From 3a84bacf8681669ea6149a153d6b419422eae259 Mon Sep 17 00:00:00 2001 From: ThibG Date: Mon, 3 Jun 2019 20:04:00 +0200 Subject: Handle blank poll options more gracefully (#10946) Pleroma currently allows (erroneously imho) empty poll options, that is, options with an empty (but existing) `name`. --- app/lib/activitypub/activity/create.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'app') diff --git a/app/lib/activitypub/activity/create.rb b/app/lib/activitypub/activity/create.rb index 2bc33c04b..f55dd35b2 100644 --- a/app/lib/activitypub/activity/create.rb +++ b/app/lib/activitypub/activity/create.rb @@ -234,7 +234,7 @@ class ActivityPub::Activity::Create < ActivityPub::Activity @account.polls.new( multiple: multiple, expires_at: expires_at, - options: items.map { |item| item['name'].presence || item['content'] }, + options: items.map { |item| item['name'].presence || item['content'] }.compact, cached_tallies: items.map { |item| item.dig('replies', 'totalItems') || 0 } ) end -- cgit From a1e96b2d8a3848794e8bdd9415bd13f64efb7207 Mon Sep 17 00:00:00 2001 From: Jeong Arm Date: Wed, 5 Jun 2019 01:00:09 +0900 Subject: Add missing Korean translations (#10962) And change some word. --- app/javascript/mastodon/locales/ko.json | 4 +++- config/locales/ko.yml | 1 + config/locales/simple_form.ko.yml | 2 ++ 3 files changed, 6 insertions(+), 1 deletion(-) (limited to 'app') diff --git a/app/javascript/mastodon/locales/ko.json b/app/javascript/mastodon/locales/ko.json index 9a49ce4aa..bd7b9764d 100644 --- a/app/javascript/mastodon/locales/ko.json +++ b/app/javascript/mastodon/locales/ko.json @@ -204,6 +204,7 @@ "keyboard_shortcuts.search": "검색창에 포커스", "keyboard_shortcuts.start": "\"시작하기\" 컬럼 열기", "keyboard_shortcuts.toggle_hidden": "CW로 가려진 텍스트를 표시/비표시", + "keyboard_shortcuts.toggle_sensitivity": "이미지 보이기/숨기기", "keyboard_shortcuts.toot": "새 툿 작성", "keyboard_shortcuts.unfocus": "작성창에서 포커스 해제", "keyboard_shortcuts.up": "리스트에서 위로 이동", @@ -236,6 +237,7 @@ "navigation_bar.favourites": "즐겨찾기", "navigation_bar.filters": "뮤트", "navigation_bar.follow_requests": "팔로우 요청", + "navigation_bar.follows_and_followers": "팔로우와 팔로워", "navigation_bar.info": "이 서버에 대해서", "navigation_bar.keyboard_shortcuts": "단축키", "navigation_bar.lists": "리스트", @@ -348,7 +350,7 @@ "status.show_less_all": "모두 접기", "status.show_more": "더 보기", "status.show_more_all": "모두 펼치기", - "status.show_thread": "스레드 보기", + "status.show_thread": "글타래 보기", "status.unmute_conversation": "이 대화의 뮤트 해제하기", "status.unpin": "고정 해제", "suggestions.dismiss": "추천 지우기", diff --git a/config/locales/ko.yml b/config/locales/ko.yml index 6334ad30b..820b8e515 100644 --- a/config/locales/ko.yml +++ b/config/locales/ko.yml @@ -269,6 +269,7 @@ ko: created_msg: 도메인 차단 처리를 완료했습니다 destroyed_msg: 도메인 차단이 해제되었습니다 domain: 도메인 + existing_domain_block_html: 이미 %{name}에 대한 더 강력한 제한이 걸려 있습니다, 차단 해제를 먼저 해야 합니다. new: create: 차단 추가 hint: 도메인 차단은 내부 데이터베이스에 계정이 생성되는 것까지는 막을 수 없지만, 그 도메인에서 생성된 계정에 자동적으로 특정한 모더레이션을 적용하게 할 수 있습니다. diff --git a/config/locales/simple_form.ko.yml b/config/locales/simple_form.ko.yml index 9c5fc413d..ccb7604e1 100644 --- a/config/locales/simple_form.ko.yml +++ b/config/locales/simple_form.ko.yml @@ -26,6 +26,7 @@ ko: password: 최소 8글자 phrase: 툿 내용이나 CW 내용 안에서 대소문자 구분 없이 매칭 됩니다 scopes: 애플리케이션에 허용할 API들입니다. 