title: "%{instance} Condicions del servei i política de privadesa" themes: default: Mastodont diff --git a/config/locales/en.yml b/config/locales/en.yml index 945faa1e2..70af9530c 100644 --- a/config/locales/en.yml +++ b/config/locales/en.yml @@ -691,70 +691,79 @@ en: terms: body_html: |

Privacy Policy


What information do we collect?


We collect information from you when you register on our site and gather data when you participate in the forum by reading, writing, and evaluating the content shared here.

- -

When registering on our site, you may be asked to enter your name and e-mail address. You may, however, visit our site without registering. Your e-mail address will be verified by an email containing a unique link. If that link is visited, we know that you control the e-mail address.

+ -

When registered and posting, we record the IP address that the post originated from. We also may retain server logs which include the IP address of every request to our server.


What do we use your information for?


Any of the information we collect from you may be used in one of the following ways:


Any of the information we collect from you may be used in the following ways:


How do we protect your information?


We implement a variety of security measures to maintain the safety of your personal information when you enter, submit, or access your personal information.


We implement a variety of security measures to maintain the safety of your personal information when you enter, submit, or access your personal information. Among other things, your browser session, as well as the traffic between your applications and the API, are secured with SSL, and your password is hashed using a strong one-way algorithm. You may enable two-factor authentication to further secure access to your account.

+ +

What is your data retention policy?


What is our data retention policy?

We will make a good faith effort to:


You can request and download an archive of your content, including your posts, media attachments, profile picture, and header image.

+ +

You may irreversibly delete your account at any time.

+ +

Do we use cookies?

Yes. Cookies are small files that a site or its service provider transfers to your computer's hard drive through your Web browser (if you allow). These cookies enable the site to recognize your browser and, if you have a registered account, associate it with your registered account.


We use cookies to understand and save your preferences for future visits and compile aggregate data about site traffic and site interaction so that we can offer better site experiences and tools in the future. We may contract with third-party service providers to assist us in better understanding our site visitors. These service providers are not permitted to use the information collected on our behalf except to help us conduct and improve our business.


We use cookies to understand and save your preferences for future visits.

+ +

Do we disclose any information to outside parties?


We do not sell, trade, or otherwise transfer to outside parties your personally identifiable information. This does not include trusted third parties who assist us in operating our site, conducting our business, or servicing you, so long as those parties agree to keep this information confidential. We may also release your information when we believe release is appropriate to comply with the law, enforce our site policies, or protect ours or others rights, property, or safety. However, non-personally identifiable visitor information may be provided to other parties for marketing, advertising, or other uses.


We do not sell, trade, or otherwise transfer to outside parties your personally identifiable information. This does not include trusted third parties who assist us in operating our site, conducting our business, or servicing you, so long as those parties agree to keep this information confidential. We may also release your information when we believe release is appropriate to comply with the law, enforce our site policies, or protect ours or others rights, property, or safety.

+ +

Your public content may be downloaded by other servers in the network. Your public and followers-only posts are delivered to the servers where your followers reside, and direct messages are delivered to the servers of the recipients, in so far as those followers or recipients reside on a different server than this.


Third party links


When you authorize an application to use your account, depending on the scope of permissions you approve, it may access your public profile information, your following list, your followers, your lists, all your posts, and your favourites. Applications can never access your e-mail address or password.


Occasionally, at our discretion, we may include or offer third party products or services on our site. These third party sites have separate and independent privacy policies. We therefore have no responsibility or liability for the content and activities of these linked sites. Nonetheless, we seek to protect the integrity of our site and welcome any feedback about these sites.


Children's Online Privacy Protection Act Compliance

Our site, products and services are all directed to people who are at least 13 years old. If this server is in the USA, and you are under the age of 13, per the requirements of COPPA (Children's Online Privacy Protection Act) do not use this site.


Online Privacy Policy Only

- -

This online privacy policy applies only to information collected through our site and not to information collected offline.

- - - -

By using our site, you consent to our web site privacy policy.


Changes to our Privacy Policy

If we decide to change our privacy policy, we will post those changes on this page.


This document is CC-BY-SA. It was last updated May 31, 2013.


This document is CC-BY-SA. It was last updated March 7, 2018.

