Commit Graph

228 Commits (094616ad3f1a42832b9c4094acabd8c88a254097)

Author SHA1 Message Date
Matt Jankowski 5a54a5ba69 Clean up api/subscriptions controller (#3448) 2017-05-31 02:15:09 +02:00
Jack Jennings 4e75c71b3e Add status destroy authorization to policy (#3453)
* Add status destroy authorization to policy

* Create explicit unreblog status authorization
2017-05-30 22:56:31 +02:00
Matt Jankowski 4e89226243 Improve api oembed controller (#3450)
* Add StreamEntryFinder class to parse URLs

* Use StreamEntryFinder and clean up api/oembed controller
2017-05-30 16:30:06 -04:00
Matt Jankowski 0ee8f559ec Clean up api/salmon controller (#3449) 2017-05-30 16:28:58 -04:00
Jack Jennings faf53a5a3e Extract authorization policy for viewing statuses (#3150) 2017-05-29 18:22:22 +02:00
unarist af368a2d12 More use of next link header on account (media) timelines (#3311)
This will reduce requests on who have only few statuses.

- Use next link header to detect more items from first request
- Omit next link header if result items are fewer than requested count
(It had omit it only if result was empty before)
2017-05-25 17:09:13 +02:00
unarist 9642bdbe0a Fix following/followers API to return correct link headers (#3268)
Link headers in following/followers API should include follow_id as max_id/since_id.

However, these API use current_user's account_id instead of follow_id from #3167.
This causes irrelevant result on loading more users.
2017-05-23 23:26:23 +02:00
Matt Jankowski fecc2c2f47 Refactor of API timeline actions (#3263)
- Increase coverage to exercise all parts of each action
- Move into namespace to share common code
- Misc refactor of each action for smaller methods, simpler code
2017-05-23 18:11:39 +02:00
Matt Jankowski 4f2a0f546d Coverage for api/web/settings controller (#3238) 2017-05-22 23:12:28 +02:00
Akihiko Odaki 90c8175cb0 Fix mutes_controller error and incorrect statuses_controller report (#3202)
This commit fixes a regression in commit
9d32e7f6d5.
2017-05-21 13:32:13 +02:00
Akihiko Odaki f23a0655fe Fix regressions in api/v1 (#3178)
The regressions are introduced at commit
9d32e7f6d5 by me (Akihiko Odaki)
2017-05-20 17:48:34 +02:00
Yamagishi Kazutoshi ee5e342a42 Fix block list 500 (#3174) 2017-05-20 17:01:14 +02:00
Akihiko Odaki 9d32e7f6d5 Use joins for account properties (#3167) 2017-05-20 15:13:51 +02:00
Eugen Rochko 5695449335 Add buttons to block and unblock domain (#3127)
* Add buttons to block and unblock domain

* Relationship API now returns "domain_blocking" status for accounts,
rename "block entire domain" to "hide entire domain", fix unblocking domain,
do not block notifications from domain-blocked-but-followed people, do
not send Salmons to domain blocked users

* Add test

* Personal domain blocks shouldn't affect Salmon after all, since in this
direction of communication the control is very thin when it comes to
public stuff. Best stay consistent and not affect federation in this way

* Ignore followers and follow request from domain blocked folks,
ensure account domain blocks are not created for empty domain,
and avoid duplicates in validation

* Purge followers when blocking domain (without soft-blocks, since they
are useless here)

* Add tests, fix local timeline being empty when having any domain blocks
2017-05-19 21:05:32 +02:00
Eugen Rochko 0cafe62561 Account domain blocks (#2381)
* Add <ostatus:conversation /> tag to Atom input/output

Only uses ref attribute (not href) because href would be
the alternate link that's always included also.

Creates new conversation for every non-reply status. Carries
over conversation for every reply. Keeps remote URIs verbatim,
generates local URIs on the fly like the rest of them.

