Commit Graph

487 Commits (1b6ced588715276a838a5286b47948ebb80df11c)

Author SHA1 Message Date
839 95e8ab21a1 Avoid dynamic methods due to processing speed (#2080) 2017-04-18 15:57:46 +02:00
Eugen Rochko a398b93bbc Adjust visuals of non-autoplaying GIFV 2017-04-18 01:57:50 +02:00
Eugen Rochko 336fd904db Merge branch 'pause-gif' of git://github.com/patf/mastodon into patf-pause-gif 2017-04-18 01:25:50 +02:00
Matt Jankowski 7a7a2d591f Remove unused methods (#1730)
* Remove unused method #set_counters_maps from api controller

* Remove unused method #set_account_counters_maps from api controller

* Remove unused method Account#followers_domains

* Remove unused User.prolific scope

* Add mastodon:users:admins task to list all admin emails

* Use interpolated query style in Account.triadic_closures

* Coverage for Account.triadic_closures
2017-04-18 01:21:55 +02:00
Matt Jankowski 47cc8462e3 Media controller specs (#2022)
* Add spec for media controller

* Add MediaAttachment.attached scope

* Simplify methods in media controller
2017-04-17 20:02:00 +02:00
Eugen e0a36782b4 Fix #1897 - Return reblogged: false on unreblog (was wrongly named variable) (#1989) 2017-04-17 19:58:38 +02:00
Matt Jankowski fd9d43b6e2 Improve handling of HTTP_ACCEPT for webfinger (#2008)
This change includes:

- Improve the spec coverage for incoming request to the webfinger action
- For requests without an accept header (ie, what a browser might look like),
  return a JSON response.
- For requests with an explicit format of xml or json, return that format.
- For requests using an accept header, return that format.

Also adds failing spec showing webfinger does not return xml, which covers the
issue described in: https://github.com/tootsuite/mastodon/issues/1983
2017-04-17 19:58:03 +02:00
Patrick Figel 2fb1f07888 Add gif auto-play/pause preference
This introduces a new per-user preference called
"Auto-play animated GIFs", which is enabled by default. When a
user disables this setting, gifs in toots become click-to-play.

Previews of animated gifs were changed to display the video play
button so that users can distinguish them from regular images.

This setting also affects account avatars in the detailed account
view, which was changed to use the same hover-to-play mechanism
that is used for animated avatars in timelines.

Fixes #1652
2017-04-17 12:14:03 +02:00
saturday06 abf70be71e Assign user locale on signup (#1982) 2017-04-17 10:29:08 +02:00
Eugen 40b37104fd Onboarding modal (#1883)
* Basic onboarding modal that's shown to users once

* Lay out pages 2 through 5, add images, style modals (#1509)

* Lay out pages 2 through 5

Added images and laid out pages 2 through 5 in the jsx file. SCSS will
come, still working on just seeing if this works at all.

* Fix jsx errors, add images to modal pages, style modal pages

* Add animations to onboarding pager changes, improve wording and styling

* Finishing touches on the onboarding

* Add missing propTypes

* Update wording
2017-04-16 20:32:00 +02:00
Matt Jankowski fff8d92577 I18n health warnings (#1949)
* Rename admin.domain_block to admin.domain_blocks in prep for i18n improvement

* Use implicit controller/action path for i18n in admin/domain_blocks

* Add DomainBlock#accounts has_many

* Avoid i18n health warning for `en` locale by using symbol scope with :count

* Remove unused i18n key: plaintext_secret_html

* Remove unused i18n key two_factor_auth.warning

* Remove final will_paginate i18n keys

* Remove unused key two_factor_auth.recovery_codes

* Remove unused key: admin.reports.comment.none

* Remove unused reports. i18n namespace (moved to admin.reports)

* Ignore keys from locales which override activemodel and activerecord errors

* Revert "Remove unused key: admin.reports.comment.none"

This reverts commit 350ef2685fadc069e619bb6d1066190de195d942.

* Update i18n key reference to match moved location

* Add missing `en` keys to i18n

* Tell i18n-tasks to ignore missing attributes that dont need overwriting

* Add i18n-tasks unused to travis
2017-04-16 19:37:01 +02:00
Eugen ba6b4c6e62 Make file attachment on MediaAttachment optional (#1865)
Create MediaAttachment but without actual file download when domain is blocked with reject_media set to true
Clean up old media files when creating a new domain block with reject_media set to true
Return remote_url in media attachments API if local file is not present
Undo domain block action in admin UI
Ability to enable reject_media from admin UI
2017-04-16 12:51:30 +02:00
alpaca-tc 752d057494 ActiveRecord::NotFound is not defined (#1864) 2017-04-15 21:17:59 +02:00
Marcin Cieślak d67b8e90ea Give SINGLE_USER a chance to register (#1820)
An attempt to open a brand new Mastodon instance configured
as SINGLE_USER_MODE=true will cause an exception.

