From dbb1ee269fa4a6ee097dfea5f77bb2c9428af93b Mon Sep 17 00:00:00 2001 From: Eugen Rochko Date: Mon, 10 Dec 2018 22:53:25 +0100 Subject: Improve e-mail MX validator and add tests (#9489) --- app/models/user.rb | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'app/models') diff --git a/app/models/user.rb b/app/models/user.rb index f4130d7b1..44e0d1113 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -73,7 +73,7 @@ class User < ApplicationRecord validates :locale, inclusion: I18n.available_locales.map(&:to_s), if: :locale? validates_with BlacklistedEmailValidator, if: :email_changed? - validates_with EmailMxValidator, if: :email_changed? + validates_with EmailMxValidator, if: :validate_email_dns? scope :recent, -> { order(id: :desc) } scope :admins, -> { where(admin: true) } @@ -360,4 +360,8 @@ class User < ApplicationRecord def needs_feed_update? last_sign_in_at < ACTIVE_DURATION.ago end + + def validate_email_dns? + email_changed? && !(Rails.env.test? || Rails.env.development?) + end end -- cgit From 7d00e4edbd0bef8791d8efee7665eb13bb256d7a Mon Sep 17 00:00:00 2001 From: Adam Copp Date: Tue, 11 Dec 2018 04:30:57 +0000 Subject: Make custom emoji domains case insensitive #9351 (#9474) * Make custom emoji domains case sensitive #9351 * Fixup style in downcase_domain to comply with codeclimate. * switch if! to unless * Don't use transactions, operate in batches. Also revert spurious schema change. --- app/models/custom_emoji.rb | 6 ++++++ app/models/custom_emoji_filter.rb | 2 +- db/migrate/20181207011115_downcase_custom_emoji_domains.rb | 7 +++++++ db/schema.rb | 2 +- spec/models/custom_emoji_spec.rb | 9 +++++++++ 5 files changed, 24 insertions(+), 2 deletions(-) create mode 100644 db/migrate/20181207011115_downcase_custom_emoji_domains.rb (limited to 'app/models') diff --git a/app/models/custom_emoji.rb b/app/models/custom_emoji.rb index b99ed01f0..d3cc70504 100644 --- a/app/models/custom_emoji.rb +++ b/app/models/custom_emoji.rb @@ -31,6 +31,8 @@ class CustomEmoji < ApplicationRecord has_attached_file :image, styles: { static: { format: 'png', convert_options: '-coalesce -strip' } } + before_validation :downcase_domain + validates_attachment :image, content_type: { content_type: 'image/png' }, presence: true, size: { less_than: LIMIT } validates :shortcode, uniqueness: { scope: :domain }, format: { with: /\A#{SHORTCODE_RE_FRAGMENT}\z/ }, length: { minimum: 2 } @@ -73,4 +75,8 @@ class CustomEmoji < ApplicationRecord def remove_entity_cache Rails.cache.delete(EntityCache.instance.to_key(:emoji, shortcode, domain)) end + + def downcase_domain + self.domain = domain.downcase unless domain.nil? + end end diff --git a/app/models/custom_emoji_filter.rb b/app/models/custom_emoji_filter.rb index c4bc310bb..7649055d2 100644 --- a/app/models/custom_emoji_filter.rb +++ b/app/models/custom_emoji_filter.rb @@ -26,7 +26,7 @@ class CustomEmojiFilter when 'remote' CustomEmoji.remote when 'by_domain' - CustomEmoji.where(domain: value) + CustomEmoji.where(domain: value.downcase) when 'shortcode' CustomEmoji.search(value) else diff --git a/db/migrate/20181207011115_downcase_custom_emoji_domains.rb b/db/migrate/20181207011115_downcase_custom_emoji_domains.rb new file mode 100644 index 000000000..c9db3800d --- /dev/null +++ b/db/migrate/20181207011115_downcase_custom_emoji_domains.rb @@ -0,0 +1,7 @@ +class DowncaseCustomEmojiDomains < ActiveRecord::Migration[5.2] + disable_ddl_transaction! + + def change + CustomEmoji.in_batches.update_all('domain = lower(domain)') + end +end diff --git a/db/schema.rb b/db/schema.rb index 6d643c27c..51ac43e1d 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -10,7 +10,7 @@ # # It's strongly recommended that you check this file into your version control system. -ActiveRecord::Schema.define(version: 2018_12_04_215309) do +ActiveRecord::Schema.define(version: 2018_12_07_011115) do # These