/notifications_controller.rb index bf3002e79..8ac227765 100644 --- a/app/controllers/api/v1/notifications_controller.rb +++ b/app/controllers/api/v1/notifications_controller.rb @@ -6,8 +6,6 @@ class Api::V1::NotificationsController < Api::BaseController before_action :require_user! after_action :insert_pagination_headers, only: :index - respond_to :json - DEFAULT_NOTIFICATIONS_LIMIT = 15 def index diff --git a/app/controllers/api/v1/polls/votes_controller.rb b/app/controllers/api/v1/polls/votes_controller.rb index 3fa0b6a76..e1d26106a 100644 --- a/app/controllers/api/v1/polls/votes_controller.rb +++ b/app/controllers/api/v1/polls/votes_controller.rb @@ -7,8 +7,6 @@ class Api::V1::Polls::VotesController < Api::BaseController before_action :require_user! before_action :set_poll - respond_to :json - def create VoteService.new.call(current_account, @poll, vote_params[:choices]) render json: @poll, serializer: REST::PollSerializer diff --git a/app/controllers/api/v1/polls_controller.rb b/app/controllers/api/v1/polls_controller.rb index 031e6d42d..744baf7bb 100644 --- a/app/controllers/api/v1/polls_controller.rb +++ b/app/controllers/api/v1/polls_controller.rb @@ -7,8 +7,6 @@ class Api::V1::PollsController < Api::BaseController before_action :set_poll before_action :refresh_poll - respond_to :json - def show render json: @poll, serializer: REST::PollSerializer, include_results: true end diff --git a/app/controllers/api/v1/preferences_controller.rb b/app/controllers/api/v1/preferences_controller.rb index 077d39f5d..1640a8224 100644 --- a/app/controllers/api/v1/preferences_controller.rb +++ b/app/controllers/api/v1/preferences_controller.rb @@ -4,8 +4,6 @@ class Api::V1::PreferencesController < Api::BaseController before_action -> { doorkeeper_authorize! :read, :'read:accounts' } before_action :require_user! - respond_to :json - def index render json: current_account, serializer: REST::PreferencesSerializer end diff --git a/app/controllers/api/v1/reports_controller.rb b/app/controllers/api/v1/reports_controller.rb index 1b0b4b05b..66c40f6f4 100644 --- a/app/controllers/api/v1/reports_controller.rb +++ b/app/controllers/api/v1/reports_controller.rb @@ -4,8 +4,6 @@ class Api::V1::ReportsController < Api::BaseController before_action -> { doorkeeper_authorize! :write, :'write:reports' }, only: [:create] before_action :require_user! - respond_to :json - def create @report = ReportService.new.call( current_account, diff --git a/app/controllers/api/v1/statuses/bookmarks_controller.rb b/app/controllers/api/v1/statuses/bookmarks_controller.rb index a7f1eed00..3954af3c9 100644 --- a/app/controllers/api/v1/statuses/bookmarks_controller.rb +++ b/app/controllers/api/v1/statuses/bookmarks_controller.rb @@ -7,8 +7,6 @@ class Api::V1::Statuses::BookmarksController < Api::BaseController before_action :require_user! before_action :set_status - respond_to :json - def create current_account.bookmarks.find_or_create_by!(account: current_account, status: @status) render json: @status, serializer: REST::StatusSerializer diff --git a/app/controllers/api/v1/statuses/favourited_by_accounts_controller.rb b/app/controllers/api/v1/statuses/favourited_by_accounts_controller.rb index 05f4acc33..8229786d6 100644 --- a/app/controllers/api/v1/statuses/favourited_by_accounts_controller.rb +++ b/app/controllers/api/v1/statuses/favourited_by_accounts_controller.rb @@ -7,8 +7,6 @@ class Api::V1::Statuses::FavouritedByAccountsController < Api::BaseController before_action :set_status after_action :insert_pagination_headers - respond_to :json - def index @accounts = load_accounts render json: @accounts, each_serializer: REST::AccountSerializer diff --git a/app/controllers/api/v1/statuses/favourites_controller.rb b/app/controllers/api/v1/statuses/favourites_controller.rb index f18ace996..7afa822ed 100644 --- a/app/controllers/api/v1/statuses/favourites_controller.rb +++ b/app/controllers/api/v1/statuses/favourites_controller.rb @@ -7,8 +7,6 @@ class Api::V1::Statuses::FavouritesController < Api::BaseController before_action :require_user! before_action :set_status - respond_to :json - def create FavouriteService.new.call(current_account, @status) render json: @status, serializer: REST::StatusSerializer diff --git a/app/controllers/api/v1/statuses/mutes_controller.rb b/app/controllers/api/v1/statuses/mutes_controller.rb index b02469b4f..43c7a525a 100644 --- a/app/controllers/api/v1/statuses/mutes_controller.rb +++ b/app/controllers/api/v1/statuses/mutes_controller.rb @@ -8,8 +8,6 @@ class Api::V1::Statuses::MutesController < Api::BaseController before_action :set_status before_action :set_conversation - respond_to :json - def create current_account.mute_conversation!(@conversation) @mutes_map = { @conversation.id => true } diff --git a/app/controllers/api/v1/statuses/pins_controller.rb b/app/controllers/api/v1/statuses/pins_controller.rb index 4118a8ce4..51b1621b6 100644 --- a/app/controllers/api/v1/statuses/pins_controller.rb +++ b/app/controllers/api/v1/statuses/pins_controller.rb @@ -7,8 +7,6 @@ class Api::V1::Statuses::PinsController < Api::BaseController before_action :require_user! before_action :set_status - respond_to :json - def create StatusPin.create!(account: current_account, status: @status) distribute_add_activity! diff --git a/app/controllers/api/v1/statuses/reblogged_by_accounts_controller.rb b/app/controllers/api/v1/statuses/reblogged_by_accounts_controller.rb index fa60e7d84..6c9e49d90 100644 --- a/app/controllers/api/v1/statuses/reblogged_by_accounts_controller.rb +++ b/app/controllers/api/v1/statuses/reblogged_by_accounts_controller.rb @@ -7,8 +7,6 @@ class Api::V1::Statuses::RebloggedByAccountsController < Api::BaseController before_action :set_status after_action :insert_pagination_headers - respond_to :json - def index @accounts = load_accounts render json: @accounts, each_serializer: REST::AccountSerializer diff --git a/app/controllers/api/v1/statuses/reblogs_controller.rb b/app/controllers/api/v1/statuses/reblogs_controller.rb index 67106ccbe..9abeb0759 100644 --- a/app/controllers/api/v1/statuses/reblogs_controller.rb +++ b/app/controllers/api/v1/statuses/reblogs_controller.rb @@ -7,8 +7,6 @@ class Api::V1::Statuses::ReblogsController < Api::BaseController before_action :require_user! before_action :set_reblog - respond_to :json - def create @status = ReblogService.new.call(current_account, @reblog, reblog_params) render json: @status, serializer: REST::StatusSerializer diff --git a/app/controllers/api/v1/statuses_controller.rb b/app/controllers/api/v1/statuses_controller.rb index bba3c0651..85521fadf 100644 --- a/app/controllers/api/v1/statuses_controller.rb +++ b/app/controllers/api/v1/statuses_controller.rb @@ -8,8 +8,6 @@ class Api::V1::StatusesController < Api::BaseController before_action :require_user!, except: [:show, :context] before_action :set_status, only: [:show, :context] - respond_to :json - # This API was originally unlimited, pagination cannot be introduced without # breaking backwards-compatibility. Arbitrarily high number to cover most # conversations as quasi-unlimited, it would be too much work to render more diff --git a/app/controllers/api/v1/streaming_controller.rb b/app/controllers/api/v1/streaming_controller.rb index ebb17608c..7cd60615a 100644 --- a/app/controllers/api/v1/streaming_controller.rb +++ b/app/controllers/api/v1/streaming_controller.rb @@ -1,8 +1,6 @@ # frozen_string_literal: true class Api::V1::StreamingController < Api::BaseController - respond_to :json - def index if Rails.configuration.x.streaming_api_base_url != request.host redirect_to streaming_api_url, status: 301 diff --git a/app/controllers/api/v1/suggestions_controller.rb b/app/controllers/api/v1/suggestions_controller.rb index 9da2b60ae..52054160d 100644 --- a/app/controllers/api/v1/suggestions_controller.rb +++ b/app/controllers/api/v1/suggestions_controller.rb @@ -7,8 +7,6 @@ class Api::V1::SuggestionsController < Api::BaseController before_action :require_user! before_action :set_accounts - respond_to :json - def index render json: @accounts, each_serializer: REST::AccountSerializer end diff --git a/app/controllers/api/v1/timelines/home_controller.rb b/app/controllers/api/v1/timelines/home_controller.rb index ff5ede138..ae6dbcb8b 100644 --- a/app/controllers/api/v1/timelines/home_controller.rb +++ b/app/controllers/api/v1/timelines/home_controller.rb @@ -5,8 +5,6 @@ class Api::V1::Timelines::HomeController < Api::BaseController before_action :require_user!, only: [:show] after_action :insert_pagination_headers, unless: -> { @statuses.empty? } - respond_to :json - def show @statuses = load_statuses diff --git a/app/controllers/api/v1/timelines/public_controller.rb b/app/controllers/api/v1/timelines/public_controller.rb index ccc10f966..581befef1 100644 --- a/app/controllers/api/v1/timelines/public_controller.rb +++ b/app/controllers/api/v1/timelines/public_controller.rb @@ -4,8 +4,6 @@ class Api::V1::Timelines::PublicController < Api::BaseController before_action :require_user!, only: [:show], if: :require_auth? after_action :insert_pagination_headers, unless: -> { @statuses.empty? } - respond_to :json - def show @statuses = load_statuses render json: @statuses, each_serializer: REST::StatusSerializer, relationships: StatusRelationshipsPresenter.new(@statuses, current_user&.account_id) diff --git a/app/controllers/api/v1/timelines/tag_controller.rb b/app/controllers/api/v1/timelines/tag_controller.rb index 9adc4ad29..2d6ad5a80 100644 --- a/app/controllers/api/v1/timelines/tag_controller.rb +++ b/app/controllers/api/v1/timelines/tag_controller.rb @@ -4,8 +4,6 @@ class Api::V1::Timelines::TagController < Api::BaseController before_action :load_tag after_action :insert_pagination_headers, unless: -> { @statuses.empty? } - respond_to :json - def show @statuses = load_statuses render json: @statuses, each_serializer: REST::StatusSerializer, relationships: StatusRelationshipsPresenter.new(@statuses, current_user&.account_id) diff --git a/app/controllers/api/v1/trends_controller.rb b/app/controllers/api/v1/trends_controller.rb index bcea9857e..c875e9041 100644 --- a/app/controllers/api/v1/trends_controller.rb +++ b/app/controllers/api/v1/trends_controller.rb @@ -3,8 +3,6 @@ class Api::V1::TrendsController < Api::BaseController before_action :set_tags - respond_to :json - def index render json: @tags, each_serializer: REST::TagSerializer end diff --git a/app/controllers/api/v2/search_controller.rb b/app/controllers/api/v2/search_controller.rb index cbd9b551d..f17431dd1 100644 --- a/app/controllers/api/v2/search_controller.rb +++ b/app/controllers/api/v2/search_controller.rb @@ -8,8 +8,6 @@ class Api::V2::SearchController < Api::BaseController before_action -> { doorkeeper_authorize! :read, :'read:search' } before_action :require_user! - respond_to :json - def index @search = Search.new(search_results) render json: @search, serializer: REST::SearchSerializer diff --git a/app/controllers/api/web/embeds_controller.rb b/app/controllers/api/web/embeds_controller.rb index 4aa31695c..741ba910f 100644 --- a/app/controllers/api/web/embeds_controller.rb +++ b/app/controllers/api/web/embeds_controller.rb @@ -1,8 +1,6 @@ # frozen_string_literal: true class Api::Web::EmbedsController < Api::Web::BaseController - respond_to :json - before_action :require_user! def create diff --git a/app/controllers/api/web/push_subscriptions_controller.rb b/app/controllers/api/web/push_subscriptions_controller.rb index f388b17e5..7916b82fa 100644 --- a/app/controllers/api/web/push_subscriptions_controller.rb +++ b/app/controllers/api/web/push_subscriptions_controller.rb @@ -1,8 +1,6 @@ # frozen_string_literal: true class Api::Web::PushSubscriptionsController < Api::Web::BaseController - respond_to :json - before_action :require_user! def create diff --git a/app/controllers/api/web/settings_controller.rb b/app/controllers/api/web/settings_controller.rb index e3178bf48..3d65e46ed 100644 --- a/app/controllers/api/web/settings_controller.rb +++ b/app/controllers/api/web/settings_controller.rb @@ -1,8 +1,6 @@ # frozen_string_literal: true class Api::Web::SettingsController < Api::Web::BaseController - respond_to :json - before_action :require_user! def update -- cgit From 339ce1c4e90605b736745b1f04493a247b2627ec Mon Sep 17 00:00:00 2001 From: Eugen Rochko Date: Sun, 8 Mar 2020 15:17:39 +0100 Subject: Add specific rate limits for posting and following (#13172) --- app/controllers/account_follow_controller.rb | 2 +- app/controllers/api/base_controller.rb | 4 ++ app/controllers/api/v1/accounts_controller.rb | 4 +- .../api/v1/statuses/reblogs_controller.rb | 3 + app/controllers/api/v1/statuses_controller.rb | 5 +- app/controllers/application_controller.rb | 5 ++ .../authorize_interactions_controller.rb | 2 +- app/controllers/concerns/rate_limit_headers.rb | 16 ++++- app/lib/exceptions.rb | 1 + app/lib/rate_limiter.rb | 64 ++++++++++++++++++ app/models/concerns/account_interactions.rb | 16 ++++- app/models/concerns/rate_limitable.rb | 36 ++++++++++ app/models/follow.rb | 3 + app/models/follow_request.rb | 3 + app/models/status.rb | 3 + app/services/follow_service.rb | 78 +++++++++++++--------- app/services/post_status_service.rb | 11 +-- app/services/reblog_service.rb | 16 ++++- app/views/errors/429.html.haml | 5 ++ config/initializers/rack_attack.rb | 1 - config/locales/en.yml | 2 +- spec/controllers/account_follow_controller_spec.rb | 2 +- .../controllers/api/v1/statuses_controller_spec.rb | 46 +++++++++++-- 23 files changed, 275 insertions(+), 53 deletions(-) create mode 100644 app/lib/rate_limiter.rb create mode 100644 app/models/concerns/rate_limitable.rb create mode 100644 app/views/errors/429.html.haml (limited to 'app/controllers') diff --git a/app/controllers/account_follow_controller.rb b/app/controllers/account_follow_controller.rb index 185a355f8..33394074d 100644 --- a/app/controllers/account_follow_controller.rb +++ b/app/controllers/account_follow_controller.rb @@ -6,7 +6,7 @@ class AccountFollowController < ApplicationController before_action :authenticate_user! def create - FollowService.new.call(current_user.account, @account.acct) + FollowService.new.call(current_user.account, @account, with_rate_limit: true) redirect_to account_path(@account) end end diff --git a/app/controllers/api/base_controller.rb b/app/controllers/api/base_controller.rb index 68bf425f4..153ade253 100644 --- a/app/controllers/api/base_controller.rb +++ b/app/controllers/api/base_controller.rb @@ -44,6 +44,10 @@ class Api::BaseController < ApplicationController render json: { error: 'There was a temporary problem serving your request, please try again' }, status: 503 end + rescue_from Mastodon::RateLimitExceededError do + render json: { error: I18n.t('errors.429') }, status: 429 + end + rescue_from ActionController::ParameterMissing do |e| render json: { error: e.to_s }, status: 400 end diff --git a/app/controllers/api/v1/accounts_controller.rb b/app/controllers/api/v1/accounts_controller.rb index f5b06862b..0080faf33 100644 --- a/app/controllers/api/v1/accounts_controller.rb +++ b/app/controllers/api/v1/accounts_controller.rb @@ -14,6 +14,8 @@ class Api::V1::AccountsController < Api::BaseController skip_before_action :require_authenticated_user!, only: :create + override_rate_limit_headers :follow, family: :follows + def show render json: @account, serializer: REST::AccountSerializer end @@ -29,7 +31,7 @@ class Api::V1::AccountsController < Api::BaseController end def follow - FollowService.new.call(current_user.account, @account, reblogs: truthy_param?(:reblogs)) + FollowService.new.call(current_user.account, @account, reblogs: truthy_param?(:reblogs), with_rate_limit: true) options = @account.locked? || current_user.account.silenced? ? {} : { following_map: { @account.id => { reblogs: truthy_param?