From 2744f61696df70e722cd6ade9564ad4f0f8f34d6 Mon Sep 17 00:00:00 2001 From: Eugen Rochko Date: Sat, 25 Apr 2020 22:01:08 +0200 Subject: Fix not being able to resolve public resources in development environment (#13505) --- app/services/fetch_resource_service.rb | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) (limited to 'app') diff --git a/app/services/fetch_resource_service.rb b/app/services/fetch_resource_service.rb index 880cdde92..6c0093cd4 100644 --- a/app/services/fetch_resource_service.rb +++ b/app/services/fetch_resource_service.rb @@ -25,7 +25,18 @@ class FetchResourceService < BaseService end def perform_request(&block) - Request.new(:get, @url).add_headers('Accept' => ACCEPT_HEADER).on_behalf_of(Account.representative).perform(&block) + Request.new(:get, @url).tap do |request| + request.add_headers('Accept' => ACCEPT_HEADER) + + # In a real setting we want to sign all outgoing requests, + # in case the remote server has secure mode enabled and requires + # authentication on all resources. However, during development, + # sending request signatures with an inaccessible host is useless + # and prevents even public resources from being fetched, so + # don't do it + + request.on_behalf_of(Account.representative) unless Rails.env.development? + end.perform(&block) end def process_response(response, terminal = false) -- cgit From c3ca3801f2b8a44db09b83da2e64130eb2c41ef1 Mon Sep 17 00:00:00 2001 From: Eugen Rochko Date: Sun, 26 Apr 2020 23:29:08 +0200 Subject: Add separate cache directory for non-local uploads (#12821) --- app/models/account.rb | 90 +++++++------ app/models/custom_emoji.rb | 29 ++-- app/models/media_attachment.rb | 35 ++--- app/models/preview_card.rb | 43 +++--- config/initializers/paperclip.rb | 22 ++- .../20200417125749_add_storage_schema_version.rb | 9 ++ db/schema.rb | 7 +- lib/cli.rb | 4 + lib/mastodon/cli_helper.rb | 4 + lib/mastodon/media_cli.rb | 24 +++- lib/mastodon/upgrade_cli.rb | 148 +++++++++++++++++++++ lib/paperclip/attachment_extensions.rb | 9 ++ 12 files changed, 319 insertions(+), 105 deletions(-) create mode 100644 db/migrate/20200417125749_add_storage_schema_version.rb create mode 100644 lib/mastodon/upgrade_cli.rb (limited to 'app') diff --git a/app/models/account.rb b/app/models/account.rb index dc14e8538..ff7386aaf 100644 --- a/app/models/account.rb +++ b/app/models/account.rb @@ -3,50 +3,52 @@ # # Table name: accounts # -# id :bigint(8) not null, primary key -# username :string default(""), not null -# domain :string -# secret :string default(""), not null -# private_key :text -# public_key :text default(""), not null -# remote_url :string default(""), not null -# salmon_url :string default(""), not null -# hub_url :string default(""), not null -# created_at :datetime not null -# updated_at :datetime not null -# note :text default(""), not null -# display_name :string default(""), not null -# uri :string default(""), not null -# url :string -# avatar_file_name :string -# avatar_content_type :string -# avatar_file_size :integer -# avatar_updated_at :datetime -# header_file_name :string -# header_content_type :string -# header_file_size :integer -# header_updated_at :datetime -# avatar_remote_url :string -# subscription_expires_at :datetime -# locked :boolean default(FALSE), not null -# header_remote_url :string default(""), not null -# last_webfingered_at :datetime -# inbox_url :string default(""), not null -# outbox_url :string default(""), not null -# shared_inbox_url :string default(""), not null -# followers_url :string default(""), not null -# protocol :integer default("ostatus"), not null -# memorial :boolean default(FALSE), not null -# moved_to_account_id :bigint(8) -# featured_collection_url :string -# fields :jsonb -# actor_type :string -# discoverable :boolean -# also_known_as :string is an Array -# silenced_at :datetime -# suspended_at :datetime -# trust_level :integer -# hide_collections :boolean +# id :bigint(8) not null, primary key +# username :string default(""), not null +# domain :string +# secret :string default(""), not null +# private_key :text +# public_key :text default(""), not null +# remote_url :string default(""), not null +# salmon_url :string default(""), not null +# hub_url :string default(""), not null +# created_at :datetime not null +# updated_at :datetime not null +# note :text default(""), not null +# display_name :string default(""), not null +# uri :string default(""), not null +# url :string +# avatar_file_name :string +# avatar_content_type :string +# avatar_file_size :integer +# avatar_updated_at :datetime +# header_file_name :string +# header_content_type :string +# header_file_size :integer +# header_updated_at :datetime +# avatar_remote_url :string +# subscription_expires_at :datetime +# locked :boolean default(FALSE), not null +# header_remote_url :string default(""), not null +# last_webfingered_at :datetime +# inbox_url :string default(""), not null +# outbox_url :string default(""), not null +# shared_inbox_url :string default(""), not null +# followers_url :string default(""), not null +# protocol :integer default("ostatus"), not null +# memorial :boolean default(FALSE), not null +# moved_to_account_id :bigint(8) +# featured_collection_url :string +# fields :jsonb +# actor_type :string +# discoverable :boolean +# also_known_as :string is an Array +# silenced_at :datetime +# suspended_at :datetime +# trust_level :integer +# hide_collections :boolean +# avatar_storage_schema_version :integer +# header_storage_schema_version :integer # class Account < ApplicationRecord diff --git a/app/models/custom_emoji.rb b/app/models/custom_emoji.rb index d177cf281..7cb03b819 100644 --- a/app/models/custom_emoji.rb +++ b/app/models/custom_emoji.rb @@ -3,20 +3,21 @@ # # Table name: custom_emojis # -# id :bigint(8) not null, primary key -# shortcode :string default(""), not null -# domain :string -# image_file_name :string -# image_content_type :string -# image_file_size :integer -# image_updated_at :datetime -# created_at :datetime not null -# updated_at :datetime not null -# disabled :boolean default(FALSE), not null -# uri :string -# image_remote_url :string -# visible_in_picker :boolean default(TRUE), not null -# category_id :bigint(8) +# id :bigint(8) not null, primary key +# shortcode :string default(""), not null +# domain :string +# image_file_name :string +# image_content_type :string +# image_file_size :integer +# image_updated_at :datetime +# created_at :datetime not null +# updated_at :datetime not null +# disabled :boolean default(FALSE), not null +# uri :string +# image_remote_url :string +# visible_in_picker :boolean default(TRUE), not null +# category_id :bigint(8) +# image_storage_schema_version :integer # class CustomEmoji < ApplicationRecord diff --git a/app/models/media_attachment.rb b/app/models/media_attachment.rb index f45e2c9f7..75ce9fc4f 100644 --- a/app/models/media_attachment.rb +++ b/app/models/media_attachment.rb @@ -3,23 +3,24 @@ # # Table name: media_attachments # -# id :bigint(8) not null, primary key -# status_id :bigint(8) -# file_file_name :string -# file_content_type :string -# file_file_size :integer -# file_updated_at :datetime -# remote_url :string default(""), not null -# created_at :datetime not null -# updated_at :datetime not null -# shortcode :string -# type :integer default("image"), not null -# file_meta :json -# account_id :bigint(8) -# description :text -# scheduled_status_id :bigint(8) -# blurhash :string -# processing :integer +# id :bigint(8) not null, primary key +# status_id :bigint(8) +# file_file_name :string +# file_content_type :string +# file_file_size :integer +# file_updated_at :datetime +# remote_url :string default(""), not null +# created_at :datetime not null +# updated_at :datetime not null +# shortcode :string +# type :integer default("image"), not null +# file_meta :json +# account_id :bigint(8) +# description :text +# scheduled_status_id :bigint(8) +# blurhash :string +# processing :integer +# file_storage_schema_version :integer # class MediaAttachment < ApplicationRecord diff --git a/app/models/preview_card.rb b/app/models/preview_card.rb index 4e89fbf85..2802f4667 100644 --- a/app/models/preview_card.rb +++ b/app/models/preview_card.rb @@ -3,25 +3,26 @@ # # Table name: preview_cards # -# id :bigint(8) not null, primary key -# url :string default(""), not null -# title :string default(""), not null -# description :string default(""), not null -# image_file_name :string -# image_content_type :string -# image_file_size :integer -# image_updated_at :datetime -# type :integer default("link"), not null -# html :text default(""), not null -# author_name :string default(""), not null -# author_url :string default(""), not null -# provider_name :string default(""), not null -# provider_url :string default(""), not null -# width :integer default(0), not null -# height :integer default(0), not null -# created_at :datetime not null -# updated_at :datetime not null -# embed_url :string default(""), not null +# id :bigint(8) not null, primary key +# url :string default(""), not null +# title :string default(""), not null +# description :string default(""), not null +# image_file_name :string +# image_content_type :string +# image_file_size :integer +# image_updated_at :datetime +# type :integer default("link"), not null +# html :text default(""), not null +# author_name :string default(""), not null +# author_url :string default(""), not null +# provider_name :string default(""), not null +# provider_url :string default(""), not null +# width :integer default(0), not null +# height :integer default(0), not null +# created_at :datetime not null +# updated_at :datetime not null +# embed_url :string default(""), not null +# image_storage_schema_version :integer # class PreviewCard < ApplicationRecord @@ -47,6 +48,10 @@ class PreviewCard < ApplicationRecord before_save :extract_dimensions, if: :link? + def local? + false + end + def missing_image? width.present? && height.present? && image_file_name.blank? end diff --git a/config/initializers/paperclip.rb b/config/initializers/paperclip.rb index 8909678d6..43449eb4f 100644 --- a/config/initializers/paperclip.rb +++ b/config/initializers/paperclip.rb @@ -10,9 +10,25 @@ Paperclip.interpolates :filename do |attachment, style| end end +Paperclip.interpolates :path_prefix do |attachment, style| + if attachment.storage_schema_version >= 1 && attachment.instance.respond_to?(:local?) && !attachment.instance.local? + 'cache' + File::SEPARATOR + else + '' + end +end + +Paperclip.interpolates :url_prefix do |attachment, style| + if attachment.storage_schema_version >= 1 && attachment.instance.respond_to?(:local?) && !attachment.instance.local? + 'cache/' + else + '' + end +end + Paperclip::Attachment.default_options.merge!( use_timestamp: false, - path: ':class/:attachment/:id_partition/:style/:filename', + path: ':url_prefix:class/:attachment/:id_partition/:style/:filename', storage: :fog ) @@ -91,7 +107,7 @@ else Paperclip::Attachment.default_options.merge!( storage: :filesystem, use_timestamp: true, - path: File.join(ENV.fetch('PAPERCLIP_ROOT_PATH', File.join(':rails_root', 'public', 'system')), ':class', ':attachment', ':id_partition', ':style', ':filename'), - url: ENV.fetch('PAPERCLIP_ROOT_URL', '/system') + '/:class/:attachment/:id_partition/:style/:filename', + path: File.join(ENV.fetch('PAPERCLIP_ROOT_PATH', File.join(':rails_root', 'public', 'system')), ':path_prefix:class', ':attachment', ':id_partition', ':style', ':filename'), + url: ENV.fetch('PAPERCLIP_ROOT_URL', '/system') + '/:url_prefix:class/:attachment/:id_partition/:style/:filename', ) end diff --git a/db/migrate/20200417125749_add_storage_schema_version.rb b/db/migrate/20200417125749_add_storage_schema_version.rb new file mode 100644 index 000000000..7438f97ba --- /dev/null +++ b/db/migrate/20200417125749_add_storage_schema_version.rb @@ -0,0 +1,9 @@ +class AddStorageSchemaVersion < ActiveRecord::Migration[5.2] + def change + add_column :preview_cards, :image_storage_schema_version, :integer + add_column :accounts, :avatar_storage_schema_version, :integer + add_column :accounts, :header_storage_schema_version, :integer + add_column :media_attachments, :file_storage_schema_version, :integer + add_column :custom_emojis, :image_storage_schema_version, :integer + end +end diff --git a/db/schema.rb b/db/schema.rb index 54e81bd3f..7cbfebb00 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -10,7 +10,7 @@ # # It's strongly recommended that you check this file into your version control system. -ActiveRecord::Schema.define(version: 2020_04_07_202420) do +ActiveRecord::Schema.define(version: 2020_04_17_125749) do # These are extensions that must be enabled in order to support this database enable_extension "plpgsql" @@ -172,6 +172,8 @@ ActiveRecord::Schema.define(version: 2020_04_07_202420) do t.datetime "suspended_at" t.integer "trust_level" t.boolean "hide_collections" + t.integer "avatar_storage_schema_version" + t.integer "header_storage_schema_version" t.index "(((setweight(to_tsvector('simple'::regconfig, (display_name)::text), 'A'::\"char\") || setweight(to_tsvector('simple'::regconfig, (username)::text), 'B'::\"char\")) || setweight(to_tsvector('simple'::regconfig, (COALESCE(domain, ''::character varying))::text), 'C'::\"char\")))", name: "search_index", using: :gin t.index "lower((username)::text), lower((domain)::text)", name: "index_accounts_on_username_and_domain_lower", unique: true t.index ["moved_to_account_id"], name: "index_accounts_on_moved_to_account_id" @@ -299,6 +301,7 @@ ActiveRecord::Schema.define(version: 2020_04_07_202420) do t.string "image_remote_url" t.boolean "visible_in_picker", default: true, null: false t.bigint "category_id" + t.integer "image_storage_schema_version" t.index ["shortcode", "domain"], name: "index_custom_emojis_on_shortcode_and_domain", unique: true end @@ -464,6 +467,7 @@ ActiveRecord::Schema.define(version: 2020_04_07_202420) do t.bigint "scheduled_status_id" t.string "blurhash" t.integer "processing" + t.integer "file_storage_schema_version" t.index ["account_id"], name: "index_media_attachments_on_account_id" t.index ["scheduled_status_id"], name: "index_media_attachments_on_scheduled_status_id" t.index ["shortcode"], name: "index_media_attachments_on_shortcode", unique: true @@ -604,6 +608,7 @@ ActiveRecord::Schema.define(version: 2020_04_07_202420) do t.datetime "created_at", null: false t.datetime "updated_at", null: false t.string "embed_url", default: "", null: false + t.integer "image_storage_schema_version" t.index ["url"], name: "index_preview_cards_on_url", unique: true end diff --git a/lib/cli.rb b/lib/cli.rb index 19cc5d6b5..313a36a3d 100644 --- a/lib/cli.rb +++ b/lib/cli.rb @@ -11,6 +11,7 @@ require_relative 'mastodon/statuses_cli' require_relative 'mastodon/domains_cli' require_relative 'mastodon/preview_cards_cli' require_relative 'mastodon/cache_cli' +require_relative 'mastodon/upgrade_cli' require_relative 'mastodon/version' module Mastodon @@ -49,6 +50,9 @@ module Mastodon desc 'cache SUBCOMMAND ...ARGS', 'Manage cache' subcommand 'cache', Mastodon::CacheCLI + desc 'upgrade SUBCOMMAND ...ARGS', 'Various version upgrade utilities' + subcommand 'upgrade', Mastodon::UpgradeCLI + option :dry_run, type: :boolean desc 'self-destruct', 'Erase the server from the federation' long_desc <<~LONG_DESC diff --git a/lib/mastodon/cli_helper.rb b/lib/mastodon/cli_helper.rb index ec4d9a81e..4a20fa8d6 100644 --- a/lib/mastodon/cli_helper.rb +++ b/lib/mastodon/cli_helper.rb @@ -10,6 +10,10 @@ Paperclip.options[:log] = false module Mastodon module CLIHelper + def dry_run? + options[:dry_run] + end + def create_progress_bar(total = nil) ProgressBar.create(total: total, format: '%c/%u |%b%i| %e') end diff --git a/lib/mastodon/media_cli.rb b/lib/mastodon/media_cli.rb index 0f211f272..424d65a5f 100644 --- a/lib/mastodon/media_cli.rb +++ b/lib/mastodon/media_cli.rb @@ -85,7 +85,9 @@ module Mastodon record_map = preload_records_from_mixed_objects(objects) objects.each do |object| - path_segments = object.key.split('/') + path_segments = object.key.split('/') + path_segments.delete('cache') + model_name = path_segments.first.classify attachment_name = path_segments[1].singularize record_id = path_segments[2..-2].join.to_i @@ -120,8 +122,11 @@ module Mastodon Find.find(File.join(*[root_path, prefix].compact)) do |path| next if File.directory?(path) - key = path.gsub("#{root_path}#{File::SEPARATOR}", '') - path_segments = key.split(File::SEPARATOR) + key = path.gsub("#{root_path}#{File::SEPARATOR}", '') + + path_segments = key.split(File::SEPARATOR) + path_segments.delete('cache') + model_name = path_segments.first.classify record_id = path_segments[2..