are extensions that must be enabled in order to support this database enable_extension "plpgsql" diff --git a/spec/models/custom_emoji_spec.rb b/spec/models/custom_emoji_spec.rb index 320a258d3..9de218b4f 100644 --- a/spec/models/custom_emoji_spec.rb +++ b/spec/models/custom_emoji_spec.rb @@ -75,4 +75,13 @@ RSpec.describe CustomEmoji, type: :model do end end end + + describe 'pre_validation' do + let(:custom_emoji) { Fabricate(:custom_emoji, domain: 'wWw.MaStOdOn.CoM') } + + it 'should downcase' do + custom_emoji.valid? + expect(custom_emoji.domain).to eq('www.mastodon.com') + end + end end -- cgit From 720daa81435b4c632cdf7b64044cf1ee59af977a Mon Sep 17 00:00:00 2001 From: ThibG Date: Tue, 11 Dec 2018 19:18:29 +0100 Subject: Add instance-wide setting to disable profile directory (#9497) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * Add instance-wide setting to disable profile directory Fixes #9496 When the profile directory is disabled: - The “discoverable” setting is hidden from users - The “profile directory” link is not shown on public pages - /explore returns 404 * Move Setting.profile_directory check to a before_action filter --- app/controllers/admin/dashboard_controller.rb | 1 + app/controllers/admin/settings_controller.rb | 2 ++ app/controllers/directories_controller.rb | 5 +++++ app/models/form/admin_settings.rb | 2 ++ app/views/admin/dashboard/index.html.haml | 6 ++++++ app/views/admin/settings/edit.html.haml | 3 +++ app/views/layouts/public.html.haml | 3 ++- app/views/settings/profiles/show.html.haml | 5 +++-- config/locales/en.yml | 4 ++++ config/settings.yml | 1 + 10 files changed, 29 insertions(+), 3 deletions(-) (limited to 'app/models') diff --git a/app/controllers/admin/dashboard_controller.rb b/app/controllers/admin/dashboard_controller.rb index 7be753c9b..bb923c185 100644 --- a/app/controllers/admin/dashboard_controller.rb +++ b/app/controllers/admin/dashboard_controller.rb @@ -28,6 +28,7 @@ module Admin @pam_enabled = ENV['PAM_ENABLED'] == 'true' @hidden_service = ENV['ALLOW_ACCESS_TO_HIDDEN_SERVICE'] == 'true' @trending_hashtags = TrendingTags.get(7) + @profile_directory = Setting.profile_directory end private diff --git a/app/controllers/admin/settings_controller.rb b/app/controllers/admin/settings_controller.rb index d9f261489..4a049fc23 100644 --- a/app/controllers/admin/settings_controller.rb +++ b/app/controllers/admin/settings_controller.rb @@ -26,6 +26,7 @@ module Admin show_known_fediverse_at_about_page preview_sensitive_media custom_css + profile_directory ).freeze BOOLEAN_SETTINGS = %w( @@ -37,6 +38,7 @@ module Admin peers_api_enabled show_known_fediverse_at_about_page preview_sensitive_media + profile_directory ).freeze UPLOAD_SETTINGS = %w( diff --git a/app/controllers/directories_controller.rb b/app/controllers/directories_controller.rb index 265fd5fab..b8565af4b 100644 --- a/app/controllers/directories_controller.rb +++ b/app/controllers/directories_controller.rb @@ -3,6 +3,7 @@ class DirectoriesController < ApplicationController layout 'public' + before_action :check_enabled before_action :set_instance_presenter before_action :set_tag, only: :show before_action :set_tags @@ -18,6 +19,10 @@ class DirectoriesController < ApplicationController private + def check_enabled + return not_found unless Setting.profile_directory + end + def set_tag @tag = Tag.discoverable.find_by!