(:reblogs) } }, requested_map: { @account.id => false } } diff --git a/app/controllers/api/v1/statuses/reblogs_controller.rb b/app/controllers/api/v1/statuses/reblogs_controller.rb index 9abeb0759..7fa774a4d 100644 --- a/app/controllers/api/v1/statuses/reblogs_controller.rb +++ b/app/controllers/api/v1/statuses/reblogs_controller.rb @@ -7,8 +7,11 @@ class Api::V1::Statuses::ReblogsController < Api::BaseController before_action :require_user! before_action :set_reblog + override_rate_limit_headers :create, family: :statuses + def create @status = ReblogService.new.call(current_account, @reblog, reblog_params) + render json: @status, serializer: REST::StatusSerializer end diff --git a/app/controllers/api/v1/statuses_controller.rb b/app/controllers/api/v1/statuses_controller.rb index 85521fadf..2f55e95fd 100644 --- a/app/controllers/api/v1/statuses_controller.rb +++ b/app/controllers/api/v1/statuses_controller.rb @@ -8,6 +8,8 @@ class Api::V1::StatusesController < Api::BaseController before_action :require_user!, except: [:show, :context] before_action :set_status, only: [:show, :context] + override_rate_limit_headers :create, family: :statuses + # This API was originally unlimited, pagination cannot be introduced without # breaking backwards-compatibility. Arbitrarily high number to cover most # conversations as quasi-unlimited, it would be too much work to render more @@ -42,7 +44,8 @@ class Api::V1::StatusesController < Api::BaseController scheduled_at: status_params[:scheduled_at], application: doorkeeper_token.application, poll: status_params[:poll], - idempotency: request.headers['Idempotency-Key']) + idempotency: request.headers['Idempotency-Key'], + with_rate_limit: true) render json: @status, serializer: @status.is_a?(ScheduledStatus) ? REST::ScheduledStatusSerializer : REST::StatusSerializer end diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 0cfa2b386..973db6aca 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -29,6 +29,7 @@ class ApplicationController < ActionController::Base rescue_from Mastodon::NotPermittedError, with: :forbidden rescue_from HTTP::Error, OpenSSL::SSL::SSLError, with: :internal_server_error rescue_from Mastodon::RaceConditionError, with: :service_unavailable + rescue_from Mastodon::RateLimitExceededError, with: :too_many_requests before_action :store_current_location, except: :raise_not_found, unless: :devise_controller? before_action :require_functional!, if: :user_signed_in? @@ -111,6 +112,10 @@ class ApplicationController < ActionController::Base respond_with_error(503) end + def too_many_requests + respond_with_error(429) + end + def single_user_mode? @single_user_mode ||= Rails.configuration.x.single_user_mode && Account.where('id > 0').exists? end diff --git a/app/controllers/authorize_interactions_controller.rb b/app/controllers/authorize_interactions_controller.rb index e27366ea3..29c0288d0 100644 --- a/app/controllers/authorize_interactions_controller.rb +++ b/app/controllers/authorize_interactions_controller.rb @@ -20,7 +20,7 @@ class AuthorizeInteractionsController < ApplicationController end def create - if @resource.is_a?(Account) && FollowService.new.call(current_account, @resource) + if @resource.is_a?(Account) && FollowService.new.call(current_account, @resource, with_rate_limit: true) render :success else render :error diff --git a/app/controllers/concerns/rate_limit_headers.rb b/app/controllers/concerns/rate_limit_headers.rb index b79c558d8..86fe58a71 100644 --- a/app/controllers/concerns/rate_limit_headers.rb +++ b/app/controllers/concerns/rate_limit_headers.rb @@ -3,6 +3,20 @@ module RateLimitHeaders extend ActiveSupport::Concern + class_methods do + def override_rate_limit_headers(method_name, options = {}) + around_action(only: method_name, if: :current_account) do |_controller, block| + begin + block.call + ensure + rate_limiter = RateLimiter.new(current_account, options) + rate_limit_headers = rate_limiter.to_headers + response.headers.merge!(rate_limit_headers) unless response.headers['X-RateLimit-Remaining'].present? && rate_limit_headers['X-RateLimit-Remaining'].to_i > response.headers['X-RateLimit-Remaining'].to_i + end + end + end + end + included do before_action :set_rate_limit_headers, if: :rate_limited_request? end @@ -44,7 +58,7 @@ module RateLimitHeaders end def api_throttle_data - most_limited_type, = request.env['rack.attack.throttle_data'].min_by { |_, v| v[:limit] } + most_limited_type, = request.env['rack.attack.throttle_data'].min_by { |_, v| v[:limit] - v[:count] } request.env['rack.attack.throttle_data'][most_limited_type] end diff --git a/app/lib/exceptions.rb b/app/lib/exceptions.rb index 01346bfe5..3362576b0 100644 --- a/app/lib/exceptions.rb +++ b/app/lib/exceptions.rb @@ -8,6 +8,7 @@ module Mastodon class LengthValidationError < ValidationError; end class DimensionsValidationError < ValidationError; end class RaceConditionError < Error; end + class RateLimitExceededError < Error; end class UnexpectedResponseError < Error def initialize(response = nil) diff --git a/app/lib/rate_limiter.rb b/app/lib/rate_limiter.rb new file mode 100644 index 000000000..68dae9add --- /dev/null +++ b/app/lib/rate_limiter.rb @@ -0,0 +1,64 @@ +# frozen_string_literal: true + +class RateLimiter + include Redisable + + FAMILIES = { + follows: { + limit: 400, + period: 24.hours.freeze, + }.freeze, + + statuses: { + limit: 300, + period: 3.hours.freeze, + }.freeze, + + media: { + limit: 30, + period: 30.minutes.freeze, + }.freeze, + }.freeze + + def initialize(by, options = {}) + @by = by + @family = options[:family] + @limit = FAMILIES[@family][:limit] + @period = FAMILIES[@family][:period].to_i + end + + def record! + count = redis.get(key) + + if count.nil? + redis.set(key, 0) + redis.expire(key, (@period - (last_epoch_time % @period) + 1).to_i) + end + + raise Mastodon::RateLimitExceededError if count.present? && count.to_i >= @limit + + redis.incr(key) + end + + def rollback! + redis.decr(key) + end + + def to_headers(now = Time.now.utc) + { + 'X-RateLimit-Limit' => @limit.to_s, + 'X-RateLimit-Remaining' => (@limit - (redis.get(key) || 0).to_i).to_s, + 'X-RateLimit-Reset' => (now + (@period - now.to_i % @period)).iso8601(6), + } + end + + private + + def key + @key ||= "rate_limit:#{@by.id}:#{@family}:#{(last_epoch_time / @period).to_i}" + end + + def last_epoch_time + @last_epoch_time ||= Time.now.to_i + end +end diff --git a/app/models/concerns/account_interactions.rb b/app/models/concerns/account_interactions.rb index 14bcf7bb1..32fcb5397 100644 --- a/app/models/concerns/account_interactions.rb +++ b/app/models/concerns/account_interactions.rb @@ -87,10 +87,10 @@ module AccountInteractions has_many :announcement_mutes, dependent: :destroy end - def follow!(other_account, reblogs: nil, uri: nil) + def follow!(other_account, reblogs: nil, uri: nil, rate_limit: false) reblogs = true if reblogs.nil? - rel = active_relationships.create_with(show_reblogs: reblogs, uri: uri) + rel = active_relationships.create_with(show_reblogs: reblogs, uri: uri, rate_limit: rate_limit) .find_or_create_by!(target_account: other_account) rel.update!(show_reblogs: reblogs) @@ -99,6 +99,18 @@ module AccountInteractions rel end + def request_follow!(other_account, reblogs: nil, uri: nil, rate_limit: false) + reblogs = true if reblogs.nil? + + rel = follow_requests.create_with(show_reblogs: reblogs, uri: uri, rate_limit: rate_limit) + .find_or_create_by!(target_account: other_account) + + rel.update!(show_reblogs: reblogs) + remove_potential_friendship(other_account) + + rel + end + def block!(other_account, uri: nil) remove_potential_friendship(other_account) block_relationships.create_with(uri: uri) diff --git a/app/models/concerns/rate_limitable.rb b/app/models/concerns/rate_limitable.rb new file mode 100644 index 000000000..ad1b5e44e --- /dev/null +++ b/app/models/concerns/rate_limitable.rb @@ -0,0 +1,36 @@ +# frozen_string_literal: true + +module RateLimitable + extend ActiveSupport::Concern + + def rate_limit=(value) + @rate_limit = value + end + + def rate_limit? + @rate_limit + end + + def rate_limiter(by, options = {}) + return @rate_limiter if defined?(@rate_limiter) + + @rate_limiter = RateLimiter.new(by, options) + end + + class_methods do + def rate_limit(options = {}) + after_create do + by = public_send(options[:by]) + + if rate_limit? && by&.local? + rate_limiter(by, options).record! + @rate_limit_recorded = true + end + end + + after_rollback do + rate_limiter(public_send(options[:by]), options).rollback! if @rate_limit_recorded + end + end + end +end diff --git a/app/models/follow.rb b/app/models/follow.rb index 87fa11425..f3e48a2ed 100644 --- a/app/models/follow.rb +++ b/app/models/follow.rb @@ -15,6 +15,9 @@ class Follow < ApplicationRecord include Paginable include RelationshipCacheable + include RateLimitable + + rate_limit by: :account, family: :follows belongs_to :account belongs_to :target_account, class_name: 'Account' diff --git a/app/models/follow_request.rb b/app/models/follow_request.rb index 96ac7eaa5..3325e264c 100644 --- a/app/models/follow_request.rb +++ b/app/models/follow_request.rb @@ -15,6 +15,9 @@ class FollowRequest < ApplicationRecord include Paginable include RelationshipCacheable + include RateLimitable + + rate_limit by: :account, family: :follows belongs_to :account belongs_to :target_account, class_name: 'Account' diff --git a/app/models/status.rb b/app/models/status.rb index 1e630196b..1610da245 100644 --- a/app/models/status.rb +++ b/app/models/status.rb @@ -32,6 +32,9 @@ class Status < ApplicationRecord include Paginable include Cacheable include StatusThreadingConcern + include RateLimitable + + rate_limit by: :account, family: :statuses self.discard_column = :deleted_at diff --git a/app/services/follow_service.rb b/app/services/follow_service.rb index 4d19002c4..311ae7fa6 100644 --- a/app/services/follow_service.rb +++ b/app/services/follow_service.rb @@ -7,54 +7,68 @@ class FollowService < BaseService # Follow a remote user, notify remote user about the follow # @param [Account] source_account From which to follow # @param [String, Account] uri User URI to follow in the form of username@domain (or account record) - # @param [true, false, nil] reblogs Whether or not to show reblogs, defaults to true - def call(source_account, target_account, reblogs: nil, bypass_locked: false) - reblogs = true if reblogs.nil? - target_account = ResolveAccountService.new.call(target_account, skip_webfinger: true) - - raise ActiveRecord::RecordNotFound if target_account.nil? || target_account.id == source_account.id || target_account.suspended? - raise Mastodon::NotPermittedError if target_account.blocking?(source_account) || source_account.blocking?(target_account) || target_account.moved? || (!target_account.local? && target_account.ostatus?) || source_account.domain_blocking?(target_account.domain) - - if source_account.following?(target_account) - # We're already following this account, but we'll call follow! again to - # make sure the reblogs status is set correctly. - return source_account.follow!(target_account, reblogs: reblogs) - elsif source_account.requested?(target_account) - # This isn't managed by a method in AccountInteractions, so we modify it - # ourselves if necessary. - req = source_account.follow_requests.find_by(target_account: target_account) - req.update!(show_reblogs: reblogs) - return req + # @param [Hash] options + # @option [Boolean] :reblogs Whether or not to show reblogs, defaults to true + # @option [Boolean] :bypass_locked + # @option [Boolean] :with_rate_limit + def call(source_account, target_account, options = {}) + @source_account = source_account + @target_account = ResolveAccountService.new.call(target_account, skip_webfinger: true) + @options = { reblogs: true, bypass_locked: false, with_rate_limit: false }.merge(options) + + raise ActiveRecord::RecordNotFound if following_not_possible? + raise Mastodon::NotPermittedError if following_not_allowed? + + if @source_account.following?(@target_account) + return change_follow_options! + elsif @source_account.requested?(@target_account) + return change_follow_request_options! end ActivityTracker.increment('activity:interactions') - if (target_account.locked? && !bypass_locked) || source_account.silenced? || target_account.activitypub? - request_follow(source_account, target_account, reblogs: reblogs) - elsif target_account.local? - direct_follow(source_account, target_account, reblogs: reblogs) + if (@target_account.locked? && !@options[:bypass_locked]) || @source_account.silenced? || @target_account.activitypub? + request_follow! + elsif @target_account.local? + direct_follow! end end private - def request_follow(source_account, target_account, reblogs: true) - follow_request = FollowRequest.create!(account: source_account, target_account: target_account, show_reblogs: reblogs) + def following_not_possible? + @target_account.nil? || @target_account.id == @source_account.id || @target_account.suspended? + end + + def following_not_allowed? + @target_account.blocking?(@source_account) || @source_account.blocking?(@target_account) || @target_account.moved? || (!@target_account.local? && @target_account.ostatus?) || @source_account.domain_blocking?(@target_account.domain) + end + + def change_follow_options! + @source_account.follow!(@target_account, reblogs: @options[:reblogs]) + end + + def change_follow_request_options! + @source_account.request_follow!(@target_account, reblogs: @options[:reblogs]) + end + + def request_follow! + follow_request = @source_account.request_follow!(@target_account, reblogs: @options[:reblogs], rate_limit: @options[:with_rate_limit]) - if target_account.local? - LocalNotificationWorker.perform_async(target_account.id, follow_request.id, follow_request.class.name) - elsif target_account.activitypub? - ActivityPub::DeliveryWorker.perform_async(build_json(follow_request), source_account.id, target_account.inbox_url) + if @target_account.local? + LocalNotificationWorker.perform_async(@target_account.id, follow_request.id, follow_request.class.name) + elsif @target_account.activitypub? + ActivityPub::DeliveryWorker.perform_async(build_json(follow_request), @source_account.id, @target_account.inbox_url) end follow_request end - def direct_follow(source_account, target_account, reblogs: true) - follow = source_account.follow!(target_account, reblogs: reblogs) + def direct_follow! + follow = @source_account.follow!(@target_account, reblogs: @options[:reblogs], rate_limit: @options[:with_rate_limit]) - LocalNotificationWorker.perform_async(target_account.id, follow.id, follow.class.name) - MergeWorker.perform_async(target_account.id, source_account.id) + LocalNotificationWorker.perform_async(@target_account.id, follow.id, follow.class.name) + MergeWorker.perform_async(@target_account.id, @source_account.id) follow end diff --git a/app/services/post_status_service.rb b/app/services/post_status_service.rb index a0a650d62..1bbd625b4 100644 --- a/app/services/post_status_service.rb +++ b/app/services/post_status_service.rb @@ -19,6 +19,7 @@ class PostStatusService < BaseService # @option [Enumerable] :media_ids Optional array of media IDs to attach # @option [Doorkeeper::Application] :application # @option [String] :idempotency Optional idempotency key + # @option [Boolean] :with_rate_limit # @return [Status] def call(account, options = {}) @account = account @@ -160,6 +161,7 @@ class PostStatusService < BaseService visibility: @visibility, language: language_from_option(@options[:language]) || @account.user&.setting_default_language&.presence || LanguageDetector.instance.detect(@text, @account), application: @options[:application], + rate_limit: @options[:with_rate_limit], }.compact end @@ -179,10 +181,11 @@ class PostStatusService < BaseService def scheduled_options @options.tap do |options_hash| - options_hash[:in_reply_to_id] = options_hash.delete(:thread)&.id - options_hash[:application_id] = options_hash.delete(:application)&.id - options_hash[:scheduled_at] = nil - options_hash[:idempotency] = nil + options_hash[:in_reply_to_id] = options_hash.delete(:thread)&.id + options_hash[:application_id] = options_hash.delete(:application)&.id + options_hash[:scheduled_at] = nil + options_hash[:idempotency] = nil + options_hash[:with_rate_limit] = false end end end diff --git a/app/services/reblog_service.rb b/app/services/reblog_service.rb index 3bb460fca..4b5ae9492 100644 --- a/app/services/reblog_service.rb +++ b/app/services/reblog_service.rb @@ -8,6 +8,8 @@ class ReblogService < BaseService # @param [Account] account Account to reblog from # @param [Status] reblogged_status Status to be reblogged # @param [Hash] options + # @option [String] :visibility + # @option [Boolean] :with_rate_limit # @return [Status] def call(account, reblogged_status, options = {}) reblogged_status = reblogged_status.reblog if reblogged_status.reblog? @@ -18,9 +20,15 @@ class ReblogService < BaseService return reblog unless reblog.nil? - visibility = options[:visibility] || account.user&.setting_default_privacy - visibility = reblogged_status.visibility if reblogged_status.hidden? - reblog = account.statuses.create!