8d0a4b7200
Admin base controller ( #1465 )
...
* Add Admin::BaseController to wrap admin area
Extracts the setting of the `admin` layout and verifying that users are admins
to a common base class for the admin/ controllers.
* Add basic coverage for admin/reports and admin/settings controllers
2017-04-10 21:27:03 +02:00
5c57f15503
Do not store last visited URL from API controllers ( #1330 )
...
Sign-in redirects you back to last visited URL, but in case of API requests,
this sometimes redirected users to an API URL that, of course, greeted them
with an {"error":"The access token is invalid"}
2017-04-09 22:21:52 +02:00
47a3702db4
Fix /api/v1/accounts/update_credentials tests ( #1357 )
2017-04-09 20:23:14 +02:00
9252133084
Use HTTP Accept-Language to detect locale ( #1166 )
...
* Use HTTP Accept-Language to detect locale
* Fix gem order to comply with codeclimate
* Sort gem to comply with rubocop
* I18n.default_locale fallback when there is no accept-language header
2017-04-09 18:40:24 +02:00
6e0b4032b3
Allow users to update their Account in the API ( #1179 )
...
* Allow users to update their Account in the API
It would be nice for API clients to be able to allow users to update
their accounts without having to wrap Mastodon in a web view. This patch
adds an API endpoint to let users submit a PATCH for their account.
Signed-off-by: David Celis <me@davidcel.is>
* Add /api/v1/accounts/update_credentials to the API docs
Signed-off-by: David Celis <me@davidcel.is>
2017-04-09 18:33:40 +02:00
41b79ae693
Clean up about page ( #1282 )
...
* Add InstancePresenter to expose site details
* Clean up about controller, use instance presenter
2017-04-09 14:47:25 +02:00
3047a8da74
Make public timelines API not require user context/app credentials ( #1291 )
...
* Make /api/v1/timelines/public and /api/v1/timelines/tag/:id public
Fix #1156 - respect query params when generating pagination links in API
* Apply pagination fix to more APIs
2017-04-08 23:39:31 +02:00
b532134503
Fix #795 , fix #704 , fix #835 - 2FA requires confirmation to be enabled ( #1278 )
...
* Fix #795 , fix #704 , fix #835 - 2FA requires confirmation to be enabled
TOTP secret is not shown again after 2FA is enabled
* Clean up
2017-04-08 22:20:08 +02:00
07f42f0824
Fix #1165 - before_action was called before protect_from_forgery
2017-04-08 02:30:50 +02:00
9bb84337a7
Allow setting of default language through config
...
Setting of locale in controller extracted to Localized concern,
the doorkeeper authorized applications controller moved under
custom namespace with inclusion of Localized, which resolves the
"it sometimes appears in a different random language" bug
2017-04-07 12:40:26 +02:00
24c77e57b2
Rewrite Atom generation from stream entries to use Ox instead of Nokogiri ( #1124 )
...
* Rewrite Atom generation from stream entries to use Ox instead of Nokogiri::Builder
StreamEntry is now limited to only statuses, which allows some optimization. Removed
extra queries on AccountsController#show. AtomSerializer instead of AtomBuilderHelper
used in AccountsController#show, StreamEntriesController#show, StreamEntryRenderer
and PubSubHubbub::DistributionWorker
PubSubHubbub::DistributionWorker moves n+1 DomainBlock query to PubSubHubbub::DeliveryWorker
instead.
All Salmon slaps that aren't based on StreamEntry still use AtomBuilderHelper and Nokogiri
* All Salmon slaps now use Ox instead of Nokogiri. No touch from status on account
2017-04-07 05:56:56 +02:00
932b0b2f1f
Remote follow improvements
...
This stores the @username@instance you provide in your session and
reuses it the next time you remote follow someone from this instance.