Enable temporary registration if we have no users in the database

Fixes #1817
2017-04-15 16:46:27 +02:00
Matt Jankowski c0f0bcf17d Add password reset for users from admin accounts area (#1841) 2017-04-15 16:44:59 +02:00
Patrick Figel 15b393201e Add recovery code support for two-factor auth (#1773)
* Add recovery code support for two-factor auth

When users enable two-factor auth, the app now generates ten
single-use recovery codes. Users are encouraged to print the codes
and store them in a safe place.

The two-factor prompt during login now accepts both OTP codes and
recovery codes.

The two-factor settings UI allows users to regenerated lost
recovery codes. Users who have set up two-factor auth prior to
this feature being added can use it to generate recovery codes
for the first time.

Fixes #563 and fixes #987

* Set OTP_SECRET in test enviroment

* add missing .html to view file names
2017-04-15 13:26:03 +02:00
Joachim Viide cbf0e1b1c8 Send initial state in a <script type="application/json"> tag (#1806) 2017-04-15 02:32:42 +02:00
ThibG c45c67c2ac Allow running mastodon on a different domain as the one used for identifying users (#1267)
* Allow running mastodon on a different domain as the one used for identifying users

* Alter documentation of WEB_DOMAIN to make clear it shouldn't be used unless the admin knows what they are doing

* Compare to web_domain instead of local_domain when dealing with feeds/API

* Correctly identify mentions to local accounts

Mentions URLs point to the person's web profile, i.e., the user page served on WEB_DOMAIN.
2017-04-15 02:15:46 +02:00
Matt Jankowski 20170cb4f3 Improve i18n chooser (#1804)
* Add locale spec with failing locale plus region check

* Use a more accurate locale when supplied by browser headers

Previously we were using a matching option which would use the first locale
available which matched the locale portion, even if a region was specified.

This changes to first try to find an exact match, and then fall back to the
region, and then fall back to the  default.

* Clean up default_locale method
2017-04-15 01:12:39 +02:00
Matt Jankowski 22f1d9099a Admin reports controller improvements (#1714)
* Simplify admin/reports controller filtering for index

* Rename parameter to resolved

* Fix issue where reports view could not access filter_link_to

* Add coverage for admin/reports controller

* DRY up resolution of related reports for target account

* Clean up admin/reports routes

* Add Report#statuses method

* DRY up current account action taken params

* Rubocop styles
2017-04-14 11:10:28 +02:00
Matt Jankowski d8789124ae Clean up well-known routes/controllers (#1649)
* Add request spec for host meta route returning xml

* Add routing spec for xrd routes

* Update well-known routes

* Move webfinger and host-meta actions to their own controllers
2017-04-13 13:09:07 +02:00
Matt Jankowski 26ea2f70bd Admin accounts controller cleanup (#1664)
* Remove unused account_params method in admin/accounts controller

* Introduce AccountFilter to find accounts

* Use AccountFilter in admin/accounts controller

* Use more restful routes admin silence and suspension area

* Add admin/silences and admin/suspensions controllers
2017-04-13 13:04:23 +02:00
Matt Jankowski 0a6cfca260 Settings export refactor (#1646)
* Refactor Export to take an account and know about the export types

* Use Export instance in settings/exports#show
2017-04-13 13:02:02 +02:00
Matt Jankowski d1ebb63c54 Quick best practice cleanup of views/helpers (#1546)
* Remove trailing whitespace

* Use query methods instead of explicit .blank? checks
2017-04-12 18:24:18 +02:00
Matt Jankowski 9d1d8797fd Webfinger resource to extract username from resource string (#1607)
* Add WebfingerResource class to extract usernames

* Use WebfingerResource in xrd#webfinger
2017-04-12 18:22:38 +02:00
Matt Jankowski bf7306636e Allow import/export of mutes list (#1541)
* Allow export of mutes list

* Allow importing of mutes list

* Refactor to use Settings::Exports::BaseController and DRY up exports code
2017-04-12 18:20:44 +02:00
Matt Jankowski ca70fe5ae7 Simplify the way the embed view is created (#1590)
* Add coverage for embedded status view

* Refactor embed view to eliminate @external_links variable
2017-04-12 16:12:42 +02:00
Matt Jankowski c27253cbb6 Default to json type for webfinger requests (#1583) 2017-04-12 16:03:37 +02:00
Matt Jankowski 63e46e27f0 Refactor exports controller (#1567)
* Add basic coverage for settings/exports controller