(reblog: reblogged_status, text: '', visibility: visibility) + visibility = begin + if reblogged_status.hidden? + reblogged_status.visibility + else + options[:visibility] || account.user&.setting_default_privacy + end + end + + reblog = account.statuses.create!(reblog: reblogged_status, text: '', visibility: visibility, rate_limit: options[:with_rate_limit]) DistributionWorker.perform_async(reblog.id) ActivityPub::DistributionWorker.perform_async(reblog.id) @@ -45,7 +53,9 @@ class ReblogService < BaseService def bump_potential_friendship(account, reblog) ActivityTracker.increment('activity:interactions') + return if account.following?(reblog.reblog.account_id) + PotentialFriendshipTracker.record(account.id, reblog.reblog.account_id, :reblog) end diff --git a/app/views/errors/429.html.haml b/app/views/errors/429.html.haml new file mode 100644 index 000000000..2df4f4175 --- /dev/null +++ b/app/views/errors/429.html.haml @@ -0,0 +1,5 @@ +- content_for :page_title do + = t('errors.429') + +- content_for :content do + = t('errors.429') diff --git a/config/initializers/rack_attack.rb b/config/initializers/rack_attack.rb index 3cd7ea3a6..8bc1104d4 100644 --- a/config/initializers/rack_attack.rb +++ b/config/initializers/rack_attack.rb @@ -70,7 +70,6 @@ class Rack::Attack req.remote_ip if req.post? && req.path == '/api/v1/accounts' end - # Throttle paging, as it is mainly used for public pages and AP collections throttle('throttle_authenticated_paging', limit: 300, period: 15.minutes) do |req| req.authenticated_user_id if req.paging_request? end diff --git a/config/locales/en.yml b/config/locales/en.yml index 1d2580101..99a80431a 100644 --- a/config/locales/en.yml +++ b/config/locales/en.yml @@ -725,7 +725,7 @@ en: '422': content: Security verification failed. Are you blocking cookies? title: Security verification failed - '429': Throttled + '429': Too many requests '500': content: We're sorry, but something went wrong on our end. title: This page is not correct diff --git a/spec/controllers/account_follow_controller_spec.rb b/spec/controllers/account_follow_controller_spec.rb index ac15499be..9a93e1ebe 100644 --- a/spec/controllers/account_follow_controller_spec.rb +++ b/spec/controllers/account_follow_controller_spec.rb @@ -25,7 +25,7 @@ describe AccountFollowController do sign_in(user) subject - expect(service).to have_received(:call).with(user.account, 'alice') + expect(service).to have_received(:call).with(user.account, alice, with_rate_limit: true) expect(response).to redirect_to(account_path(alice)) end end diff --git a/spec/controllers/api/v1/statuses_controller_spec.rb b/spec/controllers/api/v1/statuses_controller_spec.rb index 9ff5fcd3b..df8037038 100644 --- a/spec/controllers/api/v1/statuses_controller_spec.rb +++ b/spec/controllers/api/v1/statuses_controller_spec.rb @@ -39,12 +39,50 @@ RSpec.describe Api::V1::StatusesController, type: :controller do describe 'POST #create' do let(:scopes) { 'write:statuses' } - before do - post :create, params: { status: 'Hello world' } + context do + before do + post :create, params: { status: 'Hello world' } + end + + it 'returns http success' do + expect(response).to have_http_status(200) + end + + it 'returns rate limit headers' do + expect(response.headers['X-RateLimit-Limit']).to eq RateLimiter::FAMILIES[:statuses][:limit].to_s + expect(response.headers['X-RateLimit-Remaining']).to eq (RateLimiter::FAMILIES[:statuses][:limit] - 1).to_s + end end - it 'returns http success' do - expect(response).to have_http_status(200) + context 'with missing parameters' do + before do + post :create, params: {} + end + + it 'returns http unprocessable entity' do + expect(response).to have_http_status(422) + end + + it 'returns rate limit headers' do + expect(response.headers['X-RateLimit-Limit']).to eq RateLimiter::FAMILIES[:statuses][:limit].to_s + end + end + + context 'when exceeding rate limit' do + before do + rate_limiter = RateLimiter.new(user.account, family: :statuses) + 300.times { rate_limiter.record! } + post :create, params: { status: 'Hello world' } + end + + it 'returns http too many requests' do + expect(response).to have_http_status(429) + end + + it 'returns rate limit headers' do + expect(response.headers['X-RateLimit-Limit']).to eq RateLimiter::FAMILIES[:statuses][:limit].to_s + expect(response.headers['X-RateLimit-Remaining']).to eq '0' + end end end -- cgit From 2423d2f6772da39c0a76612dd2be299c445eb9f8 Mon Sep 17 00:00:00 2001 From: ThibG Date: Sun, 8 Mar 2020 16:00:24 +0100 Subject: Add ability to delete files uploaded for settings in admin UI (#13192) * Allow deleting site uploads * Refactor and move links into hints * Fix i18n tests * Fix HTML output of site_upload_delete_hint --- app/controllers/admin/site_uploads_controller.rb | 21 +++++++++++++++++++++ app/helpers/admin/settings_helper.rb | 11 +++++++++++ app/policies/settings_policy.rb | 4 ++++ app/views/admin/settings/edit.html.haml | 6 +++--- config/locales/en.yml | 3 +++ config/routes.rb | 1 + 6 files changed, 43 insertions(+), 3 deletions(-) create mode 100644 app/controllers/admin/site_uploads_controller.rb create mode 100644 app/helpers/admin/settings_helper.rb (limited to 'app/controllers') diff --git a/app/controllers/admin/site_uploads_controller.rb b/app/controllers/admin/site_uploads_controller.rb new file mode 100644 index 000000000..cacecedb0 --- /dev/null +++ b/app/controllers/admin/site_uploads_controller.rb @@ -0,0 +1,21 @@ +# frozen_string_literal: true + +module Admin + class SiteUploadsController < BaseController + before_action :set_site_upload + + def destroy + authorize :settings, :destroy? + + @site_upload.destroy! + + redirect_to edit_admin_settings_path, notice: I18n.t('admin.site_uploads.destroyed_msg') + end + + private + + def set_site_upload + @site_upload = SiteUpload.find(params[:id]) + end + end +end diff --git a/app/helpers/admin/settings_helper.rb b/app/helpers/admin/settings_helper.rb new file mode 100644 index 000000000..baf14ab25 --- /dev/null +++ b/app/helpers/admin/settings_helper.rb @@ -0,0 +1,11 @@ +# frozen_string_literal: true + +module Admin::SettingsHelper + def site_upload_delete_hint(hint, var) + upload = SiteUpload.find_by(var: var.to_s) + return hint unless upload + + link = link_to t('admin.site_uploads.delete'), admin_site_upload_path(upload), data: { method: :delete } + safe_join([hint, link], '
'.html_safe) + end +end diff --git a/app/policies/settings_policy.rb b/app/policies/settings_policy.rb index 2dcb79f51..874f97bab 100644 --- a/app/policies/settings_policy.rb +++ b/app/policies/settings_policy.rb @@ -8,4 +8,8 @@ class SettingsPolicy < ApplicationPolicy def show? admin? end + + def destroy? + admin? + end end diff --git a/app/views/admin/settings/edit.html.haml b/app/views/admin/settings/edit.html.haml index d7b493051..dc08f0141 100644 --- a/app/views/admin/settings/edit.html.haml +++ b/app/views/admin/settings/edit.html.haml @@ -30,13 +30,13 @@ .fields-row .fields-row__column.fields-row__column-6.fields-group - = f.input :thumbnail, as: :file, wrapper: :with_block_label, label: t('admin.settings.thumbnail.title'), hint: t('admin.settings.thumbnail.desc_html') + = f.input :thumbnail, as: :file, wrapper: :with_block_label, label: t('admin.settings.thumbnail.title'), hint: site_upload_delete_hint(t('admin.settings.thumbnail.desc_html'), :thumbnail) .fields-row__column.fields-row__column-6.fields-group - = f.input :hero, as: :file, wrapper: :with_block_label, label: t('admin.settings.hero.title'), hint: t('admin.settings.hero.desc_html') + = f.input :hero, as: :file, wrapper: :with_block_label, label: t('admin.settings.hero.title'), hint: site_upload_delete_hint(t('admin.settings.hero.desc_html'), :hero) .fields-row .fields-row__column.fields-row__column-6.fields-group - = f.input :mascot, as: :file, wrapper: :with_block_label, label: t('admin.settings.mascot.title'), hint: t('admin.settings.mascot.desc_html') + = f.input :mascot, as: :file, wrapper: :with_block_label, label: t('admin.settings.mascot.title'), hint: site_upload_delete_hint(t('admin.settings.mascot.desc_html'), :mascot) %hr.spacer/ diff --git a/config/locales/en.yml b/config/locales/en.yml index 99a80431a..8440b471c 100644 --- a/config/locales/en.yml +++ b/config/locales/en.yml @@ -537,6 +537,9 @@ en: trends: desc_html: Publicly display previously reviewed hashtags that are currently trending title: Trending hashtags + site_uploads: + delete: Delete uploaded file + destroyed_msg: Site upload successfully deleted! statuses: back_to_account: Back to account page batch: diff --git a/config/routes.rb b/config/routes.rb index c22efc1e1..2de31e2db 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -186,6 +186,7 @@ Rails.application.routes.draw do end resource :settings, only: [:edit, :update] + resources :site_uploads, only: [:destroy] resources :invites, only: [:index, :create, :destroy] do collection do -- cgit From 9660aa4543deff41c60d131e081137f84e771499 Mon Sep 17 00:00:00 2001 From: Eugen Rochko Date: Sun, 8 Mar 2020 23:56:18 +0100 Subject: Change local media attachments to perform heavy processing asynchronously (#13210) Fix #9106 --- app/controllers/api/v1/media_controller.rb | 29 ++++++++++++++---- app/controllers/api/v2/media_controller.rb | 12 ++++++++ app/javascript/mastodon/actions/compose.js | 23 +++++++++++++-- app/models/concerns/attachmentable.rb | 2 +- app/models/media_attachment.rb | 26 +++++++++++++++-- .../rest/media_attachment_serializer.rb | 4 ++- app/services/post_status_service.rb | 1 + app/workers/backup_worker.rb | 8 +++-- app/workers/post_process_media_worker.rb | 34 ++++++++++++++++++++++ config/application.rb | 1 + config/locales/en.yml | 1 + config/routes.rb | 3 +- ...06035625_add_processing_to_media_attachments.rb | 5 ++++ db/schema.rb | 3 +- lib/paperclip/attachment_extensions.rb | 30 +++++++++++++++++++ 15 files changed, 165 insertions(+), 17 deletions(-) create mode 100644 app/controllers/api/v2/media_controller.rb create mode 100644 app/workers/post_process_media_worker.rb create mode 100644 db/migrate/20200306035625_add_processing_to_media_attachments.rb create mode 100644 lib/paperclip/attachment_extensions.rb (limited to 'app/controllers') diff --git a/app/controllers/api/v1/media_controller.rb b/app/controllers/api/v1/media_controller.rb index d87d7b946..0bb3d0d27 100644 --- a/app/controllers/api/v1/media_controller.rb +++ b/app/controllers/api/v1/media_controller.rb @@ -3,25 +3,42 @@ class Api::V1::MediaController < Api::BaseController before_action -> { doorkeeper_authorize! :write, :'write:media' } before_action :require_user! + before_action :set_media_attachment, except: [:create] + before_action :check_processing, except: [:create] def create - @media = current_account.media_attachments.create!(media_params) - render json: @media, serializer: REST::MediaAttachmentSerializer + @media_attachment = current_account.media_attachments.create!(media_attachment_params) + render json: @media_attachment, serializer: REST::MediaAttachmentSerializer rescue Paperclip::Errors::NotIdentifiedByImageMagickError render json: file_type_error, status: 422 rescue Paperclip::Error render json: processing_error, status: 500 end + def show + render json: @media_attachment, serializer: REST::MediaAttachmentSerializer, status: status_code_for_media_attachment + end + def update - @media = current_account.media_attachments.where(status_id: nil).find(params[:id]) - @media.update!(media_params) - render json: @media, serializer: REST::MediaAttachmentSerializer + @media_attachment.update!(media_attachment_params) + render json: @media_attachment, serializer: REST::MediaAttachmentSerializer, status: status_code_for_media_attachment end private - def media_params + def status_code_for_media_attachment + @media_attachment.not_processed? ? 206 : 200 + end + + def set_media_attachment + @media_attachment = current_account.media_attachments.unattached.find(params[:id]) + end + + def check_processing + render json: processing_error, status: 422 if @media_attachment.processing_failed? + end + + def media_attachment_params params.permit(:file, :description, :focus) end diff --git a/app/controllers/api/v2/media_controller.rb b/app/controllers/api/v2/media_controller.rb new file mode 100644 index 000000000..0c1baf01d --- /dev/null +++ b/app/controllers/api/v2/media_controller.rb @@ -0,0 +1,12 @@ +# frozen_string_literal: true + +class Api::V2::MediaController < Api::V1::MediaController + def create + @media_attachment = current_account.media_attachments.create!({ delay_processing: true }.merge(media_attachment_params)) + render json: @media_attachment, serializer: REST::MediaAttachmentSerializer, status: 202 + rescue Paperclip::Errors::NotIdentifiedByImageMagickError + render json: file_type_error, status: 422 + rescue Paperclip::Error + render json: processing_error, status: 500 + end +end diff --git a/app/javascript/mastodon/actions/compose.js b/app/javascript/mastodon/actions/compose.js index c3c6ff1a1..68ef8fbd5 100644 --- a/app/javascript/mastodon/actions/compose.js +++ b/app/javascript/mastodon/actions/compose.js @@ -230,12 +230,31 @@ export function uploadCompose(files) { // Account for disparity in size of original image and resized data total += file.size - f.size; - return api(getState).post('/api/v1/media', data, { + return api(getState).post('/api/v2/media', data, { onUploadProgress: function({ loaded }){ progress[i] = loaded; dispatch(uploadComposeProgress(progress.reduce((a, v) => a + v, 0), total)); }, - }).then(({ data }) => dispatch(uploadComposeSuccess(data, f))); + }).then(({ status, data }) => { + // If server-side processing of the media attachment has not completed yet, + // poll the server until it is, before showing the media attachment as uploaded + + if (status === 200) { + dispatch(uploadComposeSuccess(data, f)); + } else if (status === 202) { + const poll = () => { + api(getState).get(`/api/v1/media/${data.id}`).then(response => { + if (response.status === 200) { + dispatch(uploadComposeSuccess(data, f)); + } else if (response.status === 206) { + setTimeout(() => poll(), 1000); + } + }).catch(error => dispatch(uploadComposeFail(error))); + }; + + poll(); + } + }); }).catch(error => dispatch(uploadComposeFail(error))); }; }; diff --git a/app/models/concerns/attachmentable.rb b/app/models/concerns/attachmentable.rb index 43ff8ac12..18b872c1e 100644 --- a/app/models/concerns/attachmentable.rb +++ b/app/models/concerns/attachmentable.rb @@ -74,7 +74,7 @@ module Attachmentable self.class.attachment_definitions.each_key do |attachment_name| attachment = send(attachment_name) - next if attachment.blank? || attachment.queued_for_write[:original].blank? + next if attachment.blank? || attachment.queued_for_write[:original].blank? || attachment.options[:preserve_files] attachment.instance_write :file_name, SecureRandom.hex(8) + File.extname(attachment.instance_read(:file_name)) end diff --git a/app/models/media_attachment.rb b/app/models/media_attachment.rb index 1e36625ca..3fd4f231c 100644 --- a/app/models/media_attachment.rb +++ b/app/models/media_attachment.rb @@ -19,12 +19,14 @@ # description :text # scheduled_status_id :bigint(8) # blurhash :string +# processing :integer # class MediaAttachment < ApplicationRecord self.inheritance_column = nil enum type: [:image, :gifv, :video, :unknown, :audio] + enum processing: [:queued, :in_progress, :complete, :failed], _prefix: true MAX_DESCRIPTION_LENGTH = 1_500 @@ -156,6 +158,10 @@ class MediaAttachment < ApplicationRecord remote_url.blank? end + def not_processed? + processing.present? && !processing_complete? + end + def needs_redownload? file.blank? && remote_url.present? end @@ -203,10 +209,18 @@ class MediaAttachment < ApplicationRecord "#{x},#{y}" end + attr_writer :delay_processing + + def delay_processing? + @delay_processing + end + + after_commit :enqueue_processing, on: :create after_commit :reset_parent_cache, on: :update before_create :prepare_description, unless: :local? before_create :set_shortcode + before_create :set_processing before_post_process :set_type_and_extension @@ -277,6 +291,10 @@ class MediaAttachment < ApplicationRecord end end + def set_processing + self.processing = delay_processing? ? :queued : :complete + end + def set_meta meta = populate_meta @@ -322,9 +340,11 @@ class MediaAttachment < ApplicationRecord }.compact end - def reset_parent_cache - return if status_id.nil? + def enqueue_processing + PostProcessMediaWorker.perform_async(id) if delay_processing? + end - Rails.cache.delete("statuses/#{status_id}") + def reset_parent_cache + Rails.cache.delete("statuses/#{status_id}") if status_id.present? end end diff --git a/app/serializers/rest/media_attachment_serializer.rb b/app/serializers/rest/media_attachment_serializer.rb index 1b3498ea4..cc10e3001 100644 --- a/app/serializers/rest/media_attachment_serializer.rb +++ b/app/serializers/rest/media_attachment_serializer.rb @@ -12,7 +12,9 @@ class REST::MediaAttachmentSerializer < ActiveModel::Serializer end def url - if object.needs_redownload? + if object.not_processed? + nil + elsif object.needs_redownload? media_proxy_url(object.id, :original) else full_asset_url(object.file.url(:original)) diff --git a/app/services/post_status_service.rb b/app/services/post_status_service.rb index 2301621ab..c61b3baa2 100644 --- a/app/services/post_status_service.rb +++ b/app/services/post_status_service.rb @@ -101,6 +101,7 @@ class PostStatusService < BaseService @media = @account.media_attachments.where(status_id: nil).where(id: @options[:media_ids].take(4).map(&:to_i)) raise Mastodon::ValidationError, I18n.t('media_attachments.validations.images_and_video') if @media.size > 1 && @media.find(&:audio_or_video?) + raise Mastodon::ValidationError, I18n.t('media_attachments.validations.not_ready') if @media.any?