-2].join.to_i attachment_name = path_segments[1].singularize @@ -229,10 +234,13 @@ module Mastodon desc 'lookup URL', 'Lookup where media is displayed by passing a media URL' def lookup(url) - path = Addressable::URI.parse(url).path + path = Addressable::URI.parse(url).path + path_segments = path.split('/')[2..-1] - model_name = path_segments.first.classify - record_id = path_segments[2..-2].join.to_i + path_segments.delete('cache') + + model_name = path_segments.first.classify + record_id = path_segments[2..-2].join.to_i unless PRELOAD_MODEL_WHITELIST.include?(model_name) say("Cannot find corresponding model: #{model_name}", :red) @@ -276,7 +284,9 @@ module Mastodon preload_map = Hash.new { |hash, key| hash[key] = [] } objects.map do |object| - segments = object.key.split('/') + segments = object.key.split('/') + segments.delete('cache') + model_name = segments.first.classify record_id = segments[2..-2].join.to_i diff --git a/lib/mastodon/upgrade_cli.rb b/lib/mastodon/upgrade_cli.rb new file mode 100644 index 000000000..74d13f62d --- /dev/null +++ b/lib/mastodon/upgrade_cli.rb @@ -0,0 +1,148 @@ +# frozen_string_literal: true + +require_relative '../../config/boot' +require_relative '../../config/environment' +require_relative 'cli_helper' + +module Mastodon + class UpgradeCLI < Thor + include CLIHelper + + def self.exit_on_failure? + true + end + + CURRENT_STORAGE_SCHEMA_VERSION = 1 + + option :dry_run, type: :boolean, default: false + option :verbose, type: :boolean, default: false, aliases: [:v] + desc 'storage-schema', 'Upgrade storage schema of various file attachments to the latest version' + long_desc <<~LONG_DESC + Iterates over every file attachment of every record and, if its storage schema is outdated, performs the + necessary upgrade to the latest one. In practice this means e.g. moving files to different directories. + + Will most likely take a long time. + LONG_DESC + def storage_schema + progress = create_progress_bar(nil) + dry_run = dry_run? ? ' (DRY RUN)' : '' + records = 0 + + klasses = [ + Account, + CustomEmoji, + MediaAttachment, + PreviewCard, + ] + + klasses.each do |klass| + attachment_names = klass.attachment_definitions.keys + + klass.find_each do |record| + attachment_names.each do |attachment_name| + attachment = record.public_send(attachment_name) + + next if attachment.blank? || attachment.storage_schema_version >= CURRENT_STORAGE_SCHEMA_VERSION + + attachment.styles.each_key do |style| + case Paperclip::Attachment.default_options[:storage] + when :s3 + upgrade_storage_s3(progress, attachment, style) + when :fog + upgrade_storage_fog(progress, attachment, style) + when :filesystem + upgrade_storage_filesystem(progress, attachment, style) + end + + progress.increment + end + + attachment.instance_write(:storage_schema_version, CURRENT_STORAGE_SCHEMA_VERSION) + end + + if record.changed? + record.save unless dry_run? + records += 1 + end + end + end + + progress.total = progress.progress + progress.finish + + say("Upgraded storage schema of #{records} records#{dry_run}", :green, true) + end + + private + + def upgrade_storage_s3(progress, attachment, style) + previous_storage_schema_version = attachment.storage_schema_version + object = attachment.s3_object(style) + + attachment.instance_write(:storage_schema_version, CURRENT_STORAGE_SCHEMA_VERSION) + + upgraded_path = attachment.path(style) + + if upgraded_path != object.key && object.exists? + progress.log("Moving #{object.key} to #{upgraded_path}") if options[:verbose] + + begin + object.move_to(upgraded_path) unless dry_run? + rescue => e + progress.log(pastel.red("Error processing #{object.key}: #{e}")) + end + end + + # Because we move files style-by-style, it's important to restore + # previous version at the end. The upgrade will be recorded after + # all styles are updated + attachment.instance_write(:storage_schema_version, previous_storage_schema_version) + end + + def upgrade_storage_fog(_progress, _attachment, _style) + say('The fog storage driver is not supported for this operation at this time', :red) + exit(1) + end + + def upgrade_storage_filesystem(progress, attachment, style) + previous_storage_schema_version = attachment.storage_schema_version + previous_path = attachment.path(style) + + attachment.instance_write(:storage_schema_version, CURRENT_STORAGE_SCHEMA_VERSION) + + upgraded_path = attachment.path(style) + + if upgraded_path != previous_path && File.exist?(previous_path) + progress.log("Moving #{previous_path} to #{upgraded_path}") if options[:verbose] + + begin + unless dry_run? + FileUtils.mkdir_p(File.dirname(upgraded_path)) + FileUtils.mv(previous_path, upgraded_path) + + begin + FileUtils.rmdir(previous_path, parents: true) + rescue Errno::ENOTEMPTY + # OK + end + end + rescue => e + progress.log(pastel.red("Error processing #{previous_path}: #{e}")) + + unless dry_run? + begin + FileUtils.rmdir(upgraded_path, parents: true) + rescue Errno::ENOTEMPTY + # OK + end + end + end + end + + # Because we move files style-by-style, it's important to restore + # previous version at the end. The upgrade will be recorded after + # all styles are updated + attachment.instance_write(:storage_schema_version, previous_storage_schema_version) + end + end +end diff --git a/lib/paperclip/attachment_extensions.rb b/lib/paperclip/attachment_extensions.rb index ce5780557..f3e51dbd3 100644 --- a/lib/paperclip/attachment_extensions.rb +++ b/lib/paperclip/attachment_extensions.rb @@ -14,6 +14,15 @@ module Paperclip end end + def storage_schema_version + instance_read(:storage_schema_version) || 0 + end + + def assign_attributes + super + instance_write(:storage_schema_version, 1) + end + def variant?(other_filename) return true if original_filename == other_filename return false if original_filename.nil? -- cgit From b40d68cc310ada47b498dcde32e025162d9df8b9 Mon Sep 17 00:00:00 2001 From: ThibG Date: Tue, 28 Apr 2020 09:43:34 +0200 Subject: Add `invites_enabled` to API (#13501) --- app/serializers/rest/instance_serializer.rb | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'app') diff --git a/app/serializers/rest/instance_serializer.rb b/app/serializers/rest/instance_serializer.rb index 1bd71683c..b388e448e 100644 --- a/app/serializers/rest/instance_serializer.rb +++ b/app/serializers/rest/instance_serializer.rb @@ -5,7 +5,7 @@ class REST::InstanceSerializer < ActiveModel::Serializer attributes :uri, :title, :short_description, :description, :email, :version, :urls, :stats, :thumbnail, - :languages, :registrations, :approval_required + :languages, :registrations, :approval_required, :invites_enabled has_one :contact_account, serializer: REST::AccountSerializer @@ -63,6 +63,10 @@ class REST::InstanceSerializer < ActiveModel::Serializer Setting.registrations_mode == 'approved' end + def invites_enabled + Setting.min_invite_role == 'user' + end + private def instance_presenter -- cgit From b3d0de8b40fa6a3c86dcf7a432ea031bffd7b5a7 Mon Sep 17 00:00:00 2001 From: ThibG Date: Tue, 28 Apr 2020 09:43:45 +0200 Subject: Fix /public showing public instead of community timeline for logged-in users (#13499) --- app/views/public_timelines/show.html.haml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'app') diff --git a/app/views/public_timelines/show.html.haml b/app/views/public_timelines/show.html.haml index 0e4ba877d..5e536a235 100644 --- a/app/views/public_timelines/show.html.haml +++ b/app/views/public_timelines/show.html.haml @@ -13,5 +13,5 @@ - else %p= t('about.browse_local_posts') -#mastodon-timeline{ data: { props: Oj.dump(default_props) }} +#mastodon-timeline{ data: { props: Oj.dump(default_props.merge(local: !Setting.show_known_fediverse_at_about_page)) }} #modal-container -- cgit From 04eb59986461bc802d4432fe4131e09eadd070c0 Mon Sep 17 00:00:00 2001 From: ThibG Date: Tue, 28 Apr 2020 09:44:17 +0200 Subject: Fix messed up z-index when NoScript blocks media/previews (#13449) Fixes #13444 --- app/javascript/styles/mastodon/basics.scss | 12 ++++++++++++ 1 file changed, 12 insertions(+) (limited to 'app') diff --git a/app/javascript/styles/mastodon/basics.scss b/app/javascript/styles/mastodon/basics.scss index 2b10b5ad3..4eff8a465 100644 --- a/app/javascript/styles/mastodon/basics.scss +++ b/app/javascript/styles/mastodon/basics.scss @@ -229,3 +229,15 @@ button { } } } + +// NoScript adds a __ns__pop2top class to the full ancestry of blocked elements, +// to set the z-index to a high value, which messes with modals and dropdowns. +// Blocked elements can in theory only be media and frames/embeds, so they +// should only appear in statuses, under divs and articles. +body, +div, +article { + .__ns__pop2top { + z-index: unset !important; + } +} -- cgit From ad9c7aefe6618a70c69991b7daf100573a7e27b9 Mon Sep 17 00:00:00 2001 From: ThibG Date: Tue, 28 Apr 2020 09:53:42 +0200 Subject: Refactor/cleanup TIMELINE_DELETE-related code (#13175) --- app/javascript/mastodon/actions/timelines.js | 2 +- app/javascript/mastodon/reducers/statuses.js | 2 +- app/javascript/mastodon/reducers/timelines.js | 10 +++++----- 3 files changed, 7 insertions(+), 7 deletions(-) (limited to 'app') diff --git a/app/javascript/mastodon/actions/timelines.js b/app/javascript/mastodon/actions/timelines.js index 50840cacc..861827d33 100644 --- a/app/javascript/mastodon/actions/timelines.js +++ b/app/javascript/mastodon/actions/timelines.js @@ -42,7 +42,7 @@ export function updateTimeline(timeline, status, accept) { export function deleteFromTimelines(id) { return (dispatch, getState) => { const accountId = getState().getIn(['statuses', id, 'account']); - const references = getState().get('statuses').filter(status => status.get('reblog') === id).map(status => [status.get('id'), status.get('account')]); + const references = getState().get('statuses').filter(status => status.get('reblog') === id).map(status => status.get('id')); const reblogOf = getState().getIn(['statuses', id, 'reblog'], null); dispatch({ diff --git a/app/javascript/mastodon/reducers/statuses.js b/app/javascript/mastodon/reducers/statuses.js index 2554c008d..53dec9585 100644 --- a/app/javascript/mastodon/reducers/statuses.js +++ b/app/javascript/mastodon/reducers/statuses.js @@ -25,7 +25,7 @@ const importStatuses = (state, statuses) => const deleteStatus = (state, id, references) => { references.forEach(ref => { - state = deleteStatus(state, ref[0], []); + state = deleteStatus(state, ref, []); }); return state.delete(id); diff --git a/app/javascript/mastodon/reducers/timelines.js b/app/javascript/mastodon/reducers/timelines.js index 63b76773d..9156db021 100644 --- a/app/javascript/mastodon/reducers/timelines.js +++ b/app/javascript/mastodon/reducers/timelines.js @@ -89,7 +89,7 @@ const updateTimeline = (state, timeline, status, usePendingItems) => { })); }; -const deleteStatus = (state, id, accountId, references, exclude_account = null) => { +const deleteStatus = (state, id, references, exclude_account = null) => { state.keySeq().forEach(timeline => { if (exclude_account === null || (timeline !== `account:${exclude_account}` && !timeline.startsWith(`account:${exclude_account}:`))) { const helper = list => list.filterNot(item => item === id); @@ -99,7 +99,7 @@ const deleteStatus = (state, id, accountId, references, exclude_account = null) // Remove reblogs of deleted status references.forEach(ref => { - state = deleteStatus(state, ref[0], ref[1], [], exclude_account); + state = deleteStatus(state, ref, [], exclude_account); }); return state; @@ -117,8 +117,8 @@ const filterTimelines = (state, relationship, statuses) => { return; } - references = statuses.filter(item => item.get('reblog') === status.get('id')).map(item => [item.get('id'), item.get('account')]); - state = deleteStatus(state, status.get('id'), status.get('account'), references, relationship.id); + references = statuses.filter(item => item.get('reblog') === status.get('id')).map(item => item.get('id')); + state = deleteStatus(state, status.get('id'), references, relationship.id); }); return state; @@ -150,7 +150,7 @@ export default function timelines(state = initialState, action) { case TIMELINE_UPDATE: return updateTimeline(state, action.timeline, fromJS(action.status), action.usePendingItems); case TIMELINE_DELETE: - return deleteStatus(state, action.id, action.accountId, action.references, action.reblogOf); + return deleteStatus(state, action.id, action.references, action.reblogOf); case TIMELINE_CLEAR: return clearTimeline(state, action.timeline); case ACCOUNT_BLOCK_SUCCESS: -- cgit From 0e362b7678e75cb71ce207fd45dd4dc0d955fdca Mon Sep 17 00:00:00 2001 From: ThibG Date: Tue, 28 Apr 2020 10:16:55 +0200 Subject: Fix end-user-facing uses of inline CSS (#13438) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * Move some inline styles to CSS files * Move default_account_display_name span to fix useless tags with duplicate id * Change handling of public pages spoiler text from inline CSS to dataset attribute * Use the `dir` HTML attribute instead of inline CSS * Move status action bar inline CSS to CSS file * Hide logo resources from CSS file, not inline CSS Fixes #11601 * Move translation prompt styling from inline CSS to CSS file * Move “invited by” styling on registration form from inline to CSS file * Use the progress tag to display poll results in JS fallback * Fix poll results JS-less fallback when the user has voted for an option * Change account public page “moved” notice to use img tags instead of inline CSS * Move OTP hint inline CSS to SCSS file * Hide JS-less fallback vote progressbars from accessibility tools Co-authored-by: Eugen Rochko --- app/javascript/packs/public.js | 16 +++++------- app/javascript/styles/mastodon/about.scss | 5 ++++ app/javascript/styles/mastodon/basics.scss | 4 +++ app/javascript/styles/mastodon/components.scss | 12 +++++++++ app/javascript/styles/mastodon/forms.scss | 21 +++++++++++++++ app/javascript/styles/mastodon/polls.scss | 30 ++++++++++++++++++++++ app/javascript/styles/mastodon/statuses.scss | 17 ++++++++++++ app/views/about/show.html.haml | 6 ++--- app/views/accounts/_moved.html.haml | 6 +++-- app/views/application/_card.html.haml | 1 - app/views/auth/registrations/new.html.haml | 4 +-- app/views/auth/sessions/two_factor.html.haml | 2 +- app/views/directories/index.html.haml | 1 - app/views/layouts/application.html.haml | 2 +- app/views/layouts/embedded.html.haml | 2 +- .../settings/preferences/appearance/show.html.haml | 4 +-- app/views/settings/profiles/show.html.haml | 2 +- app/views/statuses/_detailed_status.html.haml | 6 ++--- app/views/statuses/_poll.html.haml | 8 +++--- app/views/statuses/_simple_status.html.haml | 12 ++++----- 20 files changed, 125 insertions(+), 36 deletions(-) (limited to 'app') diff --git a/app/javascript/packs/public.js b/app/javascript/packs/public.js index 85789c8aa..557823c96 100644 --- a/app/javascript/packs/public.js +++ b/app/javascript/packs/public.js @@ -120,15 +120,13 @@ function main() { delegate(document, '.custom-emoji', 'mouseout', getEmojiAnimationHandler('data-static')); delegate(document, '.status__content__spoiler-link', 'click', function() { - const contentEl = this.parentNode.parentNode.querySelector('.e-content'); + const statusEl = this.parentNode.parentNode; - if (contentEl.style.display === 'block') { - contentEl.style.display = 'none'; - this.parentNode.style.marginBottom = 0; + if (statusEl.dataset.spoiler === 'expanded') { + statusEl.dataset.spoiler = 'folded'; this.textContent = (new IntlMessageFormat(messages['status.show_more'] || 'Show more', locale)).format(); } else { - contentEl.style.display = 'block'; - this.parentNode.style.marginBottom = null; + statusEl.dataset.spoiler = 'expanded'; this.textContent = (new IntlMessageFormat(messages['status.show_less'] || 'Show less', locale)).format(); } @@ -136,8 +134,8 @@ function main() { }); [].forEach.call(document.querySelectorAll('.status__content__spoiler-link'), (spoilerLink) => { - const contentEl = spoilerLink.parentNode.parentNode.querySelector('.e-content'); - const message = (contentEl.style.display === 'block') ? (messages['status.show_less'] || 'Show less') : (messages['status.show_more'] || 'Show more'); + const statusEl = spoilerLink.parentNode.parentNode; + const message = (statusEl.dataset.spoiler === 'expanded') ? (messages['status.show_less'] || 'Show less') : (messages['status.show_more'] || 'Show more'); spoilerLink.textContent = (new IntlMessageFormat(message, locale)).format(); }); }); @@ -170,7 +168,7 @@ function main() { if (target.value) { name.innerHTML = emojify(escapeTextContentForBrowser(target.value)); } else { - name.textContent = document.querySelector('#default_account_display_name').textContent; + name.textContent = target.dataset.default; } } }); diff --git a/app/javascript/styles/mastodon/about.scss b/app/javascript/styles/mastodon/about.scss index cf16b54ac..711f34965 100644 --- a/app/javascript/styles/mastodon/about.scss +++ b/app/javascript/styles/mastodon/about.scss @@ -757,8 +757,13 @@ $small-breakpoint: 960px; } } + &__counters__wrapper { + display: flex; + } + &__counter { padding: 10px; + width: 50%; strong { font-family: $font-display, sans-serif; diff --git a/app/javascript/styles/mastodon/basics.scss b/app/javascript/styles/mastodon/basics.scss index 4eff8a465..a5dbe75fb 100644 --- a/app/javascript/styles/mastodon/basics.scss +++ b/app/javascript/styles/mastodon/basics.scss @@ -230,6 +230,10 @@ button { } } +.logo-resources { + display: none; +} + // NoScript adds a __ns__pop2top class to the full ancestry of blocked elements, // to set the z-index to a high value, which messes with modals and dropdowns. // Blocked elements can in theory only be media and frames/embeds, so they diff --git a/app/javascript/styles/mastodon/components.scss b/app/javascript/styles/mastodon/components.scss index beb3b3cfd..e22b87711 100644 --- a/app/javascript/styles/mastodon/components.scss +++ b/app/javascript/styles/mastodon/components.scss @@ -1362,6 +1362,12 @@ a .account__avatar { &-base { @include avatar-radius; @include avatar-size(36px); + + img { + @include avatar-radius; + width: 100%; + height: 100%; + } } &-overlay { @@ -1372,6 +1378,12 @@ a .account__avatar { bottom: 0; right: 0; z-index: 1; + + img { + @include avatar-radius; + width: 100%; + height: 100%; + } } } diff --git a/app/javascript/styles/mastodon/forms.scss b/app/javascript/styles/mastodon/forms.scss index c9ad68f94..0e5b00e8f 100644 --- a/app/javascript/styles/mastodon/forms.scss +++ b/app/javascript/styles/mastodon/forms.scss @@ -142,6 +142,10 @@ code { } } + .otp-hint { + margin-bottom: 25px; + } + .card { margin-bottom: 15px; } @@ -285,6 +289,14 @@ code { margin-bottom: 25px; } } + + .fields-group.invited-by { + margin-bottom: 30px; + + .hint { + text-align: center; + } + } } .input.radio_buttons .radio label { @@ -635,6 +647,15 @@ code { @media screen and (max-width: 740px) and (min-width: 441px) { margin-top: 40px; } + + &.translation-prompt { + text-align: unset; + color: unset; + + a { + text-decoration: underline; + } + } } .form-footer { diff --git a/app/javascript/styles/mastodon/polls.scss b/app/javascript/styles/mastodon/polls.scss index 1ecc8434d..ad7088982 100644 --- a/app/javascript/styles/mastodon/polls.scss +++ b/app/javascript/styles/mastodon/polls.scss @@ -19,6 +19,36 @@ } } + progress { + border: 0; + display: block; + width: 100%; + height: 5px; + appearance: none; + background: transparent; + + &::-webkit-progress-bar { + background: transparent; + } + + // Those rules need to be entirely separate or they won't work, hence the + // duplication + &::-moz-progress-bar { + border-radius: 4px; + background: darken($ui-primary-color, 5%); + } + + &::-ms-fill { + border-radius: 4px; + background: darken($ui-primary-color, 5%); + } + + &::-webkit-progress-value { + border-radius: 4px; + background: darken($ui-primary-color, 5%); + } + } + &__option { position: relative; display: flex; diff --git a/app/javascript/styles/mastodon/statuses.scss b/app/javascript/styles/mastodon/statuses.scss index 19ce0ab8f..0b7be7afd 100644 --- a/app/javascript/styles/mastodon/statuses.scss +++ b/app/javascript/styles/mastodon/statuses.scss @@ -128,6 +128,16 @@ .embed, .public-layout { + .status__content[data-spoiler=folded] { + .e-content { + display: none; + } + + p:first-child { + margin-bottom: 0; + } + } + .detailed-status { padding: 15px; } @@ -159,5 +169,12 @@ .video-player { margin-top: 10px; } + + &__action-bar-button { + font-size: 18px; + width: 23.1429px; + height: 23.1429px; + line-height: 23.15px; + } } } diff --git a/app/views/about/show.html.haml b/app/views/about/show.html.haml index e0ec98ec9..07e06100a 100644 --- a/app/views/about/show.html.haml +++ b/app/views/about/show.html.haml @@ -68,11 +68,11 @@ .hero-widget__footer__column %h4= t 'about.server_stats' - %div{ style: 'display: flex' } - .hero-widget__counter{ style: 'width: 50%' } + .hero-widget__counters__wrapper + .hero-widget__counter %strong= number_to_human @instance_presenter.user_count, strip_insignificant_zeros: true %span= t 'about.user_count_after', count: @instance_presenter.user_count - .hero-widget__counter{ style: 'width: 50%' } + .hero-widget__counter %strong= number_to_human @instance_presenter.active_user_count, strip_insignificant_zeros: true %span = t 'about.active_count_after' diff --git a/app/views/accounts/_moved.html.haml b/app/views/accounts/_moved.html.haml index a82f277b1..4f71b062d 100644 --- a/app/views/accounts/_moved.html.haml +++ b/app/views/accounts/_moved.html.haml @@ -9,8 +9,10 @@ = link_to ActivityPub::TagManager.instance.url_for(moved_to_account), class: 'detailed-status__display-name p-author h-card', target: '_blank', rel: 'me noopener noreferrer' do .detailed-status__display-avatar .account__avatar-overlay - .account__avatar-overlay-base{ style: "background-image: url('#{moved_to_account.avatar.url(:original)}')" } - .account__avatar-overlay-overlay{ style: "background-image: url('#{account.avatar.url(:original)}')" } + .account__avatar-overlay-base + = image_tag moved_to_account.avatar_static_url + .account__avatar-overlay-overlay + = image_tag account.avatar_static_url %span.display-name %bdi diff --git a/app/views/application/_card.html.haml b/app/views/application/_card.html.haml index 808dce514..e7ecfecd9 100644 --- a/app/views/application/_card.html.haml +++ b/app/views/application/_card.html.haml @@ -9,7 +9,6 @@ = image_tag account.avatar.url, alt: '', width: 48, height: 48, class: 'u-photo' .display-name - %span{ id: "default_account_display_name", style: "display: none" }= account.username %bdi %strong.emojify.p-name= display_name(account, custom_emojify: true) %span diff --git a/app/views/auth/registrations/new.html.haml b/app/views/auth/registrations/new.html.haml index bcd66fb8a..457bc1d23 100644 --- a/app/views/auth/registrations/new.html.haml +++ b/app/views/auth/registrations/new.html.haml @@ -8,8 +8,8 @@ = render 'shared/error_messages', object: resource - if @invite.present? && @invite.autofollow? - .fields-group{ style: 'margin-bottom: 30px' } - %p.hint{ style: 'text-align: center' }= t('invites.invited_by') + .fields-group.invited-by + %p.hint= t('invites.invited_by') = render 'application/card', account: @invite.user.account = f.simple_fields_for :account do |ff| diff --git a/app/views/auth/sessions/two_factor.html.haml b/app/views/auth/sessions/two_factor.html.haml index 4e6bbd7a9..b2e36f6bc 100644 --- a/app/views/auth/sessions/two_factor.html.haml +++ b/app/views/auth/sessions/two_factor.html.haml @@ -2,7 +2,7 @@ = t('auth.login') = simple_form_for(resource, as: resource_name, url: session_path(resource_name), method: :post) do |f| - %p.hint{ style: 'margin-bottom: 25px' }= t('simple_form.hints.sessions.otp') + %p.hint.otp-hint= t('simple_form.hints.sessions.otp') .fields-group = f.input :otp_attempt, type: :number, wrapper: :with_label, label: t('simple_form.labels.defaults.otp_attempt'), input_html: { 'aria-label' => t('simple_form.labels.defaults.otp_attempt'), :autocomplete => 'off' }, autofocus: true diff --git a/app/views/directories/index.html.haml b/app/views/directories/index.html.haml index 333a257e1..bdc1e9d5a 100644 --- a/app/views/directories/index.html.haml +++ b/app/views/directories/index.html.haml @@ -28,7 +28,6 @@ = image_tag account.avatar.url, alt: '', width: 48, height: 48, class: 'u-photo' .display-name - %span{ id: "default_account_display_name", style: "display: none" }= account.username %bdi %strong.emojify.p-name= display_name(account, custom_emojify: true) %span= acct(account) diff --git a/app/views/layouts/application.html.haml b/app/views/layouts/application.html.haml index 747d80bf0..25d001337 100755 --- a/app/views/layouts/application.html.haml +++ b/app/views/layouts/application.html.haml @@ -34,6 +34,6 @@ %body{ class: body_classes } = content_for?(:content) ? yield(:content) : yield - %div{ style: 'display: none'} + .logo-resources = render file: Rails.root.join('app', 'javascript', 'images', 'logo_transparent.svg') = render file: Rails.root.join('app', 'javascript', 'images', 'logo_full.svg') diff --git a/app/views/layouts/embedded.html.haml b/app/views/layouts/embedded.html.haml index d7e74ade5..4a40b8584 100644 --- a/app/views/layouts/embedded.html.haml +++ b/app/views/layouts/embedded.html.haml @@ -19,5 +19,5 @@ %body.embed = yield - %div{ style: 'display: none'} + .logo-resources = render file: Rails.root.join('app', 'javascript', 'images', 'logo_transparent.svg') diff --git a/app/views/settings/preferences/appearance/show.html.haml b/app/views/settings/preferences/appearance/show.html.haml index acddf7884..10fff406e 100644 --- a/app/views/settings/preferences/appearance/show.html.haml +++ b/app/views/settings/preferences/appearance/show.html.haml @@ -12,8 +12,8 @@ = f.input :setting_theme, collection: Themes.instance.names, label_method: lambda { |theme| I18n.t("themes.#{theme}", default: theme) }, wrapper: :with_label, include_blank: false, hint: false - unless I18n.locale == :en - .flash-message{ style: "text-align: unset; color: unset" } - #{t 'appearance.localization.body'} #{content_tag(:a, t('appearance.localization.guide_link_text'), href: t('appearance.localization.guide_link'), target: "_blank", rel: "noopener", style: "text-decoration: underline")} + .flash-message.translation-prompt + #{t 'appearance.localization.body'} #{content_tag(:a, t('appearance.localization.guide_link_text'), href: t('appearance.localization.guide_link'), target: "_blank", rel: "noopener")} %h4= t 'appearance.advanced_web_interface' diff --git a/app/views/settings/profiles/show.html.haml b/app/views/settings/profiles/show.html.haml index 6497824c6..4885878f0 100644 --- a/app/views/settings/profiles/show.html.haml +++ b/app/views/settings/profiles/show.html.haml @@ -9,7 +9,7 @@ .fields-row .fields-row__column.fields-group.fields-row__column-6 - = f.input :display_name, wrapper: :with_label, input_html: { maxlength: 30 }, hint: false + = f.input :display_name, wrapper: :with_label, input_html: { maxlength: 30, data: { default: @account.username } }, hint: false = f.input :note, wrapper: :with_label, input_html: { maxlength: 500 }, hint: false .fields-row diff --git a/app/views/statuses/_detailed_status.html.haml b/app/views/statuses/_detailed_status.html.haml index 021390e47..544b92330 100644 --- a/app/views/statuses/_detailed_status.html.haml +++ b/app/views/statuses/_detailed_status.html.haml @@ -15,12 +15,12 @@ = account_action_button(status.account) - .status__content.emojify< + .status__content.emojify{ :data => ({ spoiler: current_account&.user&.setting_expand_spoilers ? 'expanded' : 'folded' } if status.spoiler_text?) }< - if status.spoiler_text? - %p{ :style => ('margin-bottom: 0' unless current_account&.user&.setting_expand_spoilers) }< + %p< %span.p-summary> #{Formatter.instance.format_spoiler(status, autoplay: autoplay)}  %button.status__content__spoiler-link= t('statuses.show_more') - .e-content{ style: "display: #{!current_account&.user&.setting_expand_spoilers && status.spoiler_text? ? 'none' : 'block'}; direction: #{rtl_status?(status) ? 'rtl' : 'ltr'}" } + .e-content{ dir: rtl_status?(status) ? 'rtl' : 'ltr' } = Formatter.instance.format(status, custom_emojify: true, autoplay: autoplay) - if status.preloadable_poll = react_component :poll, disabled: true, poll: ActiveModelSerializers::SerializableResource.new(status.preloadable_poll, serializer: REST::PollSerializer, scope: current_user, scope_name: :current_user).as_json do diff --git a/app/views/statuses/_poll.html.haml b/app/views/statuses/_poll.html.haml index de5357e6d..64e62e97c 100644 --- a/app/views/statuses/_poll.html.haml +++ b/app/views/statuses/_poll.html.haml @@ -10,13 +10,15 @@ - percent = total_votes_count > 0 ? 100 * option.votes_count / total_votes_count : 0 %label.poll__option>< %span.poll__number>< - - if own_votes.include?(index) - %i.poll__voted__mark.fa.fa-check = "#{percent.round}%" %span.poll__option__text = Formatter.instance.format_poll_option(status, option, autoplay: autoplay) + - if own_votes.include?(index) + %span.poll__voted + %i.poll__voted__mark.fa.fa-check - %span.poll__chart{ style: "width: #{percent}%" } + %progress{ max: 100, value: percent < 1 ? 1 : percent, 'aria-hidden': 'true' } + %span.poll__chart - else %label.poll__option>< %span.poll__input{ class: poll.multiple? ? 'checkbox' : nil}>< diff --git a/app/views/statuses/_simple_status.html.haml b/app/views/statuses/_simple_status.html.haml index 5d16b1fc2..ff09ab2ee 100644 --- a/app/views/statuses/_simple_status.html.haml +++ b/app/views/statuses/_simple_status.html.haml @@ -19,12 +19,12 @@ %span.display-name__account = acct(status.account) = fa_icon('lock') if status.account.locked? - .status__content.emojify< + .status__content.emojify{ :data => ({ spoiler: current_account&.user&.setting_expand_spoilers ? 'expanded' : 'folded' } if status.spoiler_text?) }< - if status.spoiler_text? - %p{ :style => ('margin-bottom: 0' unless current_account&.user&.setting_expand_spoilers) }< + %p< %span.p-summary> #{Formatter.instance.format_spoiler(status, autoplay: autoplay)}  %button.status__content__spoiler-link= t('statuses.show_more') - .e-content{ style: "display: #{!current_account&.user&.setting_expand_spoilers && status.spoiler_text? ? 'none' : 'block'}; direction: #{rtl_status?(status) ? 'rtl' : 'ltr'}" } + .e-content{ dir: rtl_status?(status) ? 'rtl' : 'ltr' } = Formatter.instance.format(status, custom_emojify: true, autoplay: autoplay) - if status.preloadable_poll = react_component :poll, disabled: true, poll: ActiveModelSerializers::SerializableResource.new(status.preloadable_poll, serializer: REST::PollSerializer, scope: current_user, scope_name: :current_user).as_json do @@ -51,18 +51,18 @@ .status__action-bar .status__action-bar__counter - = link_to remote_interaction_path(status, type: :reply), class: 'status__action-bar-button icon-button modal-button', style: 'font-size: 18px; width: 23.1429px; height: 23.1429px; line-height: 23.15px;' do + = link_to remote_interaction_path(status, type: :reply), class: 'status__action-bar-button icon-button modal-button' do - if status.in_reply_to_id.nil? = fa_icon 'reply fw' - else = fa_icon 'reply-all fw' .status__action-bar__counter__label= obscured_counter status.replies_count - = link_to remote_interaction_path(status, type: :reblog), class: 'status__action-bar-button icon-button modal-button', style: 'font-size: 18px; width: 23.1429px; height: 23.1429px; line-height: 23.15px;' do + = link_to remote_interaction_path(status, type: :reblog), class: 'status__action-bar-button icon-button modal-button' do - if status.distributable? = fa_icon 'retweet fw' - elsif status.private_visibility? || status.limited_visibility? = fa_icon 'lock fw' - else = fa_icon 'envelope fw' - = link_to remote_interaction_path(status, type: :favourite), class: 'status__action-bar-button icon-button modal-button', style: 'font-size: 18px; width: 23.1429px; height: 23.1429px; line-height: 23.15px;' do + = link_to remote_interaction_path(status, type: :favourite), class: 'status__action-bar-button icon-button modal-button' do = fa_icon 'star fw' -- cgit From 77ec0875ea998072f4bb709bfb9b15e80669eeef Mon Sep 17 00:00:00 2001 From: ThibG Date: Tue, 28 Apr 2020 13:19:39 +0200 Subject: Fix page incorrectly scrolling when bringing up dropdown menus (#13574) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Fixes #13573 For some reason (I suspect this may be related to focusing the item before it got drown by the browser), Firefox scrolls to top when bringing up dropdown menus with pre-selected items. This commit uses the “preventScroll” option as, due to the placement behavior, the menu should be visible anyway and not trigger scrolling. --- app/javascript/mastodon/components/dropdown_menu.js | 2 +- app/javascript/mastodon/features/compose/components/privacy_dropdown.js | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) (limited to 'app') diff --git a/app/javascript/mastodon/components/dropdown_menu.js b/app/javascript/mastodon/components/dropdown_menu.js index 