최상위 스코프를 선택하면 개별적인 것은 선택하지 않아도 됩니다. + setting_advanced_layout: 고급 UI는 여러 개의 커스텀 가능한 컬럼을 제공합니다. setting_aggregate_reblogs: 내가 부스트 했던 툿은 새로 부스트 되어도 보여주지 않습니다 setting_default_language: 작성한 툿의 언어는 자동으로 인식할 수 있지만, 언제나 정확한 건 아닙니다 setting_display_media_default: 민감함으로 설정 된 미디어 가리기 @@ -90,6 +91,7 @@ ko: otp_attempt: 2단계 인증 코드 password: 암호 phrase: 키워드 또는 문장 + setting_advanced_layout: 고급 웹 UI 활성화 setting_aggregate_reblogs: 타임라인의 부스트를 그룹화 setting_auto_play_gif: 애니메이션 GIF를 자동 재생 setting_boost_modal: 부스트 전 확인 창을 표시 -- cgit From 6077eca240d3dc8765380c99896d85ab6e9c4ea9 Mon Sep 17 00:00:00 2001 From: Eugen Rochko Date: Tue, 4 Jun 2019 19:50:38 +0200 Subject: Add profile directory link to single column navigation panel (#10963) --- app/javascript/mastodon/features/ui/components/navigation_panel.js | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'app') diff --git a/app/javascript/mastodon/features/ui/components/navigation_panel.js b/app/javascript/mastodon/features/ui/components/navigation_panel.js index 613be7391..1d783ba1b 100644 --- a/app/javascript/mastodon/features/ui/components/navigation_panel.js +++ b/app/javascript/mastodon/features/ui/components/navigation_panel.js @@ -22,7 +22,8 @@ const NavigationPanel = () => (
- + + ); -- cgit From 48fee1a800a262ce26171d724c15738d083eb6d6 Mon Sep 17 00:00:00 2001 From: Eugen Rochko Date: Tue, 4 Jun 2019 20:10:26 +0200 Subject: Fix poll API not requiring authentication on non-public polls (#10960) * Fix poll API not requiring authentication on non-public polls That API does not reveal the content of the status, i.e. the question itself, nor who the author is, nor which status it belongs to, but it does reveal the poll options and how many answers they got Fix #10959 * Add test --- app/controllers/api/v1/polls_controller.rb | 17 ++++++++++++++++- spec/controllers/api/v1/polls_controller_spec.rb | 18 +++++++++++++++--- 2 files changed, 31 insertions(+), 4 deletions(-) (limited to 'app') diff --git a/app/controllers/api/v1/polls_controller.rb b/app/controllers/api/v1/polls_controller.rb index 4f4a6858d..031e6d42d 100644 --- a/app/controllers/api/v1/polls_controller.rb +++ b/app/controllers/api/v1/polls_controller.rb @@ -1,13 +1,28 @@ # frozen_string_literal: true class Api::V1::PollsController < Api::BaseController + include Authorization + before_action -> { authorize_if_got_token! :read, :'read:statuses' }, only: :show + before_action :set_poll + before_action :refresh_poll respond_to :json def show + render json: @poll, serializer: REST::PollSerializer, include_results: true + end + + private + + def set_poll @poll = Poll.attached.find(params[:id]) + authorize @poll.status, :show? + rescue Mastodon::NotPermittedError + raise ActiveRecord::RecordNotFound + end + + def refresh_poll ActivityPub::FetchRemotePollService.new.call(@poll, current_account) if user_signed_in? && @poll.possibly_stale? - render json: @poll, serializer: REST::PollSerializer, include_results: true end end diff --git a/spec/controllers/api/v1/polls_controller_spec.rb b/spec/controllers/api/v1/polls_controller_spec.rb index 2b8d5f3ef..851bccb7e 100644 --- a/spec/controllers/api/v1/polls_controller_spec.rb +++ b/spec/controllers/api/v1/polls_controller_spec.rb @@ -10,14 +10,26 @@ RSpec.describe Api::V1::PollsController, type: :controller do before { allow(controller).to receive(:doorkeeper_token) { token } } describe 'GET #show' do - let(:poll) { Fabricate(:poll) } + let(:poll) { Fabricate(:poll, status: Fabricate(:status, visibility: visibility)) } before do get :show, params: { id: poll.id } end - it 'returns http success' do - expect(response).to have_http_status(200) + context 'when parent status is public' do + let(:visibility) { 'public' } + + it 'returns http success' do + expect(response).to have_http_status(200) + end + end + + context 'when parent status is private' do + let(:visibility) { 'private' } + + it 'returns http not found' do + expect(response).to have_http_status(404) + end end end end -- cgit