(&:not_processed?) end def language_from_option(str) diff --git a/app/workers/backup_worker.rb b/app/workers/backup_worker.rb index e4c609d70..7b0b52844 100644 --- a/app/workers/backup_worker.rb +++ b/app/workers/backup_worker.rb @@ -9,8 +9,12 @@ class BackupWorker backup_id = msg['args'].first ActiveRecord::Base.connection_pool.with_connection do - backup = Backup.find(backup_id) - backup&.destroy + begin + backup = Backup.find(backup_id) + backup.destroy + rescue ActiveRecord::RecordNotFound + true + end end end diff --git a/app/workers/post_process_media_worker.rb b/app/workers/post_process_media_worker.rb new file mode 100644 index 000000000..d3ebda194 --- /dev/null +++ b/app/workers/post_process_media_worker.rb @@ -0,0 +1,34 @@ +# frozen_string_literal: true + +class PostProcessMediaWorker + include Sidekiq::Worker + + sidekiq_options retry: 1, dead: false + + sidekiq_retries_exhausted do |msg| + media_attachment_id = msg['args'].first + + ActiveRecord::Base.connection_pool.with_connection do + begin + media_attachment = MediaAttachment.find(media_attachment_id) + media_attachment.processing = :failed + media_attachment.save + rescue ActiveRecord::RecordNotFound + true + end + end + + Sidekiq.logger.error("Processing media attachment #{media_attachment_id} failed with #{msg['error_message']}") + end + + def perform(media_attachment_id) + media_attachment = MediaAttachment.find(media_attachment_id) + media_attachment.processing = :in_progress + media_attachment.save + media_attachment.file.reprocess_original! + media_attachment.processing = :complete + media_attachment.save + rescue ActiveRecord::RecordNotFound + true + end +end diff --git a/config/application.rb b/config/application.rb index 1baa166ce..cd599eefc 100644 --- a/config/application.rb +++ b/config/application.rb @@ -7,6 +7,7 @@ require 'rails/all' Bundler.require(*Rails.groups) require_relative '../app/lib/exceptions' +require_relative '../lib/paperclip/attachment_extensions' require_relative '../lib/paperclip/lazy_thumbnail' require_relative '../lib/paperclip/gif_transcoder' require_relative '../lib/paperclip/video_transcoder' diff --git a/config/locales/en.yml b/config/locales/en.yml index 8440b471c..a031f9e9d 100644 --- a/config/locales/en.yml +++ b/config/locales/en.yml @@ -853,6 +853,7 @@ en: media_attachments: validations: images_and_video: Cannot attach a video to a status that already contains images + not_ready: Cannot attach files that have not finished processing. Try again in a moment! too_many: Cannot attach more than 4 files migrations: acct: Moved to diff --git a/config/routes.rb b/config/routes.rb index 2de31e2db..89d446d10 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -343,7 +343,7 @@ Rails.application.routes.draw do end end - resources :media, only: [:create, :update] + resources :media, only: [:create, :update, :show] resources :blocks, only: [:index] resources :mutes, only: [:index] resources :favourites, only: [:index] @@ -455,6 +455,7 @@ Rails.application.routes.draw do end namespace :v2 do + resources :media, only: [:create] get '/search', to: 'search#index', as: :search end diff --git a/db/migrate/20200306035625_add_processing_to_media_attachments.rb b/db/migrate/20200306035625_add_processing_to_media_attachments.rb new file mode 100644 index 000000000..131ffa52a --- /dev/null +++ b/db/migrate/20200306035625_add_processing_to_media_attachments.rb @@ -0,0 +1,5 @@ +class AddProcessingToMediaAttachments < ActiveRecord::Migration[5.2] + def change + add_column :media_attachments, :processing, :integer + end +end diff --git a/db/schema.rb b/db/schema.rb index b09ee0e76..ddb9a5d8c 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -10,7 +10,7 @@ # # It's strongly recommended that you check this file into your version control system. -ActiveRecord::Schema.define(version: 2020_01_26_203551) do +ActiveRecord::Schema.define(version: 2020_03_06_035625) do # These are extensions that must be enabled in order to support this database enable_extension "plpgsql" @@ -459,6 +459,7 @@ ActiveRecord::Schema.define(version: 2020_01_26_203551) do t.text "description" t.bigint "scheduled_status_id" t.string "blurhash" + t.integer "processing" t.index ["account_id"], name: "index_media_attachments_on_account_id" t.index ["scheduled_status_id"], name: "index_media_attachments_on_scheduled_status_id" t.index ["shortcode"], name: "index_media_attachments_on_shortcode", unique: true diff --git a/lib/paperclip/attachment_extensions.rb b/lib/paperclip/attachment_extensions.rb new file mode 100644 index 000000000..3b308af5f --- /dev/null +++ b/lib/paperclip/attachment_extensions.rb @@ -0,0 +1,30 @@ +# frozen_string_literal: true + +module Paperclip + module AttachmentExtensions + # We overwrite this method to support delayed processing in + # Sidekiq. Since we process the original file to reduce disk + # usage, and we still want to generate thumbnails straight + # away, it's the only style we need to exclude + def process_style?(style_name, style_args) + if style_name == :original && instance.respond_to?(:delay_processing?) && instance.delay_processing? + false + else + style_args.empty? || style_args.include?(style_name) + end + end + + def reprocess_original! + old_original_path = path(:original) + reprocess!(:original) + new_original_path = path(:original) + + if new_original_path != old_original_path + @queued_for_delete << old_original_path + flush_deletes + end + end + end +end + +Paperclip::Attachment.prepend(Paperclip::AttachmentExtensions) -- cgit From b154428e14861f5cdc7ba6e5f8e582dbf7d0a1c0 Mon Sep 17 00:00:00 2001 From: ThibG Date: Mon, 9 Mar 2020 00:10:29 +0100 Subject: Add federation support for the "hide network" preference (#11673) * Change ActivityPub follower/following collections to not link first page * Add support for hiding followers and following of remote users * Switch to using a single `hide_collections` column * Address code style remarks --- .../v1/accounts/follower_accounts_controller.rb | 2 +- .../v1/accounts/following_accounts_controller.rb | 2 +- app/controllers/follower_accounts_controller.rb | 11 +++++++++- app/controllers/following_accounts_controller.rb | 11 +++++++++- app/models/account.rb | 9 ++++++++ .../activitypub/process_account_service.rb | 25 ++++++++++++++++------ ...91212163405_add_hide_collections_to_accounts.rb | 5 +++++ db/schema.rb | 1 + 8 files changed, 55 insertions(+), 11 deletions(-) create mode 100644 db/migrate/20191212163405_add_hide_collections_to_accounts.rb (limited to 'app/controllers') diff --git a/app/controllers/api/v1/accounts/follower_accounts_controller.rb b/app/controllers/api/v1/accounts/follower_accounts_controller.rb index 850702cca..1daa1ed0d 100644 --- a/app/controllers/api/v1/accounts/follower_accounts_controller.rb +++ b/app/controllers/api/v1/accounts/follower_accounts_controller.rb @@ -25,7 +25,7 @@ class Api::V1::Accounts::FollowerAccountsController < Api::BaseController end def hide_results? - (@account.user_hides_network? && current_account&.id != @account.id) || (current_account && @account.blocking?(current_account)) + (@account.hides_followers? && current_account&.id != @account.id) || (current_account && @account.blocking?(current_account)) end def default_accounts diff --git a/app/controllers/api/v1/accounts/following_accounts_controller.rb b/app/controllers/api/v1/accounts/following_accounts_controller.rb index 830dcd8a1..6fc23cf75 100644 --- a/app/controllers/api/v1/accounts/following_accounts_controller.rb +++ b/app/controllers/api/v1/accounts/following_accounts_controller.rb @@ -25,7 +25,7 @@ class Api::V1::Accounts::FollowingAccountsController < Api::BaseController end def hide_results? - (@account.user_hides_network? && current_account&.id != @account.id) || (current_account && @account.blocking?(current_account)) + (@account.hides_following? && current_account&.id != @account.id) || (current_account && @account.blocking?(current_account)) end def default_accounts diff --git a/app/controllers/follower_accounts_controller.rb b/app/controllers/follower_accounts_controller.rb index 7103749ad..14e22dd1e 100644 --- a/app/controllers/follower_accounts_controller.rb +++ b/app/controllers/follower_accounts_controller.rb @@ -28,7 +28,8 @@ class FollowerAccountsController < ApplicationController render json: collection_presenter, serializer: ActivityPub::CollectionSerializer, adapter: ActivityPub::Adapter, - content_type: 'application/activity+json' + content_type: 'application/activity+json', + fields: restrict_fields_to end end end @@ -71,4 +72,12 @@ class FollowerAccountsController < ApplicationController ) end end + + def restrict_fields_to + if page_requested? || !@account.user_hides_network? + # Return all fields + else + %i(id type totalItems) + end + end end diff --git a/app/controllers/following_accounts_controller.rb b/app/controllers/following_accounts_controller.rb index 6c8fb84d8..95849ffb9 100644 --- a/app/controllers/following_accounts_controller.rb +++ b/app/controllers/following_accounts_controller.rb @@ -28,7 +28,8 @@ class FollowingAccountsController < ApplicationController render json: collection_presenter, serializer: ActivityPub::CollectionSerializer, adapter: ActivityPub::Adapter, - content_type: 'application/activity+json' + content_type: 'application/activity+json', + fields: restrict_fields_to end end end @@ -71,4 +72,12 @@ class FollowingAccountsController < ApplicationController ) end end + + def restrict_fields_to + if page_requested? || !@account.user_hides_network? + # Return all fields + else + %i(id type totalItems) + end + end end diff --git a/app/models/account.rb b/app/models/account.rb index a1b4a065b..6aceb809c 100644 --- a/app/models/account.rb +++ b/app/models/account.rb @@ -46,6 +46,7 @@ # silenced_at :datetime # suspended_at :datetime # trust_level :integer +# hide_collections :boolean # class Account < ApplicationRecord @@ -323,6 +324,14 @@ class Account < ApplicationRecord save! end + def hides_followers? + hide_collections? || user_hides_network? + end + + def hides_following? + hide_collections? || user_hides_network? + end + def object_type :person end diff --git a/app/services/activitypub/process_account_service.rb b/app/services/activitypub/process_account_service.rb index d5ede0388..7b4c53d50 100644 --- a/app/services/activitypub/process_account_service.rb +++ b/app/services/activitypub/process_account_service.rb @@ -94,6 +94,7 @@ class ActivityPub::ProcessAccountService < BaseService @account.statuses_count = outbox_total_items if outbox_total_items.present? @account.following_count = following_total_items if following_total_items.present? @account.followers_count = followers_total_items if followers_total_items.present? + @account.hide_collections = following_private? || followers_private? @account.moved_to_account = @json['movedTo'].present? ? moved_account : nil end @@ -166,26 +167,36 @@ class ActivityPub::ProcessAccountService < BaseService end def outbox_total_items - collection_total_items('outbox') + collection_info('outbox').first end def following_total_items - collection_total_items('following') + collection_info('following').first end def followers_total_items - collection_total_items('followers') + collection_info('followers').first end - def collection_total_items(type) - return if @json[type].blank? + def following_private? + !collection_info('following').last + end + + def followers_private? + !collection_info('followers').last + end + + def collection_info(type) + return [nil, nil] if @json[type].blank? return @collections[type] if @collections.key?(type) collection = fetch_resource_without_id_validation(@json[type]) - @collections[type] = collection.is_a?(Hash) && collection['totalItems'].present? && collection['totalItems'].is_a?(Numeric) ? collection['totalItems'] : nil + total_items = collection.is_a?(Hash) && collection['totalItems'].present? && collection['totalItems'].is_a?(Numeric) ? collection['totalItems'] : nil + has_first_page = collection.is_a?(Hash) && collection['first'].present? + @collections[type] = [total_items, has_first_page] rescue HTTP::Error, OpenSSL::SSL::SSLError - @collections[type] = nil + @collections[type] = [nil, nil] end def moved_account diff --git a/db/migrate/20191212163405_add_hide_collections_to_accounts.rb b/db/migrate/20191212163405_add_hide_collections_to_accounts.rb new file mode 100644 index 000000000..fa99b32e5 --- /dev/null +++ b/db/migrate/20191212163405_add_hide_collections_to_accounts.rb @@ -0,0 +1,5 @@ +class AddHideCollectionsToAccounts < ActiveRecord::Migration[5.2] + def change + add_column :accounts, :hide_collections, :boolean + end +end diff --git a/db/schema.rb b/db/schema.rb index ddb9a5d8c..a851e01fc 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -170,6 +170,7 @@ ActiveRecord::Schema.define(version: 2020_03_06_035625) do t.datetime "silenced_at" t.datetime "suspended_at" t.integer "trust_level" + t.boolean "hide_collections" t.index "(((setweight(to_tsvector('simple'::regconfig, (display_name)::text), 'A'::\"char\") || setweight(to_tsvector('simple'::regconfig, (username)::text), 'B'::\"char\")) || setweight(to_tsvector('simple'::regconfig, (COALESCE(domain, ''::character varying))::text), 'C'::\"char\")))", name: "search_index", using: :gin t.index "lower((username)::text), lower((domain)::text)", name: "index_accounts_on_username_and_domain_lower", unique: true t.index ["moved_to_account_id"], name: "index_accounts_on_moved_to_account_id" -- cgit From f556f79b7733834430b93109ac2c7f87529c8574 Mon Sep 17 00:00:00 2001 From: Eugen Rochko Date: Thu, 12 Mar 2020 17:57:59 +0100 Subject: Add titles to warning presets in admin UI (#13252) --- .../admin/warning_presets_controller.rb | 6 +++--- app/models/account_warning_preset.rb | 3 +++ app/views/admin/account_actions/new.html.haml | 2 +- .../warning_presets/_warning_preset.html.haml | 10 +++++++++ app/views/admin/warning_presets/edit.html.haml | 3 +++ app/views/admin/warning_presets/index.html.haml | 24 ++++++++-------------- config/locales/ar.yml | 1 - config/locales/ca.yml | 1 - config/locales/co.yml | 1 - config/locales/cs.yml | 1 - config/locales/cy.yml | 1 - config/locales/da.yml | 1 - config/locales/de.yml | 1 - config/locales/el.yml | 1 - config/locales/en.yml | 1 - config/locales/en_GB.yml | 1 - config/locales/eo.yml | 1 - config/locales/es-AR.yml | 1 - config/locales/es.yml | 1 - config/locales/et.yml | 1 - config/locales/eu.yml | 1 - config/locales/fa.yml | 1 - config/locales/fr.yml | 1 - config/locales/gl.yml | 1 - config/locales/hu.yml | 1 - config/locales/id.yml | 1 - config/locales/is.yml | 1 - config/locales/it.yml | 1 - config/locales/ja.yml | 1 - config/locales/kab.yml | 1 - config/locales/kk.yml | 1 - config/locales/ko.yml | 1 - config/locales/lt.yml | 1 - config/locales/nl.yml | 1 - config/locales/nn.yml | 1 - config/locales/no.yml | 1 - config/locales/oc.yml | 1 - config/locales/pl.yml | 1 - config/locales/pt-BR.yml | 1 - config/locales/pt-PT.yml | 1 - config/locales/ru.yml | 1 - config/locales/simple_form.en.yml | 2 ++ config/locales/sk.yml | 1 - config/locales/sl.yml | 1 - config/locales/sq.yml | 1 - config/locales/sr.yml | 1 - config/locales/sv.yml | 1 - config/locales/th.yml | 1 - config/locales/tr.yml | 1 - config/locales/uk.yml | 1 - config/locales/vi.yml | 1 - config/locales/zh-CN.yml | 1 - config/locales/zh-HK.yml | 1 - config/locales/zh-TW.yml | 1 - ...2144258_add_title_to_account_warning_presets.rb | 15 ++++++++++++++ db/schema.rb | 3 ++- 56 files changed, 48 insertions(+), 67 deletions(-) create mode 100644 app/views/admin/warning_presets/_warning_preset.html.haml create mode 100644 db/migrate/20200312144258_add_title_to_account_warning_presets.rb (limited to 'app/controllers') diff --git a/app/controllers/admin/warning_presets_controller.rb b/app/controllers/admin/warning_presets_controller.rb index 37be842c5..b376f8d9b 100644 --- a/app/controllers/admin/warning_presets_controller.rb +++ b/app/controllers/admin/warning_presets_controller.rb @@ -7,7 +7,7 @@ module Admin def index authorize :account_warning_preset, :index? - @warning_presets = AccountWarningPreset.all + @warning_presets = AccountWarningPreset.alphabetic @warning_preset = AccountWarningPreset.new end @@ -19,7 +19,7 @@ module Admin if @warning_preset.save redirect_to admin_warning_presets_path else - @warning_presets = AccountWarningPreset.all + @warning_presets = AccountWarningPreset.alphabetic render :index end end @@ -52,7 +52,7 @@ module Admin end def warning_preset_params - params.require(:account_warning_preset).permit(:text) + params.require(:account_warning_preset).permit(:title, :text) end end end diff --git a/app/models/account_warning_preset.rb b/app/models/account_warning_preset.rb index ba8ceabb3..c20f683cf 100644 --- a/app/models/account_warning_preset.rb +++ b/app/models/account_warning_preset.rb @@ -8,8 +8,11 @@ # text :text default(""), not null # created_at :datetime not null # updated_at :datetime not null +# title :string default(""), not null # class AccountWarningPreset < ApplicationRecord validates :text, presence: true + + scope :alphabetic, -> { order(title: :asc, text: :asc) } end diff --git a/app/views/admin/account_actions/new.html.haml b/app/views/admin/account_actions/new.html.haml index 20fbeef33..aa88b1448 100644 --- a/app/views/admin/account_actions/new.html.haml +++ b/app/views/admin/account_actions/new.html.haml @@ -21,7 +21,7 @@ - unless @warning_presets.empty? .fields-group - = f.input :warning_preset_id, collection: @warning_presets, label_method: :text, wrapper: :with_block_label + = f.input :warning_preset_id, collection: @warning_presets, label_method: ->(warning_preset) { [warning_preset.title.presence, truncate(warning_preset.text)].compact.join(' - ') }, wrapper: :with_block_label .fields-group = f.input :text, as: :text, wrapper: :with_block_label, hint: t('simple_form.hints.admin_account_action.text_html', path: admin_warning_presets_path) diff --git a/app/views/admin/warning_presets/_warning_preset.html.haml b/app/views/admin/warning_presets/_warning_preset.html.haml new file mode 100644 index 000000000..a58199c80 --- /dev/null +++ b/app/views/admin/warning_presets/_warning_preset.html.haml @@ -0,0 +1,10 @@ +.announcements-list__item + = link_to edit_admin_warning_preset_path(warning_preset), class: 'announcements-list__item__title' do + = warning_preset.title.presence || truncate(warning_preset.text) + + .announcements-list__item__action-bar + .announcements-list__item__meta + = truncate(warning_preset.text) + + %div + = table_link_to 'trash', t('admin.warning_presets.delete'), admin_warning_preset_path(warning_preset), method: :delete, data: { confirm: t('admin.accounts.are_you_sure') } if can?(:destroy, warning_preset) diff --git a/app/views/admin/warning_presets/edit.html.haml b/app/views/admin/warning_presets/edit.html.haml index 9522746cd..b5c5107ef 100644 --- a/app/views/admin/warning_presets/edit.html.haml +++ b/app/views/admin/warning_presets/edit.html.haml @@ -4,6 +4,9 @@ = simple_form_for @warning_preset, url: admin_warning_preset_path(@warning_preset) do |f| = render 'shared/error_messages', object: @warning_preset + .fields-group + = f.input :title, wrapper: :with_block_label + .fields-group = f.input :text, wrapper: :with_block_label diff --git a/app/views/admin/warning_presets/index.html.haml b/app/views/admin/warning_presets/index.html.haml index 45913ef73..dbc23fa30 100644 --- a/app/views/admin/warning_presets/index.html.haml +++ b/app/views/admin/warning_presets/index.html.haml @@ -5,6 +5,9 @@ = simple_form_for @warning_preset, url: admin_warning_presets_path do |f| = render 'shared/error_messages', object: @warning_preset + .fields-group + = f.input :title, wrapper: :with_block_label + .fields-group = f.input :text, wrapper: :with_block_label @@ -13,18 +16,9 @@ %hr.spacer/ -- unless @warning_presets.empty? - .table-wrapper - %table.table - %thead - %tr - %th= t('simple_form.labels.account_warning_preset.text') - %th - %tbody - - @warning_presets.each do |preset| - %tr - %td - = Formatter.instance.linkify(preset.text) - %td - = table_link_to 'pencil', t('admin.warning_presets.edit'), edit_admin_warning_preset_path(preset) - = table_link_to 'trash', t('admin.warning_presets.delete'), admin_warning_preset_path(preset), method: :delete, data: { confirm: t('admin.accounts.are_you_sure') } +- if @warning_presets.empty? + %div.muted-hint.center-text + = t 'admin.warning_presets.empty' +- else + .announcements-list + = render partial: 'warning_preset', collection: @warning_presets diff --git a/config/locales/ar.yml b/config/locales/ar.yml index f5a6f067d..5c73967d6 100644 --- a/config/locales/ar.yml +++ b/config/locales/ar.yml @@ -562,7 +562,6 @@ ar: warning_presets: add_new: إضافة واحد جديد delete: حذف - edit: تعديل edit_preset: تعديل نموذج التحذير title: إدارة نماذج التحذير admin_mailer: diff --git a/config/locales/ca.yml b/config/locales/ca.yml index 1c30b6b7a..22782ae16 100644 --- a/config/locales/ca.yml +++ b/config/locales/ca.yml @@ -573,7 +573,6 @@ ca: warning_presets: add_new: Afegeix-ne un de nou delete: Esborra - edit: Edita edit_preset: Edita l'avís predeterminat title: Gestiona les configuracions predefinides dels avisos admin_mailer: diff --git a/config/locales/co.yml b/config/locales/co.yml index 24f7f45fc..d9127a385 100644 --- a/config/locales/co.yml +++ b/config/locales/co.yml @@ -573,7 +573,6 @@ co: warning_presets: add_new: Aghjunghje delete: Sguassà - edit: Cambià edit_preset: Cambià a preselezzione d'avertimentu title: Amministrà e preselezzione d'avertimentu admin_mailer: diff --git a/config/locales/cs.yml b/config/locales/cs.yml index bab669e7e..23161ec5c 100644 --- a/config/locales/cs.yml +++ b/config/locales/cs.yml @@ -588,7 +588,6 @@ cs: warning_presets: add_new: Přidat nové delete: Smazat - edit: Upravit edit_preset: Upravit předlohu pro varování title: Spravovat předlohy pro varování admin_mailer: diff --git a/config/locales/cy.yml b/config/locales/cy.yml index afca0212a..a9e8a26da 100644 --- a/config/locales/cy.yml +++ b/config/locales/cy.yml @@ -605,7 +605,6 @@ cy: warning_presets: add_new: Ychwanegu newydd delete: Dileu - edit: Golygu edit_preset: Golygu rhagosodiad rhybudd title: Rheoli rhagosodiadau rhybudd admin_mailer: diff --git a/config/locales/da.yml b/config/locales/da.yml index 1cdf7722e..c978029b3 100644 --- a/config/locales/da.yml +++ b/config/locales/da.yml @@ -489,7 +489,6 @@ da: most_recent: Seneste warning_presets: delete: Slet - edit: Rediger admin_mailer: new_report: body: "%{reporter} har anmeldt %{target}" diff --git a/config/locales/de.yml b/config/locales/de.yml index 50f994473..6907efc60 100644 --- a/config/locales/de.yml +++ b/config/locales/de.yml @@ -573,7 +573,6 @@ de: warning_presets: add_new: Neu hinzufügen delete: Löschen - edit: Bearbeiten edit_preset: Warnungsvorlage bearbeiten title: Warnungsvorlagen verwalten admin_mailer: diff --git a/config/locales/el.yml b/config/locales/el.yml index 85c7bc648..dd9c93172 100644 --- a/config/locales/el.yml +++ b/config/locales/el.yml @@ -573,7 +573,6 @@ el: warning_presets: add_new: Πρόσθεση νέου delete: Διαγραφή - edit: Ενημέρωση edit_preset: Ενημέρωση προκαθορισμένης προειδοποίησης title: Διαχείριση προκαθορισμένων προειδοποιήσεων admin_mailer: diff --git a/config/locales/en.yml b/config/locales/en.yml index a031f9e9d..05d92b121 100644 --- a/config/locales/en.yml +++ b/config/locales/en.yml @@ -576,7 +576,6 @@ en: warning_presets: add_new: Add new delete: Delete - edit: Edit edit_preset: Edit warning preset title: Manage warning presets admin_mailer: diff --git a/config/locales/en_GB.yml b/config/locales/en_GB.yml index 0742559ed..1375ebb33 100644 --- a/config/locales/en_GB.yml +++ b/config/locales/en_GB.yml @@ -474,7 +474,6 @@ en_GB: warning_presets: add_new: Add new delete: Delete - edit: Edit edit_preset: Edit warning preset title: Manage warning presets admin_mailer: diff --git a/config/locales/eo.yml b/config/locales/eo.yml index b3cb2b523..32771b4c4 100644 --- a/config/locales/eo.yml +++ b/config/locales/eo.yml @@ -557,7 +557,6 @@ eo: warning_presets: add_new: Aldoni novan delete: Forigi - edit: Redakti edit_preset: Redakti avertan antaŭagordon title: Administri avertajn antaŭagordojn admin_mailer: diff --git a/config/locales/es-AR.yml b/config/locales/es-AR.yml index 6eec00cb6..67fb83de2 100644 --- a/config/locales/es-AR.yml +++ b/config/locales/es-AR.yml @@ -573,7 +573,6 @@ es-AR: warning_presets: add_new: Agregar nuevo delete: Eliminar - edit: Editar edit_preset: Editar preajuste de advertencia title: Administrar preajustes de advertencia admin_mailer: diff --git a/config/locales/es.yml b/config/locales/es.yml index a26143018..3acf29b15 100644 --- a/config/locales/es.yml +++ b/config/locales/es.yml @@ -573,7 +573,6 @@ es: warning_presets: add_new: Añadir nuevo delete: Borrar - edit: Editar edit_preset: Editar aviso predeterminado title: Editar configuración predeterminada de avisos admin_mailer: diff --git a/config/locales/et.yml b/config/locales/et.yml index 716da9010..8e3d56622 100644 --- a/config/locales/et.yml +++ b/config/locales/et.yml @@ -576,7 +576,6 @@ et: warning_presets: add_new: Lisa uus delete: Kustuta - edit: Redigeeri edit_preset: Redigeeri hoiatuse eelseadistust title: Halda hoiatuste eelseadistusi admin_mailer: diff --git a/config/locales/eu.yml b/config/locales/eu.yml index 3ca68d321..e44fc61b0 100644 --- a/config/locales/eu.yml +++ b/config/locales/eu.yml @@ -573,7 +573,6 @@ eu: warning_presets: add_new: Gehitu berria delete: Ezabatu - edit: Editatu edit_preset: Editatu abisu aurre-ezarpena title: Kudeatu abisu aurre-ezarpenak admin_mailer: diff --git a/config/locales/fa.yml b/config/locales/fa.yml index 02bbd2938..aca4df69b 100644 --- a/config/locales/fa.yml +++ b/config/locales/fa.yml @@ -575,7 +575,6 @@ fa: warning_presets: add_new: افزودن تازه delete: زدودن - edit: ویرایش edit_preset: ویرایش هشدار پیش‌فرض title: مدیریت هشدارهای پیش‌فرض admin_mailer: diff --git a/config/locales/fr.yml b/config/locales/fr.yml index bf79bc0ff..c1d8cc2bf 100644 --- a/config/locales/fr.yml +++ b/config/locales/fr.yml @@ -573,7 +573,6 @@ fr: warning_presets: add_new: Ajouter un nouveau delete: Effacer - edit: Éditer edit_preset: Éditer les avertissements prédéfinis title: Gérer les avertissements prédéfinis admin_mailer: diff --git a/config/locales/gl.yml b/config/locales/gl.yml index c3a33932d..9f0f16b5b 100644 --- a/config/locales/gl.yml +++ b/config/locales/gl.yml @@ -573,7 +573,6 @@ gl: warning_presets: add_new: Engadir novo delete: Eliminar - edit: Editar edit_preset: Editar aviso preestablecido title: Xestionar avisos preestablecidos admin_mailer: diff --git a/config/locales/hu.yml b/config/locales/hu.yml index 2d7f3a137..c6b619dd2 100644 --- a/config/locales/hu.yml +++ b/config/locales/hu.yml @@ -575,7 +575,6 @@ hu: warning_presets: add_new: Új hozzáadása delete: Törlés - edit: Szerkesztés edit_preset: Figyelmeztetés szerkesztése title: Figyelmeztetések admin_mailer: diff --git a/config/locales/id.yml b/config/locales/id.yml index ca222946c..bfa71184f 100644 --- a/config/locales/id.yml +++ b/config/locales/id.yml @@ -565,7 +565,6 @@ id: warning_presets: add_new: Tambah baru delete: Hapus - edit: Sunting edit_preset: Sunting preset peringatan title: Kelola preset peringatan admin_mailer: diff --git a/config/locales/is.yml b/config/locales/is.yml index d6cf23966..336533d52 100644 --- a/config/locales/is.yml +++ b/config/locales/is.yml @@ -573,7 +573,6 @@ is: warning_presets: add_new: Bæta við nýju delete: Eyða - edit: Breyta edit_preset: Breyta forstilltri aðvörun title: Sýsla með forstilltar aðvaranir admin_mailer: diff --git a/config/locales/it.yml b/config/locales/it.yml index 2ccdc076c..636ae8924 100644 --- a/config/locales/it.yml +++ b/config/locales/it.yml @@ -573,7 +573,6 @@ it: warning_presets: add_new: Aggiungi nuovo delete: Cancella - edit: Modifica edit_preset: Modifica avviso predefinito title: Gestisci avvisi predefiniti admin_mailer: diff --git a/config/locales/ja.yml b/config/locales/ja.yml index 24a159e57..c2a16fa15 100644 --- a/config/locales/ja.yml +++ b/config/locales/ja.yml @@ -565,7 +565,6 @@ ja: warning_presets: add_new: 追加 delete: 削除 - edit: 編集 edit_preset: プリセット警告文を編集 title: プリセット警告文を管理 admin_mailer: diff --git a/config/locales/kab.yml b/config/locales/kab.yml index 03f4d8c13..b398bebd9 100644 --- a/config/locales/kab.yml +++ b/config/locales/kab.yml @@ -330,7 +330,6 @@ kab: warning_presets: add_new: Rnu amaynut delete: Kkes - edit: Ẓreg admin_mailer: new_report: subject: Aneqqis amaynut i %{instance} (#%{id}) diff --git a/config/locales/kk.yml b/config/locales/kk.yml index 416a5fc7d..bb7a57e87 100644 --- a/config/locales/kk.yml +++ b/config/locales/kk.yml @@ -555,7 +555,6 @@ kk: warning_presets: add_new: Add nеw delete: Deletе - edit: Еdit edit_preset: Edit warning prеset title: Manage warning presеts admin_mailer: diff --git a/config/locales/ko.yml b/config/locales/ko.yml index e70fbef21..6ca0b2acc 100644 --- a/config/locales/ko.yml +++ b/config/locales/ko.yml @@ -567,7 +567,6 @@ ko: warning_presets: add_new: 새로 추가 delete: 삭제 - edit: 편집 edit_preset: 경고 틀 수정 title: 경고 틀 관리 admin_mailer: diff --git a/config/locales/lt.yml b/config/locales/lt.yml index 9af094c01..5a4542ea8 100644 --- a/config/locales/lt.yml +++ b/config/locales/lt.yml @@ -410,7 +410,6 @@ lt: warning_presets: add_new: Pridėti naują delete: Ištrinti - edit: Keisti edit_preset: Keisti įspėjimo nustatymus title: Valdyti įspėjimo nustatymus admin_mailer: diff --git a/config/locales/nl.yml b/config/locales/nl.yml index 976072368..f688d5dbd 100644 --- a/config/locales/nl.yml +++ b/config/locales/nl.yml @@ -573,7 +573,6 @@ nl: warning_presets: add_new: Nieuwe toevoegen delete: Verwijderen - edit: Bewerken edit_preset: Voorinstelling van waarschuwing bewerken title: Voorinstellingen van waarschuwingen beheren admin_mailer: diff --git a/config/locales/nn.yml b/config/locales/nn.yml index fd61f2156..07b6397c6 100644 --- a/config/locales/nn.yml +++ b/config/locales/nn.yml @@ -566,7 +566,6 @@ nn: warning_presets: add_new: Legg til ny delete: Slett - edit: Rediger edit_preset: Endr åtvaringsoppsett title: Handsam åtvaringsoppsett admin_mailer: diff --git a/config/locales/no.yml b/config/locales/no.yml index 256ed99a3..4a1b859dc 100644 --- a/config/locales/no.yml +++ b/config/locales/no.yml @@ -561,7 +561,6 @@ warning_presets: add_new: Legg til ny delete: Slett - edit: Rediger admin_mailer: new_pending_account: body: Detaljer om den nye kontoen er nedenfor. Du kan godkjenne eller avvise denne søknaden. diff --git a/config/locales/oc.yml b/config/locales/oc.yml index 4a60227ab..d3f3a1007 100644 --- a/config/locales/oc.yml +++ b/config/locales/oc.yml @@ -558,7 +558,6 @@ oc: warning_presets: add_new: N’ajustar un nòu delete: Escafar - edit: Modificar edit_preset: Modificar lo tèxt predefinit d’avertiment title: Gerir los tèxtes predefinits admin_mailer: diff --git a/config/locales/pl.yml b/config/locales/pl.yml index 28a486145..339e87fa8 100644 --- a/config/locales/pl.yml +++ b/config/locales/pl.yml @@ -541,7 +541,6 @@ pl: warning_presets: add_new: Dodaj nowy delete: Usuń - edit: Edytuj edit_preset: Edytuj szablon ostrzeżenia title: Zarządzaj szablonami ostrzeżeń admin_mailer: diff --git a/config/locales/pt-BR.yml b/config/locales/pt-BR.yml index abea40130..419ea5a73 100644 --- a/config/locales/pt-BR.yml +++ b/config/locales/pt-BR.yml @@ -573,7 +573,6 @@ pt-BR: warning_presets: add_new: Adicionar novo delete: Excluir - edit: Editar edit_preset: Editar o aviso pré-definido title: Gerenciar os avisos pré-definidos admin_mailer: diff --git a/config/locales/pt-PT.yml b/config/locales/pt-PT.yml index 477c9d3a3..9d3a503b1 100644 --- a/config/locales/pt-PT.yml +++ b/config/locales/pt-PT.yml @@ -573,7 +573,6 @@ pt-PT: warning_presets: add_new: Adicionar novo delete: Apagar - edit: Editar edit_preset: Editar o aviso predefinido title: Gerir os avisos predefinidos admin_mailer: diff --git a/config/locales/ru.yml b/config/locales/ru.yml index 6196ac3eb..f1547ddf2 100644 --- a/config/locales/ru.yml +++ b/config/locales/ru.yml @@ -594,7 +594,6 @@ ru: warning_presets: add_new: Добавить delete: Удалить - edit: Изменить edit_preset: Удалить шаблон предупреждения title: Управление шаблонами предупреждений admin_mailer: diff --git a/config/locales/simple_form.en.yml b/config/locales/simple_form.en.yml index 92d51916b..f279a8e4f 100644 --- a/config/locales/simple_form.en.yml +++ b/config/locales/simple_form.en.yml @@ -8,6 +8,7 @@ en: acct: Specify the username@domain of the account you want to move to account_warning_preset: text: You can use toot syntax, such as URLs, hashtags and mentions + title: Optional. Not visible to the recipient admin_account_action: include_statuses: The user will see which toots have caused the moderation action or warning send_email_notification: The user will receive an explanation of what happened with their account @@ -78,6 +79,7 @@ en: acct: Handle of the new account account_warning_preset: text: Preset text + title: Title admin_account_action: include_statuses: Include reported toots in the e-mail send_email_notification: Notify the user per e-mail diff --git a/config/locales/sk.yml b/config/locales/sk.yml index dbee6bb12..2986f83d8 100644 --- a/config/locales/sk.yml +++ b/config/locales/sk.yml @@ -574,7 +574,6 @@ sk: warning_presets: add_new: Pridaj nové delete: Vymaž - edit: Uprav edit_preset: Uprav varovnú predlohu title: Spravuj varovné predlohy admin_mailer: diff --git a/config/locales/sl.yml b/config/locales/sl.yml index afb928f11..91720c602 100644 --- a/config/locales/sl.yml +++ b/config/locales/sl.yml @@ -485,7 +485,6 @@ sl: warning_presets: add_new: Dodaj novo delete: Izbriši - edit: Uredi edit_preset: Uredi prednastavitev opozoril title: Upravljaj prednastavitev opozoril admin_mailer: diff --git a/config/locales/sq.yml b/config/locales/sq.yml index 6a7a945c4..0e20902ff 100644 --- a/config/locales/sq.yml +++ b/config/locales/sq.yml @@ -415,7 +415,6 @@ sq: warning_presets: add_new: Shtoni të ri delete: Fshije - edit: Përpunoni edit_preset: Përpunoni sinjalizim të paracaktuar title: Administroni sinjalizime të paracaktuara admin_mailer: diff --git a/config/locales/sr.yml b/config/locales/sr.yml index c68681215..d7fb6f74d 100644 --- a/config/locales/sr.yml +++ b/config/locales/sr.yml @@ -431,7 +431,6 @@ sr: warning_presets: add_new: Додај нови delete: Избриши - edit: Уреди edit_preset: Уреди пресет упозорења title: Управљај пресетима упозорења admin_mailer: diff --git a/config/locales/sv.yml b/config/locales/sv.yml index 0094ff06b..4b67ff19c 100644 --- a/config/locales/sv.yml +++ b/config/locales/sv.yml @@ -448,7 +448,6 @@ sv: warning_presets: add_new: Lägg till ny delete: Radera - edit: Redigera admin_mailer: new_report: body: "%{reporter} har rapporterat %{target}" diff --git a/config/locales/th.yml b/config/locales/th.yml index 7d6ec0b13..53267c805 100644 --- a/config/locales/th.yml +++ b/config/locales/th.yml @@ -488,7 +488,6 @@ th: warning_presets: add_new: เพิ่มใหม่ delete: ลบ - edit: แก้ไข edit_preset: แก้ไขคำเตือนที่ตั้งไว้ล่วงหน้า title: จัดการคำเตือนที่ตั้งไว้ล่วงหน้า admin_mailer: diff --git a/config/locales/tr.yml b/config/locales/tr.yml index cde7f1c83..1dcf9ccea 100644 --- a/config/locales/tr.yml +++ b/config/locales/tr.yml @@ -573,7 +573,6 @@ tr: warning_presets: add_new: Yeni ekle delete: Sil - edit: Düzenle edit_preset: Uyarı ön-ayarını düzenle title: Uyarı ön-ayarlarını yönet admin_mailer: diff --git a/config/locales/uk.yml b/config/locales/uk.yml index 967a02717..3df83e756 100644 --- a/config/locales/uk.yml +++ b/config/locales/uk.yml @@ -591,7 +591,6 @@ uk: warning_presets: add_new: Додати новий delete: Видалити - edit: Редагувати edit_preset: Редагувати шаблон попередження title: Управління шаблонами попереджень admin_mailer: diff --git a/config/locales/vi.yml b/config/locales/vi.yml index ec8e853fe..cba773417 100644 --- a/config/locales/vi.yml +++ b/config/locales/vi.yml @@ -534,7 +534,6 @@ vi: warning_presets: add_new: Thêm mới delete: Xóa bỏ - edit: Biên tập edit_preset: Chỉnh sửa cảnh báo đặt trước title: Quản lý cài đặt trước cảnh báo admin_mailer: diff --git a/config/locales/zh-CN.yml b/config/locales/zh-CN.yml index d6618dbbe..54230fb2f 100644 --- a/config/locales/zh-CN.yml +++ b/config/locales/zh-CN.yml @@ -565,7 +565,6 @@ zh-CN: warning_presets: add_new: 添加新条目 delete: 删除 - edit: 编辑 edit_preset: 编辑预置警告 title: 管理预设警告 admin_mailer: diff --git a/config/locales/zh-HK.yml b/config/locales/zh-HK.yml index ffd5ba5e9..fd988e443 100644 --- a/config/locales/zh-HK.yml +++ b/config/locales/zh-HK.yml @@ -409,7 +409,6 @@ zh-HK: warning_presets: add_new: 新增 delete: 刪除 - edit: 編輯 admin_mailer: new_report: body: "%{reporter} 舉報了用戶 %{target}" diff --git a/config/locales/zh-TW.yml b/config/locales/zh-TW.yml index 5b25688ed..984bbcf13 100644 --- a/config/locales/zh-TW.yml +++ b/config/locales/zh-TW.yml @@ -408,7 +408,6 @@ zh-TW: warning_presets: add_new: 新增 delete: 刪除 - edit: 編輯 admin_mailer: new_report: body: "%{reporter} 檢舉了使用者 %{target}" diff --git a/db/migrate/20200312144258_add_title_to_account_warning_presets.rb b/db/migrate/20200312144258_add_title_to_account_warning_presets.rb new file mode 100644 index 000000000..46a5350e7 --- /dev/null +++ b/db/migrate/20200312144258_add_title_to_account_warning_presets.rb @@ -0,0 +1,15 @@ +require Rails.root.join('lib', 'mastodon', 'migration_helpers') + +class AddTitleToAccountWarningPresets < ActiveRecord::Migration[5.2] + include Mastodon::MigrationHelpers + + disable_ddl_transaction! + + def up + safety_assured { add_column_with_default :account_warning_presets, :title, :string, default: '', allow_null: false } + end + + def down + remove_column :account_warning_presets, :title + end +end diff --git a/db/schema.rb b/db/schema.rb index a851e01fc..5d3651e52 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -10,7 +10,7 @@ # # It's strongly recommended that you check this file into your version control system. -ActiveRecord::Schema.define(version: 2020_03_06_035625) do +ActiveRecord::Schema.define(version: 2020_03_12_144258) do # These are extensions that must be enabled in order to support this database enable_extension "plpgsql" @@ -114,6 +114,7 @@ ActiveRecord::Schema.define(version: 2020_03_06_035625) do t.text "text", default: "", null: false t.datetime "created_at", null: false t.datetime "updated_at", null: false + t.string "title", default: "", null: false end create_table "account_warnings", force: :cascade do |t| -- cgit From bea0bb39d6c1762c97da484ffa8b5d73341e67e2 Mon Sep 17 00:00:00 2001 From: Eugen Rochko Date: Thu, 12 Mar 2020 22:35:20 +0100 Subject: Add option to include resolved DNS records when blacklisting e-mail domains in admin UI (#13254) * Add shortcuts to blacklist a user's e-mail domain in admin UI * Add option to blacklist resolved MX and IP records for e-mail domains --- .../admin/email_domain_blocks_controller.rb | 28 +++++++++++++++++++--- app/models/email_domain_block.rb | 14 +++++++++++ app/views/admin/accounts/show.html.haml | 13 +++++++--- .../_email_domain_block.html.haml | 10 ++++++++ app/views/admin/email_domain_blocks/new.html.haml | 5 +++- config/locales/en.yml | 3 +++ config/locales/simple_form.en.yml | 5 ++++ ...2185443_add_parent_id_to_email_domain_blocks.rb | 5 ++++ db/schema.rb | 4 +++- 9 files changed, 79 insertions(+), 8 deletions(-) create mode 100644 db/migrate/20200312185443_add_parent_id_to_email_domain_blocks.rb (limited to 'app/controllers') diff --git a/app/controllers/admin/email_domain_blocks_controller.rb b/app/controllers/admin/email_domain_blocks_controller.rb index 9fe85064e..c25919726 100644 --- a/app/controllers/admin/email_domain_blocks_controller.rb +++ b/app/controllers/admin/email_domain_blocks_controller.rb @@ -6,12 +6,12 @@ module Admin def index authorize :email_domain_block, :index? - @email_domain_blocks = EmailDomainBlock.page(params[:page]) + @email_domain_blocks = EmailDomainBlock.where(parent_id: nil).includes(:children).order(id: :desc).page(params[:page]) end def new authorize :email_domain_block, :create? - @email_domain_block = EmailDomainBlock.new + @email_domain_block = EmailDomainBlock.new(domain: params[:_domain]) end def create @@ -21,6 +21,28 @@ module Admin if @email_domain_block.save log_action :create, @email_domain_block + + if @email_domain_block.with_dns_records? + hostnames = [] + ips = [] + + Resolv::DNS.open do |dns| + dns.timeouts = 1 + + hostnames = dns.getresources(@email_domain_block.domain, Resolv::DNS::Resource::IN::MX).to_a.map { |e| e.exchange.to_s } + + ([@email_domain_block.domain] + hostnames).uniq.each do |hostname| + ips.concat(dns.getresources(hostname, Resolv::DNS::Resource::IN::A).to_a.map { |e| e.address.to_s }) + ips.concat(dns.getresources(hostname, Resolv::DNS::Resource::IN::AAAA).to_a.map { |e| e.address.to_s }) + end + end + + (hostnames + ips).each do |hostname| + another_email_domain_block = EmailDomainBlock.new(domain: hostname, parent: @email_domain_block) + log_action :create, another_email_domain_block if another_email_domain_block.save + end + end + redirect_to admin_email_domain_blocks_path, notice: I18n.t('admin.email_domain_blocks.created_msg') else render :new @@ -41,7 +63,7 @@ module Admin end def resource_params - params.require(:email_domain_block).permit(:domain) + params.require(:email_domain_block).permit(:domain, :with_dns_records) end end end diff --git a/app/models/email_domain_block.rb b/app/models/email_domain_block.rb index bc70dea25..f50fa46ba 100644 --- a/app/models/email_domain_block.rb +++ b/app/models/email_domain_block.rb @@ -7,13 +7,27 @@ # domain :string default(""), not null # created_at :datetime not null # updated_at :datetime not null +# parent_id :bigint(8) # class EmailDomainBlock < ApplicationRecord include DomainNormalizable + belongs_to :parent, class_name: 'EmailDomainBlock', optional: true + has_many :children, class_name: 'EmailDomainBlock', foreign_key: :parent_id, inverse_of: :parent, dependent: :destroy + validates :domain, presence: true, uniqueness: true, domain: true + def with_dns_records=(val) + @with_dns_records = ActiveModel::Type::Boolean.new.cast(val) + end + + def with_dns_records? + @with_dns_records + end + + alias with_dns_records with_dns_records? + def self.block?(email) _, domain = email.split('@', 2) diff --git a/app/views/admin/accounts/show.html.haml b/app/views/admin/accounts/show.html.haml index a30b78db2..744d17d1f 100644 --- a/app/views/admin/accounts/show.html.haml +++ b/app/views/admin/accounts/show.html.haml @@ -96,10 +96,17 @@ = table_link_to 'angle-double-down', t('admin.accounts.demote'), demote_admin_account_role_path(@account.id), method: :post, data: { confirm: t('admin.accounts.are_you_sure') } if can?(:demote, @account.user) %tr - %th= t('admin.accounts.email') - %td= @account.user_email + %th{ rowspan: can?(:create, :email_domain_block) ? 3 : 2 }= t('admin.accounts.email') + %td{ rowspan: can?(:create, :email_domain_block) ? 3 : 2 }= @account.user_email %td= table_link_to 'edit', t('admin.accounts.change_email.label'), admin_account_change_email_path(@account.id) if can?(:change_email, @account.user) + %tr + %td= table_link_to 'search', t('admin.accounts.search_same_email_domain'), admin_accounts_path(email: "%@#{@account.user_email.split('@').last}") + + - if can?(:create, :email_domain_block) + %tr + %td= table_link_to 'ban', t('admin.accounts.add_email_domain_block'), new_admin_email_domain_block_path(_domain: @account.user_email.split('@').last) + - if @account.user_unconfirmed_email.present? %tr %th= t('admin.accounts.unconfirmed_email') @@ -204,7 +211,7 @@ = link_to t('admin.accounts.perform_full_suspension'), new_admin_account_action_path(@account.id, type: 'suspend'), class: 'button button--destructive' if can?(:suspend, @account) - unless @account.local? - - if DomainBlock.where(domain: @account.domain).exists? + - if DomainBlock.rule_for(@account.domain) = link_to t('admin.domain_blocks.view'), admin_instance_path(@account.domain), class: 'button' - else = link_to t('admin.domain_blocks.add_new'), new_admin_domain_block_path(_domain: @account.domain), class: 'button button--destructive' diff --git a/app/views/admin/email_domain_blocks/_email_domain_block.html.haml b/app/views/admin/email_domain_blocks/_email_domain_block.html.haml index bf66c9001..41ab8c171 100644 --- a/app/views/admin/email_domain_blocks/_email_domain_block.html.haml +++ b/app/views/admin/email_domain_blocks/_email_domain_block.html.haml @@ -3,3 +3,13 @@ %samp= email_domain_block.domain %td = table_link_to 'trash', t('admin.email_domain_blocks.delete'), admin_email_domain_block_path(email_domain_block), method: :delete + +- email_domain_block.children.each do |child_email_domain_block| + %tr + %td + %samp= child_email_domain_block.domain + %span.muted-hint + = surround '(', ')' do + = t('admin.email_domain_blocks.from_html', domain: content_tag(:samp, email_domain_block.domain)) + %td + = table_link_to 'trash', t('admin.email_domain_blocks.delete'), admin_email_domain_block_path(child_email_domain_block), method: :delete diff --git a/app/views/admin/email_domain_blocks/new.html.haml b/app/views/admin/email_domain_blocks/new.html.haml index f372fa512..4a346f240 100644 --- a/app/views/admin/email_domain_blocks/new.html.haml +++ b/app/views/admin/email_domain_blocks/new.html.haml @@ -5,7 +5,10 @@ = render 'shared/error_messages', object: @email_domain_block .fields-group - = f.input :domain, wrapper: :with_label, label: t('admin.email_domain_blocks.domain') + = f.input :domain, wrapper: :with_block_label, label: t('admin.email_domain_blocks.domain') + + .fields-group + = f.input :with_dns_records, as: :boolean, wrapper: :with_label .actions = f.button :button, t('.create'), type: :submit diff --git a/config/locales/en.yml b/config/locales/en.yml index 05d92b121..13f22d922 100644 --- a/config/locales/en.yml +++ b/config/locales/en.yml @@ -92,6 +92,7 @@ en: delete: Delete destroyed_msg: Moderation note successfully destroyed! accounts: + add_email_domain_block: Blacklist e-mail domain approve: Approve approve_all: Approve all are_you_sure: Are you sure? @@ -172,6 +173,7 @@ en: staff: Staff user: User search: Search + search_same_email_domain: Other users with the same e-mail domain search_same_ip: Other users with the same IP shared_inbox_url: Shared inbox URL show: @@ -358,6 +360,7 @@ en: destroyed_msg: Successfully deleted e-mail domain from blacklist domain: Domain empty: No e-mail domains currently blacklisted. + from_html: from %{domain} new: create: Add domain title: New e-mail blacklist entry diff --git a/config/locales/simple_form.en.yml b/config/locales/simple_form.en.yml index f279a8e4f..fd56a35bf 100644 --- a/config/locales/simple_form.en.yml +++ b/config/locales/simple_form.en.yml @@ -54,6 +54,9 @@ en: whole_word: When the keyword or phrase is alphanumeric only, it will only be applied if it matches the whole word domain_allow: domain: This domain will be able to fetch data from this server and incoming data from it will be processed and stored + email_domain_block: + domain: This can be the domain name that shows up in the e-mail address, the MX record that domain resolves to, or IP of the server that MX record resolves to. Those will be checked upon user sign-up and the sign-up will be rejected. + with_dns_records: An attempt to resolve the given domain's DNS records will be made and the results will also be blacklisted featured_tag: name: 'You might want to use one of these:' form_challenge: @@ -152,6 +155,8 @@ en: username: Username username_or_email: Username or Email whole_word: Whole word + email_domain_block: + with_dns_records: Include MX records and IPs of the domain featured_tag: name: Hashtag interactions: diff --git a/db/migrate/20200312185443_add_parent_id_to_email_domain_blocks.rb b/db/migrate/20200312185443_add_parent_id_to_email_domain_blocks.rb new file mode 100644 index 