31c02d735..4734e0f3f 100644 --- a/app/javascript/mastodon/components/dropdown_menu.js +++ b/app/javascript/mastodon/components/dropdown_menu.js @@ -46,7 +46,7 @@ class DropdownMenu extends React.PureComponent { document.addEventListener('keydown', this.handleKeyDown, false); document.addEventListener('touchend', this.handleDocumentClick, listenerOptions); if (this.focusedItem && this.props.openedViaKeyboard) { - this.focusedItem.focus(); + this.focusedItem.focus({ preventScroll: true }); } this.setState({ mounted: true }); } diff --git a/app/javascript/mastodon/features/compose/components/privacy_dropdown.js b/app/javascript/mastodon/features/compose/components/privacy_dropdown.js index 57588fe96..96028e042 100644 --- a/app/javascript/mastodon/features/compose/components/privacy_dropdown.js +++ b/app/javascript/mastodon/features/compose/components/privacy_dropdown.js @@ -100,7 +100,7 @@ class PrivacyDropdownMenu extends React.PureComponent { componentDidMount () { document.addEventListener('click', this.handleDocumentClick, false); document.addEventListener('touchend', this.handleDocumentClick, listenerOptions); - if (this.focusedItem) this.focusedItem.focus(); + if (this.focusedItem) this.focusedItem.focus({ preventScroll: true }); this.setState({ mounted: true }); } -- cgit From b8ba977497a53740e66d8db9938382b724283b3a Mon Sep 17 00:00:00 2001 From: ThibG Date: Tue, 28 Apr 2020 19:39:16 +0200 Subject: Fix admin-facing uses of inline CSS (#13575) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * Move .back-button inline styles to CSS file All occurrences of the back-button CSS class used the same inline CSS rules, so moved them over to the CSS file * Fix “Add new domain block” button using inline CSS * Replace common pattern of inline-styled button boxes by a CSS class In particular, switching from `float: left/right` to a flexbox with `justify-content: space-between`. This implied changing the order of a few HTML tags and adding an empty `div` in one case. Also removed a `margin-bottom` rule that wasn't needed due to the margins of surrounding elements. * Move account admin view inline CSS to CSS file --- app/javascript/styles/mastodon/admin.scss | 20 ++++++++++++++++++ app/views/admin/accounts/_account.html.haml | 2 +- app/views/admin/accounts/show.html.haml | 26 ++++++++++++------------ app/views/admin/instances/index.html.haml | 2 +- app/views/admin/instances/show.html.haml | 6 +++--- app/views/admin/pending_accounts/index.html.haml | 8 ++++---- app/views/admin/relationships/index.html.haml | 2 +- app/views/admin/reports/show.html.haml | 6 ++++-- app/views/admin/statuses/index.html.haml | 2 +- app/views/admin/statuses/show.html.haml | 2 +- app/views/admin/tags/index.html.haml | 8 ++++---- 11 files changed, 53 insertions(+), 31 deletions(-) (limited to 'app') diff --git a/app/javascript/styles/mastodon/admin.scss b/app/javascript/styles/mastodon/admin.scss index cee44f436..4edee730d 100644 --- a/app/javascript/styles/mastodon/admin.scss +++ b/app/javascript/styles/mastodon/admin.scss @@ -551,6 +551,18 @@ body, } } +.special-action-button, +.back-link { + text-align: right; + flex: 1 1 auto; +} + +.action-buttons { + display: flex; + overflow: hidden; + justify-content: space-between; +} + .spacer { flex: 1 1 auto; } @@ -888,3 +900,11 @@ a.name-tag, } } } + +.account-badges { + margin: -2px 0; +} + +.dashboard__counters.admin-account-counters { + margin-top: 10px; +} diff --git a/app/views/admin/accounts/_account.html.haml b/app/views/admin/accounts/_account.html.haml index 44b10af6e..c9bd8c686 100644 --- a/app/views/admin/accounts/_account.html.haml +++ b/app/views/admin/accounts/_account.html.haml @@ -2,7 +2,7 @@ %td = admin_account_link_to(account) %td - %div{ style: 'margin: -2px 0' }= account_badge(account, all: true) + %div.account-badges= account_badge(account, all: true) %td - if account.user_current_sign_in_ip %samp.ellipsized-ip{ title: account.user_current_sign_in_ip }= account.user_current_sign_in_ip diff --git a/app/views/admin/accounts/show.html.haml b/app/views/admin/accounts/show.html.haml index 408f94eed..e6461aad0 100644 --- a/app/views/admin/accounts/show.html.haml +++ b/app/views/admin/accounts/show.html.haml @@ -31,7 +31,7 @@ %div .account__header__content.emojify= Formatter.instance.simplified_format(account, custom_emojify: true) -.dashboard__counters{ style: 'margin-top: 10px' } +.dashboard__counters.admin-account-counters %div = link_to admin_account_statuses_path(@account.id) do .dashboard__counters__num= number_with_delimiter @account.statuses_count @@ -178,18 +178,8 @@ = @account.shared_inbox_url = fa_icon DeliveryFailureTracker.available?(@account.shared_inbox_url) ? 'check': 'times' - %div{ style: 'overflow: hidden' } - %div{ style: 'float: right' } - - if @account.local? - = link_to t('admin.accounts.reset_password'), admin_account_reset_path(@account.id), method: :create, class: 'button' if can?(:reset_password, @account.user) - - if @account.user&.otp_required_for_login? - = link_to t('admin.accounts.disable_two_factor_authentication'), admin_user_two_factor_authentication_path(@account.user.id), method: :delete, class: 'button' if can?(:disable_2fa, @account.user) - - if !@account.memorial? && @account.user_approved? - = link_to t('admin.accounts.memorialize'), memorialize_admin_account_path(@account.id), method: :post, data: { confirm: t('admin.accounts.are_you_sure') }, class: 'button button--destructive' if can?(:memorialize, @account) - - else - = link_to t('admin.accounts.redownload'), redownload_admin_account_path(@account.id), method: :post, class: 'button' if can?(:redownload, @account) - - %div{ style: 'float: left' } + %div.action-buttons + %div - if @account.local? && @account.user_approved? = link_to t('admin.accounts.warn'), new_admin_account_action_path(@account.id, type: 'none'), class: 'button' if can?(:warn, @account) - if @account.silenced? @@ -216,6 +206,16 @@ - else = link_to t('admin.domain_blocks.add_new'), new_admin_domain_block_path(_domain: @account.domain), class: 'button button--destructive' + %div + - if @account.local? + = link_to t('admin.accounts.reset_password'), admin_account_reset_path(@account.id), method: :create, class: 'button' if can?(:reset_password, @account.user) + - if @account.user&.otp_required_for_login? + = link_to t('admin.accounts.disable_two_factor_authentication'), admin_user_two_factor_authentication_path(@account.user.id), method: :delete, class: 'button' if can?(:disable_2fa, @account.user) + - if !@account.memorial? && @account.user_approved? + = link_to t('admin.accounts.memorialize'), memorialize_admin_account_path(@account.id), method: :post, data: { confirm: t('admin.accounts.are_you_sure') }, class: 'button button--destructive' if can?(:memorialize, @account) + - else + = link_to t('admin.accounts.redownload'), redownload_admin_account_path(@account.id), method: :post, class: 'button' if can?(:redownload, @account) + %hr.spacer/ - unless @warnings.empty? diff --git a/app/views/admin/instances/index.html.haml b/app/views/admin/instances/index.html.haml index 0b299acc5..bd67eb4fc 100644 --- a/app/views/admin/instances/index.html.haml +++ b/app/views/admin/instances/index.html.haml @@ -10,7 +10,7 @@ - unless whitelist_mode? %li= filter_link_to t('admin.instances.moderation.limited'), limited: '1' - %div{ style: 'flex: 1 1 auto; text-align: right' } + %div.special-action-button - if whitelist_mode? = link_to t('admin.domain_allows.add_new'), new_admin_domain_allow_path, class: 'button' - else diff --git a/app/views/admin/instances/show.html.haml b/app/views/admin/instances/show.html.haml index 49a666a5a..92e14c0df 100644 --- a/app/views/admin/instances/show.html.haml +++ b/app/views/admin/instances/show.html.haml @@ -45,11 +45,11 @@ %hr.spacer/ -%div{ style: 'overflow: hidden' } - %div{ style: 'float: left' } +%div.action-buttons + %div = link_to t('admin.accounts.title'), admin_accounts_path(remote: '1', by_domain: @instance.domain), class: 'button' - %div{ style: 'float: right' } + %div - if @domain_allow = link_to t('admin.domain_allows.undo'), admin_domain_allow_path(@domain_allow), class: 'button button--destructive', data: { confirm: t('admin.accounts.are_you_sure'), method: :delete } - elsif @domain_block diff --git a/app/views/admin/pending_accounts/index.html.haml b/app/views/admin/pending_accounts/index.html.haml index 7ce5b8213..79ae4a320 100644 --- a/app/views/admin/pending_accounts/index.html.haml +++ b/app/views/admin/pending_accounts/index.html.haml @@ -25,9 +25,9 @@ %hr.spacer/ -%div{ style: 'overflow: hidden' } - %div{ style: 'float: right' } - = link_to t('admin.accounts.reject_all'), reject_all_admin_pending_accounts_path, method: :post, data: { confirm: t('admin.accounts.are_you_sure') }, class: 'button button--destructive' - +%div.action-buttons %div = link_to t('admin.accounts.approve_all'), approve_all_admin_pending_accounts_path, method: :post, data: { confirm: t('admin.accounts.are_you_sure') }, class: 'button' + + %div + = link_to t('admin.accounts.reject_all'), reject_all_admin_pending_accounts_path, method: :post, data: { confirm: t('admin.accounts.are_you_sure') }, class: 'button button--destructive' diff --git a/app/views/admin/relationships/index.html.haml b/app/views/admin/relationships/index.html.haml index 3afaff615..907477f24 100644 --- a/app/views/admin/relationships/index.html.haml +++ b/app/views/admin/relationships/index.html.haml @@ -17,7 +17,7 @@ %li= filter_link_to t('admin.accounts.location.local'), location: 'local' %li= filter_link_to t('admin.accounts.location.remote'), location: 'remote' - .back-link{ style: 'flex: 1 1 auto; text-align: right' } + .back-link = link_to admin_account_path(@account.id) do = fa_icon 'chevron-left fw' = t('admin.statuses.back_to_account') diff --git a/app/views/admin/reports/show.html.haml b/app/views/admin/reports/show.html.haml index af8fce2a7..0d563eea7 100644 --- a/app/views/admin/reports/show.html.haml +++ b/app/views/admin/reports/show.html.haml @@ -68,9 +68,11 @@ %hr.spacer -%div{ style: 'overflow: hidden; margin-bottom: 20px; clear: both' } +%div.action-buttons + %div + - if @report.unresolved? - %div{ style: 'float: right' } + %div - if @report.target_account.local? = link_to t('admin.accounts.warn'), new_admin_account_action_path(@report.target_account_id, type: 'none', report_id: @report.id), class: 'button' = link_to t('admin.accounts.disable'), new_admin_account_action_path(@report.target_account_id, type: 'disable', report_id: @report.id), class: 'button button--destructive' diff --git a/app/views/admin/statuses/index.html.haml b/app/views/admin/statuses/index.html.haml index dd3c79815..f1169a2fd 100644 --- a/app/views/admin/statuses/index.html.haml +++ b/app/views/admin/statuses/index.html.haml @@ -12,7 +12,7 @@ %ul %li= link_to t('admin.statuses.no_media'), admin_account_statuses_path(@account.id, current_params.merge(media: nil)), class: !params[:media] && 'selected' %li= link_to t('admin.statuses.with_media'), admin_account_statuses_path(@account.id, current_params.merge(media: true)), class: params[:media] && 'selected' - .back-link{ style: 'flex: 1 1 auto; text-align: right' } + .back-link = link_to admin_account_path(@account.id) do = fa_icon 'chevron-left fw' = t('admin.statuses.back_to_account') diff --git a/app/views/admin/statuses/show.html.haml b/app/views/admin/statuses/show.html.haml index a7a392272..e2470198d 100644 --- a/app/views/admin/statuses/show.html.haml +++ b/app/views/admin/statuses/show.html.haml @@ -4,7 +4,7 @@ = "@#{@account.acct}" .filters - .back-link{ style: 'flex: 1 1 auto; text-align: right' } + .back-link = link_to admin_account_path(@account.id) do %i.fa.fa-chevron-left.fa-fw = t('admin.statuses.back_to_account') diff --git a/app/views/admin/tags/index.html.haml b/app/views/admin/tags/index.html.haml index 1ff538ba3..2acdaa8fa 100644 --- a/app/views/admin/tags/index.html.haml +++ b/app/views/admin/tags/index.html.haml @@ -71,9 +71,9 @@ - if params[:pending_review] == '1' || params[:unreviewed] == '1' %hr.spacer/ - %div{ style: 'overflow: hidden' } - %div{ style: 'float: right' } - = link_to t('admin.accounts.reject_all'), reject_all_admin_tags_path, method: :post, data: { confirm: t('admin.accounts.are_you_sure') }, class: 'button button--destructive' - + %div.action-buttons %div = link_to t('admin.accounts.approve_all'), approve_all_admin_tags_path, method: :post, data: { confirm: t('admin.accounts.are_you_sure') }, class: 'button' + + %div + = link_to t('admin.accounts.reject_all'), reject_all_admin_tags_path, method: :post, data: { confirm: t('admin.accounts.are_you_sure') }, class: 'button button--destructive' -- cgit From 3511528e508aa365e7f88b7e3b6a3b8f99c531cc Mon Sep 17 00:00:00 2001 From: kaiyou Date: Thu, 30 Apr 2020 14:39:05 +0200 Subject: Only check locally when deduplicating usernames (#13581) When deduplicating account usernames for OAuthable users, the routine did check if any account was known with that username, including remote accounts. This caused some unnecessary deduplication, and usernames ending with unexpected trailing _1. This fixes #13580 --- app/models/concerns/omniauthable.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'app') diff --git a/app/models/concerns/omniauthable.rb b/app/models/concerns/omniauthable.rb index 960784222..736da6c1d 100644 --- a/app/models/concerns/omniauthable.rb +++ b/app/models/concerns/omniauthable.rb @@ -82,7 +82,7 @@ module Omniauthable username = starting_username i = 0 - while Account.exists?(username: username) + while Account.exists?(username: username, domain: nil) i += 1 username = "#{starting_username}_#{i}" end -- cgit From 988b0493fea7a850130b83d0e81675bda8dd9d8e Mon Sep 17 00:00:00 2001 From: Eugen Rochko Date: Sun, 3 May 2020 16:30:36 +0200 Subject: Add more tests for ActivityPub controllers (#13585) --- app/controllers/accounts_controller.rb | 14 +- .../activitypub/collections_controller.rb | 17 +- app/controllers/activitypub/outboxes_controller.rb | 6 +- app/controllers/activitypub/replies_controller.rb | 21 +- app/controllers/api/v1/polls/votes_controller.rb | 2 +- app/controllers/api/v1/polls_controller.rb | 2 +- .../api/v1/push/subscriptions_controller.rb | 11 +- .../api/v1/statuses/mutes_controller.rb | 3 +- app/controllers/api/v1/statuses_controller.rb | 2 +- app/controllers/media_controller.rb | 2 +- app/controllers/remote_interaction_controller.rb | 2 +- app/controllers/statuses_controller.rb | 2 +- app/models/status.rb | 2 +- .../activitypub/collections_controller_spec.rb | 132 +++- .../activitypub/inboxes_controller_spec.rb | 28 +- .../activitypub/outboxes_controller_spec.rb | 170 ++++- .../activitypub/replies_controller_spec.rb | 196 +++++ spec/controllers/statuses_controller_spec.rb | 843 +++++++++++++++++++-- spec/fabricators/status_pin_fabricator.rb | 2 +- 19 files changed, 1315 insertions(+), 142 deletions(-) create mode 100644 spec/controllers/activitypub/replies_controller_spec.rb (limited to 'app') diff --git a/app/controllers/accounts_controller.rb b/app/controllers/accounts_controller.rb index 124393d62..b35b2279e 100644 --- a/app/controllers/accounts_controller.rb +++ b/app/controllers/accounts_controller.rb @@ -27,7 +27,7 @@ class AccountsController < ApplicationController end @pinned_statuses = cache_collection(@account.pinned_statuses, Status) if show_pinned_statuses? - @statuses = filtered_status_page(params) + @statuses = filtered_status_page @statuses = cache_collection(@statuses, Status) @rss_url = rss_url @@ -140,12 +140,12 @@ class AccountsController < ApplicationController request.path.split('.').first.ends_with?(Addressable::URI.parse("/tagged/#{params[:tag]}").normalize) end - def filtered_status_page(params) - if params[:min_id].present? - filtered_statuses.paginate_by_min_id(PAGE_SIZE, params[:min_id]).reverse - else - filtered_statuses.paginate_by_max_id(PAGE_SIZE, params[:max_id], params[:since_id]).to_a - end + def filtered_status_page + filtered_statuses.paginate_by_id(PAGE_SIZE, params_slice(:max_id, :min_id, :since_id)) + end + + def params_slice(*keys) + params.slice(*keys).permit(*keys) end def restrict_fields_to diff --git a/app/controllers/activitypub/collections_controller.rb b/app/controllers/activitypub/collections_controller.rb index 910fefb1c..c1e7aa550 100644 --- a/app/controllers/activitypub/collections_controller.rb +++ b/app/controllers/activitypub/collections_controller.rb @@ -24,20 +24,23 @@ class ActivityPub::CollectionsController < ActivityPub::BaseController def set_size case params[:id] when 'featured' - @account.pinned_statuses.count + @size = @account.pinned_statuses.count else - raise ActiveRecord::RecordNotFound + not_found end end def scope_for_collection case params[:id] when 'featured' - return Status.none if @account.blocking?