* Remove unused @account variable from settings/exports controller

* Add coverage for download export actions

* Remove deprecated `render :text` in favor of `send_data` for csv downloads

* Add model to handle exports

* Use Export class in settings/exports controller

* Simplify settings/exports controller methods

* Move settings/export to more restful routes
2017-04-11 22:00:43 +02:00
Eugen Rochko b440b2a9ee Merge branch 'master' of https://github.com/blackle/mastodon into blackle-master 2017-04-11 20:43:56 +02:00
blackle e7d77f4e13 Allow user to disable the boost confirm dialog in preferences 2017-04-11 10:10:16 -04:00
Matt Jankowski fcec9fcd99 Pagination improvements (#1445)
* Replace will_paginate with kaminari

* Use #page instead of #paginate in controllers

* Replace will_paginate.page_gap with pagination.truncate in i18n

* Customize kaminari views to match prior styles

* Set kaminari options to match prior behavior

* Replace will_paginate with paginate in views
2017-04-11 01:11:41 +02:00
Eugen 68f3ce7d0c API param to exclude notification types from response (#1341)
* Add exclude_types param to /api/v1/notifications

* Exclude notification types in web UI through exclude_types in the API
2017-04-10 23:45:29 +02:00
Matt Jankowski 874a240a58 Clean up generation of account webfinger string (#1477)
* Consolidate webfinger string creation under Account#to_webfinger_s

* Introduce Account#local_username_and_domain for consolidation
2017-04-10 22:58:06 +02:00
Matt Jankowski 8d0a4b7200 Admin base controller (#1465)
* Add Admin::BaseController to wrap admin area

Extracts the setting of the `admin` layout and verifying that users are admins
to a common base class for the admin/ controllers.

* Add basic coverage for admin/reports and admin/settings controllers
2017-04-10 21:27:03 +02:00
Eugen 5c57f15503 Do not store last visited URL from API controllers (#1330)
Sign-in redirects you back to last visited URL, but in case of API requests,
this sometimes redirected users to an API URL that, of course, greeted them
with an {"error":"The access token is invalid"}
2017-04-09 22:21:52 +02:00
Eugen 47a3702db4 Fix /api/v1/accounts/update_credentials tests (#1357) 2017-04-09 20:23:14 +02:00
David Authier 9252133084 Use HTTP Accept-Language to detect locale (#1166)
* Use HTTP Accept-Language to detect locale

* Fix gem order to comply with codeclimate

* Sort gem to comply with rubocop

* I18n.default_locale fallback when there is no accept-language header
2017-04-09 18:40:24 +02:00
David Celis 6e0b4032b3 Allow users to update their Account in the API (#1179)
* Allow users to update their Account in the API

It would be nice for API clients to be able to allow users to update
their accounts without having to wrap Mastodon in a web view. This patch
adds an API endpoint to let users submit a PATCH for their account.

Signed-off-by: David Celis <me@davidcel.is>

* Add /api/v1/accounts/update_credentials to the API docs

Signed-off-by: David Celis <me@davidcel.is>
2017-04-09 18:33:40 +02:00
Matt Jankowski 41b79ae693 Clean up about page (#1282)
* Add InstancePresenter to expose site details

* Clean up about controller, use instance presenter
2017-04-09 14:47:25 +02:00
Eugen 3047a8da74 Make public timelines API not require user context/app credentials (#1291)
* Make /api/v1/timelines/public and /api/v1/timelines/tag/:id public
Fix #1156 - respect query params when generating pagination links in API

* Apply pagination fix to more APIs
2017-04-08 23:39:31 +02:00
Eugen b532134503 Fix #795, fix #704, fix #835 - 2FA requires confirmation to be enabled (#1278)
* Fix #795, fix #704, fix #835 - 2FA requires confirmation to be enabled
TOTP secret is not shown again after 2FA is enabled

* Clean up
2017-04-08 22:20:08 +02:00
Eugen Rochko 07f42f0824 Fix #1165 - before_action was called before protect_from_forgery 2017-04-08 02:30:50 +02:00
Eugen Rochko 9bb84337a7 Allow setting of default language through config
Setting of locale in controller extracted to Localized concern,
the doorkeeper authorized applications controller moved under
custom namespace with inclusion of Localized, which resolves the
"it sometimes appears in a different random language" bug
2017-04-07 12:40:26 +02:00
Eugen 24c77e57b2 Rewrite Atom generation from stream entries to use Ox instead of Nokogiri (#1124)
* Rewrite Atom generation from stream entries to use Ox instead of Nokogiri::Builder

StreamEntry is now limited to only statuses, which allows some optimization. Removed
extra queries on AccountsController#show. AtomSerializer instead of AtomBuilderHelper
used in AccountsController#show, StreamEntriesController#show, StreamEntryRenderer
and PubSubHubbub::DistributionWorker

PubSubHubbub::DistributionWorker moves n+1 DomainBlock query to PubSubHubbub::DeliveryWorker
instead.