000000000..03915040c --- /dev/null +++ b/db/migrate/20200312185443_add_parent_id_to_email_domain_blocks.rb @@ -0,0 +1,5 @@ +class AddParentIdToEmailDomainBlocks < ActiveRecord::Migration[5.2] + def change + add_reference :email_domain_blocks, :parent, null: true, default: nil, foreign_key: { on_delete: :cascade, to_table: :email_domain_blocks }, index: false + end +end diff --git a/db/schema.rb b/db/schema.rb index 5d3651e52..7f28f2ec4 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -10,7 +10,7 @@ # # It's strongly recommended that you check this file into your version control system. -ActiveRecord::Schema.define(version: 2020_03_12_144258) do +ActiveRecord::Schema.define(version: 2020_03_12_185443) do # These are extensions that must be enabled in order to support this database enable_extension "plpgsql" @@ -336,6 +336,7 @@ ActiveRecord::Schema.define(version: 2020_03_12_144258) do t.string "domain", default: "", null: false t.datetime "created_at", null: false t.datetime "updated_at", null: false + t.bigint "parent_id" t.index ["domain"], name: "index_email_domain_blocks_on_domain", unique: true end @@ -869,6 +870,7 @@ ActiveRecord::Schema.define(version: 2020_03_12_144258) do add_foreign_key "conversation_mutes", "accounts", name: "fk_225b4212bb", on_delete: :cascade add_foreign_key "conversation_mutes", "conversations", on_delete: :cascade add_foreign_key "custom_filters", "accounts", on_delete: :cascade + add_foreign_key "email_domain_blocks", "email_domain_blocks", column: "parent_id", on_delete: :cascade add_foreign_key "favourites", "accounts", name: "fk_5eb6c2b873", on_delete: :cascade add_foreign_key "favourites", "statuses", name: "fk_b0e856845e", on_delete: :cascade add_foreign_key "featured_tags", "accounts", on_delete: :cascade -- cgit From 0d117c106aa72f78dd5cdd371849dd8ce3120198 Mon Sep 17 00:00:00 2001 From: ThibG Date: Sat, 28 Mar 2020 17:59:45 +0100 Subject: Fix 404 and 410 API errors being silently discarded in WebUI (#13279) * Fix 404 and 410 API errors being silently discarded in WebUI Fixes #13278 * Return more appropriate error when user replies to a deleted toot * Please CodeClimate * Fix 404/410 errors on fetching account timelines & identity proofs * Refactor error handling * Move error message string to statuses.errors --- app/controllers/api/v1/statuses_controller.rb | 9 ++++++++- app/javascript/mastodon/actions/accounts.js | 3 +++ app/javascript/mastodon/actions/alerts.js | 4 ++-- app/javascript/mastodon/actions/identity_proofs.js | 1 + app/javascript/mastodon/actions/timelines.js | 1 + app/javascript/mastodon/middleware/errors.js | 2 +- config/locales/en.yml | 2 ++ 7 files changed, 18 insertions(+), 4 deletions(-) (limited to 'app/controllers') diff --git a/app/controllers/api/v1/statuses_controller.rb b/app/controllers/api/v1/statuses_controller.rb index 2f55e95fd..93a253cbb 100644 --- a/app/controllers/api/v1/statuses_controller.rb +++ b/app/controllers/api/v1/statuses_controller.rb @@ -7,6 +7,7 @@ class Api::V1::StatusesController < Api::BaseController before_action -> { doorkeeper_authorize! :write, :'write:statuses' }, only: [:create, :destroy] before_action :require_user!, except: [:show, :context] before_action :set_status, only: [:show, :context] + before_action :set_thread, only: [:create] override_rate_limit_headers :create, family: :statuses @@ -36,7 +37,7 @@ class Api::V1::StatusesController < Api::BaseController def create @status = PostStatusService.new.call(current_user.account, text: status_params[:status], - thread: status_params[:in_reply_to_id].blank? ? nil : Status.find(status_params[:in_reply_to_id]), + thread: @thread, media_ids: status_params[:media_ids], sensitive: status_params[:sensitive], spoiler_text: status_params[:spoiler_text], @@ -69,6 +70,12 @@ class Api::V1::StatusesController < Api::BaseController raise ActiveRecord::RecordNotFound end + def set_thread + @thread = status_params[:in_reply_to_id].blank? ? nil : Status.find(status_params[:in_reply_to_id]) + rescue ActiveRecord::RecordNotFound + render json: { error: I18n.t('statuses.errors.in_reply_not_found') }, status: 404 + end + def status_params params.permit( :status, diff --git a/app/javascript/mastodon/actions/accounts.js b/app/javascript/mastodon/actions/accounts.js index 4af36e998..cb2c682a4 100644 --- a/app/javascript/mastodon/actions/accounts.js +++ b/app/javascript/mastodon/actions/accounts.js @@ -396,6 +396,7 @@ export function fetchFollowersFail(id, error) { type: FOLLOWERS_FETCH_FAIL, id, error, + skipNotFound: true, }; }; @@ -482,6 +483,7 @@ export function fetchFollowingFail(id, error) { type: FOLLOWING_FETCH_FAIL, id, error, + skipNotFound: true, }; }; @@ -571,6 +573,7 @@ export function fetchRelationshipsFail(error) { type: RELATIONSHIPS_FETCH_FAIL, error, skipLoading: true, + skipNotFound: true, }; }; diff --git a/app/javascript/mastodon/actions/alerts.js b/app/javascript/mastodon/actions/alerts.js index cd36d8007..1670f9c10 100644 --- a/app/javascript/mastodon/actions/alerts.js +++ b/app/javascript/mastodon/actions/alerts.js @@ -34,11 +34,11 @@ export function showAlert(title = messages.unexpectedTitle, message = messages.u }; }; -export function showAlertForError(error) { +export function showAlertForError(error, skipNotFound = false) { if (error.response) { const { data, status, statusText, headers } = error.response; - if (status === 404 || status === 410) { + if (skipNotFound && (status === 404 || status === 410)) { // Skip these errors as they are reflected in the UI return { type: ALERT_NOOP }; } diff --git a/app/javascript/mastodon/actions/identity_proofs.js b/app/javascript/mastodon/actions/identity_proofs.js index 449debf61..103983956 100644 --- a/app/javascript/mastodon/actions/identity_proofs.js +++ b/app/javascript/mastodon/actions/identity_proofs.js @@ -27,4 +27,5 @@ export const fetchAccountIdentityProofsFail = (accountId, err) => ({ type: IDENTITY_PROOFS_ACCOUNT_FETCH_FAIL, accountId, err, + skipNotFound: true, }); diff --git a/app/javascript/mastodon/actions/timelines.js b/app/javascript/mastodon/actions/timelines.js index 054668655..cdd2111f8 100644 --- a/app/javascript/mastodon/actions/timelines.js +++ b/app/javascript/mastodon/actions/timelines.js @@ -149,6 +149,7 @@ export function expandTimelineFail(timeline, error, isLoadingMore) { timeline, error, skipLoading: !isLoadingMore, + skipNotFound: timeline.startsWith('account:'), }; }; diff --git a/app/javascript/mastodon/middleware/errors.js b/app/javascript/mastodon/middleware/errors.js index 3cebb42e0..0a65fd321 100644 --- a/app/javascript/mastodon/middleware/errors.js +++ b/app/javascript/mastodon/middleware/errors.js @@ -8,7 +8,7 @@ export default function errorsMiddleware() { const isFail = new RegExp(`${defaultFailSuffix}$`, 'g'); if (action.type.match(isFail)) { - dispatch(showAlertForError(action.error)); + dispatch(showAlertForError(action.error, action.skipNotFound)); } } diff --git a/config/locales/en.yml b/config/locales/en.yml index 13f22d922..ef21fa54a 100644 --- a/config/locales/en.yml +++ b/config/locales/en.yml @@ -1078,6 +1078,8 @@ en: disallowed_hashtags: one: 'contained a disallowed hashtag: %{tags}' other: 'contained the disallowed hashtags: %{tags}' + errors: + in_reply_not_found: The status you are trying to reply to does not appear to exist. language_detection: Automatically detect language open_in_web: Open in web over_character_limit: character limit of %{max} exceeded -- cgit From e4617c8ed87f5269566694f01554b5a9347691e5 Mon Sep 17 00:00:00 2001 From: Takeshi Umeda Date: Tue, 31 Mar 2020 19:43:42 +0900 Subject: Fix ImportsController param to permit :mode (#13347) --- app/controllers/settings/imports_controller.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'app/controllers') diff --git a/app/controllers/settings/imports_controller.rb b/app/controllers/settings/imports_controller.rb index 38f2e39c1..7b8c4ae23 100644 --- a/app/controllers/settings/imports_controller.rb +++ b/app/controllers/settings/imports_controller.rb @@ -29,6 +29,6 @@ class Settings::ImportsController < Settings::BaseController end def import_params - params.require(:import).permit(:data, :type) + params.require(:import).permit(:data, :type, :mode) end end -- cgit From f65568f1d400be2e101bd8b533a1b53807f5c757 Mon Sep 17 00:00:00 2001 From: Eugen Rochko Date: Fri, 3 Apr 2020 13:06:34 +0200 Subject: Add ability to filter audit log in admin UI (#13381) --- app/controllers/admin/action_logs_controller.rb | 14 +- app/helpers/admin/action_logs_helper.rb | 75 +------ app/helpers/admin/filter_helper.rb | 1 + app/javascript/packs/admin.js | 4 + app/javascript/styles/mastodon/admin.scss | 68 ++----- app/models/admin/action_log_filter.rb | 81 ++++++++ app/views/admin/accounts/show.html.haml | 2 +- app/views/admin/action_logs/_action_log.html.haml | 6 - app/views/admin/action_logs/index.html.haml | 24 ++- config/initializers/kaminari_config.rb | 2 +- config/locales/en.yml | 39 ++++ spec/helpers/admin/action_log_helper_spec.rb | 238 ---------------------- 12 files changed, 177 insertions(+), 377 deletions(-) create mode 100644 app/models/admin/action_log_filter.rb (limited to 'app/controllers') diff --git a/app/controllers/admin/action_logs_controller.rb b/app/controllers/admin/action_logs_controller.rb index e273dfeae..2d77620df 100644 --- a/app/controllers/admin/action_logs_controller.rb +++ b/app/controllers/admin/action_logs_controller.rb @@ -2,8 +2,18 @@ module Admin class ActionLogsController < BaseController - def index - @action_logs = Admin::ActionLog.page(params[:page]) + before_action :set_action_logs + + def index; end + + private + + def set_action_logs + @action_logs = Admin::ActionLogFilter.new(filter_params).results.page(params[:page]) + end + + def filter_params + params.slice(:page, *Admin::ActionLogFilter::KEYS).permit(:page, *Admin::ActionLogFilter::KEYS) end end end diff --git a/app/helpers/admin/action_logs_helper.rb b/app/helpers/admin/action_logs_helper.rb index 6bc75aa56..88d6e4580 100644 --- a/app/helpers/admin/action_logs_helper.rb +++ b/app/helpers/admin/action_logs_helper.rb @@ -9,79 +9,8 @@ module Admin::ActionLogsHelper end end - def relevant_log_changes(log) - if log.target_type == 'CustomEmoji' && [:enable, :disable, :destroy].include?(log.action) - log.recorded_changes.slice('domain') - elsif log.target_type == 'CustomEmoji' && log.action == :update - log.recorded_changes.slice('domain', 'visible_in_picker') - elsif log.target_type == 'User' && [:promote, :demote].include?(log.action) - log.recorded_changes.slice('moderator', 'admin') - elsif log.target_type == 'User' && [:change_email].include?(log.action) - log.recorded_changes.slice('email', 'unconfirmed_email') - elsif log.target_type == 'DomainBlock' - log.recorded_changes.slice('severity', 'reject_media') - elsif log.target_type == 'Status' && log.action == :update - log.recorded_changes.slice('sensitive') - elsif log.target_type == 'Announcement' && log.action == :update - log.recorded_changes.slice('text', 'starts_at', 'ends_at', 'all_day') - end - end - - def log_extra_attributes(hash) - safe_join(hash.to_a.map { |key, value| safe_join([content_tag(:span, key, class: 'diff-key'), '=', log_change(value)]) }, ' ') - end - - def log_change(val) - return content_tag(:span, val, class: 'diff-neutral') unless val.is_a?(Array) - safe_join([content_tag(:span, val.first, class: 'diff-old'), content_tag(:span, val.last, class: 'diff-new')], '→') - end - - def icon_for_log(log) - case log.target_type - when 'Account', 'User' - 'user' - when 'CustomEmoji' - 'file' - when 'Report' - 'flag' - when 'DomainBlock' - 'lock' - when 'DomainAllow' - 'plus-circle' - when 'EmailDomainBlock' - 'envelope' - when 'Status' - 'pencil' - when 'AccountWarning' - 'warning' - when 'Announcement' - 'bullhorn' - end - end - - def class_for_log_icon(log) - case log.action - when :enable, :unsuspend, :unsilence, :confirm, :promote, :resolve - 'positive' - when :create - opposite_verbs?(log) ? 'negative' : 'positive' - when :update, :reset_password, :disable_2fa, :memorialize, :change_email - 'neutral' - when :demote, :silence, :disable, :suspend, :remove_avatar, :remove_header, :reopen - 'negative' - when :destroy - opposite_verbs?(log) ? 'positive' : 'negative' - else - '' - end - end - private - def opposite_verbs?(log) - %w(DomainBlock EmailDomainBlock AccountWarning).include?(log.target_type) - end - def linkable_log_target(record) case record.class.name when 'Account' @@ -99,7 +28,7 @@ module Admin::ActionLogsHelper when 'AccountWarning' link_to record.target_account.acct, admin_account_path(record.target_account_id) when 'Announcement' - link_to "##{record.id}", edit_admin_announcement_path(record.id) + link_to truncate(record.text), edit_admin_announcement_path(record.id) end end @@ -118,7 +47,7 @@ module Admin::ActionLogsHelper I18n.t('admin.action_logs.deleted_status') end when 'Announcement' - "##{attributes['id']}" + truncate(attributes['text']) end end end diff --git a/app/helpers/admin/filter_helper.rb b/app/helpers/admin/filter_helper.rb index 6ab92939d..ba0ca9638 100644 --- a/app/helpers/admin/filter_helper.rb +++ b/app/helpers/admin/filter_helper.rb @@ -10,6 +10,7 @@ module Admin::FilterHelper InviteFilter::KEYS, RelationshipFilter::KEYS, AnnouncementFilter::KEYS, + Admin::ActionLogFilter::KEYS, ].flatten.freeze def filter_link_to(text, link_to_params, link_class_params = link_to_params) diff --git a/app/javascript/packs/admin.js b/app/javascript/packs/admin.js index 061287f89..51f92de8a 100644 --- a/app/javascript/packs/admin.js +++ b/app/javascript/packs/admin.js @@ -30,6 +30,10 @@ delegate(document, '.media-spoiler-hide-button', 'click', () => { }); }); +delegate(document, '.filter-subset--with-select select', 'change', ({ target }) => { + target.form.submit(); +}); + const onDomainBlockSeverityChange = (target) => { const rejectMediaDiv = document.querySelector('.input.with_label.domain_block_reject_media'); const rejectReportsDiv = document.querySelector('.input.with_label.domain_block_reject_reports'); diff --git a/app/javascript/styles/mastodon/admin.scss b/app/javascript/styles/mastodon/admin.scss index b0307fb71..cee44f436 100644 --- a/app/javascript/styles/mastodon/admin.scss +++ b/app/javascript/styles/mastodon/admin.scss @@ -418,6 +418,11 @@ body, } } + &--with-select strong { + display: block; + margin-bottom: 10px; + } + a { display: inline-block; color: $darker-text-color; @@ -551,19 +556,22 @@ body, } .log-entry { - margin-bottom: 20px; line-height: 20px; + padding: 15px 0; + background: $ui-base-color; + border-bottom: 1px solid lighten($ui-base-color, 4%); + + &:last-child { + border-bottom: 0; + } &__header { display: flex; justify-content: flex-start; align-items: center; - padding: 10px; - background: $ui-base-color; color: $darker-text-color; - border-radius: 4px 4px 0 0; font-size: 14px; - position: relative; + padding: 0 10px; } &__avatar { @@ -590,44 +598,6 @@ body, color: $dark-text-color; } - &__extras { - background: lighten($ui-base-color, 6%); - border-radius: 0 0 4px 4px; - padding: 10px; - color: $darker-text-color; - font-family: $font-monospace, monospace; - font-size: 12px; - word-wrap: break-word; - min-height: 20px; - } - - &__icon { - font-size: 28px; - margin-right: 10px; - color: $dark-text-color; - } - - &__icon__overlay { - position: absolute; - top: 10px; - right: 10px; - width: 10px; - height: 10px; - border-radius: 50%; - - &.positive { - background: $success-green; - } - - &.negative { - background: lighten($error-red, 12%); - } - - &.neutral { - background: $ui-highlight-color; - } - } - a, .username, .target { @@ -635,18 +605,6 @@ body, text-decoration: none; font-weight: 500; } - - .diff-old { - color: lighten($error-red, 12%); - } - - .diff-neutral { - color: $secondary-text-color; - } - - .diff-new { - color: $success-green; - } } a.name-tag, diff --git a/app/models/admin/action_log_filter.rb b/app/models/admin/action_log_filter.rb new file mode 100644 index 000000000..0ba7e1609 --- /dev/null +++ b/app/models/admin/action_log_filter.rb @@ -0,0 +1,81 @@ +# frozen_string_literal: true + +class Admin::ActionLogFilter + KEYS = %i( + action_type + account_id + target_account_id + ).freeze + + ACTION_TYPE_MAP = { + assigned_to_self_report: { target_type: 'Report', action: 'assigned_to_self' }.freeze, + change_email_user: { target_type: 'User', action: 'change_email' }.freeze, + confirm_user: { target_type: 'User', action: 