(signed_request_account) - - @account.pinned_statuses - else - raise ActiveRecord::RecordNotFound + # Because in public fetch mode we cache the response, there would be no + # benefit from performing the check below, since a blocked account or domain + # would likely be served the cache from the reverse proxy anyway + if authorized_fetch_mode? && !signed_request_account.nil? && (@account.blocking?(signed_request_account) || (!signed_request_account.domain.nil? && @account.domain_blocking?(signed_request_account.domain))) + Status.none + else + @account.pinned_statuses + end end end diff --git a/app/controllers/activitypub/outboxes_controller.rb b/app/controllers/activitypub/outboxes_controller.rb index 891756b7e..e25a4bc07 100644 --- a/app/controllers/activitypub/outboxes_controller.rb +++ b/app/controllers/activitypub/outboxes_controller.rb @@ -11,7 +11,7 @@ class ActivityPub::OutboxesController < ActivityPub::BaseController before_action :set_cache_headers def show - expires_in(page_requested? ? 0 : 3.minutes, public: public_fetch_mode?) + expires_in(page_requested? ? 0 : 3.minutes, public: public_fetch_mode? && !(signed_request_account.present? && page_requested?)) render json: outbox_presenter, serializer: ActivityPub::OutboxSerializer, adapter: ActivityPub::Adapter, content_type: 'application/activity+json' end @@ -50,12 +50,12 @@ class ActivityPub::OutboxesController < ActivityPub::BaseController return unless page_requested? @statuses = @account.statuses.permitted_for(@account, signed_request_account) - @statuses = params[:min_id].present? ? @statuses.paginate_by_min_id(LIMIT, params[:min_id]).reverse : @statuses.paginate_by_max_id(LIMIT, params[:max_id]) + @statuses = @statuses.paginate_by_id(LIMIT, params_slice(:max_id, :min_id, :since_id)) @statuses = cache_collection(@statuses, Status) end def page_requested? - params[:page] == 'true' + truthy_param?(:page) end def page_params diff --git a/app/controllers/activitypub/replies_controller.rb b/app/controllers/activitypub/replies_controller.rb index c62061555..43bf4e657 100644 --- a/app/controllers/activitypub/replies_controller.rb +++ b/app/controllers/activitypub/replies_controller.rb @@ -1,7 +1,7 @@ # frozen_string_literal: true class ActivityPub::RepliesController < ActivityPub::BaseController - include SignatureAuthentication + include SignatureVerification include Authorization include AccountOwnedConcern @@ -19,15 +19,19 @@ class ActivityPub::RepliesController < ActivityPub::BaseController private + def pundit_user + signed_request_account + end + def set_status @status = @account.statuses.find(params[:status_id]) authorize @status, :show? rescue Mastodon::NotPermittedError - raise ActiveRecord::RecordNotFound + not_found end def set_replies - @replies = page_params[:only_other_accounts] ? Status.where.not(account_id: @account.id) : @account.statuses + @replies = only_other_accounts? ? Status.where.not(account_id: @account.id) : @account.statuses @replies = @replies.where(in_reply_to_id: @status.id, visibility: [:public, :unlisted]) @replies = @replies.paginate_by_min_id(DESCENDANTS_LIMIT, params[:min_id]) end @@ -38,7 +42,7 @@ class ActivityPub::RepliesController < ActivityPub::BaseController type: :unordered, part_of: account_status_replies_url(@account, @status), next: next_page, - items: @replies.map { |status| status.local ? status : status.uri } + items: @replies.map { |status| status.local? ? status : status.uri } ) return page if page_requested? @@ -51,16 +55,21 @@ class ActivityPub::RepliesController < ActivityPub::BaseController end def page_requested? - params[:page] == 'true' + truthy_param?(:page) + end + + def only_other_accounts? + truthy_param?(:only_other_accounts) end def next_page only_other_accounts = !(@replies&.last&.account_id == @account.id && @replies.size == DESCENDANTS_LIMIT) + account_status_replies_url( @account, @status, page: true, - min_id: only_other_accounts && !page_params[:only_other_accounts] ? nil : @replies&.last&.id, + min_id: only_other_accounts && !only_other_accounts? ? nil : @replies&.last&.id, only_other_accounts: only_other_accounts ) end diff --git a/app/controllers/api/v1/polls/votes_controller.rb b/app/controllers/api/v1/polls/votes_controller.rb index e1d26106a..513b937ef 100644 --- a/app/controllers/api/v1/polls/votes_controller.rb +++ b/app/controllers/api/v1/polls/votes_controller.rb @@ -18,7 +18,7 @@ class Api::V1::Polls::VotesController < Api::BaseController @poll = Poll.attached.find(params[:poll_id]) authorize @poll.status, :show? rescue Mastodon::NotPermittedError - raise ActiveRecord::RecordNotFound + not_found end def vote_params diff --git a/app/controllers/api/v1/polls_controller.rb b/app/controllers/api/v1/polls_controller.rb index 744baf7bb..6435e9f0d 100644 --- a/app/controllers/api/v1/polls_controller.rb +++ b/app/controllers/api/v1/polls_controller.rb @@ -17,7 +17,7 @@ class Api::V1::PollsController < Api::BaseController @poll = Poll.attached.find(params[:id]) authorize @poll.status, :show? rescue Mastodon::NotPermittedError - raise ActiveRecord::RecordNotFound + not_found end def refresh_poll diff --git a/app/controllers/api/v1/push/subscriptions_controller.rb b/app/controllers/api/v1/push/subscriptions_controller.rb index 1cbc92b93..d34b333eb 100644 --- a/app/controllers/api/v1/push/subscriptions_controller.rb +++ b/app/controllers/api/v1/push/subscriptions_controller.rb @@ -4,6 +4,7 @@ class Api::V1::Push::SubscriptionsController < Api::BaseController before_action -> { doorkeeper_authorize! :push } before_action :require_user! before_action :set_web_push_subscription + before_action :check_web_push_subscription, only: [:show, :update] def create @web_subscription&.destroy! @@ -21,16 +22,11 @@ class Api::V1::Push::SubscriptionsController < Api::BaseController end def show - raise ActiveRecord::RecordNotFound if @web_subscription.nil? - render json: @web_subscription, serializer: REST::WebPushSubscriptionSerializer end def update - raise ActiveRecord::RecordNotFound if @web_subscription.nil? - @web_subscription.update!(data: data_params) - render json: @web_subscription, serializer: REST::WebPushSubscriptionSerializer end @@ -45,12 +41,17 @@ class Api::V1::Push::SubscriptionsController < Api::BaseController @web_subscription = ::Web::PushSubscription.find_by(access_token_id: doorkeeper_token.id) end + def check_web_push_subscription + not_found if @web_subscription.nil? + end + def subscription_params params.require(:subscription).permit(:endpoint, keys: [:auth, :p256dh]) end def data_params return {} if params[:data].blank? + params.require(:data).permit(alerts: [:follow, :follow_request, :favourite, :reblog, :mention, :poll]) end end diff --git a/app/controllers/api/v1/statuses/mutes_controller.rb b/app/controllers/api/v1/statuses/mutes_controller.rb index 43c7a525a..87071a2b9 100644 --- a/app/controllers/api/v1/statuses/mutes_controller.rb +++ b/app/controllers/api/v1/statuses/mutes_controller.rb @@ -28,8 +28,7 @@ class Api::V1::Statuses::MutesController < Api::BaseController @status = Status.find(params[:status_id]) authorize @status, :show? rescue Mastodon::NotPermittedError - # Reraise in order to get a 404 instead of a 403 error code - raise ActiveRecord::RecordNotFound + not_found end def set_conversation diff --git a/app/controllers/api/v1/statuses_controller.rb b/app/controllers/api/v1/statuses_controller.rb index 93a253cbb..8d6cb84b6 100644 --- a/app/controllers/api/v1/statuses_controller.rb +++ b/app/controllers/api/v1/statuses_controller.rb @@ -67,7 +67,7 @@ class Api::V1::StatusesController < Api::BaseController @status = Status.find(params[:id]) authorize @status, :show? rescue Mastodon::NotPermittedError - raise ActiveRecord::RecordNotFound + not_found end def set_thread diff --git a/app/controllers/media_controller.rb b/app/controllers/media_controller.rb index 05cf09c28..1d166d6e7 100644 --- a/app/controllers/media_controller.rb +++ b/app/controllers/media_controller.rb @@ -33,7 +33,7 @@ class MediaController < ApplicationController def verify_permitted_status! authorize @media_attachment.status, :show? rescue Mastodon::NotPermittedError - raise ActiveRecord::RecordNotFound + not_found end def check_playable diff --git a/app/controllers/remote_interaction_controller.rb b/app/controllers/remote_interaction_controller.rb index 4073e7ac3..3b9202a5c 100644 --- a/app/controllers/remote_interaction_controller.rb +++ b/app/controllers/remote_interaction_controller.rb @@ -41,7 +41,7 @@ class RemoteInteractionController < ApplicationController @status = Status.find(params[:id]) authorize @status, :show? rescue Mastodon::NotPermittedError - raise ActiveRecord::RecordNotFound + not_found end def set_body_classes diff --git a/app/controllers/statuses_controller.rb b/app/controllers/statuses_controller.rb index 4fa128303..d362b97dc 100644 --- a/app/controllers/statuses_controller.rb +++ b/app/controllers/statuses_controller.rb @@ -46,7 +46,7 @@ class StatusesController < ApplicationController end def embed - return not_found if @status.hidden? + return not_found if @status.hidden? || @status.reblog? expires_in 180, public: true response.headers['X-Frame-Options'] = 'ALLOWALL' diff --git a/app/models/status.rb b/app/models/status.rb index fef4e2596..30f86e664 100644 --- a/app/models/status.rb +++ b/app/models/status.rb @@ -354,7 +354,7 @@ class Status < ApplicationRecord if account.nil? where(visibility: visibility) - elsif target_account.blocking?(account) # get rid of blocked peeps + elsif target_account.blocking?(account) || (account.domain.present? && target_account.domain_blocking?(account.domain)) # get rid of blocked peeps none elsif account.id == target_account.id # author can see own stuff all diff --git a/spec/controllers/activitypub/collections_controller_spec.rb b/spec/controllers/activitypub/collections_controller_spec.rb index 34114cc85..56be49be3 100644 --- a/spec/controllers/activitypub/collections_controller_spec.rb +++ b/spec/controllers/activitypub/collections_controller_spec.rb @@ -3,21 +3,133 @@ require 'rails_helper' RSpec.describe ActivityPub::CollectionsController, type: :controller do - describe 'POST #show' do - let(:account) { Fabricate(:account) } + let!(:account) { Fabricate(:account) } + let(:remote_account) { nil } - context 'id is "featured"' do - it 'returns 200 with "application/activity+json"' do - post :show, params: { id: 'featured', account_username: account.username } + before do + allow(controller).to receive(:signed_request_account).and_return(remote_account) - expect(response).to have_http_status(200) - expect(response.content_type).to eq 'application/activity+json' + Fabricate(:status_pin, account: account) + Fabricate(:status_pin, account: account) + Fabricate(:status, account: account, visibility: :private) + end + + describe 'GET #show' do + context 'when id is "featured"' do + context 'without signature' do + let(:remote_account) { nil } + + before do + get :show, params: { id: 'featured', account_username: account.username } + end + + it 'returns http success' do + expect(response).to have_http_status(200) + end + + it 'returns application/activity+json' do + expect(response.content_type).to eq 'application/activity+json' + end + + it 'returns public Cache-Control header' do + expect(response.headers['Cache-Control']).to include 'public' + end + + it 'returns orderedItems with pinned statuses' do + json = body_as_json + expect(json[:orderedItems]).to be_an Array + expect(json[:orderedItems].size).to eq 2 + end + end + + context 'with signature' do + let(:remote_account) { Fabricate(:account, domain: 'example.com') } + + context do + before do + get :show, params: { id: 'featured', account_username: account.username } + end + + it 'returns http success' do + expect(response).to have_http_status(200) + end + + it 'returns application/activity+json' do + expect(response.content_type).to eq 'application/activity+json' + end + + it 'returns public Cache-Control header' do + expect(response.headers['Cache-Control']).to include 'public' + end + + it 'returns orderedItems with pinned statuses' do + json = body_as_json + expect(json[:orderedItems]).to be_an Array + expect(json[:orderedItems].size).to eq 2 + end + end + + context 'in authorized fetch mode' do + before do + allow(controller).to receive(:authorized_fetch_mode?).and_return(true) + end + + context 'when signed request account is blocked' do + before do + account.block!(remote_account) + get :show, params: { id: 'featured', account_username: account.username } + end + + it 'returns http success' do + expect(response).to have_http_status(200) + end + + it 'returns application/activity+json' do + expect(response.content_type).to eq 'application/activity+json' + end + + it 'returns private Cache-Control header' do + expect(response.headers['Cache-Control']).to include 'private' + end + + it 'returns empty orderedItems' do + json = body_as_json + expect(json[:orderedItems]).to be_an Array + expect(json[:orderedItems].size).to eq 0 + end + end + + context 'when signed request account is domain blocked' do + before do + account.block_domain!(remote_account.domain) + get :show, params: { id: 'featured', account_username: account.username } + end + + it 'returns http success' do + expect(response).to have_http_status(200) + end + + it 'returns application/activity+json' do + expect(response.content_type).to eq 'application/activity+json' + end + + it 'returns private Cache-Control header' do + expect(response.headers['Cache-Control']).to include 'private' + end + + it 'returns empty orderedItems' do + json = body_as_json + expect(json[:orderedItems]).to be_an Array + expect(json[:orderedItems].size).to eq 0 + end + end + end end end - context 'id is not "featured"' do - it 'returns 404' do - post :show, params: { id: 'hoge', account_username: account.username } + context 'when id is not "featured"' do + it 'returns http not found' do + get :show, params: { id: 'hoge', account_username: account.username } expect(response).to have_http_status(404) end end diff --git a/spec/controllers/activitypub/inboxes_controller_spec.rb b/spec/controllers/activitypub/inboxes_controller_spec.rb index a9ee75490..f3bc23953 100644 --- a/spec/controllers/activitypub/inboxes_controller_spec.rb +++ b/spec/controllers/activitypub/inboxes_controller_spec.rb @@ -3,25 +3,31 @@ require 'rails_helper' RSpec.describe ActivityPub::InboxesController, type: :controller do + let(:remote_account) { nil } + + before do + allow(controller).to receive(:signed_request_account).and_return(remote_account) + end + describe 'POST #create' do - context 'with signed_request_account' do - it 'returns 202' do - allow(controller).to receive(:signed_request_account) do - Fabricate(:account) - end + context 'with signature' do + let(:remote_account) { Fabricate(:account, domain: 'example.com', protocol: :activitypub) } + before do post :create, body: '{}' + end + + it 'returns http accepted' do expect(response).to have_http_status(202) end end - context 'without signed_request_account' do - it 'returns 401' do - allow(controller).to receive(:signed_request_account) do - false - end - + context 'without signature' do + before do post :create, body: '{}' + end + + it 'returns http not authorized' do expect(response).to have_http_status(401) end end diff --git a/spec/controllers/activitypub/outboxes_controller_spec.rb b/spec/controllers/activitypub/outboxes_controller_spec.rb index 47460b22c..03490533d 100644 --- a/spec/controllers/activitypub/outboxes_controller_spec.rb +++ b/spec/controllers/activitypub/outboxes_controller_spec.rb @@ -4,20 +4,174 @@ RSpec.describe ActivityPub::OutboxesController, type: :controller do let!