All Salmon slaps that aren't based on StreamEntry still use AtomBuilderHelper and Nokogiri

* All Salmon slaps now use Ox instead of Nokogiri. No touch from status on account
2017-04-07 05:56:56 +02:00
Drew DeVault 932b0b2f1f Remote follow improvements
This stores the @username@instance you provide in your session and
reuses it the next time you remote follow someone from this instance.
2017-04-04 20:52:31 -04:00
Eugen Rochko 353a30810c New admin setting: open/close registrations, with custom message, from the admin UI 2017-04-04 15:28:12 +02:00
Eugen Rochko 7a56845060 Only call regeneration worker after first login after a 14 day break 2017-04-04 02:00:10 +02:00
Eugen Rochko 24793cdbaa Fix ActionController::Parameters in API issue 2017-04-04 01:33:34 +02:00
Eugen Rochko c9ffa7ab1d Add basic logging of who resolved report 2017-04-03 19:35:00 +02:00
Eugen Rochko ceaafb22d3 When taking action on a report (silence/suspend), it dismisses all other
reports for that user automatically
2017-04-03 19:19:54 +02:00
Eugen Rochko 6ebe31e716 Make default admin UI page reports. Add admin UI for creating a domain block 2017-04-03 18:55:06 +02:00
Eugen Rochko 1ee4c6415c Catching rack timeout from rails doesn't work 2017-04-02 21:12:18 +02:00
Eugen Rochko 00e99e58db Add proper error page for request timeouts 2017-04-02 19:43:44 +02:00
Eugen Rochko f04816f005 Fix wording "show reblogs" -> "show boosts", order reports chronologically in
admin UI
2017-04-02 16:45:49 +02:00
Eugen Rochko e407ed24a6 Fix landing page sign up form ignoring username field 2017-04-02 04:13:22 +02:00
Eugen Rochko 244da78105 Import feature for following/blocking lists (addresses #62, #177, #201, #454) 2017-03-30 19:42:33 +02:00
Eugen Rochko 96e58cf289 Add counter caches for a large performance increase on API requests 2017-03-30 15:06:59 +02:00
Eugen Rochko a4ce8b09fb Fix #690 - Webfinger should handle new shortform profile URLs now (nice) 2017-03-28 11:25:43 +02:00
Eugen Rochko b3cb765a94 Prettier account and stream entry URLs 2017-03-22 19:55:14 +01:00
Eugen Rochko 3893f75a51 New API method: /api/v1/search
Returns accounts, statuses, hashtags arrays
2017-03-22 02:32:27 +01:00
Eugen Rochko b339e488fe Export follow/block lists as CSV 2017-03-19 20:29:41 +01:00
Eugen Rochko 20d91848cf Fix wrong HTTP status codes on error pages 2017-03-19 20:03:28 +01:00
Eugen Rochko 844eda88fe Forgot to hook up API with the latest method 2017-03-17 21:02:47 +01:00
Eugen Rochko c97f817e40 Fix #525 - Add instance information API 2017-03-15 23:12:48 +01:00
Eugen 6599b27b2b Merge branch 'master' into mastodon-site-api 2017-03-15 22:55:22 +01:00
Eugen Rochko 453d65e6da Obfuscate filenames better, double rate limits 2017-03-14 15:59:21 +01:00
Eugen Rochko 250beb1971 Revert earlier fix due to new bug reports 2017-03-06 02:25:41 +01:00
Eugen Rochko dea8e95d14 Performance improvement for profiles 2017-03-06 01:50:35 +01:00
Eugen Rochko 42b6d5aca5 Increase max bitrate of converted webms, slightly optimized counter queries
(Because postgres can tell that count(*) needs no extra checks, but
counting a specific column requires them)
2017-03-05 23:43:58 +01:00
Eugen Rochko d1e1f26878 Improved /api/v1/accounts/:id/statuses with new params: only_media, exclude_replies
Redirect /:username to /users/:username
Redirect /:username/:id to /users/:username/updates/:id
Updated API documentation and sponsors
2017-03-05 17:27:17 +01:00
Eugen Rochko 0cb5a2a0a7 Add digest e-mails 2017-03-04 00:00:48 +01:00
Kit Redgrave 4554ccd5d0 Mute button progress so far. WIP, doesn't entirely work correctly. 2017-03-01 22:31:21 -06:00
Kibigo b39356835b Adds site metadata access to the API 2017-02-27 04:06:25 -08:00
Eugen Rochko a741049a77 Fix #104 - Style OAuth authorized applications page
Add ability to search accounts by display name
2017-02-27 00:15:00 +01:00
Eugen Rochko ff8a080d40 Add validation of media attachments, clean up mastodon-own exception classes 2017-02-26 23:23:06 +01:00
Eugen Rochko 128dcdf68a Merge branch 'fix_462' of https://github.com/rmhasan/mastodon into rmhasan-fix_462 2017-02-26 23:09:18 +01:00
Eugen Rochko 5157e25aab Add tuning documentation, add <content> tags back to most salmons,
make status pagination headers generation more lax about next page
existing
2017-02-25 03:34:37 +01:00
Rakib Hasan 2e10c9861e Removed try clause from create action in status controller
Using catch statement in api_controller.rb to catch NotPermitted
Exception, and render error message