* Conversation muting - prevents notifications that reference a conversation
(including replies, favourites, reblogs) from being created. API endpoints
/api/v1/statuses/:id/mute and /api/v1/statuses/:id/unmute

Currently no way to tell when a status/conversation is muted, so the web UI
only has a "disable notifications" button, doesn't work as a toggle

* Display "Dismiss notifications" on all statuses in notifications column, not just own

* Add "muted" as a boolean attribute on statuses JSON

For now always false on contained reblogs, since it's only relevant for
statuses returned from the notifications endpoint, which are not nested

Remove "Disable notifications" from detailed status view, since it's
only relevant in the notifications column

* Up max class length

* Remove pending test for conversation mute

* Add tests, clean up

* Rename to "mute conversation" and "unmute conversation"

* Raise validation error when trying to mute/unmute status without conversation

* Adding account domain blocks that filter notifications and public timelines

* Add tests for domain blocks in notifications, public timelines
Filter reblogs of blocked domains from home

* Add API for listing and creating account domain blocks

* API for creating/deleting domain blocks, tests for Status#ancestors
and Status#descendants, filter domain blocks from them

* Filter domains in streaming API

* Update account_domain_block_spec.rb
2017-05-19 01:14:30 +02:00
Eugen Rochko 5039bc93d5 Feature conversations muting (#3017)
* Add <ostatus:conversation /> tag to Atom input/output

Only uses ref attribute (not href) because href would be
the alternate link that's always included also.

Creates new conversation for every non-reply status. Carries
over conversation for every reply. Keeps remote URIs verbatim,
generates local URIs on the fly like the rest of them.

* Conversation muting - prevents notifications that reference a conversation
(including replies, favourites, reblogs) from being created. API endpoints
/api/v1/statuses/:id/mute and /api/v1/statuses/:id/unmute

Currently no way to tell when a status/conversation is muted, so the web UI
only has a "disable notifications" button, doesn't work as a toggle

* Display "Dismiss notifications" on all statuses in notifications column, not just own

* Add "muted" as a boolean attribute on statuses JSON

For now always false on contained reblogs, since it's only relevant for
statuses returned from the notifications endpoint, which are not nested

Remove "Disable notifications" from detailed status view, since it's
only relevant in the notifications column

* Up max class length

* Remove pending test for conversation mute

* Add tests, clean up

* Rename to "mute conversation" and "unmute conversation"

* Raise validation error when trying to mute/unmute status without conversation
2017-05-15 03:04:13 +02:00
Matt Jankowski 735c5098c5 Specs for API push controller, with refactor (#2926)
* Coverage for api push controller

* Refactor the api/push controller
2017-05-09 00:44:30 +02:00
rch850 4a930bd556 Use null as default oEmbed height (#2842)
Height 640 is too big for most toots.
Twitter use null value to support flexible height.
2017-05-06 16:31:43 +02:00
Eugen Rochko 91a8a5eab8 Fix #2706 - Always respond with 200 to PuSH payloads (#2733)
Fix #2196 - Respond with 201 when Salmon accepted, 400 when unverified
Fix #2629 - Correctly handle confirm_domain? for local accounts
Unify rules for extracting author acct from XML, prefer <email>, fall back
to <name> + <uri> (see also #2017, #2172)
2017-05-03 17:02:18 +02:00
Eugen Rochko 4a7dc4fadc OEmbed support for PreviewCard (#2337)
* OEmbed support for PreviewCard

* Improve ProviderDiscovery code failure treatment

* Do not crawl links if there is a content warning, since those
don't display a link card anyway

* Reset db schema

* Fresh migrate

* Fix rubocop style issues
Fix #1681 - return existing access token when applicable instead of creating new

* Fix test

* Extract http client to helper

* Improve oembed controller
2017-04-27 14:42:22 +02:00
Evan Minto 1b5966ad07 Change ActivityPub paging to match spec. Clean up ActivityPub outbox changes. (#2410)
* Change ActivityPub paging to match spec. Clean up ActivityPub outbox changes.

* Fix code style and test failures for OutboxController.

* Attempt to fix CI errors.
2017-04-25 15:06:06 +02:00
Eugen Rochko 553d6a1ea6 Fix #2402 - Add Idempotency-Key header to PostStatusService that prevents (#2419)
duplicates. Web UI regenerates UUID for that header every time the compose
form is changed or successfully submitted

Also, fix Farsi i18n overwriting the English one
2017-04-25 15:04:49 +02:00
Eugen 87f7a3922c Punycode URI normalization (#2370)
* Fix #2119 - Whenever about to send a HTTP request, normalize the URI

* Add test for IDN request in FetchLinkCardService

* Perform IDN normalization on domains before they are stored in the DB
2017-04-25 02:47:31 +02:00
Evan Minto 227f45402d ActivityPub: Add basic, read-only support for Outboxes, Notes, and Create/Announce Activities (#2197)
* Clean up collapsible components

* Expose user Outboxes and AS2 representations of statuses

* Save work thus far.

* Fix bad merge.

* Save my work

* Clean up pagination.

* First test working.

* Add tests.

* Add Forbidden error template.