(name: params[:id].downcase) end diff --git a/app/models/form/admin_settings.rb b/app/models/form/admin_settings.rb index 9fef7da97..eca71bf62 100644 --- a/app/models/form/admin_settings.rb +++ b/app/models/form/admin_settings.rb @@ -44,6 +44,8 @@ class Form::AdminSettings :preview_sensitive_media=, :custom_css, :custom_css=, + :profile_directory, + :profile_directory=, to: Setting ) end diff --git a/app/views/admin/dashboard/index.html.haml b/app/views/admin/dashboard/index.html.haml index 1996eef4d..fa3d70e9e 100644 --- a/app/views/admin/dashboard/index.html.haml +++ b/app/views/admin/dashboard/index.html.haml @@ -57,6 +57,12 @@ %span.pull-right.positive-hint= fa_icon 'check fw' - else %span.pull-right.negative-hint= fa_icon 'times fw' + %li + = link_to t('admin.dashboard.feature_profile_directory'), edit_admin_settings_path + - if @profile_directory + %span.pull-right.positive-hint= fa_icon 'check fw' + - else + %span.pull-right.negative-hint= fa_icon 'times fw' %li = link_to t('admin.dashboard.feature_relay'), admin_relays_path - if @relay_enabled diff --git a/app/views/admin/settings/edit.html.haml b/app/views/admin/settings/edit.html.haml index 04b1a6754..7afa9ec37 100644 --- a/app/views/admin/settings/edit.html.haml +++ b/app/views/admin/settings/edit.html.haml @@ -62,6 +62,9 @@ .fields-group = f.input :preview_sensitive_media, as: :boolean, wrapper: :with_label, label: t('admin.settings.preview_sensitive_media.title'), hint: t('admin.settings.preview_sensitive_media.desc_html') + .fields-group + = f.input :profile_directory, as: :boolean, wrapper: :with_label, label: t('admin.settings.profile_directory.title'), hint: t('admin.settings.profile_directory.desc_html') + %hr.spacer/ .fields-group diff --git a/app/views/layouts/public.html.haml b/app/views/layouts/public.html.haml index 831c7f012..93ed12f18 100644 --- a/app/views/layouts/public.html.haml +++ b/app/views/layouts/public.html.haml @@ -9,7 +9,8 @@ = link_to root_url, class: 'brand' do = image_tag asset_pack_path('logo_full.svg'), alt: 'Mastodon' - = link_to t('directories.directory'), explore_path, class: 'nav-link' + - if Setting.profile_directory + = link_to t('directories.directory'), explore_path, class: 'nav-link' = link_to t('about.about_this'), about_more_path, class: 'nav-link' = link_to t('about.apps'), 'https://joinmastodon.org/apps', class: 'nav-link' .nav-center diff --git a/app/views/settings/profiles/show.html.haml b/app/views/settings/profiles/show.html.haml index fa3869f6f..eb232dc57 100644 --- a/app/views/settings/profiles/show.html.haml +++ b/app/views/settings/profiles/show.html.haml @@ -26,8 +26,9 @@ .fields-group = f.input :bot, as: :boolean, wrapper: :with_label, hint: t('simple_form.hints.defaults.bot') - .fields-group - = f.input :discoverable, as: :boolean, wrapper: :with_label, hint: t('simple_form.hints.defaults.discoverable_html', min_followers: Account::MIN_FOLLOWERS_DISCOVERY, path: explore_path) + - if Setting.profile_directory + .fields-group + = f.input :discoverable, as: :boolean, wrapper: :with_label, hint: t('simple_form.hints.defaults.discoverable_html', min_followers: Account::MIN_FOLLOWERS_DISCOVERY, path: explore_path) %hr.spacer/ diff --git a/config/locales/en.yml b/config/locales/en.yml index 243b513fd..314787acd 100644 --- a/config/locales/en.yml +++ b/config/locales/en.yml @@ -229,6 +229,7 @@ en: config: Configuration feature_deletions: Account deletions feature_invites: Invite links + feature_profile_directory: Profile directory feature_registrations: Registrations feature_relay: Federation relay features: Features @@ -376,6 +377,9 @@ en: preview_sensitive_media: desc_html: Link previews on other websites will display a thumbnail even if the media is marked as sensitive title: Show sensitive media in OpenGraph previews + profile_directory: + desc_html: Allow users to be discoverable + title: Enable profile directory registrations: closed_message: desc_html: Displayed on frontpage when registrations are closed. You can use HTML tags diff --git a/config/settings.yml b/config/settings.yml index 4036d419f..b3d2e0240 100644 --- a/config/settings.yml +++ b/config/settings.yml @@ -15,6 +15,7 @@ defaults: &defaults site_contact_username: '' site_contact_email: '' open_registrations: true + profile_directory: true closed_registrations_message: '' open_deletion: true min_invite_role: 'admin' -- cgit