2017-02-19 08:29:56 +00:00
Rakib Hasan 008c95b3b9 revisted fix for #462
Moved validation to services/post_status_service.rb
2017-02-19 08:28:33 +00:00
Rakib Hasan 11dc0a1cbc Fix for issue #462
Modified uploadCompose action to send media ids of attached
media when sending a request. Modified create method in MediaController
to check if when posting a video, there are no other media attached
to the status by looking at the media ids sent from the uploadCompose
action.
2017-02-19 08:28:33 +00:00
Eugen Rochko 3d291bcc55 Do not display non-Status stream entries anymore 2017-02-17 02:20:52 +01:00
Eugen Rochko 7f9d6d0160 Add GET /api/v1/accounts/:id/statuses/media that returns only statuses with media attachments
Make replies default to privacy settings of the status being replied to
2017-02-17 01:30:24 +01:00
Eugen Rochko 0613d66df8 Add UI to view report details, remove reported statuses, quick links to resolve/silence/suspend from report 2017-02-17 00:42:52 +01:00
Eugen Rochko 6917e53fe0 Adding index overview for reports in admin UI 2017-02-16 02:28:10 +01:00
Eugen Rochko 513a78d67b Fix admin UI for accounts somewhat 2017-02-15 00:22:58 +01:00
Eugen Rochko 2cc31b3194 Adding POST /api/v1/reports API, and a UI for submitting reports 2017-02-14 20:59:26 +01:00
Eugen Rochko a83dc927d8 Fix #587 - Display TOTP secret next to QR code 2017-02-13 20:56:03 +01:00
Eugen Rochko f9f8f52fe9 Stop trying to shoehorn all Salmon updates into the poor database-connected
StreamEntry model. Simply render Salmon slaps as they are needed
2017-02-12 01:19:14 +01:00
Eugen Rochko 59c8c2b28a Make follow requests federate 2017-02-11 02:58:00 +01:00
Eugen 92a90de2af Fix #611 - Layout setting in registrations controller 2017-02-08 03:04:29 +01:00
Eugen 7037774d6e Merge pull request #603 from evanminto/activitypub-account
Expose ActivityStreams 2.0 representation of accounts
2017-02-07 02:08:40 +01:00
Eugen Rochko af82038b98 Fix preferences save 2017-02-07 00:23:38 +01:00
Eugen Rochko b1f2683ecc Add API modifiers to limit returned toots from public/hashtag timelines
to only those from local users; Add link to "extended information" to
getting started in the UI; Add defaults for posting privacy; Change
how publish button looks depending on posting privacy chosen
2017-02-06 23:16:20 +01:00
Evan Minto db7affbf5b Reuse existing controller and route 2017-02-06 01:19:26 -08:00
Eugen Rochko e4a55302d2 Remove bios from blocked users list, filter out broken entries from API response 2017-02-05 19:39:00 +01:00
Eugen Rochko 2f126b1225 Removing failed push notification API, make context loads use cache 2017-02-05 17:51:44 +01:00
Evan Minto e02bfd0aa2 Remove unnecessary leftover code 2017-02-04 14:49:24 -08:00
Evan Minto b56d24ed71 Add an account endpoint for ActivityPub and link to it on HTML profile pages 2017-02-04 14:46:23 -08:00
Eugen Rochko 727d236fcc Cleaning up format of broadcast real-time messages, removing
redis-backed "mentions" timeline as redundant (given notifications)
2017-02-02 00:03:31 +01:00
Eugen Rochko 9327d05bf7 API for apps to register for push notifications 2017-01-29 01:30:32 +01:00
Eugen Rochko c58da52e9f Split 2FA login into two prompts 2017-01-28 20:43:38 +01:00
Eugen Rochko 557de8e24c Update settings to re-use admin layout, one big navigation tree, improve settings forms 2017-01-28 03:56:10 +01:00
Eugen Rochko 9b8670c939 Added optional two-factor authentication 2017-01-27 20:35:16 +01:00
Eugen Rochko 2efefb380b Improve infinite scroll on notifications 2017-01-26 04:30:40 +01:00
Eugen Rochko 959e064186 Instead of using spoiler boolean and spoiler_text, simply check for non-blank spoiler_text
Federate spoiler_text using warning attribute on <content /> instead of a <category term="spoiler" />
Clean up schema file from accidental development migrations
2017-01-25 01:29:16 +01:00
Eugen c7778752e3 Merge branch 'master' into master 2017-01-24 21:56:06 +01:00
Eugen Rochko ea8b548ee9 Make blocks create entries and unfollows instantly, but do the clean up
in the background instead. Should fix delay where blocked person
can interact with blocker for a short time before background job
gets processed
2017-01-24 21:40:41 +01:00
Eugen Rochko b4ec84067a API now respects ?limit param as long as it's within 2x default limit 2017-01-24 04:22:10 +01:00
blackle e25fc71c2c Implement a click-to-view spoiler system 2017-01-23 21:07:40 -05:00
Eugen Rochko 98660a76d9 Move merging/unmerging of timelines into background. Move blocking into