* Revert yarn.lock changes.

* Fix code style deviations and use localized instead of hardcoded English text.
2017-04-23 05:21:10 +02:00
Ashley b970cf6988 Added API for single notification dismissal (#2251)
* Added API backend for notification dismissal

* Added render statement

* Changed statement
2017-04-22 02:30:35 +02:00
Matt Jankowski 7a1129892c Simplify render in controllers (#2144) 2017-04-19 15:37:42 +02:00
happycoloredbanana 9026426b4d Remove API authentication for public statuses (after review) (#1919) 2017-04-18 21:58:57 +02:00
Eugen e0a36782b4 Fix #1897 - Return reblogged: false on unreblog (was wrongly named variable) (#1989) 2017-04-17 19:58:38 +02:00
alpaca-tc 752d057494 ActiveRecord::NotFound is not defined (#1864) 2017-04-15 21:17:59 +02:00
ThibG c45c67c2ac Allow running mastodon on a different domain as the one used for identifying users (#1267)
* Allow running mastodon on a different domain as the one used for identifying users

* Alter documentation of WEB_DOMAIN to make clear it shouldn't be used unless the admin knows what they are doing

* Compare to web_domain instead of local_domain when dealing with feeds/API

* Correctly identify mentions to local accounts

Mentions URLs point to the person's web profile, i.e., the user page served on WEB_DOMAIN.
2017-04-15 02:15:46 +02:00
Eugen 68f3ce7d0c API param to exclude notification types from response (#1341)
* Add exclude_types param to /api/v1/notifications

* Exclude notification types in web UI through exclude_types in the API
2017-04-10 23:45:29 +02:00
Eugen 47a3702db4 Fix /api/v1/accounts/update_credentials tests (#1357) 2017-04-09 20:23:14 +02:00
David Celis 6e0b4032b3 Allow users to update their Account in the API (#1179)
* Allow users to update their Account in the API

It would be nice for API clients to be able to allow users to update
their accounts without having to wrap Mastodon in a web view. This patch
adds an API endpoint to let users submit a PATCH for their account.

Signed-off-by: David Celis <me@davidcel.is>

* Add /api/v1/accounts/update_credentials to the API docs

Signed-off-by: David Celis <me@davidcel.is>
2017-04-09 18:33:40 +02:00
Eugen 3047a8da74 Make public timelines API not require user context/app credentials (#1291)
* Make /api/v1/timelines/public and /api/v1/timelines/tag/:id public
Fix #1156 - respect query params when generating pagination links in API