(:account) { Fabricate(:account) } before do - Fabricate(:status, account: account) + Fabricate(:status, account: account, visibility: :public) + Fabricate(:status, account: account, visibility: :unlisted) + Fabricate(:status, account: account, visibility: :private) + Fabricate(:status, account: account, visibility: :direct) + Fabricate(:status, account: account, visibility: :limited) + end + + before do + allow(controller).to receive(:signed_request_account).and_return(remote_account) end describe 'GET #show' do - before do - get :show, params: { account_username: account.username } - end + context 'without signature' do + let(:remote_account) { nil } + + before do + get :show, params: { account_username: account.username, page: page } + end + + context 'with page not requested' do + let(:page) { nil } + + it 'returns http success' do + expect(response).to have_http_status(200) + end + + it 'returns application/activity+json' do + expect(response.content_type).to eq 'application/activity+json' + end + + it 'returns totalItems' do + json = body_as_json + expect(json[:totalItems]).to eq 4 + end - it 'returns http success' do - expect(response).to have_http_status(200) + it 'returns public Cache-Control header' do + expect(response.headers['Cache-Control']).to include 'public' + end + end + + context 'with page requested' do + let(:page) { 'true' } + + it 'returns http success' do + expect(response).to have_http_status(200) + end + + it 'returns application/activity+json' do + expect(response.content_type).to eq 'application/activity+json' + end + + it 'returns orderedItems with public or unlisted statuses' do + json = body_as_json + expect(json[:orderedItems]).to be_an Array + expect(json[:orderedItems].size).to eq 2 + expect(json[:orderedItems].all? { |item| item[:to].include?(ActivityPub::TagManager::COLLECTIONS[:public]) || item[:cc].include?(ActivityPub::TagManager::COLLECTIONS[:public]) }).to be true + end + + it 'returns public Cache-Control header' do + expect(response.headers['Cache-Control']).to include 'public' + end + end end - it 'returns application/activity+json' do - expect(response.content_type).to eq 'application/activity+json' + context 'with signature' do + let(:remote_account) { Fabricate(:account, domain: 'example.com') } + let(:page) { 'true' } + + context 'when signed request account does not follow account' do + before do + get :show, params: { account_username: account.username, page: page } + end + + it 'returns http success' do + expect(response).to have_http_status(200) + end + + it 'returns application/activity+json' do + expect(response.content_type).to eq 'application/activity+json' + end + + it 'returns orderedItems with public or unlisted statuses' do + json = body_as_json + expect(json[:orderedItems]).to be_an Array + expect(json[:orderedItems].size).to eq 2 + expect(json[:orderedItems].all? { |item| item[:to].include?(ActivityPub::TagManager::COLLECTIONS[:public]) || item[:cc].include?(ActivityPub::TagManager::COLLECTIONS[:public]) }).to be true + end + + it 'returns private Cache-Control header' do + expect(response.headers['Cache-Control']).to eq 'max-age=0, private' + end + end + + context 'when signed request account follows account' do + before do + remote_account.follow!(account) + get :show, params: { account_username: account.username, page: page } + end + + it 'returns http success' do + expect(response).to have_http_status(200) + end + + it 'returns application/activity+json' do + expect(response.content_type).to eq 'application/activity+json' + end + + it 'returns orderedItems with private statuses' do + json = body_as_json + expect(json[:orderedItems]).to be_an Array + expect(json[:orderedItems].size).to eq 3 + expect(json[:orderedItems].all? { |item| item[:to].include?(ActivityPub::TagManager::COLLECTIONS[:public]) || item[:cc].include?(ActivityPub::TagManager::COLLECTIONS[:public]) || item[:to].include?(account_followers_url(account, ActionMailer::Base.default_url_options)) }).to be true + end + + it 'returns private Cache-Control header' do + expect(response.headers['Cache-Control']).to eq 'max-age=0, private' + end + end + + context 'when signed request account is blocked' do + before do + account.block!(remote_account) + get :show, params: { account_username: account.username, page: page } + end + + it 'returns http success' do + expect(response).to have_http_status(200) + end + + it 'returns application/activity+json' do + expect(response.content_type).to eq 'application/activity+json' + end + + it 'returns empty orderedItems' do + json = body_as_json + expect(json[:orderedItems]).to be_an Array + expect(json[:orderedItems].size).to eq 0 + end + + it 'returns private Cache-Control header' do + expect(response.headers['Cache-Control']).to eq 'max-age=0, private' + end + end + + context 'when signed request account is domain blocked' do + before do + account.block_domain!(remote_account.domain) + get :show, params: { account_username: account.username, page: page } + end + + it 'returns http success' do + expect(response).to have_http_status(200) + end + + it 'returns application/activity+json' do + expect(response.content_type).to eq 'application/activity+json' + end + + it 'returns empty orderedItems' do + json = body_as_json + expect(json[:orderedItems]).to be_an Array + expect(json[:orderedItems].size).to eq 0 + end + + it 'returns private Cache-Control header' do + expect(response.headers['Cache-Control']).to eq 'max-age=0, private' + end + end end end end diff --git a/spec/controllers/activitypub/replies_controller_spec.rb b/spec/controllers/activitypub/replies_controller_spec.rb new file mode 100644 index 000000000..a5ed14180 --- /dev/null +++ b/spec/controllers/activitypub/replies_controller_spec.rb @@ -0,0 +1,196 @@ +# frozen_string_literal: true + +require 'rails_helper' + +RSpec.describe ActivityPub::RepliesController, type: :controller do + let(:status) { Fabricate(:status, visibility: parent_visibility) } + let(:remote_account) { nil } + + before do + allow(controller).to receive(:signed_request_account).and_return(remote_account) + + Fabricate(:status, thread: status, visibility: :public) + Fabricate(:status, thread: status, visibility: :public) + Fabricate(:status, thread: status, visibility: :private) + Fabricate(:status, account: status.account, thread: status, visibility: :public) + Fabricate(:status, account: status.account, thread: status, visibility: :private) + end + + describe 'GET #index' do + context 'with no signature' do + before do + get :index, params: { account_username: status.account.username, status_id: status.id } + end + + context 'when status is public' do + let(:parent_visibility) { :public } + + it 'returns http success' do + expect(response).to have_http_status(200) + end + + it 'returns application/activity+json' do + expect(response.content_type).to eq 'application/activity+json' + end + + it 'returns public Cache-Control header' do + expect(response.headers['Cache-Control']).to include 'public' + end + + it 'returns items with account\'s own replies' do + json = body_as_json + + expect(json[:first]).to be_a Hash + expect(json[:first][:items]).to be_an Array + expect(json[:first][:items].size).to eq 1 + expect(json[:first][:items].all? { |item| item[:to].include?(ActivityPub::TagManager::COLLECTIONS[:public]) || item[:cc].include?(ActivityPub::TagManager::COLLECTIONS[:public]) }).to be true + end + end + + context 'when status is private' do + let(:parent_visibility) { :private } + + it 'returns http not found' do + expect(response).to have_http_status(404) + end + end + + context 'when status is direct' do + let(:parent_visibility) { :direct } + + it 'returns http not found' do + expect(response).to have_http_status(404) + end + end + end + + context 'with signature' do + let(:remote_account) { Fabricate(:account, domain: 'example.com') } + let(:only_other_accounts) { nil } + + context do + before do + get :index, params: { account_username: status.account.username, status_id: status.id, only_other_accounts: only_other_accounts } + end + + context 'when status is public' do + let(:parent_visibility) { :public } + + it 'returns http success' do + expect(response).to have_http_status(200) + end + + it 'returns application/activity+json' do + expect(response.content_type).to eq 'application/activity+json' + end + + it 'returns public Cache-Control header' do + expect(response.headers['Cache-Control']).to include 'public' + end + + context 'without only_other_accounts' do + it 'returns items with account\'s own replies' do + json = body_as_json + + expect(json[:first]).to be_a Hash + expect(json[:first][:items]).to be_an Array + expect(json[:first][:items].size).to eq 1 + expect(json[:first][:items].all? { |item| item[:to].include?(ActivityPub::TagManager::COLLECTIONS[:public]) || item[:cc].include?(ActivityPub::TagManager::COLLECTIONS[:public]) }).to be true + end + end + + context 'with only_other_accounts' do + let(:only_other_accounts) { 'true' } + + it 'returns items with other public or unlisted replies' do + json = body_as_json + + expect(json[:first]).to be_a Hash + expect(json[:first][:items]).to be_an Array + expect(json[:first][:items].size).to eq 2 + expect(json[:first][:items].all? { |item| item[:to].include?(ActivityPub::TagManager::COLLECTIONS[:public]) || item[:cc].include?(ActivityPub::TagManager::COLLECTIONS[:public]) }).to be true + end + end + end + + context 'when status is private' do + let(:parent_visibility) { :private } + + it 'returns http not found' do + expect(response).to have_http_status(404) + end + end + + context 'when status is direct' do + let(:parent_visibility) { :direct } + + it 'returns http not found' do + expect(response).to have_http_status(404) + end + end + end + + context 'when signed request account is blocked' do + before do + status.account.block!(remote_account) + get :index, params: { account_username: status.account.username, status_id: status.id } + end + + context 'when status is public' do + let(:parent_visibility) { :public } + + it 'returns http not found' do + expect(response).to have_http_status(404) + end + end + + context 'when status is private' do + let(:parent_visibility) { :private } + + it 'returns http not found' do + expect(response).to have_http_status(404) + end + end + + context 'when status is direct' do + let(:parent_visibility) { :direct } + + it 'returns http not found' do + expect(response).to have_http_status(404) + end + end + end + + context 'when signed request account is domain blocked' do + before do + status.account.block_domain!(remote_account.domain) + get :index, params: { account_username: status.account.username, status_id: status.id } + end + + context 'when status is public' do + let(:parent_visibility) { :public } + + it 'returns http not found' do + expect(response).to have_http_status(404) + end + end + + context 'when status is private' do + let(:parent_visibility) { :private } + + it 'returns http not found' do + expect(response).to have_http_status(404) + end + end + + context 'when status is direct' do + let(:parent_visibility) { :direct } + + it 'returns http not found' do + expect(response).to have_http_status(404) + end + end + end + end + end +end diff --git a/spec/controllers/statuses_controller_spec.rb b/spec/controllers/statuses_controller_spec.rb index 6905dae10..ba1f1370a 100644 --- a/spec/controllers/statuses_controller_spec.rb +++ b/spec/controllers/statuses_controller_spec.rb @@ -5,128 +5,821 @@ require 'rails_helper' describe StatusesController do render_views - describe '#show' do - context 'account is suspended' do - it 'returns gone' do - account = Fabricate(:account, suspended: true) - status = Fabricate(:status, account: account) + describe 'GET #show' do + let(:account) { Fabricate(:account) } + let(:status) { Fabricate(:status, account: account) } + context 'when account is suspended' do + let(:account) { Fabricate(:account, suspended: true) } + + before do get :show, params: { account_username: account.username, id: status.id } + end + it 'returns http gone' do expect(response).to have_http_status(410) end end - context 'status is not permitted' do - it 'raises ActiveRecord::RecordNotFound' do - user = Fabricate(:user) - status = Fabricate(:status) - status.account.block!(user.account) + context 'when status is a reblog' do + let(:original_account) { Fabricate(:account, domain: 'example.com') } + let(:original_status) { Fabricate(:status, account: original_account, url: 'https://example.com/123') } + let(:status) { Fabricate(:status, account: account, reblog: original_status) } - sign_in(user) + before do get :show, params: { account_username: status.account.username, id: status.id } + end - expect(response).to have_http_status(404) + it 'redirects to the original status' do + expect(response).to redirect_to(original_status.url) end end - context 'status is a reblog' do - it 'redirects to the original status' do - original_account = Fabricate(:account, domain: 'example.com') - original_status = Fabricate(:status, account: original_account, uri: 'tag:example.com,2017:foo', url: 'https://example.com/123') - status = Fabricate(:status, reblog: original_status) + context 'when status is public' do + before do + get :show, params: { account_username: status.account.username, id: status.id, format: format } + end - get :show, params: { account_username: status.account.username, id: status.id } + context 'as HTML' do + let(:format) { 'html' } - expect(response).to redirect_to(original_status.url) + it 'returns http success' do + expect(response).to have_http_status(200) + end + + it 'returns Link header' do + expect(response.headers['Link'].to_s).to include 'activity+json' + end + + it 'returns Vary header' do + expect(response.headers['Vary']).to eq 'Accept' + end + + it 'returns public Cache-Control header' do + expect(response.headers['Cache-Control']).to include 'public' + end + + it 'renders status' do + expect(response).to render_template(:show) + expect(response.body).to include status.text + end + end + + context 'as JSON' do + let(:format) { 'json' } + + it 'returns http success' do + expect(response).to have_http_status(200) + end + + it 'returns Link header' do + expect(response.headers['Link'].to_s).to include 'activity+json' + end + + it 'returns Vary header' do + expect(response.headers['Vary']).to eq 'Accept' + end + + it 'returns public Cache-Control header' do + expect(response.headers['Cache-Control']).to include 'public' + end + + it 'returns Content-Type header' do + expect(response.headers['Content-Type']).to include 'application/activity+json' + end + + it 'renders ActivityPub Note object' do + json = body_as_json + expect(json[:content]).to include status.text + end end end - context 'account is not suspended and status is permitted' do - it 'assigns @account' do - status = Fabricate(:status) - get :show, params: { account_username: status.account.username, id: status.id } - expect(assigns(:account)).to eq status.account + context 'when status is private' do + let(:status) { Fabricate(:status, account: account, visibility: :private) } + + before do + get :show, params: { account_username: status.account.username, id: status.id, format: format } end - it 'assigns @status' do - status = Fabricate(:status) - get :show, params: { account_username: status.account.username, id: status.id } - expect(assigns(:status)).to eq status + context 'as JSON' do + let(:format) { 'json' } + + it 'returns http not found' do + expect(response).to have_http_status(404) + end end - it 'assigns @ancestors for ancestors of the status if it is a reply' do - ancestor = Fabricate(:status) - status = Fabricate(:status, in_reply_to_id: ancestor.id) + context 'as HTML' do + let(:format) { 'html' } - get :show, params: { account_username: status.account.username, id: status.id } + it 'returns http not found' do + expect(response).to have_http_status(404) + end + end + end + + context 'when status is direct' do + let(:status) { Fabricate(:status, account: account, visibility: :direct) } - expect(assigns(:ancestors)).to eq [ancestor] + before do + get :show, params: { account_username: status.account.username, id: status.id, format: format } end - it 'assigns @ancestors for [] if it is not a reply' do - status = Fabricate(:status) - get :show, params: { account_username: status.account.username, id: status.id } - expect(assigns(:ancestors)).to eq [] + context 'as JSON' do + let(:format) { 'json' } + + it 'returns http not found' do + expect(response).to have_http_status(404) + end end - it 'assigns @descendant_threads for a thread with several statuses' do - status = Fabricate(:status) - child = Fabricate(:status, in_reply_to_id: status.id) - grandchild = Fabricate(:status, in_reply_to_id: child.id) + context 'as HTML' do + let(:format) { 'html' } - get :show, params: { account_username: status.account.username, id: status.id } + it 'returns http not found' do + expect(response).to have_http_status(404) + end + end + end + + context 'when signed-in' do + let(:user) { Fabricate(:user) } - expect(assigns(:descendant_threads)[0][:statuses].pluck(:id)).to eq [child.id, grandchild.id] + before do + sign_in(user) end - it 'assigns @descendant_threads for several threads sharing the same descendant' do - status = Fabricate(:status) - child = Fabricate(:status, in_reply_to_id: status.id) - grandchildren = 2.times.map { Fabricate(:status, in_reply_to_id: child.id) } + context 'when account blocks user' do + before do + account.block!