background as well since it's a computationally expensive
2017-01-23 21:29:34 +01:00
Eugen Rochko 4d39cc7bf9 Add /api/v1/notifications/clear, non-existing link cards for statuses will
now return empty hash instead of throwing a 404 error. When following,
merge into timeline will filter statuses
2017-01-23 21:09:27 +01:00
Eugen Rochko 55d6cd41e6 Fix a couple unhandled exceptions 2017-01-23 13:56:57 +01:00
Eugen Rochko 4cbca05197 Potentially fix notifications issue 2017-01-23 13:43:14 +01:00
Eugen 20cb576da1 Fix inflection 2017-01-22 23:08:51 +01:00
Eugen Rochko 2c29cc400e Improve error page layouting. 500 page has to stay static because it's
used from nginx when Rails fails.
2017-01-21 22:30:47 +01:00
Eugen Rochko 280348f1e0 Merge branch 'fix/error-pages' of https://github.com/ineffyble/mastodon into ineffyble-fix/error-pages 2017-01-21 22:20:01 +01:00
Eugen Rochko f4836b9077 Method to fetch a single notification 2017-01-21 22:14:13 +01:00
Eugen Rochko f748a91ec7 Fix #463 - Fetch and display previews of URLs using OpenGraph tags 2017-01-20 01:00:14 +01:00
Eugen Rochko a88f9a5ca9 Don't show loading bar when re-loading already loaded status. Don't even try to fetch ancestors from DB when in_reply_to_id is nil 2017-01-19 11:06:06 +01:00
Eugen Rochko f4d7f4c687 Fix #238 - Add "favourites" column 2017-01-16 13:28:25 +01:00
Effy Elden 80f186cdf0 Add nice error page for CSRF errors/cookie issue, and fix error page handling altogether 2017-01-15 10:30:23 +11:00
Effy Elden 8e0c1914fb Add tracking of OAuth app that posted a status, extend OAuth apps to have optional website field, add application details to API, show application name and website on detailed status views. Resolves #11 2017-01-15 08:58:50 +11:00
Eugen Rochko f2667139ad Adding about/more page with extended information that can be set up by an admin 2017-01-13 20:16:38 +01:00
Eugen Rochko 533448be42 Add extended about page stub 2017-01-13 03:24:41 +01:00
Eugen Rochko 6d98465db2 Extend rails-settings-cached to merge db-saved hash values with defaults 2017-01-13 02:42:22 +01:00
Eugen Rochko 7e7c2bbb0f Migrate from ledermann/rails-settings to rails-settings-cached which allows global settings
with YAML-defined defaults. Add admin page for editing global settings. Add "site_description"
setting that would show as a paragraph on the frontpage
2017-01-12 20:46:24 +01:00
Eugen Rochko c8bcd413e2 Home column filters 2017-01-10 17:25:10 +01:00
Eugen Rochko 4293e132d1 Persist UI settings, add missing localizations for German 2017-01-09 14:00:55 +01:00
Eugen Rochko 0df070596e Fix #416 - Generate random unique 14-byte (19 characters) shortcodes
for local attachments, use them in URLs. Check status privacy
before redirecting to actual file.
2017-01-06 00:29:12 +01:00
Eugen Rochko 800f6cf6a3 Fix #390 - fix redirect after sign-up (to login page instead of homepage) 2017-01-04 15:31:25 +01:00
Eugen Rochko 6ef2b5d1c7 Fix admin UI not loading JS, make sure to strip "acct:" out of remote account's usernames when authorizing follow 2017-01-02 22:31:10 +01:00
Eugen Rochko 3e6b5d67dd Fix uri expansion during remote follow 2017-01-02 12:19:02 +01:00
Eugen Rochko df2f14d2dd Adding remote follow button 2017-01-01 19:54:34 +01:00
Eugen Rochko 6a20c13009 Add API for retrieving favourites 2016-12-29 20:33:26 +01:00
Eugen Rochko 2bc6e7c96e Add API for retrieving blocked accounts 2016-12-29 20:12:32 +01:00
Eugen Rochko 4030321d95 Support remote follow request providing URL instead of acct 2016-12-29 17:23:27 +01:00
Eugen Rochko 57f6f80838 Add ability to use remote follow function on other sites 2016-12-29 16:54:54 +01:00
Eugen Rochko fde1917a54 Add preferences for follow request notification e-mails 2016-12-26 22:04:16 +01:00
Eugen Rochko cef68b9b1c Follow requests send e-mail notifications, but are excluded from notifications API
Better initial state for unlisted/nsfw toggles
2016-12-26 21:52:03 +01:00
Eugen Rochko 6a54df90c8 Replacing follow requests in the settings area with in-UI column 2016-12-26 21:33:51 +01:00
Eugen Rochko ef9e827c54 Adding follow requests API 2016-12-26 19:30:45 +01:00
Eugen Rochko d253b0dec6 Fix #86 - resolve layout breaking on zoom-out on accounts grid 2016-12-26 18:48:33 +01:00
Eugen Rochko 302051ffcb Add page for authorizing/rejecting follow requests 2016-12-23 00:04:52 +01:00
Eugen Rochko 77cd58545d Re-enable Webfinger for locked accounts but don't handle "follow" events
coming in via Salmon.