2017-04-04 20:52:31 -04:00
353a30810c
New admin setting: open/close registrations, with custom message, from the admin UI
2017-04-04 15:28:12 +02:00
7a56845060
Only call regeneration worker after first login after a 14 day break
2017-04-04 02:00:10 +02:00
24793cdbaa
Fix ActionController::Parameters in API issue
2017-04-04 01:33:34 +02:00
c9ffa7ab1d
Add basic logging of who resolved report
2017-04-03 19:35:00 +02:00
ceaafb22d3
When taking action on a report (silence/suspend), it dismisses all other
...
reports for that user automatically
2017-04-03 19:19:54 +02:00
6ebe31e716
Make default admin UI page reports. Add admin UI for creating a domain block
2017-04-03 18:55:06 +02:00
1ee4c6415c
Catching rack timeout from rails doesn't work
2017-04-02 21:12:18 +02:00
00e99e58db
Add proper error page for request timeouts
2017-04-02 19:43:44 +02:00
f04816f005
Fix wording "show reblogs" -> "show boosts", order reports chronologically in
...
admin UI
2017-04-02 16:45:49 +02:00
e407ed24a6
Fix landing page sign up form ignoring username field
2017-04-02 04:13:22 +02:00
244da78105
Import feature for following/blocking lists (addresses #62 , #177 , #201 , #454 )
2017-03-30 19:42:33 +02:00
96e58cf289
Add counter caches for a large performance increase on API requests
2017-03-30 15:06:59 +02:00
a4ce8b09fb
Fix #690 - Webfinger should handle new shortform profile URLs now (nice)
2017-03-28 11:25:43 +02:00
b3cb765a94
Prettier account and stream entry URLs
2017-03-22 19:55:14 +01:00
3893f75a51
New API method: /api/v1/search
...
Returns accounts, statuses, hashtags arrays
2017-03-22 02:32:27 +01:00
b339e488fe
Export follow/block lists as CSV
2017-03-19 20:29:41 +01:00
20d91848cf
Fix wrong HTTP status codes on error pages
2017-03-19 20:03:28 +01:00
844eda88fe
Forgot to hook up API with the latest method
2017-03-17 21:02:47 +01:00
c97f817e40
Fix #525 - Add instance information API
2017-03-15 23:12:48 +01:00
6599b27b2b
Merge branch 'master' into mastodon-site-api
2017-03-15 22:55:22 +01:00
453d65e6da
Obfuscate filenames better, double rate limits
2017-03-14 15:59:21 +01:00
250beb1971
Revert earlier fix due to new bug reports
2017-03-06 02:25:41 +01:00
dea8e95d14
Performance improvement for profiles
2017-03-06 01:50:35 +01:00
42b6d5aca5
Increase max bitrate of converted webms, slightly optimized counter queries
...
(Because postgres can tell that count(*) needs no extra checks, but
counting a specific column requires them)
2017-03-05 23:43:58 +01:00
d1e1f26878
Improved /api/v1/accounts/:id/statuses with new params: only_media, exclude_replies
...
Redirect /:username to /users/:username
Redirect /:username/:id to /users/:username/updates/:id
Updated API documentation and sponsors
2017-03-05 17:27:17 +01:00
0cb5a2a0a7
Add digest e-mails
2017-03-04 00:00:48 +01:00
4554ccd5d0
Mute button progress so far. WIP, doesn't entirely work correctly.
2017-03-01 22:31:21 -06:00
b39356835b
Adds site metadata access to the API
2017-02-27 04:06:25 -08:00
a741049a77
Fix #104 - Style OAuth authorized applications page
...
Add ability to search accounts by display name
2017-02-27 00:15:00 +01:00
ff8a080d40
Add validation of media attachments, clean up mastodon-own exception classes
2017-02-26 23:23:06 +01:00
128dcdf68a
Merge branch 'fix_462' of https://github.com/rmhasan/mastodon into rmhasan-fix_462
2017-02-26 23:09:18 +01:00
5157e25aab
Add tuning documentation, add <content> tags back to most salmons,
...
make status pagination headers generation more lax about next page
existing
2017-02-25 03:34:37 +01:00
2e10c9861e
Removed try clause from create action in status controller
...