(user.account) + get :show, params: { account_username: status.account.username, id: status.id } + end - get :show, params: { account_username: status.account.username, id: status.id } + it 'returns http not found' do + expect(response).to have_http_status(404) + end + end + + context 'when status is public' do + before do + get :show, params: { account_username: status.account.username, id: status.id, format: format } + end + + context 'as HTML' do + let(:format) { 'html' } + + it 'returns http success' do + expect(response).to have_http_status(200) + end + + it 'returns Link header' do + expect(response.headers['Link'].to_s).to include 'activity+json' + end - expect(assigns(:descendant_threads)[0][:statuses].pluck(:id)).to eq [child.id, grandchildren[0].id] - expect(assigns(:descendant_threads)[1][:statuses].pluck(:id)).to eq [grandchildren[1].id] + it 'returns Vary header' do + expect(response.headers['Vary']).to eq 'Accept' + end + + it 'returns no Cache-Control header' do + expect(response.headers).to_not include 'Cache-Control' + end + + it 'renders status' do + expect(response).to render_template(:show) + expect(response.body).to include status.text + end + end + + context 'as JSON' do + let(:format) { 'json' } + + it 'returns http success' do + expect(response).to have_http_status(200) + end + + it 'returns Link header' do + expect(response.headers['Link'].to_s).to include 'activity+json' + end + + it 'returns Vary header' do + expect(response.headers['Vary']).to eq 'Accept' + end + + it 'returns public Cache-Control header' do + expect(response.headers['Cache-Control']).to include 'public' + end + + it 'returns Content-Type header' do + expect(response.headers['Content-Type']).to include 'application/activity+json' + end + + it 'renders ActivityPub Note object' do + json = body_as_json + expect(json[:content]).to include status.text + end + end end - it 'assigns @max_descendant_thread_id for the last thread if it is hitting the status limit' do - stub_const 'StatusControllerConcern::DESCENDANTS_LIMIT', 1 - status = Fabricate(:status) - child = Fabricate(:status, in_reply_to_id: status.id) + context 'when status is private' do + let(:status) { Fabricate(:status, account: account, visibility: :private) } - get :show, params: { account_username: status.account.username, id: status.id } + context 'when user is authorized to see it' do + before do + user.account.follow!(account) + get :show, params: { account_username: status.account.username, id: status.id, format: format } + end + + context 'as HTML' do + let(:format) { 'html' } + + it 'returns http success' do + expect(response).to have_http_status(200) + end + + it 'returns Link header' do + expect(response.headers['Link'].to_s).to include 'activity+json' + end + + it 'returns Vary header' do + expect(response.headers['Vary']).to eq 'Accept' + end - expect(assigns(:descendant_threads)).to eq [] - expect(assigns(:max_descendant_thread_id)).to eq child.id + it 'returns no Cache-Control header' do + expect(response.headers).to_not include 'Cache-Control' + end + + it 'renders status' do + expect(response).to render_template(:show) + expect(response.body).to include status.text + end + end + + context 'as JSON' do + let(:format) { 'json' } + + it 'returns http success' do + expect(response).to have_http_status(200) + end + + it 'returns Link header' do + expect(response.headers['Link'].to_s).to include 'activity+json' + end + + it 'returns Vary header' do + expect(response.headers['Vary']).to eq 'Accept' + end + + it 'returns private Cache-Control header' do + expect(response.headers['Cache-Control']).to include 'private' + end + + it 'returns Content-Type header' do + expect(response.headers['Content-Type']).to include 'application/activity+json' + end + + it 'renders ActivityPub Note object' do + json = body_as_json + expect(json[:content]).to include status.text + end + end + end + + context 'when user is not authorized to see it' do + before do + get :show, params: { account_username: status.account.username, id: status.id, format: format } + end + + context 'as JSON' do + let(:format) { 'json' } + + it 'returns http not found' do + expect(response).to have_http_status(404) + end + end + + context 'as HTML' do + let(:format) { 'html' } + + it 'returns http not found' do + expect(response).to have_http_status(404) + end + end + end end - it 'assigns @descendant_threads for threads with :next_status key if they are hitting the depth limit' do - stub_const 'StatusControllerConcern::DESCENDANTS_DEPTH_LIMIT', 2 - status = Fabricate(:status) - child0 = Fabricate(:status, in_reply_to_id: status.id) - child1 = Fabricate(:status, in_reply_to_id: child0.id) - child2 = Fabricate(:status, in_reply_to_id: child0.id) + context 'when status is direct' do + let(:status) { Fabricate(:status, account: account, visibility: :direct) } - get :show, params: { account_username: status.account.username, id: status.id } + context 'when user is authorized to see it' do + before do + Fabricate(:mention, account: user.account, status: status) + get :show, params: { account_username: status.account.username, id: status.id, format: format } + end + + context 'as HTML' do + let(:format) { 'html' } + + it 'returns http success' do + expect(response).to have_http_status(200) + end + + it 'returns Link header' do + expect(response.headers['Link'].to_s).to include 'activity+json' + end + + it 'returns Vary header' do + expect(response.headers['Vary']).to eq 'Accept' + end + + it 'returns no Cache-Control header' do + expect(response.headers).to_not include 'Cache-Control' + end + + it 'renders status' do + expect(response).to render_template(:show) + expect(response.body).to include status.text + end + end + + context 'as JSON' do + let(:format) { 'json' } + + it 'returns http success' do + expect(response).to have_http_status(200) + end + + it 'returns Link header' do + expect(response.headers['Link'].to_s).to include 'activity+json' + end + + it 'returns Vary header' do + expect(response.headers['Vary']).to eq 'Accept' + end + + it 'returns private Cache-Control header' do + expect(response.headers['Cache-Control']).to include 'private' + end + + it 'returns Content-Type header' do + expect(response.headers['Content-Type']).to include 'application/activity+json' + end + + it 'renders ActivityPub Note object' do + json = body_as_json + expect(json[:content]).to include status.text + end + end + end + + context 'when user is not authorized to see it' do + before do + get :show, params: { account_username: status.account.username, id: status.id, format: format } + end + + context 'as JSON' do + let(:format) { 'json' } - expect(assigns(:descendant_threads)[0][:statuses].pluck(:id)).not_to include child1.id - expect(assigns(:descendant_threads)[1][:statuses].pluck(:id)).not_to include child2.id - expect(assigns(:descendant_threads)[0][:next_status].id).to eq child1.id - expect(assigns(:descendant_threads)[1][:next_status].id).to eq child2.id + it 'returns http not found' do + expect(response).to have_http_status(404) + end + end + + context 'as HTML' do + let(:format) { 'html' } + + it 'returns http not found' do + expect(response).to have_http_status(404) + end + end + end end + end - it 'returns a success' do - status = Fabricate(:status) - get :show, params: { account_username: status.account.username, id: status.id } + context 'with signature' do + let(:remote_account) { Fabricate(:account, domain: 'example.com') } + + before do + allow(controller).to receive(:signed_request_account).and_return(remote_account) + end + + context 'when account blocks account' do + before do + account.block!(remote_account) + get :show, params: { account_username: status.account.username, id: status.id } + end + + it 'returns http not found' do + expect(response).to have_http_status(404) + end + end + + context 'when account domain blocks account' do + before do + account.block_domain!(remote_account.domain) + get :show, params: { account_username: status.account.username, id: status.id } + end + + it 'returns http not found' do + expect(response).to have_http_status(404) + end + end + + context 'when status is public' do + before do + get :show, params: { account_username: status.account.username, id: status.id, format: format } + end + + context 'as HTML' do + let(:format) { 'html' } + + it 'returns http success' do + expect(response).to have_http_status(200) + end + + it 'returns Link header' do + expect(response.headers['Link'].to_s).to include 'activity+json' + end + + it 'returns Vary header' do + expect(response.headers['Vary']).to eq 'Accept' + end + + it 'returns no Cache-Control header' do + expect(response.headers).to_not include 'Cache-Control' + end + + it 'renders status' do + expect(response).to render_template(:show) + expect(response.body).to include status.text + end + end + + context 'as JSON' do + let(:format) { 'json' } + + it 'returns http success' do + expect(response).to have_http_status(200) + end + + it 'returns Link header' do + expect(response.headers['Link'].to_s).to include 'activity+json' + end + + it 'returns Vary header' do + expect(response.headers['Vary']).to eq 'Accept' + end + + it 'returns public Cache-Control header' do + expect(response.headers['Cache-Control']).to include 'public' + end + + it 'returns Content-Type header' do + expect(response.headers['Content-Type']).to include 'application/activity+json' + end + + it 'renders ActivityPub Note object' do + json = body_as_json + expect(json[:content]).to include status.text + end + end + end + + context 'when status is private' do + let(:status) { Fabricate(:status, account: account, visibility: :private) } + + context 'when user is authorized to see it' do + before do + remote_account.follow!(account) + get :show, params: { account_username: status.account.username, id: status.id, format: format } + end + + context 'as HTML' do + let(:format) { 'html' } + + it 'returns http success' do + expect(response).to have_http_status(200) + end + + it 'returns Link header' do + expect(response.headers['Link'].to_s).to include 'activity+json' + end + + it 'returns Vary header' do + expect(response.headers['Vary']).to eq 'Accept' + end + + it 'returns no Cache-Control header' do + expect(response.headers).to_not include 'Cache-Control' + end + + it 'renders status' do + expect(response).to render_template(:show) + expect(response.body).to include status.text + end + end + + context 'as JSON' do + let(:format) { 'json' } + + it 'returns http success' do + expect(response).to have_http_status(200) + end + + it 'returns Link header' do + expect(response.headers['Link'].to_s).to include 'activity+json' + end + + it 'returns Vary header' do + expect(response.headers['Vary']).to eq 'Accept' + end + + it 'returns private Cache-Control header' do + expect(response.headers['Cache-Control']).to include 'private' + end + + it 'returns Content-Type header' do + expect(response.headers['Content-Type']).to include 'application/activity+json' + end + + it 'renders ActivityPub Note object' do + json = body_as_json + expect(json[:content]).to include status.text + end + end + end + + context 'when user is not authorized to see it' do + before do + get :show, params: { account_username: status.account.username, id: status.id, format: format } + end + + context 'as JSON' do + let(:format) { 'json' } + + it 'returns http not found' do + expect(response).to have_http_status(404) + end + end + + context 'as HTML' do + let(:format) { 'html' } + + it 'returns http not found' do + expect(response).to have_http_status(404) + end + end + end + end + + context 'when status is direct' do + let(:status) { Fabricate(:status, account: account, visibility: :direct) } + + context 'when user is authorized to see it' do + before do + Fabricate(:mention, account: remote_account, status: status) + get :show, params: { account_username: status.account.username, id: status.id, format: format } + end + + context 'as HTML' do + let(:format) { 'html' } + + it 'returns http success' do + expect(response).to have_http_status(200) + end + + it 'returns Link header' do + expect(response.headers['Link'].to_s).to include 'activity+json' + end + + it 'returns Vary header' do + expect(response.headers['Vary']).to eq 'Accept' + end + + it 'returns no Cache-Control header' do + expect(response.headers).to_not include 'Cache-Control' + end + + it 'renders status' do + expect(response).to render_template(:show) + expect(response.body).to include status.text + end + end + + context 'as JSON' do + let(:format) { 'json' } + + it 'returns http success' do + expect(response).to have_http_status(200) + end + + it 'returns Link header' do + expect(response.headers['Link'].to_s).to include 'activity+json' + end + + it 'returns Vary header' do + expect(response.headers['Vary']).to eq 'Accept' + end + + it 'returns private Cache-Control header' do + expect(response.headers['Cache-Control']).to include 'private' + end + + it 'returns Content-Type header' do + expect(response.headers['Content-Type']).to include 'application/activity+json' + end + + it 'renders ActivityPub Note object' do + json = body_as_json + expect(json[:content]).to include status.text + end + end + end + + context 'when user is not authorized to see it' do + before do + get :show, params: { account_username: status.account.username, id: status.id, format: format } + end + + context 'as JSON' do + let(:format) { 'json' } + + it 'returns http not found' do + expect(response).to have_http_status(404) + end + end + + context 'as HTML' do + let(:format) { 'html' } + + it 'returns http not found' do + expect(response).to have_http_status(404) + end + end + end + end + end + end + + describe 'GET #activity' do + let(:account) { Fabricate(:account) } + let(:status) { Fabricate(:status, account: account) } + + context 'when account is suspended' do + let(:account) { Fabricate(:account, suspended: true) } + + before do + get :activity, params: { account_username: account.username, id: status.id } + end + + it 'returns http gone' do + expect(response).to have_http_status(410) + end + end + + context 'when status is public' do + pending + end + + context 'when status is private' do + pending + end + + context 'when status is direct' do + pending + end + + context 'when signed-in' do + context 'when status is public' do + pending + end + + context 'when status is private' do + context 'when user is authorized to see it' do + pending + end + + context 'when user is not authorized to see it' do + pending + end + end + + context 'when status is direct' do + context 'when user is authorized to see it' do + pending + end + + context 'when user is not authorized to see it' do + pending + end + end + end + + context 'with signature' do + context 'when status is public' do + pending + end + + context 'when status is private' do + context 'when user is authorized to see it' do + pending + end + + context 'when user is not authorized to see it' do + pending + end + end + + context 'when status is direct' do + context 'when user is authorized to see it' do + pending + end + + context 'when user is not authorized to see it' do + pending + end + end + end + end + + describe 'GET #embed' do + let(:account) { Fabricate(:account) } + let(:status) { Fabricate(:status, account: account) } + + context 'when account is suspended' do + let(:account) { Fabricate(:account, suspended: true) } + + before do + get :embed, params: { account_username: account.username, id: status.id } + end + + it 'returns http gone' do + expect(response).to have_http_status(410) + end + end + + context 'when status is a reblog' do + let(:original_account) { Fabricate(:account, domain: 'example.com') } + let(:original_status) { Fabricate(:status, account: original_account, url: 'https://example.com/123') } + let(:status) { Fabricate(:status, account: account, reblog: original_status) } + + before do + get :embed, params: { account_username: status.account.username, id: status.id } + end + + it 'returns http not found' do + expect(response).to have_http_status(404) + end + end + + context 'when status is public' do + before do + get :embed, params: { account_username: status.account.username, id: status.id } + end + + it 'returns http success' do expect(response).to have_http_status(200) end - it 'renders