Currently no way to prevent remote follows, but they will only receive public
and unlisted posts
2016-12-22 23:17:57 +01:00
Eugen Rochko 238233440f Follow call on locked account creates follow request instead
Reflect "requested" relationship in API and UI
Reflect inability of private posts to be reblogged in the UI
Disable Webfinger for locked accounts
2016-12-22 23:03:57 +01:00
Eugen Rochko 09a477c782 Add "locked" flag to accounts, prevent blocked users from following, force-unfollow blocked users 2016-12-22 21:34:19 +01:00
Eugen Rochko d417da7d3a Private visibility on statuses prevents non-followers from seeing those
Filters out hidden stream entries from Atom feed
Blocks now generate hidden stream entries, can be used to federate blocks
Private statuses cannot be reblogged (generates generic 422 error for now)
POST /api/v1/statuses now takes visibility=(public|unlisted|private) param instead of unlisted boolean
Statuses JSON now contains visibility=(public|unlisted|private) field
2016-12-21 20:04:13 +01:00
Eugen Rochko 090e3a245d Fix #249 - use window.location hack to let people login from sandboxed iOS homescreen 2016-12-21 00:13:13 +01:00
Eugen Rochko b2945b025f Make unfavouriting async to prevent timeout errors from leaving orphaned records behind 2016-12-19 09:12:29 +01:00
Eugen Rochko 346aae50b0 Adjusting public display of statuses to look similar to logged-in UI,
fix #361 with rich OEmbed display via iframe, fix #237 by hiding sensitive
content behind a spoiler on public pages
2016-12-18 19:47:11 +01:00
Eugen Rochko 6d7f3be2f6 Add OEmbed iframe HTML, convert emojis on public pages, increase size of attachment thumbnails 2016-12-18 15:20:39 +01:00
Eugen Rochko 66e08d880c Improved admin UI 2016-12-13 13:42:10 +01:00
Eugen Rochko 88218c83d5 Add suspend account functionality to admin UI 2016-12-06 18:22:59 +01:00
Eugen Rochko 7752662f97 Add filters for suspended accounts 2016-12-06 18:03:30 +01:00
Eugen Rochko 5522606989 Add single user mode 2016-12-06 17:19:26 +01:00
Eugen Rochko ca0757a6cf Add account suspension 2016-12-05 22:59:30 +01:00
Eugen Rochko 68586258ca Adding more to admin accounts UI 2016-12-04 18:10:40 +01:00
Eugen Rochko 7c81e7e9c7 Fix public tags page 2016-12-04 16:56:45 +01:00
Eugen Rochko b506010b4f Add "next" pagination to public profiles 2016-12-03 19:30:13 +01:00
Eugen Rochko fb61dd14c5 Admin accounts page lists accounts 2016-12-03 19:08:07 +01:00
Eugen Rochko 2d4ce8a867 Fix #248 - Reload all accounts when fetching from cache 2016-12-03 18:21:26 +01:00
Eugen Rochko 8260628fc8 Fix pt translations, improve pre-cache queries, removing will_paginate
from accounts/tags because it's a terribly inefficient way to paginate
large sets of data
2016-12-01 16:26:25 +01:00
Eugen Rochko a8814a19dc Add basic OEmbed provider API, fix #247 2016-11-30 23:01:03 +01:00
Eugen Rochko 8d4ef0b6c3 Per-status control for unlisted mode, also federation for unlisted mode
Fix #233, fix #268
2016-11-30 21:34:59 +01:00
Eugen Rochko 1bb1ec3b8d Further abstract caching for includes 2016-11-30 15:57:56 +01:00
Eugen Rochko 329b2a326d Normalize localizations, add stub for admin/accounts 2016-11-30 15:32:26 +01:00
Eugen Rochko 015cd99f41 Make User#current_sign_in_at actually track when user was last active,
by updating it at least every 24h if the user visits the site
2016-11-30 15:17:03 +01:00
