From 02d272cf496e12b1c7f72d46799243309d222250 Mon Sep 17 00:00:00 2001 From: Eugen Rochko Date: Tue, 14 Jan 2020 08:52:32 +0100 Subject: Fix access to OEmbed endpoint in secure mode (#12864) --- app/controllers/api/oembed_controller.rb | 2 ++ 1 file changed, 2 insertions(+) (limited to 'app') diff --git a/app/controllers/api/oembed_controller.rb b/app/controllers/api/oembed_controller.rb index 37a163cd3..c8c60b1cf 100644 --- a/app/controllers/api/oembed_controller.rb +++ b/app/controllers/api/oembed_controller.rb @@ -3,6 +3,8 @@ class Api::OEmbedController < Api::BaseController respond_to :json + skip_before_action :require_authenticated_user! + def show @status = status_finder.status render json: @status, serializer: OEmbedSerializer, width: maxwidth_or_default, height: maxheight_or_default -- cgit From 345bba481259a508f546cf6c506560e05cdeb1c6 Mon Sep 17 00:00:00 2001 From: ThibG Date: Fri, 17 Jan 2020 07:50:30 +0100 Subject: Exempt staff members from spam check (#12874) Consider admins and moderators as trusted, for the purpose of the spam checker. Fixes #12872 --- app/lib/spam_check.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'app') diff --git a/app/lib/spam_check.rb b/app/lib/spam_check.rb index 5b40514fd..652d03615 100644 --- a/app/lib/spam_check.rb +++ b/app/lib/spam_check.rb @@ -143,7 +143,7 @@ class SpamCheck end def trusted? - @account.trust_level > Account::TRUST_LEVELS[:untrusted] + @account.trust_level > Account::TRUST_LEVELS[:untrusted] || (@account.local? && @account.user_staff?) end def no_unsolicited_mentions? -- cgit From 1ded3bb752916fe87755d80a832af39431a42438 Mon Sep 17 00:00:00 2001 From: Eugen Rochko Date: Sat, 18 Jan 2020 19:50:43 +0100 Subject: Change reported media attachments to always be hidden in admin UI (#12879) Also: - Fix Mastodon logo not showing up in status embeds - Fix blurhash not being used in status embeds - Fix blurhash not being used in admin UI - Fix autoplay param not working correctly on status embeds --- app/javascript/mastodon/components/media_gallery.js | 16 +++++++++++----- app/views/admin/reports/_status.html.haml | 7 +++++-- app/views/layouts/admin.html.haml | 1 + app/views/layouts/embedded.html.haml | 4 ++++ app/views/statuses/_detailed_status.html.haml | 4 ++-- app/views/statuses/_simple_status.html.haml | 4 ++-- 6 files changed, 25 insertions(+), 11 deletions(-) (limited to 'app') diff --git a/app/javascript/mastodon/components/media_gallery.js b/app/javascript/mastodon/components/media_gallery.js index 12b7e5b66..cfe164a50 100644 --- a/app/javascript/mastodon/components/media_gallery.js +++ b/app/javascript/mastodon/components/media_gallery.js @@ -23,6 +23,7 @@ class Item extends React.PureComponent { onClick: PropTypes.func.isRequired, displayWidth: PropTypes.number, visible: PropTypes.bool.isRequired, + autoplay: PropTypes.bool, }; static defaultProps = { @@ -48,9 +49,13 @@ class Item extends React.PureComponent { } } + getAutoPlay() { + return this.props.autoplay || autoPlayGif; + } + hoverToPlay () { const { attachment } = this.props; - return !autoPlayGif && attachment.get('type') === 'gifv'; + return !this.getAutoPlay() && attachment.get('type') === 'gifv'; } handleClick = (e) => { @@ -201,7 +206,7 @@ class Item extends React.PureComponent { ); } else if (attachment.get('type') === 'gifv') { - const autoPlay = !isIOS() && autoPlayGif; + const autoPlay = !isIOS() && this.getAutoPlay(); thumbnail = (
@@ -248,6 +253,7 @@ class MediaGallery extends React.PureComponent { defaultWidth: PropTypes.number, cacheWidth: PropTypes.func, visible: PropTypes.bool, + autoplay: PropTypes.bool, onToggleVisibility: PropTypes.func, }; @@ -297,7 +303,7 @@ class MediaGallery extends React.PureComponent { } render () { - const { media, intl, sensitive, height, defaultWidth, standalone } = this.props; + const { media, intl, sensitive, height, defaultWidth, standalone, autoplay } = this.props; const { visible } = this.state; const width = this.state.width || defaultWidth; @@ -320,9 +326,9 @@ class MediaGallery extends React.PureComponent { const uncached = media.every(attachment => attachment.get('type') === 'unknown'); if (standalone && this.isFullSizeEligible()) { - children = ; + children = ; } else { - children = media.take(4).map((attachment, i) => ); + children = media.take(4).map((attachment, i) => ); } if (uncached) { diff --git a/app/views/admin/reports/_status.html.haml b/app/views/admin/reports/_status.html.haml index 425d315e1..105352e46 100644 --- a/app/views/admin/reports/_status.html.haml +++ b/app/views/admin/reports/_status.html.haml @@ -14,9 +14,12 @@ - unless status.proper.media_attachments.empty? - if status.proper.media_attachments.first.video? - video = status.proper.media_attachments.first - = react_component :video, src: video.file.url(:original), preview: video.file.url(:small), sensitive: !current_account&.user&.show_all_media? && status.proper.sensitive? || current_account&.user&.hide_all_media?, width: 610, height: 343, inline: true, alt: video.description + = react_component :video, src: video.file.url(:original), preview: video.file.url(:small), blurhash: video.blurhash, sensitive: status.proper.sensitive?, visible: false, width: 610, height: 343, inline: true, alt: video.description + - elsif status.media_attachments.first.audio? + - audio = status.proper.media_attachments.first + = react_component :audio, src: audio.file.url(:original), height: 110, alt: audio.description, duration: audio.file.meta.dig(:original, :duration) - else - = react_component :media_gallery, height: 343, sensitive: !current_account&.user&.show_all_media? && status.proper.sensitive? || current_account&.user&.hide_all_media?, 'autoPlayGif': current_account&.user&.setting_auto_play_gif, media: status.proper.media_attachments.map { |a| ActiveModelSerializers::SerializableResource.new(a, serializer: REST::MediaAttachmentSerializer).as_json } + = react_component :media_gallery, height: 343, sensitive: status.proper.sensitive?, visible: false, media: status.proper.media_attachments.map { |a| ActiveModelSerializers::SerializableResource.new(a, serializer: REST::MediaAttachmentSerializer).as_json } .detailed-status__meta = link_to ActivityPub::TagManager.instance.url_for(status), class: 'detailed-status__datetime', target: stream_link_target, rel: 'noopener noreferrer' do diff --git a/app/views/layouts/admin.html.haml b/app/views/layouts/admin.html.haml index d1de2e80f..b1a2d0617 100644 --- a/app/views/layouts/admin.html.haml +++ b/app/views/layouts/admin.html.haml @@ -1,4 +1,5 @@ - content_for :header_tags do + = render_initial_state = javascript_pack_tag 'public', integrity: true, crossorigin: 'anonymous' - content_for :content do diff --git a/app/views/layouts/embedded.html.haml b/app/views/layouts/embedded.html.haml index 0503dcdc1..d7e74ade5 100644 --- a/app/views/layouts/embedded.html.haml +++ b/app/views/layouts/embedded.html.haml @@ -14,6 +14,10 @@ = stylesheet_pack_tag Setting.default_settings['theme'], media: 'all' = javascript_pack_tag 'common', integrity: true, crossorigin: 'anonymous' = javascript_pack_tag "locale_#{I18n.locale}", integrity: true, crossorigin: 'anonymous' + = render_initial_state = javascript_pack_tag 'public', integrity: true, crossorigin: 'anonymous' %body.embed = yield + + %div{ style: 'display: none'} + = render file: Rails.root.join('app', 'javascript', 'images', 'logo_transparent.svg') diff --git a/app/views/statuses/_detailed_status.html.haml b/app/views/statuses/_detailed_status.html.haml index 3fa52d3f2..021390e47 100644 --- a/app/views/statuses/_detailed_status.html.haml +++ b/app/views/statuses/_detailed_status.html.haml @@ -29,14 +29,14 @@ - if !status.media_attachments.empty? - if status.media_attachments.first.video? - video = status.media_attachments.first - = react_component :video, src: video.file.url(:original), preview: video.file.url(:small), blurhash: video.blurhash, sensitive: !current_account&.user&.show_all_media? && status.sensitive? || current_account&.user&.hide_all_media?, width: 670, height: 380, detailed: true, inline: true, alt: video.description do + = react_component :video, src: video.file.url(:original), preview: video.file.url(:small), blurhash: video.blurhash, sensitive: status.sensitive?, width: 670, height: 380, detailed: true, inline: true, alt: video.description do = render partial: 'statuses/attachment_list', locals: { attachments: status.media_attachments } - elsif status.media_attachments.first.audio? - audio = status.media_attachments.first = react_component :audio, src: audio.file.url(:original), height: 130, alt: audio.description, preload: true, duration: audio.file.meta.dig(:original, :duration) do = render partial: 'statuses/attachment_list', locals: { attachments: status.media_attachments } - else - = react_component :media_gallery, height: 380, sensitive: !current_account&.user&.show_all_media? && status.sensitive? || current_account&.user&.hide_all_media?, standalone: true, 'autoPlayGif': current_account&.user&.setting_auto_play_gif || autoplay, 'reduceMotion': current_account&.user&.setting_reduce_motion, media: status.media_attachments.map { |a| ActiveModelSerializers::SerializableResource.new(a, serializer: REST::MediaAttachmentSerializer).as_json } do + = react_component :media_gallery, height: 380, sensitive: status.sensitive?, standalone: true, autoplay: autoplay, media: status.media_attachments.map { |a| ActiveModelSerializers::SerializableResource.new(a, serializer: REST::MediaAttachmentSerializer).as_json } do = render partial: 'statuses/attachment_list', locals: { attachments: status.media_attachments } - elsif status.preview_card = react_component :card, 'maxDescription': 160, card: ActiveModelSerializers::SerializableResource.new(status.preview_card, serializer: REST::PreviewCardSerializer).as_json diff --git a/app/views/statuses/_simple_status.html.haml b/app/views/statuses/_simple_status.html.haml index edcfbba2b..66c9412af 100644 --- a/app/views/statuses/_simple_status.html.haml +++ b/app/views/statuses/_simple_status.html.haml @@ -33,14 +33,14 @@ - if !status.media_attachments.empty? - if status.media_attachments.first.video? - video = status.media_attachments.first - = react_component :video, src: video.file.url(:original), preview: video.file.url(:small), blurhash: video.blurhash, sensitive: !current_account&.user&.show_all_media? && status.sensitive? || current_account&.user&.hide_all_media?, width: 610, height: 343, inline: true, alt: video.description do + = react_component :video, src: video.file.url(:original), preview: video.file.url(:small), blurhash: video.blurhash, sensitive: status.sensitive?, width: 610, height: 343, inline: true, alt: video.description do = render partial: 'statuses/attachment_list', locals: { attachments: status.media_attachments } - elsif status.media_attachments.first.audio? - audio = status.media_attachments.first = react_component :audio, src: audio.file.url(:original), height: 110, alt: audio.description, duration: audio.file.meta.dig(:original, :duration) do = render partial: 'statuses/attachment_list', locals: { attachments: status.media_attachments } - else - = react_component :media_gallery, height: 343, sensitive: !current_account&.user&.show_all_media? && status.sensitive? || current_account&.user&.hide_all_media?, 'autoPlayGif': current_account&.user&.setting_auto_play_gif || autoplay, media: status.media_attachments.map { |a| ActiveModelSerializers::SerializableResource.new(a, serializer: REST::MediaAttachmentSerializer).as_json } do + = react_component :media_gallery, height: 343, sensitive: status.sensitive?, autoplay: autoplay, media: status.media_attachments.map { |a| ActiveModelSerializers::SerializableResource.new(a, serializer: REST::MediaAttachmentSerializer).as_json } do = render partial: 'statuses/attachment_list', locals: { attachments: status.media_attachments } - elsif status.preview_card = react_component :card, 'maxDescription': 160, card: ActiveModelSerializers::SerializableResource.new(status.preview_card, serializer: REST::PreviewCardSerializer).as_json -- cgit From a7d34d49ada5bb2dea982a36537bfccdcee27da2 Mon Sep 17 00:00:00 2001 From: Eugen Rochko Date: Sat, 18 Jan 2020 23:22:35 +0100 Subject: Add is to available locales (#12882) Fix #12869 --- app/helpers/settings_helper.rb | 1 + config/application.rb | 1 + 2 files changed, 2 insertions(+) (limited to 'app') diff --git a/app/helpers/settings_helper.rb b/app/helpers/settings_helper.rb index 39eb4180e..10aaf3aca 100644 --- a/app/helpers/settings_helper.rb +++ b/app/helpers/settings_helper.rb @@ -32,6 +32,7 @@ module SettingsHelper hy: 'Հայերեն', id: 'Bahasa Indonesia', io: 'Ido', + is: 'Íslenska', it: 'Italiano', ja: '日本語', ka: 'ქართული', diff --git a/config/application.rb b/config/application.rb index 58e59fd51..c1bc18a30 100644 --- a/config/application.rb +++ b/config/application.rb @@ -70,6 +70,7 @@ module Mastodon :hy, :id, :io, + :is, :it, :ja, :ka, -- cgit