Using catch statement in api_controller.rb to catch NotPermitted
Exception, and render error message
2017-02-19 08:29:56 +00:00
008c95b3b9
revisted fix for #462
...
Moved validation to services/post_status_service.rb
2017-02-19 08:28:33 +00:00
11dc0a1cbc
Fix for issue #462
...
Modified uploadCompose action to send media ids of attached
media when sending a request. Modified create method in MediaController
to check if when posting a video, there are no other media attached
to the status by looking at the media ids sent from the uploadCompose
action.
2017-02-19 08:28:33 +00:00
3d291bcc55
Do not display non-Status stream entries anymore
2017-02-17 02:20:52 +01:00
7f9d6d0160
Add GET /api/v1/accounts/:id/statuses/media that returns only statuses with media attachments
...
Make replies default to privacy settings of the status being replied to
2017-02-17 01:30:24 +01:00
0613d66df8
Add UI to view report details, remove reported statuses, quick links to resolve/silence/suspend from report
2017-02-17 00:42:52 +01:00
6917e53fe0
Adding index overview for reports in admin UI
2017-02-16 02:28:10 +01:00
513a78d67b
Fix admin UI for accounts somewhat
2017-02-15 00:22:58 +01:00
2cc31b3194
Adding POST /api/v1/reports API, and a UI for submitting reports
2017-02-14 20:59:26 +01:00
a83dc927d8
Fix #587 - Display TOTP secret next to QR code
2017-02-13 20:56:03 +01:00
f9f8f52fe9
Stop trying to shoehorn all Salmon updates into the poor database-connected
...
StreamEntry model. Simply render Salmon slaps as they are needed
2017-02-12 01:19:14 +01:00
59c8c2b28a
Make follow requests federate
2017-02-11 02:58:00 +01:00
92a90de2af
Fix #611 - Layout setting in registrations controller
2017-02-08 03:04:29 +01:00
7037774d6e
Merge pull request #603 from evanminto/activitypub-account
...
Expose ActivityStreams 2.0 representation of accounts
2017-02-07 02:08:40 +01:00
af82038b98
Fix preferences save
2017-02-07 00:23:38 +01:00
b1f2683ecc
Add API modifiers to limit returned toots from public/hashtag timelines
...
to only those from local users; Add link to "extended information" to
getting started in the UI; Add defaults for posting privacy; Change
how publish button looks depending on posting privacy chosen
2017-02-06 23:16:20 +01:00
db7affbf5b
Reuse existing controller and route
2017-02-06 01:19:26 -08:00
e4a55302d2
Remove bios from blocked users list, filter out broken entries from API response
2017-02-05 19:39:00 +01:00
2f126b1225
Removing failed push notification API, make context loads use cache
2017-02-05 17:51:44 +01:00
e02bfd0aa2
Remove unnecessary leftover code
2017-02-04 14:49:24 -08:00
b56d24ed71
Add an account endpoint for ActivityPub and link to it on HTML profile pages
2017-02-04 14:46:23 -08:00
727d236fcc
Cleaning up format of broadcast real-time messages, removing
...
redis-backed "mentions" timeline as redundant (given notifications)
2017-02-02 00:03:31 +01:00
9327d05bf7
API for apps to register for push notifications
2017-01-29 01:30:32 +01:00
c58da52e9f
Split 2FA login into two prompts
2017-01-28 20:43:38 +01:00
557de8e24c
Update settings to re-use admin layout, one big navigation tree, improve settings forms
2017-01-28 03:56:10 +01:00
9b8670c939
Added optional two-factor authentication
2017-01-27 20:35:16 +01:00
2efefb380b
Improve infinite scroll on notifications
2017-01-26 04:30:40 +01:00
959e064186
Instead of using spoiler boolean and spoiler_text, simply check for non-blank spoiler_text
...