Originally adapted from the Discourse privacy policy.

title: "%{instance} Terms of Service and Privacy Policy" diff --git a/config/locales/eo.yml b/config/locales/eo.yml index 84d63d831..a896592b0 100644 --- a/config/locales/eo.yml +++ b/config/locales/eo.yml @@ -667,74 +667,6 @@ eo: reblogged: diskonigita sensitive_content: Tikla enhavo terms: - body_html: | -

European Portuguese dictionary Priberam also registers it as a valid form: * i18n: pt-BR minor orthography fix The form "a bordo" does not take an accent. --- app/javascript/mastodon/locales/pt-BR.json | 2 +- app/javascript/mastodon/locales/pt.json | 2 +- config/locales/pt-BR.yml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) (limited to 'config') diff --git a/app/javascript/mastodon/locales/pt-BR.json b/app/javascript/mastodon/locales/pt-BR.json index b056ec8bd..4cd2e0643 100644 --- a/app/javascript/mastodon/locales/pt-BR.json +++ b/app/javascript/mastodon/locales/pt-BR.json @@ -189,7 +189,7 @@ "onboarding.page_one.federation": "Mastodon é uma rede de servidores independentes que se juntam para fazer uma grande rede social. Nós chamamos estes servidores de instâncias.", "onboarding.page_one.full_handle": "Seu nome de usuário completo", "onboarding.page_one.handle_hint": "Isso é o que você diz aos seus amigos para que eles possam te mandar mensagens ou te seguir a partir de outra instância.", - "onboarding.page_one.welcome": "Seja bem-vindo(a) ao Mastodon!", + "onboarding.page_one.welcome": "Boas-vindas ao Mastodon!", "onboarding.page_six.admin": "O administrador de sua instância é {admin}.", "onboarding.page_six.almost_done": "Quase acabando...", "onboarding.page_six.appetoot": "Bom Apetoot!", diff --git a/app/javascript/mastodon/locales/pt.json b/app/javascript/mastodon/locales/pt.json index 65983000c..7a404eaba 100644 --- a/app/javascript/mastodon/locales/pt.json +++ b/app/javascript/mastodon/locales/pt.json @@ -189,7 +189,7 @@ "onboarding.page_one.federation": "Mastodon é uma rede de servidores independentes ligados entre si para fazer uma grande rede social. Nós chamamos instâncias a estes servidores.", "onboarding.page_one.full_handle": "O teu nome de utilizador completo", "onboarding.page_one.handle_hint": "Isto é o que dizes aos teus amigos para pesquisar.", - "onboarding.page_one.welcome": "Bem-vindo(a) ao Mastodon!", + "onboarding.page_one.welcome": "Boas-vindas ao Mastodon!", "onboarding.page_six.admin": "O administrador da tua instância é {admin}.", "onboarding.page_six.almost_done": "Quase pronto...", "onboarding.page_six.appetoot": "Bon Appetoot!", diff --git a/config/locales/pt-BR.yml b/config/locales/pt-BR.yml index c1225d356..d6f463a19 100644 --- a/config/locales/pt-BR.yml +++ b/config/locales/pt-BR.yml @@ -709,7 +709,7 @@ pt-BR: tip_local_timeline: A timeline local é uma visão contínua das pessoas que estão em %{instance}. Esses são seus vizinhos próximos! tip_mobile_webapp: Se o seu navegador móvel oferecer a opção de adicionar Mastodon à tela inicial, você pode receber notificações push. Vai funcionar quase como um aplicativo nativo! tips: Dicas - title: Boas-vindas à bordo, %{name}! + title: Boas-vindas a bordo, %{name}! users: invalid_email: O endereço de e-mail é inválido invalid_otp_token: Código de autenticação inválido -- cgit From d4de2239b0ab04bf6a42db9f28d1fdd8e45f7d8b Mon Sep 17 00:00:00 2001 From: Eugen Rochko Date: Sat, 7 Apr 2018 21:36:58 +0200 Subject: Add a circuit breaker for ActivityPub deliveries (#7053) --- Gemfile | 2 ++ Gemfile.lock | 2 ++ app/workers/activitypub/delivery_worker.rb | 14 +++++++++----- config/initializers/stoplight.rb | 3 +++ 4 files changed, 16 insertions(+), 5 deletions(-) create mode 100644 config/initializers/stoplight.rb (limited to 'config') diff --git a/Gemfile b/Gemfile index 9e644e7ae..4a5a166bd 100644 --- a/Gemfile +++ b/Gemfile @@ -35,6 +35,7 @@ gem 'devise-two-factor', '~> 3.0' group :pam_authentication, optional: true do gem 'devise_pam_authenticatable2', '~> 9.0' end + gem 'net-ldap', '~> 0.10' gem 'omniauth-cas', '~> 1.1' gem 'omniauth-saml', '~> 1.10' @@ -79,6 +80,7 @@ gem 'sidekiq-bulk', '~>0.1.1' gem 'simple-navigation', '~> 4.0' gem 'simple_form', '~> 3.4' gem 'sprockets-rails', '~> 3.2', require: 'sprockets/railtie' +gem 'stoplight', '~> 2.1.3' gem 'strong_migrations' gem 'tty-command' gem 'tty-prompt' diff --git a/Gemfile.lock b/Gemfile.lock index a185a602e..0f5a1fb6a 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -550,6 +550,7 @@ GEM net-scp (>= 1.1.2) net-ssh (>= 2.8.0) statsd-ruby (1.2.1) + stoplight (2.1.3) streamio-ffmpeg (3.0.2) multi_json (~> 1.8) strong_migrations (0.1.9) @@ -716,6 +717,7 @@ DEPENDENCIES simple_form (~> 3.4) simplecov (~> 0.14) sprockets-rails (~> 3.2) + stoplight (~> 2.1.3) streamio-ffmpeg (~> 3.0) strong_migrations tty-command diff --git a/app/workers/activitypub/delivery_worker.rb b/app/workers/activitypub/delivery_worker.rb index e6cfd0d07..adffd1d3b 100644 --- a/app/workers/activitypub/delivery_worker.rb +++ b/app/workers/activitypub/delivery_worker.rb @@ -12,9 +12,7 @@ class ActivityPub::DeliveryWorker @source_account = Account.find(source_account_id) @inbox_url = inbox_url - perform_request do |response| - raise Mastodon::UnexpectedResponseError, response unless response_successful? response - end + perform_request failure_tracker.track_success! rescue => e @@ -30,8 +28,14 @@ class ActivityPub::DeliveryWorker request.add_headers(HEADERS) end - def perform_request(&block) - build_request.perform(&block) + def perform_request + light = Stoplight(@inbox_url) do + build_request.perform do |response| + raise Mastodon::UnexpectedResponseError, response unless response_successful?(response) + end + end + + end def response_successful?(response) diff --git a/config/initializers/stoplight.rb b/config/initializers/stoplight.rb new file mode 100644 index 000000000..1bd4ee6e7 --- /dev/null +++ b/config/initializers/stoplight.rb @@ -0,0 +1,3 @@ +require 'stoplight' + +Stoplight::Light.default_data_store = -- cgit From 1364e9e4ae1fb12a1c970795f1d0afd651c7cfe2 Mon Sep 17 00:00:00 2001 From: ThibG Date: Sun, 8 Apr 2018 13:40:22 +0200 Subject: Fix follow/unfollow buttons on public profile (fixes #7036) (#7040) * Fix follow/unfollow buttons on public profile - Present non-logged users with web+mastodon:// URLs for remote accounts - Present logged-in users with appropriate links (authorize_follows and remote_unfollows) for remote accounts * Do not cache rendered cards if user is logged in --- .../concerns/remote_account_controller_concern.rb | 21 ++++++++++++ app/controllers/remote_unfollows.rb | 39 ++++++++++++++++++++++ app/views/accounts/_follow_button.html.haml | 6 ++-- app/views/accounts/_follow_grid.html.haml | 2 +- app/views/remote_unfollows/_card.html.haml | 13 ++++++++ .../_post_follow_actions.html.haml | 4 +++ app/views/remote_unfollows/error.html.haml | 3 ++ app/views/remote_unfollows/success.html.haml | 10 ++++++ config/routes.rb | 1 + 9 files changed, 95 insertions(+), 4 deletions(-) create mode 100644 app/controllers/concerns/remote_account_controller_concern.rb create mode 100644 app/controllers/remote_unfollows.rb create mode 100644 app/views/remote_unfollows/_card.html.haml create mode 100644 app/views/remote_unfollows/_post_follow_actions.html.haml create mode 100644 app/views/remote_unfollows/error.html.haml create mode 100644 app/views/remote_unfollows/success.html.haml (limited to 'config') diff --git a/app/controllers/concerns/remote_account_controller_concern.rb b/app/controllers/concerns/remote_account_controller_concern.rb new file mode 100644 index 000000000..e17910642 --- /dev/null +++ b/app/controllers/concerns/remote_account_controller_concern.rb @@ -0,0 +1,21 @@ +# frozen_string_literal: true + +module RemoteAccountControllerConcern + extend ActiveSupport::Concern + + included do + layout 'public' + before_action :set_account + before_action :check_account_suspension + end + + private + + def set_account + @account = Account.find_remote!(params[:acct]) + end + + def check_account_suspension + gone if @account.suspended? + end +end diff --git a/app/controllers/remote_unfollows.rb b/app/controllers/remote_unfollows.rb new file mode 100644 index 000000000..af5943363 --- /dev/null +++ b/app/controllers/remote_unfollows.rb @@ -0,0 +1,39 @@ +# frozen_string_literal: true + +class RemoteUnfollowsController < ApplicationController + layout 'modal' + + before_action :authenticate_user! + before_action :set_body_classes + + def create + @account = unfollow_attempt.try(:target_account) + + if @account.nil? + render :error + else + render :success + end + rescue ActiveRecord::RecordNotFound, Mastodon::NotPermittedError + render :error + end + + private + + def unfollow_attempt + username, domain = acct_without_prefix.split('@') +, Account.find_remote!