'confirm' }.freeze, + create_account_warning: { target_type: 'AccountWarning', action: 'create' }.freeze, + create_announcement: { target_type: 'Announcement', action: 'create' }.freeze, + create_custom_emoji: { target_type: 'CustomEmoji', action: 'create' }.freeze, + create_domain_allow: { target_type: 'DomainAllow', action: 'create' }.freeze, + create_domain_block: { target_type: 'DomainBlock', action: 'create' }.freeze, + create_email_domain_block: { target_type: 'EmailDomainBlock', action: 'create' }.freeze, + demote_user: { target_type: 'User', action: 'demote' }.freeze, + destroy_announcement: { target_type: 'Announcement', action: 'destroy' }.freeze, + destroy_custom_emoji: { target_type: 'CustomEmoji', action: 'destroy' }.freeze, + destroy_domain_allow: { target_type: 'DomainAllow', action: 'destroy' }.freeze, + destroy_domain_block: { target_type: 'DomainBlock', action: 'destroy' }.freeze, + destroy_email_domain_block: { target_type: 'EmailDomainBlock', action: 'destroy' }.freeze, + destroy_status: { target_type: 'Status', action: 'destroy' }.freeze, + disable_2fa_user: { target_type: 'User', action: 'disable' }.freeze, + disable_custom_emoji: { target_type: 'CustomEmoji', action: 'disable' }.freeze, + disable_user: { target_type: 'User', action: 'disable' }.freeze, + enable_custom_emoji: { target_type: 'CustomEmoji', action: 'enable' }.freeze, + enable_user: { target_type: 'User', action: 'enable' }.freeze, + memorialize_account: { target_type: 'Account', action: 'memorialize' }.freeze, + promote_user: { target_type: 'User', action: 'promote' }.freeze, + remove_avatar_user: { target_type: 'User', action: 'remove_avatar' }.freeze, + reopen_report: { target_type: 'Report', action: 'reopen' }.freeze, + reset_password_user: { target_type: 'User', action: 'reset_password' }.freeze, + resolve_report: { target_type: 'Report', action: 'resolve' }.freeze, + silence_account: { target_type: 'Account', action: 'silence' }.freeze, + suspend_account: { target_type: 'Account', action: 'suspend' }.freeze, + unassigned_report: { target_type: 'Report', action: 'unassigned' }.freeze, + unsilence_account: { target_type: 'Account', action: 'unsilence' }.freeze, + unsuspend_account: { target_type: 'Account', action: 'unsuspend' }.freeze, + update_announcement: { target_type: 'Announcement', action: 'update' }.freeze, + update_custom_emoji: { target_type: 'CustomEmoji', action: 'update' }.freeze, + update_status: { target_type: 'Status', action: 'update' }.freeze, + }.freeze + + attr_reader :params + + def initialize(params) + @params = params + end + + def results + scope = Admin::ActionLog.includes(:target) + + params.each do |key, value| + next if key.to_s == 'page' + + scope.merge!(scope_for(key.to_s, value.to_s.strip)) if value.present? + end + + scope + end + + private + + def scope_for(key, value) + case key + when 'action_type' + Admin::ActionLog.where(ACTION_TYPE_MAP[value.to_sym]) + when 'account_id' + Admin::ActionLog.where(account_id: value) + when 'target_account_id' + account = Account.find(value) + Admin::ActionLog.where(target: [account, account.user].compact) + else + raise "Unknown filter: #{key}" + end + end +end diff --git a/app/views/admin/accounts/show.html.haml b/app/views/admin/accounts/show.html.haml index 744d17d1f..965fd6fb6 100644 --- a/app/views/admin/accounts/show.html.haml +++ b/app/views/admin/accounts/show.html.haml @@ -53,7 +53,7 @@ .dashboard__counters__num= number_with_delimiter @account.targeted_reports.count .dashboard__counters__label= t '.targeted_reports' %div - %div + = link_to admin_action_logs_path(target_account_id: @account.id) do .dashboard__counters__text - if @account.local? && @account.user.nil? %span.neutral= t('admin.accounts.deleted') diff --git a/app/views/admin/action_logs/_action_log.html.haml b/app/views/admin/action_logs/_action_log.html.haml index a545e189e..59905f341 100644 --- a/app/views/admin/action_logs/_action_log.html.haml +++ b/app/views/admin/action_logs/_action_log.html.haml @@ -7,9 +7,3 @@ = t("admin.action_logs.actions.#{action_log.action}_#{action_log.target_type.underscore}", name: content_tag(:span, action_log.account.username, class: 'username'), target: content_tag(:span, log_target(action_log), class: 'target')).html_safe .log-entry__timestamp %time.formatted{ datetime: action_log.created_at.iso8601 } - .spacer - .log-entry__icon - = fa_icon icon_for_log(action_log) - .log-entry__icon__overlay{ class: class_for_log_icon(action_log) } - .log-entry__extras - = log_extra_attributes relevant_log_changes(action_log) diff --git a/app/views/admin/action_logs/index.html.haml b/app/views/admin/action_logs/index.html.haml index a4d3871a9..99f756762 100644 --- a/app/views/admin/action_logs/index.html.haml +++ b/app/views/admin/action_logs/index.html.haml @@ -1,6 +1,28 @@ - content_for :page_title do = t('admin.action_logs.title') -= render @action_logs +- content_for :header_tags do + = javascript_pack_tag 'admin', integrity: true, async: true, crossorigin: 'anonymous' + += form_tag admin_action_logs_url, method: 'GET', class: 'simple_form' do + = hidden_field_tag :target_account_id, params[:target_account_id] if params[:target_account_id].present? + + .filters + .filter-subset.filter-subset--with-select + %strong= t('admin.action_logs.filter_by_user') + .input.select.optional + = select_tag :account_id, options_from_collection_for_select(Account.joins(:user).merge(User.staff), :id, :username, params[:account_id]), prompt: I18n.t('admin.accounts.moderation.all') + + .filter-subset.filter-subset--with-select + %strong= t('admin.action_logs.filter_by_action') + .input.select.optional + = select_tag :action_type, options_for_select(Admin::ActionLogFilter::ACTION_TYPE_MAP.keys.map { |key| [I18n.t("admin.action_logs.action_types.#{key}"), key]}, params[:action_type]), prompt: I18n.t('admin.accounts.moderation.all') + +- if @action_logs.empty? + %div.muted-hint.center-text + = t 'admin.action_logs.empty' +- else + .announcements-list + = render @action_logs = paginate @action_logs diff --git a/config/initializers/kaminari_config.rb b/config/initializers/kaminari_config.rb index aa1517256..4fec4320c 100644 --- a/config/initializers/kaminari_config.rb +++ b/config/initializers/kaminari_config.rb @@ -2,6 +2,6 @@ Kaminari.configure do |config| config.default_per_page = 40 - config.window = 1 + config.window = 2 config.outer_window = 1 end diff --git a/config/locales/en.yml b/config/locales/en.yml index ef21fa54a..d07c4bb99 100644 --- a/config/locales/en.yml +++ b/config/locales/en.yml @@ -195,6 +195,42 @@ en: web: Web whitelisted: Whitelisted action_logs: + action_types: + assigned_to_self_report: Assign Report + change_email_user: Change E-mail for User + confirm_user: Confirm User + create_account_warning: Create Warning + create_announcement: Create Announcement + create_custom_emoji: Create Custom Emoji + create_domain_allow: Create Domain Allow + create_domain_block: Create Domain Block + create_email_domain_block: Create E-mail Domain Block + demote_user: Demote User + destroy_announcement: Delete Announcement + destroy_custom_emoji: Delete Custom Emoji + destroy_domain_allow: Delete Domain Allow + destroy_domain_block: Delete Domain Block + destroy_email_domain_block: Delete e-mail domain block + destroy_status: Delete Status + disable_2fa_user: Disable 2FA + disable_custom_emoji: Disable Custom Emoji + disable_user: Disable User + enable_custom_emoji: Enable Custom Emoji + enable_user: Enable User + memorialize_account: Memorialize Account + promote_user: Promote User + remove_avatar_user: Remove Avatar + reopen_report: Reopen Report + reset_password_user: Reset Password + resolve_report: Resolve Report + silence_account: Silence Account + suspend_account: Suspend Account + unassigned_report: Unassign Report + unsilence_account: Unsilence Account + unsuspend_account: Unsuspend Account + update_announcement: Update Announcement + update_custom_emoji: Update Custom Emoji + update_status: Update Status actions: assigned_to_self_report: "%{name} assigned report %{target} to themselves" change_email_user: "%{name} changed the e-mail address of user %{target}" @@ -232,6 +268,9 @@ en: update_custom_emoji: "%{name} updated emoji %{target}" update_status: "%{name} updated status by %{target}" deleted_status: "(deleted status)" + empty: No logs found. + filter_by_action: Filter by action + filter_by_user: Filter by user title: Audit log announcements: destroyed_msg: Announcement successfully deleted! diff --git a/spec/helpers/admin/action_log_helper_spec.rb b/spec/helpers/admin/action_log_helper_spec.rb index d7af6b939..60f5ecdcc 100644 --- a/spec/helpers/admin/action_log_helper_spec.rb +++ b/spec/helpers/admin/action_log_helper_spec.rb @@ -31,242 +31,4 @@ RSpec.describe Admin::ActionLogsHelper, type: :helper do end end end - - describe '#relevant_log_changes' do - let(:log) { double(target_type: target_type, action: log_action, recorded_changes: recorded_changes) } - let(:recorded_changes) { double } - - after do - hoge.relevant_log_changes(log) - end - - context "log.target_type == 'CustomEmoji' && [:enable, :disable, :destroy].include?(log.action)" do - let(:target_type) { 'CustomEmoji' } - let(:log_action) { :enable } - - it "calls log.recorded_changes.slice('domain')" do - expect(recorded_changes).to receive(:slice).with('domain') - end - end - - context "log.target_type == 'CustomEmoji' && log.action == :update" do - let(:target_type) { 'CustomEmoji' } - let(:log_action) { :update } - - it "calls log.recorded_changes.slice('domain', 'visible_in_picker')" do - expect(recorded_changes).to receive(:slice).with('domain', 'visible_in_picker') - end - end - - context "log.target_type == 'User' && [:promote, :demote].include?(log.action)" do - let(:target_type) { 'User' } - let(:log_action) { :promote } - - it "calls log.recorded_changes.slice('moderator', 'admin')" do - expect(recorded_changes).to receive(:slice).with('moderator', 'admin') - end - end - - context "log.target_type == 'User' && [:change_email].include?(log.action)" do - let(:target_type) { 'User' } - let(:log_action) { :change_email } - - it "calls log.recorded_changes.slice('email', 'unconfirmed_email')" do - expect(recorded_changes).to receive(:slice).with('email', 'unconfirmed_email') - end - end - - context "log.target_type == 'DomainBlock'" do - let(:target_type) { 'DomainBlock' } - let(:log_action) { nil } - - it "calls log.recorded_changes.slice('severity', 'reject_media')" do - expect(recorded_changes).to receive(:slice).with('severity', 'reject_media') - end - end - - context "log.target_type == 'Status' && log.action == :update" do - let(:target_type) { 'Status' } - let(:log_action) { :update } - - it "log.recorded_changes.slice('sensitive')" do - expect(recorded_changes).to receive(:slice).with('sensitive') - end - end - end - - describe '#log_extra_attributes' do - after do - hoge.log_extra_attributes(hoge: 'hoge') - end - - it "calls content_tag(:span, key, class: 'diff-key')" do - allow(hoge).to receive(:log_change).with(anything) - expect(hoge).to receive(:content_tag).with(:span, :hoge, class: 'diff-key') - end - - it 'calls safe_join twice' do - expect(hoge).to receive(:safe_join).with( - ['hoge', - '=', - 'hoge'] - ) - - expect(hoge).to receive(:safe_join).with([nil], ' ') - end - end - - describe '#log_change' do - after do - hoge.log_change(val) - end - - context '!val.is_a?(Array)' do - let(:val) { 'hoge' } - - it "calls content_tag(:span, val, class: 'diff-neutral')" do - expect(hoge).to receive(:content_tag).with(:span, val, class: 'diff-neutral') - end - end - - context 'val.is_a?(Array)' do - let(:val) { %w(foo bar) } - - it 'calls #content_tag twice and #safe_join' do - expect(hoge).to receive(:content_tag).with(:span, 'foo', class: 'diff-old') - expect(hoge).to receive(:content_tag).with(:span, 'bar', class: 'diff-new') - expect(hoge).to receive(:safe_join).with([nil, nil], '→') - end - end - end - - describe '#icon_for_log' do - subject { hoge.icon_for_log(log) } - - context "log.target_type == 'Account'" do - let(:log) { double(target_type: 'Account') } - - it 'returns "user"' do - expect(subject).to be 'user' - end - end - - context "log.target_type == 'User'" do - let(:log) { double(target_type: 'User') } - - it 'returns "user"' do - expect(subject).to be 'user' - end - end - - context "log.target_type == 'CustomEmoji'" do - let(:log) { double(target_type: 'CustomEmoji') } - - it 'returns "file"' do - expect(subject).to be 'file' - end - end - - context "log.target_type == 'Report'" do - let(:log) { double(target_type: 'Report') } - - it 'returns "flag"' do - expect(subject).to be 'flag' - end - end - - context "log.target_type == 'DomainBlock'" do - let(:log) { double(target_type: 'DomainBlock') } - - it 'returns "lock"' do - expect(subject).to be 'lock' - end - end - - context "log.target_type == 'EmailDomainBlock'" do - let(:log) { double(target_type: 'EmailDomainBlock') } - - it 'returns "envelope"' do - expect(subject).to be 'envelope' - end - end - - context "log.target_type == 'Status'" do - let(:log) { double(target_type: 'Status') } - - it 'returns "pencil"' do - expect(subject).to be 'pencil' - end - end - end - - describe '#class_for_log_icon' do - subject { hoge.class_for_log_icon(log) } - - %i(enable unsuspend unsilence confirm promote resolve).each do |action| - context "log.action == #{action}" do - let(:log) { double(action: action) } - - it 'returns "positive"' do - expect(subject).to be 'positive' - end - end - end - - context 'log.action == :create' do - context 'opposite_verbs?(log)' do - let(:log) { double(action: :create, target_type: 'DomainBlock') } - - it 'returns "negative"' do - expect(subject).to be 'negative' - end - end - - context '!opposite_verbs?(log)' do - let(:log) { double(action: :create, target_type: '') } - - it 'returns "positive"' do - expect(subject).to be 'positive' - end - end - end - - %i(update reset_password disable_2fa memorialize change_email).each do |action| - context "log.action == #{action}" do - let(:log) { double(action: action) } - - it 'returns "neutral"' do - expect(subject).to be 'neutral' - end - end - end - - %i(demote silence disable suspend remove_avatar remove_header reopen).each do |action| - context "log.action == #{action}" do - let(:log) { double(action: action) } - - it 'returns "negative"' do - expect(subject).to be 'negative' - end - end - end - - context 'log.action == :destroy' do - context 'opposite_verbs?(log)' do - let(:log) { double(action: :destroy, target_type: 'DomainBlock') } - - it 'returns "positive"' do - expect(subject).to be 'positive' - end - end - - context '!opposite_verbs?(log)' do - let(:log) { double(action: :destroy, target_type: '') } - - it 'returns "negative"' do - expect(subject).to be 'negative' - end - end - end - end end -- cgit From c9efb400b429696d1ee5464931f7f62e38edf1d6 Mon Sep 17 00:00:00 2001 From: Eugen Rochko Date: Sun, 5 Apr 2020 14:40:08 +0200 Subject: Add rate limit for reporting (#13390) --- app/controllers/api/v1/reports_controller.rb | 2 ++ app/lib/rate_limiter.rb | 6 +++--- app/models/report.rb | 3 +++ 3 files changed, 8 insertions(+), 3 deletions(-) (limited to 'app/controllers') diff --git a/app/controllers/api/v1/reports_controller.rb b/app/controllers/api/v1/reports_controller.rb index 66c40f6f4..e10083d45 100644 --- a/app/controllers/api/v1/reports_controller.rb +++ b/app/controllers/api/v1/reports_controller.rb @@ -4,6 +4,8 @@ class Api::V1::ReportsController < Api::BaseController before_action -> { doorkeeper_authorize! :write, :'write:reports' }, only: [:create] before_action :require_user! + override_rate_limit_headers :create, family: :reports + def create @report = ReportService.new.call( current_account, diff --git a/app/lib/rate_limiter.rb b/app/lib/rate_limiter.rb index 68dae9add..0e2c9a894 100644 --- a/app/lib/rate_limiter.rb +++ b/app/lib/rate_limiter.rb @@ -14,9 +14,9 @@ class RateLimiter period: 3.hours.freeze, }.freeze, - media: { - limit: 30, - period: 30.minutes.freeze, + reports: { + limit: 400, + period: 24.hours.freeze, }.freeze, }.freeze diff --git a/app/models/report.rb b/app/models/report.rb index 356c23d68..f31bcfd2e 100644 --- a/app/models/report.rb +++ b/app/models/report.rb @@ -18,6 +18,9 @@ class Report < ApplicationRecord include Paginable + include RateLimitable + + rate_limit by: :account, family: :reports belongs_to :account belongs_to :target_account, class_name: 'Account' -- cgit