statuses/show' do - status = Fabricate(:status) - get :show, params: { account_username: status.account.username, id: status.id } - expect(response).to render_template 'statuses/show' + it 'returns Link header' do + expect(response.headers['Link'].to_s).to include 'activity+json' + end + + it 'returns Vary header' do + expect(response.headers['Vary']).to eq 'Accept' + end + + it 'returns public Cache-Control header' do + expect(response.headers['Cache-Control']).to include 'public' + end + + it 'renders status' do + expect(response).to render_template(:embed) + expect(response.body).to include status.text + end + end + + context 'when status is private' do + let(:status) { Fabricate(:status, account: account, visibility: :private) } + + before do + get :embed, params: { account_username: status.account.username, id: status.id } + end + + it 'returns http not found' do + expect(response).to have_http_status(404) + end + end + + context 'when status is direct' do + let(:status) { Fabricate(:status, account: account, visibility: :direct) } + + before do + get :embed, params: { account_username: status.account.username, id: status.id } + end + + it 'returns http not found' do + expect(response).to have_http_status(404) end end end diff --git a/spec/fabricators/status_pin_fabricator.rb b/spec/fabricators/status_pin_fabricator.rb index 6a9006c9f..f1f1c05f3 100644 --- a/spec/fabricators/status_pin_fabricator.rb +++ b/spec/fabricators/status_pin_fabricator.rb @@ -1,4 +1,4 @@ Fabricator(:status_pin) do account - status + status { |attrs| Fabricate(:status, account: attrs[:account], visibility: :public) } end -- cgit From e223fd8c6190661237ea43e7773e47513c48fd46 Mon Sep 17 00:00:00 2001 From: Yamagishi Kazutoshi Date: Mon, 4 May 2020 01:48:13 +0900 Subject: Revert "improve status title (#8596)" (#13591) This reverts commit 05756c9a14864655ae6777505a4ee5cfa9b0ee93. --- app/models/status.rb | 6 +----- spec/models/status_spec.rb | 12 ++++-------- 2 files changed, 5 insertions(+), 13 deletions(-) (limited to 'app') diff --git a/app/models/status.rb b/app/models/status.rb index 30f86e664..a938ff032 100644 --- a/app/models/status.rb +++ b/app/models/status.rb @@ -200,12 +200,8 @@ class Status < ApplicationRecord def title if destroyed? "#{account.acct} deleted status" - elsif reblog? - preview = sensitive ? '' : text.slice(0, 10).split("\n")[0] - "#{account.acct} shared #{reblog.account.acct}'s: #{preview}" else - preview = sensitive ? '' : text.slice(0, 20).split("\n")[0] - "#{account.acct}: #{preview}" + reblog? ? "#{account.acct} shared a status by #{reblog.account.acct}" : "New status by #{account.acct}" end end diff --git a/spec/models/status_spec.rb b/spec/models/status_spec.rb index b238691a8..51a10cd17 100644 --- a/spec/models/status_spec.rb +++ b/spec/models/status_spec.rb @@ -96,20 +96,16 @@ RSpec.describe Status, type: :model do context 'unless destroyed?' do context 'if reblog?' do - it 'returns "#{account.acct} shared #{reblog.account.acct}\'s: #{preview}"' do + it 'returns "#{account.acct} shared a status by #{reblog.account.acct}"' do reblog = subject.reblog = other - preview = subject.text.slice(0, 10).split("\n")[0] - expect(subject.title).to( - eq "#{account.acct} shared #{reblog.account.acct}'s: #{preview}" - ) + expect(subject.title).to eq "#{account.acct} shared a status by #{reblog.account.acct}" end end context 'unless reblog?' do - it 'returns "#{account.acct}: #{preview}"' do + it 'returns "New status by #{account.acct}"' do subject.reblog = nil - preview = subject.text.slice(0, 20).split("\n")[0] - expect(subject.title).to eq "#{account.acct}: #{preview}" + expect(subject.title).to eq "New status by #{account.acct}" end end end -- cgit From 502a0365df7b74ba7a430e79cbda8881e87c97d4 Mon Sep 17 00:00:00 2001 From: ThibG Date: Tue, 28 Apr 2020 09:44:17 +0200 Subject: [Glitch] Fix messed up z-index when NoScript blocks media/previews Port 04eb59986461bc802d4432fe4131e09eadd070c0 to glitch-soc Signed-off-by: Thibaut Girka --- app/javascript/flavours/glitch/styles/basics.scss | 12 ++++++++++++ 1 file changed, 12 insertions(+) (limited to 'app') diff --git a/app/javascript/flavours/glitch/styles/basics.scss b/app/javascript/flavours/glitch/styles/basics.scss index 77631097a..eb78b189d 100644 --- a/app/javascript/flavours/glitch/styles/basics.scss +++ b/app/javascript/flavours/glitch/styles/basics.scss @@ -150,3 +150,15 @@ button { height: 100%; } } + +// NoScript adds a __ns__pop2top class to the full ancestry of blocked elements, +// to set the z-index to a high value, which messes with modals and dropdowns. +// Blocked elements can in theory only be media and frames/embeds, so they +// should only appear in statuses, under divs and articles. +body, +div, +article { + .__ns__pop2top { + z-index: unset !important; + } +} -- cgit From 4a5f93c25f747e22fa97a17fb56e216c73ee60fa Mon Sep 17 00:00:00 2001 From: ThibG Date: Tue, 28 Apr 2020 09:53:42 +0200 Subject: [Glitch] Refactor/cleanup TIMELINE_DELETE-related code Port ad9c7aefe6618a70c69991b7daf100573a7e27b9 to glitch-soc Signed-off-by: Thibaut Girka --- app/javascript/flavours/glitch/actions/timelines.js | 2 +- app/javascript/flavours/glitch/reducers/statuses.js | 2 +- app/javascript/flavours/glitch/reducers/timelines.js | 10 +++++----- 3 files changed, 7 insertions(+), 7 deletions(-) (limited to 'app') diff --git a/app/javascript/flavours/glitch/actions/timelines.js b/app/javascript/flavours/glitch/actions/timelines.js index d9c75e063..50e36531e 100644 --- a/app/javascript/flavours/glitch/actions/timelines.js +++ b/app/javascript/flavours/glitch/actions/timelines.js @@ -55,7 +55,7 @@ export function updateTimeline(timeline, status, accept) { export function deleteFromTimelines(id) { return (dispatch, getState) => { const accountId = getState().getIn(['statuses', id, 'account']); - const references = getState().get('statuses').filter(status => status.get('reblog') === id).map(status => [status.get('id'), status.get('account')]); + const references = getState().get('statuses').filter(status => status.get('reblog') === id).map(status => status.get('id')); const reblogOf = getState().getIn(['statuses', id, 'reblog'], null); dispatch({ diff --git a/app/javascript/flavours/glitch/reducers/statuses.js b/app/javascript/flavours/glitch/reducers/statuses.js index 8926e49f1..5db766b96 100644 --- a/app/javascript/flavours/glitch/reducers/statuses.js +++ b/app/javascript/flavours/glitch/reducers/statuses.js @@ -24,7 +24,7 @@ const importStatuses = (state, statuses) => const deleteStatus = (state, id, references) => { references.forEach(ref => { - state = deleteStatus(state, ref[0], []); + state = deleteStatus(state, ref, []); }); return state.delete(id); diff --git a/app/javascript/flavours/glitch/reducers/timelines.js b/app/javascript/flavours/glitch/reducers/timelines.js index be7b2441b..882b48790 100644 --- a/app/javascript/flavours/glitch/reducers/timelines.js +++ b/app/javascript/flavours/glitch/reducers/timelines.js @@ -94,7 +94,7 @@ const updateTimeline = (state, timeline, status, usePendingItems, filtered) => { })); }; -const deleteStatus = (state, id, accountId, references, exclude_account = null) => { +const deleteStatus = (state, id, references, exclude_account = null) => { state.keySeq().forEach(timeline => { if (exclude_account === null || (timeline !== `account:${exclude_account}` && !timeline.startsWith(`account:${exclude_account}:`))) { const helper = list => list.filterNot(item => item === id); @@ -104,7 +104,7 @@ const deleteStatus = (state, id, accountId, references, exclude_account = null) // Remove reblogs of deleted status references.forEach(ref => { - state = deleteStatus(state, ref[0], ref[1], [], exclude_account); + state = deleteStatus(state, ref, [], exclude_account); }); return state; @@ -122,8 +122,8 @@ const filterTimelines = (state, relationship, statuses) => { return; } - references = statuses.filter(item => item.get('reblog') === status.get('id')).map(item => [item.get('id'), item.get('account')]); - state = deleteStatus(state, status.get('id'), status.get('account'), references, relationship.id); + references = statuses.filter(item => item.get('reblog') === status.get('id')).map(item => item.get('id')); + state = deleteStatus(state, status.get('id'), references, relationship.id); }); return state; @@ -155,7 +155,7 @@ export default function timelines(state = initialState, action) { case TIMELINE_UPDATE: return updateTimeline(state, action.timeline, fromJS(action.status), action.usePendingItems, action.filtered); case TIMELINE_DELETE: - return deleteStatus(state, action.id, action.accountId, action.references, action.reblogOf); + return deleteStatus(state, action.id, action.references, action.reblogOf); case TIMELINE_CLEAR: return clearTimeline(state, action.timeline); case ACCOUNT_BLOCK_SUCCESS: -- cgit From 9e5a2168782f24464353e24e497c1f174d9dc1d9 Mon Sep 17 00:00:00 2001 From: ThibG Date: Tue, 28 Apr 2020 10:16:55 +0200 Subject: [Glitch] Fix end-user-facing uses of inline CSS Port 0e362b7678e75cb71ce207fd45dd4dc0d955fdca to glitch-soc Signed-off-by: Thibaut Girka --- app/javascript/flavours/glitch/styles/about.scss | 5 ++++ app/javascript/flavours/glitch/styles/basics.scss | 4 +++ .../glitch/styles/components/accounts.scss | 12 +++++++++ app/javascript/flavours/glitch/styles/forms.scss | 21 +++++++++++++++ app/javascript/flavours/glitch/styles/polls.scss | 30 ++++++++++++++++++++++ .../flavours/glitch/styles/statuses.scss | 17 ++++++++++++ 6 files changed, 89 insertions(+) (limited to 'app') diff --git a/app/javascript/flavours/glitch/styles/about.scss b/app/javascript/flavours/glitch/styles/about.scss index a38ca99b4..f0a44aa94 100644 --- a/app/javascript/flavours/glitch/styles/about.scss +++ b/app/javascript/flavours/glitch/styles/about.scss @@ -760,8 +760,13 @@ $small-breakpoint: 960px; } } + &__counters__wrapper { + display: flex; + } + &__counter { padding: 10px; + width: 50%; strong { font-family: $font-display, sans-serif; diff --git a/app/javascript/flavours/glitch/styles/basics.scss b/app/javascript/flavours/glitch/styles/basics.scss index eb78b189d..9ff3f3bac 100644 --- a/app/javascript/flavours/glitch/styles/basics.scss +++ b/app/javascript/flavours/glitch/styles/basics.scss @@ -151,6 +151,10 @@ button { } } +.logo-resources { + display: none; +} + // NoScript adds a __ns__pop2top class to the full ancestry of blocked elements, // to set the z-index to a high value, which messes with modals and dropdowns. // Blocked elements can in theory only be media and frames/embeds, so they diff --git a/app/javascript/flavours/glitch/styles/components/accounts.scss b/app/javascript/flavours/glitch/styles/components/accounts.scss index 491ceb6ec..ccd620215 100644 --- a/app/javascript/flavours/glitch/styles/components/accounts.scss +++ b/app/javascript/flavours/glitch/styles/components/accounts.scss @@ -80,6 +80,12 @@ &-base { @include avatar-radius(); @include avatar-size(36px); + + img { + @include avatar-radius; + width: 100%; + height: 100%; + } } &-overlay { @@ -90,6 +96,12 @@ bottom: 0; right: 0; z-index: 1; + + img { + @include avatar-radius; + width: 100%; + height: 100%; + } } } diff --git a/app/javascript/flavours/glitch/styles/forms.scss b/app/javascript/flavours/glitch/styles/forms.scss index 396e87c6c..5de650f0a 100644 --- a/app/javascript/flavours/glitch/styles/forms.scss +++ b/app/javascript/flavours/glitch/styles/forms.scss @@ -133,6 +133,10 @@ code { } } + .otp-hint { + margin-bottom: 25px; + } + .card { margin-bottom: 15px; } @@ -276,6 +280,14 @@ code { margin-bottom: 25px; } } + + .fields-group.invited-by { + margin-bottom: 30px; + + .hint { + text-align: center; + } + } } .input.radio_buttons .radio label { @@ -626,6 +638,15 @@ code { @media screen and (max-width: 740px) and (min-width: 441px) { margin-top: 40px; } + + &.translation-prompt { + text-align: unset; + color: unset; + + a { + text-decoration: underline; + } + } } .form-footer { diff --git a/app/javascript/flavours/glitch/styles/polls.scss b/app/javascript/flavours/glitch/styles/polls.scss index 44338338f..5fc41ed9e 100644 --- a/app/javascript/flavours/glitch/styles/polls.scss +++ b/app/javascript/flavours/glitch/styles/polls.scss @@ -25,6 +25,36 @@ } } + progress { + border: 0; + display: block; + width: 100%; + height: 5px; + appearance: none; + background: transparent; + + &::-webkit-progress-bar { + background: transparent; + } + + // Those rules need to be entirely separate or they won't work, hence the + // duplication + &::-moz-progress-bar { + border-radius: 4px; + background: darken($ui-primary-color, 5%); + } + + &::-ms-fill { + border-radius: 4px; + background: darken($ui-primary-color, 5%); + } + + &::-webkit-progress-value { + border-radius: 4px; + background: darken($ui-primary-color, 5%); + } + } + &__option { position: relative; display: flex; diff --git a/app/javascript/flavours/glitch/styles/statuses.scss b/app/javascript/flavours/glitch/styles/statuses.scss index 22fa7b3fd..4122e121a 100644 --- a/app/javascript/flavours/glitch/styles/statuses.scss +++ b/app/javascript/flavours/glitch/styles/statuses.scss @@ -124,6 +124,16 @@ .embed, .public-layout { + .status__content[data-spoiler=folded] { + .e-content { + display: none; + } + + p:first-child { + margin-bottom: 0; + } + } + .detailed-status { padding: 15px; } @@ -162,6 +172,13 @@ .video-player { margin-top: 10px; } + + &__action-bar-button { + font-size: 18px; + width: 23.1429px; + height: 23.1429px; + line-height: 23.15px; + } } } -- cgit From 7ea8b07b93f7c495ff178f8befc18766499166e5 Mon Sep 17 00:00:00 2001 From: ThibG Date: Tue, 28 Apr 2020 13:19:39 +0200 Subject: [Glitch] Fix page incorrectly scrolling when bringing up dropdown menus Port 77ec0875ea998072f4bb709bfb9b15e80669eeef to glitch-soc Signed-off-by: Thibaut Girka --- app/javascript/flavours/glitch/components/dropdown_menu.js | 2 +- .../flavours/glitch/features/compose/components/dropdown_menu.js | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) (limited to 'app') diff --git a/app/javascript/flavours/glitch/components/dropdown_menu.js b/app/javascript/flavours/glitch/components/dropdown_menu.js index b3da4fc2f..60ed859a3 100644 --- a/app/javascript/flavours/glitch/components/dropdown_menu.js +++ b/app/javascript/flavours/glitch/components/dropdown_menu.js @@ -46,7 +46,7 @@ class DropdownMenu extends React.PureComponent { document.addEventListener('keydown', this.handleKeyDown, false); document.addEventListener('touchend', this.handleDocumentClick, listenerOptions); if (this.focusedItem && this.props.openedViaKeyboard) { - this.focusedItem.focus(); + this.focusedItem.focus({ preventScroll: true }); } this.setState({ mounted: true }); } diff --git a/app/javascript/flavours/glitch/features/compose/components/dropdown_menu.js b/app/javascript/flavours/glitch/features/compose/components/dropdown_menu.js index 84c040a86..bee06e64c 100644 --- a/app/javascript/flavours/glitch/features/compose/components/dropdown_menu.js +++ b/app/javascript/flavours/glitch/features/compose/components/dropdown_menu.js @@ -64,9 +64,9 @@ export default class ComposerOptionsDropdownContent extends React.PureComponent document.addEventListener('click', this.handleDocumentClick, false); document.addEventListener('touchend', this.handleDocumentClick, withPassive); if (this.focusedItem) { - this.focusedItem.focus(); + this.focusedItem.focus({ preventScroll: true }); } else { - this.node.firstChild.focus(); + this.node.firstChild.focus({ preventScroll: true }); } this.setState({ mounted: true }); } -- cgit From 89fcd68b7501f81a3e33f6b1abff6fc66f78e04b Mon Sep 17 00:00:00 2001 From: ThibG Date: Tue, 28 Apr 2020 19:39:16 +0200 Subject: [Glitch] Fix admin-facing uses of inline CSS Port b8ba977497a53740e66d8db9938382b724283b3a to glitch-soc Signed-off-by: Thibaut Girka --- app/javascript/flavours/glitch/styles/admin.scss | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) (limited to 'app') diff --git a/app/javascript/flavours/glitch/styles/admin.scss b/app/javascript/flavours/glitch/styles/admin.scss index 0d24da4dd..1c8f2271f 100644 --- a/app/javascript/flavours/glitch/styles/admin.scss +++ b/app/javascript/flavours/glitch/styles/admin.scss @@ -567,6 +567,18 @@ body, } } +.special-action-button, +.back-link { + text-align: right; + flex: 1 1 auto; +} + +.action-buttons { + display: flex; + overflow: hidden; + justify-content: space-between; +} + .spacer { flex: 1 1 auto; } @@ -904,3 +916,11 @@ a.name-tag, } } } + +.account-badges { + margin: -2px 0; +} + +.dashboard__counters.admin-account-counters { + margin-top: 10px; +} -- cgit