(username, domain)) + end + + def acct_without_prefix + acct_params.gsub(/\Aacct:/, '') + end + + def acct_params + params.fetch(:acct, '') + end + + def set_body_classes + @body_classes = 'modal-layout' + end +end diff --git a/app/views/accounts/_follow_button.html.haml b/app/views/accounts/_follow_button.html.haml index e476e0aff..96ae23234 100644 --- a/app/views/accounts/_follow_button.html.haml +++ b/app/views/accounts/_follow_button.html.haml @@ -8,16 +8,16 @@ - if user_signed_in? && != && !requested .controls - if following - = link_to account_unfollow_path(account), data: { method: :post }, class: 'icon-button' do + = link_to (account.local? ? account_unfollow_path(account) : remote_unfollow_path(acct: account.acct)), data: { method: :post }, class: 'icon-button' do = fa_icon 'user-times' = t('accounts.unfollow') - else - = link_to account_follow_path(account), data: { method: :post }, class: 'icon-button' do + = link_to (account.local? ? account_follow_path(account) : authorize_follow_path(acct: account.acct)), data: { method: :post }, class: 'icon-button' do = fa_icon 'user-plus' = t('accounts.follow') - elsif !user_signed_in? .controls .remote-follow - = link_to account_remote_follow_path(account), class: 'icon-button' do + = link_to (account.local? ? account_remote_follow_path(account) : "web+mastodon://follow?uri=#{account.uri}"), class: 'icon-button' do = fa_icon 'user-plus' = t('accounts.remote_follow') diff --git a/app/views/accounts/_follow_grid.html.haml b/app/views/accounts/_follow_grid.html.haml index 10fbfa546..a6d0ee817 100644 --- a/app/views/accounts/_follow_grid.html.haml +++ b/app/views/accounts/_follow_grid.html.haml @@ -2,6 +2,6 @@ - if accounts.empty? = render partial: 'accounts/nothing_here' - else - = render partial: 'accounts/grid_card', collection: accounts, as: :account, cached: true + = render partial: 'accounts/grid_card', collection: accounts, as: :account, cached: !user_signed_in? = paginate follows diff --git a/app/views/remote_unfollows/_card.html.haml b/app/views/remote_unfollows/_card.html.haml new file mode 100644 index 000000000..e81e292ba --- /dev/null +++ b/app/views/remote_unfollows/_card.html.haml @@ -0,0 +1,13 @@ +.account-card + .detailed-status__display-name + %div + = image_tag account.avatar.url(:original), alt: '', width: 48, height: 48, class: 'avatar' + + %span.display-name + - account_url = local_assigns[:admin] ? admin_account_path( : TagManager.instance.url_for(account) + = link_to account_url, class: 'detailed-status__display-name p-author h-card', target: '_blank', rel: 'noopener' do + %strong.emojify= display_name(account) + %span @#{account.acct} + + - if account.note? + .account__header__content.emojify= Formatter.instance.simplified_format(account) diff --git a/app/views/remote_unfollows/_post_follow_actions.html.haml b/app/views/remote_unfollows/_post_follow_actions.html.haml new file mode 100644 index 000000000..2a9c062e9 --- /dev/null +++ b/app/views/remote_unfollows/_post_follow_actions.html.haml @@ -0,0 +1,4 @@ + %div= link_to t('authorize_follow.post_follow.web'), web_url("accounts/#{}"), class: 'button button--block' + %div= link_to t('authorize_follow.post_follow.return'), TagManager.instance.url_for(@account), class: 'button button--block' + %div= t('authorize_follow.post_follow.close') diff --git a/app/views/remote_unfollows/error.html.haml b/app/views/remote_unfollows/error.html.haml new file mode 100644 index 000000000..cb63f02be --- /dev/null +++ b/app/views/remote_unfollows/error.html.haml @@ -0,0 +1,3 @@ +.form-container + .flash-message#error_explanation + = t('remote_unfollow.error') diff --git a/app/views/remote_unfollows/success.html.haml b/app/views/remote_unfollows/success.html.haml new file mode 100644 index 000000000..aa3c838a0 --- /dev/null +++ b/app/views/remote_unfollows/success.html.haml @@ -0,0 +1,10 @@ +- content_for :page_title do + = t('remote_unfollow.title', acct: @account.acct) + +.form-container + .follow-prompt + %h2= t('remote_unfollow.unfollowed') + + = render 'card', account: @account + + = render 'post_follow_actions' diff --git a/config/routes.rb b/config/routes.rb index 4b5ba5c96..7187fd743 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -116,6 +116,7 @@ Rails.application.routes.draw do get '/media_proxy/:id/(*any)', to: 'media_proxy#show', as: :media_proxy # Remote follow + resource :remote_unfollow, only: [:create] resource :authorize_follow, only: [:show, :create] resource :share, only: [:show, :create] -- cgit