* Apply pagination fix to more APIs
2017-04-08 23:39:31 +02:00
Eugen Rochko 24793cdbaa Fix ActionController::Parameters in API issue 2017-04-04 01:33:34 +02:00
Eugen Rochko 244da78105 Import feature for following/blocking lists (addresses #62, #177, #201, #454) 2017-03-30 19:42:33 +02:00
Eugen Rochko 96e58cf289 Add counter caches for a large performance increase on API requests 2017-03-30 15:06:59 +02:00
Eugen Rochko 3893f75a51 New API method: /api/v1/search
Returns accounts, statuses, hashtags arrays
2017-03-22 02:32:27 +01:00
Eugen Rochko 844eda88fe Forgot to hook up API with the latest method 2017-03-17 21:02:47 +01:00
Eugen Rochko c97f817e40 Fix #525 - Add instance information API 2017-03-15 23:12:48 +01:00
Eugen 6599b27b2b Merge branch 'master' into mastodon-site-api 2017-03-15 22:55:22 +01:00
Eugen Rochko dea8e95d14 Performance improvement for profiles 2017-03-06 01:50:35 +01:00
Eugen Rochko d1e1f26878 Improved /api/v1/accounts/:id/statuses with new params: only_media, exclude_replies
Redirect /:username to /users/:username
Redirect /:username/:id to /users/:username/updates/:id
Updated API documentation and sponsors
2017-03-05 17:27:17 +01:00
Kit Redgrave 4554ccd5d0 Mute button progress so far. WIP, doesn't entirely work correctly. 2017-03-01 22:31:21 -06:00
Kibigo b39356835b Adds site metadata access to the API 2017-02-27 04:06:25 -08:00
Eugen Rochko ff8a080d40 Add validation of media attachments, clean up mastodon-own exception classes 2017-02-26 23:23:06 +01:00
Eugen Rochko 128dcdf68a Merge branch 'fix_462' of https://github.com/rmhasan/mastodon into rmhasan-fix_462 2017-02-26 23:09:18 +01:00
Eugen Rochko 5157e25aab Add tuning documentation, add <content> tags back to most salmons,
make status pagination headers generation more lax about next page
existing
2017-02-25 03:34:37 +01:00
Rakib Hasan 2e10c9861e Removed try clause from create action in status controller
Using catch statement in api_controller.rb to catch NotPermitted
Exception, and render error message
2017-02-19 08:29:56 +00:00
Rakib Hasan 008c95b3b9 revisted fix for #462
Moved validation to services/post_status_service.rb
2017-02-19 08:28:33 +00:00
Rakib Hasan 11dc0a1cbc Fix for issue #462
Modified uploadCompose action to send media ids of attached
media when sending a request. Modified create method in MediaController
to check if when posting a video, there are no other media attached
to the status by looking at the media ids sent from the uploadCompose
action.
2017-02-19 08:28:33 +00:00
Eugen Rochko 7f9d6d0160 Add GET /api/v1/accounts/:id/statuses/media that returns only statuses with media attachments
Make replies default to privacy settings of the status being replied to
2017-02-17 01:30:24 +01:00
Eugen Rochko 2cc31b3194 Adding POST /api/v1/reports API, and a UI for submitting reports 2017-02-14 20:59:26 +01:00
Eugen Rochko 59c8c2b28a Make follow requests federate 2017-02-11 02:58:00 +01:00
Eugen Rochko b1f2683ecc Add API modifiers to limit returned toots from public/hashtag timelines
to only those from local users; Add link to "extended information" to
getting started in the UI; Add defaults for posting privacy; Change
how publish button looks depending on posting privacy chosen
2017-02-06 23:16:20 +01:00
Eugen Rochko e4a55302d2 Remove bios from blocked users list, filter out broken entries from API response 2017-02-05 19:39:00 +01:00
Eugen Rochko 2f126b1225 Removing failed push notification API, make context loads use cache 2017-02-05 17:51:44 +01:00
Eugen Rochko 727d236fcc Cleaning up format of broadcast real-time messages, removing
redis-backed "mentions" timeline as redundant (given notifications)
2017-02-02 00:03:31 +01:00
Eugen Rochko 9327d05bf7 API for apps to register for push notifications 2017-01-29 01:30:32 +01:00
Eugen Rochko 2efefb380b Improve infinite scroll on notifications 2017-01-26 04:30:40 +01:00
Eugen Rochko 959e064186 Instead of using spoiler boolean and spoiler_text, simply check for non-blank spoiler_text
Federate spoiler_text using warning attribute on <content /> instead of a <category term="spoiler" />
Clean up schema file from accidental development migrations
2017-01-25 01:29:16 +01:00
Eugen c7778752e3 Merge branch 'master' into master 2017-01-24 21:56:06 +01:00
Eugen Rochko ea8b548ee9 Make blocks create entries and unfollows instantly, but do the clean up
in the background instead. Should fix delay where blocked person
can interact with blocker for a short time before background job
gets processed
2017-01-24 21:40:41 +01:00
Eugen Rochko b4ec84067a API now respects ?limit param as long as it's within 2x default limit 2017-01-24 04:22:10 +01:00
blackle e25fc71c2c Implement a click-to-view spoiler system 2017-01-23 21:07:40 -05:00
Eugen Rochko 98660a76d9 Move merging/unmerging of timelines into background. Move blocking into