Federate spoiler_text using warning attribute on <content /> instead of a <category term="spoiler" />
Clean up schema file from accidental development migrations
2017-01-25 01:29:16 +01:00
c7778752e3
Merge branch 'master' into master
2017-01-24 21:56:06 +01:00
ea8b548ee9
Make blocks create entries and unfollows instantly, but do the clean up
...
in the background instead. Should fix delay where blocked person
can interact with blocker for a short time before background job
gets processed
2017-01-24 21:40:41 +01:00
b4ec84067a
API now respects ?limit param as long as it's within 2x default limit
2017-01-24 04:22:10 +01:00
e25fc71c2c
Implement a click-to-view spoiler system
2017-01-23 21:07:40 -05:00
98660a76d9
Move merging/unmerging of timelines into background. Move blocking into
...
background as well since it's a computationally expensive
2017-01-23 21:29:34 +01:00
4d39cc7bf9
Add /api/v1/notifications/clear, non-existing link cards for statuses will
...
now return empty hash instead of throwing a 404 error. When following,
merge into timeline will filter statuses
2017-01-23 21:09:27 +01:00
55d6cd41e6
Fix a couple unhandled exceptions
2017-01-23 13:56:57 +01:00
4cbca05197
Potentially fix notifications issue
2017-01-23 13:43:14 +01:00
20cb576da1
Fix inflection
2017-01-22 23:08:51 +01:00
2c29cc400e
Improve error page layouting. 500 page has to stay static because it's
...
used from nginx when Rails fails.
2017-01-21 22:30:47 +01:00
280348f1e0
Merge branch 'fix/error-pages' of https://github.com/ineffyble/mastodon into ineffyble-fix/error-pages
2017-01-21 22:20:01 +01:00
f4836b9077
Method to fetch a single notification
2017-01-21 22:14:13 +01:00
f748a91ec7
Fix #463 - Fetch and display previews of URLs using OpenGraph tags
2017-01-20 01:00:14 +01:00
a88f9a5ca9
Don't show loading bar when re-loading already loaded status. Don't even try to fetch ancestors from DB when in_reply_to_id is nil
2017-01-19 11:06:06 +01:00
f4d7f4c687
Fix #238 - Add "favourites" column
2017-01-16 13:28:25 +01:00
80f186cdf0
Add nice error page for CSRF errors/cookie issue, and fix error page handling altogether
2017-01-15 10:30:23 +11:00
8e0c1914fb
Add tracking of OAuth app that posted a status, extend OAuth apps to have optional website field, add application details to API, show application name and website on detailed status views. Resolves #11
2017-01-15 08:58:50 +11:00
f2667139ad
Adding about/more page with extended information that can be set up by an admin
2017-01-13 20:16:38 +01:00
533448be42
Add extended about page stub
2017-01-13 03:24:41 +01:00
6d98465db2
Extend rails-settings-cached to merge db-saved hash values with defaults
2017-01-13 02:42:22 +01:00
7e7c2bbb0f
Migrate from ledermann/rails-settings to rails-settings-cached which allows global settings
...
with YAML-defined defaults. Add admin page for editing global settings. Add "site_description"
setting that would show as a paragraph on the frontpage
2017-01-12 20:46:24 +01:00
c8bcd413e2
Home column filters
2017-01-10 17:25:10 +01:00
4293e132d1
Persist UI settings, add missing localizations for German
2017-01-09 14:00:55 +01:00
0df070596e
Fix #416 - Generate random unique 14-byte (19 characters) shortcodes
...
for local attachments, use them in URLs. Check status privacy
before redirecting to actual file.
2017-01-06 00:29:12 +01:00
800f6cf6a3
Fix #390 - fix redirect after sign-up (to login page instead of homepage)
2017-01-04 15:31:25 +01:00
6ef2b5d1c7
Fix admin UI not loading JS, make sure to strip "acct:" out of remote account's usernames when authorizing follow
2017-01-02 22:31:10 +01:00
3e6b5d67dd
Fix uri expansion during remote follow
2017-01-02 12:19:02 +01:00
df2f14d2dd
Adding remote follow button
2017-01-01 19:54:34 +01:00
Matt Jankowski