Eugen Rochko bee7aeaea5 Unify collection caching code 2016-11-29 15:49:39 +01:00
Eugen Rochko d26b8f3cce Delete statuses asynchronously but provide instant feedback in the API 2016-11-29 15:32:25 +01:00
Eugen Rochko 02da8fdcbe Fix setting of confirmed=true on successful confirmation 2016-11-28 19:24:49 +01:00
Eugen Rochko f37efe8e56 Add simple admin overview of PuSH subscriptions 2016-11-28 18:45:13 +01:00
Eugen Rochko b5ad0eb4ea Adding embedded PuSH server 2016-11-28 13:36:47 +01:00
Eugen Rochko abeccf6eb2 X-RateLimit-Reset formatted with iso8601 2016-11-25 15:21:22 +01:00
Eugen Rochko 666eda7256 Remove stale entries from cache results 2016-11-25 13:25:40 +01:00
Eugen Rochko ea0846645a Fix #65 - Options to block notifications from people you don't follow/who don't follow you 2016-11-25 13:13:16 +01:00
Eugen Rochko 30f9e9e624 Remove Neo4J 2016-11-24 23:46:27 +01:00
Eugen Rochko 8ab2fcbb2c Mini Profiler not working well, remove it 2016-11-24 19:59:11 +01:00
Alyssa Ross cb06801b21 Extract filename obfuscation into module 2016-11-24 00:30:58 +00:00
Andrea Faulds 66a20701b7 Rename media to avoid exposing filename (fixes #207) 2016-11-23 21:03:03 +00:00
Eugen Rochko d78962c1ed Cache accounts/:id/statuses and single statuses too 2016-11-23 19:00:43 +01:00
Eugen Rochko 65d6191147 Adding sensitive marker to statuses in API 2016-11-23 10:46:48 +01:00
Eugen Rochko c60df460af Rename "publish" to "toot" in english locale, fix lightbox showing old image
before loading new one, cache notifications API, fix missing follow button
on public profiles
2016-11-23 09:20:34 +01:00
Eugen Rochko dda6354c76 Implement includes caching for timelines APIs 2016-11-23 08:34:35 +01:00
Eugen Rochko f6a975af8b More query optimizations 2016-11-22 23:18:54 +01:00
Eugen Rochko 30010a6dbd Moving some counter queries out of subqueries in the API 2016-11-22 22:59:54 +01:00
Eugen Rochko f07b0dc82f Remove unneeded indices, improve error handling in background workers, don't needlessly reload reblogged status, send Devise e-mails asynchronously 2016-11-22 17:32:51 +01:00
Eugen Rochko 74df3ba1d7 Local accounts can control "silenced" attribute which removes them from public timeline 2016-11-21 23:06:41 +01:00
Eugen Rochko 0aeae195cb Better error message in doorkeeper json response 2016-11-21 16:19:35 +01:00
Eugen Rochko 0a68464995 Performance improvement for notifications API 2016-11-21 16:10:42 +01:00
Eugen Rochko 4d100a1b36 Remove some n+1 queries from notifications API 2016-11-21 15:16:04 +01:00
Eugen Rochko 83cdfefa7d Remove orphaned notifications, add scopes param to app create API 2016-11-21 14:59:13 +01:00
Eugen Rochko 80d58c6c04 Desktop notifications 2016-11-21 10:24:50 +01:00
Eugen Rochko 38025dfea3 Adding unified streamable notifications 2016-11-20 19:39:58 +01:00
Eugen Rochko fbaddca49e Move Salmon processing to background as well as PuSH 2016-11-18 23:24:57 +01:00
Eugen Rochko b8e6ca45e5 Add user locale setting 2016-11-16 17:56:31 +01:00
Eugen Rochko 0e956910c3 Adding some localizations 2016-11-15 23:02:57 +01:00
Eugen Rochko c6f5eb8aa7 Fix #144 - Filter statuses from blocked users out of ancestors/descendants results 2016-11-15 17:33:41 +01:00
Eugen Rochko e71b152d89 Fix rubocop issues, introduce usage of frozen literal to improve performance 2016-11-15 16:56:29 +01:00
Eugen Rochko a7332acba3 Delegate processing of incoming PuSH data to background workers 2016-11-15 15:43:33 +01:00