background as well since it's a computationally expensive
2017-01-23 21:29:34 +01:00
Eugen Rochko 4d39cc7bf9 Add /api/v1/notifications/clear, non-existing link cards for statuses will
now return empty hash instead of throwing a 404 error. When following,
merge into timeline will filter statuses
2017-01-23 21:09:27 +01:00
Eugen 20cb576da1 Fix inflection 2017-01-22 23:08:51 +01:00
Eugen Rochko f4836b9077 Method to fetch a single notification 2017-01-21 22:14:13 +01:00
Eugen Rochko f748a91ec7 Fix #463 - Fetch and display previews of URLs using OpenGraph tags 2017-01-20 01:00:14 +01:00
Eugen Rochko a88f9a5ca9 Don't show loading bar when re-loading already loaded status. Don't even try to fetch ancestors from DB when in_reply_to_id is nil 2017-01-19 11:06:06 +01:00
Eugen Rochko f4d7f4c687 Fix #238 - Add "favourites" column 2017-01-16 13:28:25 +01:00
Effy Elden 8e0c1914fb Add tracking of OAuth app that posted a status, extend OAuth apps to have optional website field, add application details to API, show application name and website on detailed status views. Resolves #11 2017-01-15 08:58:50 +11:00
Eugen Rochko 6d98465db2 Extend rails-settings-cached to merge db-saved hash values with defaults 2017-01-13 02:42:22 +01:00
Eugen Rochko c8bcd413e2 Home column filters 2017-01-10 17:25:10 +01:00
Eugen Rochko 4293e132d1 Persist UI settings, add missing localizations for German 2017-01-09 14:00:55 +01:00
Eugen Rochko 6a20c13009 Add API for retrieving favourites 2016-12-29 20:33:26 +01:00
Eugen Rochko 2bc6e7c96e Add API for retrieving blocked accounts 2016-12-29 20:12:32 +01:00
Eugen Rochko cef68b9b1c Follow requests send e-mail notifications, but are excluded from notifications API
Better initial state for unlisted/nsfw toggles
2016-12-26 21:52:03 +01:00
Eugen Rochko ef9e827c54 Adding follow requests API 2016-12-26 19:30:45 +01:00
Eugen Rochko 238233440f Follow call on locked account creates follow request instead
Reflect "requested" relationship in API and UI
Reflect inability of private posts to be reblogged in the UI
Disable Webfinger for locked accounts
2016-12-22 23:03:57 +01:00
Eugen Rochko d417da7d3a Private visibility on statuses prevents non-followers from seeing those
Filters out hidden stream entries from Atom feed
Blocks now generate hidden stream entries, can be used to federate blocks
Private statuses cannot be reblogged (generates generic 422 error for now)
POST /api/v1/statuses now takes visibility=(public|unlisted|private) param instead of unlisted boolean
Statuses JSON now contains visibility=(public|unlisted|private) field
2016-12-21 20:04:13 +01:00
Eugen Rochko b2945b025f Make unfavouriting async to prevent timeout errors from leaving orphaned records behind 2016-12-19 09:12:29 +01:00
Eugen Rochko 346aae50b0 Adjusting public display of statuses to look similar to logged-in UI,
fix #361 with rich OEmbed display via iframe, fix #237 by hiding sensitive
content behind a spoiler on public pages
2016-12-18 19:47:11 +01:00
Eugen Rochko 6d7f3be2f6 Add OEmbed iframe HTML, convert emojis on public pages, increase size of attachment thumbnails 2016-12-18 15:20:39 +01:00
Eugen Rochko 8260628fc8 Fix pt translations, improve pre-cache queries, removing will_paginate
from accounts/tags because it's a terribly inefficient way to paginate
large sets of data
2016-12-01 16:26:25 +01:00
Eugen Rochko a8814a19dc Add basic OEmbed provider API, fix #247 2016-11-30 23:01:03 +01:00
Eugen Rochko 8d4ef0b6c3 Per-status control for unlisted mode, also federation for unlisted mode
Fix #233, fix #268
2016-11-30 21:34:59 +01:00
Eugen Rochko bee7aeaea5 Unify collection caching code 2016-11-29 15:49:39 +01:00
Eugen Rochko d26b8f3cce Delete statuses asynchronously but provide instant feedback in the API 2016-11-29 15:32:25 +01:00
Eugen Rochko b5ad0eb4ea Adding embedded PuSH server 2016-11-28 13:36:47 +01:00
Eugen Rochko 666eda7256 Remove stale entries from cache results 2016-11-25 13:25:40 +01:00
Eugen Rochko 30f9e9e624 Remove Neo4J 2016-11-24 23:46:27 +01:00
Alyssa Ross cb06801b21 Extract filename obfuscation into module 2016-11-24 00:30:58 +00:00
Andrea Faulds 66a20701b7 Rename media to avoid exposing filename (fixes #207) 2016-11-23 21:03:03 +00:00
Eugen Rochko d78962c1ed Cache accounts/:id/statuses and single statuses too 2016-11-23 19:00:43 +01:00
Eugen Rochko 65d6191147 Adding sensitive marker to statuses in API 2016-11-23 10:46:48 +01:00
Eugen Rochko c60df460af Rename "publish" to "toot" in english locale, fix lightbox showing old image
before loading new one, cache notifications API, fix missing follow button
on public profiles
2016-11-23 09:20:34 +01:00
Eugen Rochko dda6354c76 Implement includes caching for timelines APIs 2016-11-23 08:34:35 +01:00
Eugen Rochko f6a975af8b More query optimizations 2016-11-22 23:18:54 +01:00