Commit Graph

170 Commits (2d09653d50b8733cf53a5f72dc9c63b3b42cdf6a)

Author SHA1 Message Date
Eugen Rochko 7cb369d4c6
Change e-mail whitelist/blacklist to not be checked when invited (#10683)
* Change e-mail whitelist/blacklist to not be checked when invited

And only when creating an account, not when updating it later

Fix #10648

* Fix test
2019-05-03 23:44:44 +02:00
Zac be6ef1947e changed pinned status count operator
changed default pinned count to 5 to preserve default behavior
2019-04-29 20:52:53 +02:00
Zac 5616200ed4 added documentation into .env.production.sample
moved max pin count into constant
2019-04-29 20:52:53 +02:00
Zac a36affb9d6 add env var for max pinned toots 2019-04-29 20:52:53 +02:00
Thibaut Girka 5085559b15 Merge branch 'master' into glitch-soc/merge-upstream
Conflicts:
- app/views/admin/pending_accounts/index.html.haml
  No real conflict, upstream changes too close to glitch-specific
  theming system changes.
- config/navigation.rb
  Upstream redesigned the settings navigation, took those changes
  and re-inserted the flavours menu.
2019-04-10 09:16:08 +02:00
Eugen Rochko 400397c0c7
Change HTML validator to ignore all errors except unmatched tags (#10534) 2019-04-10 03:34:16 +02:00
Hinaloe 48f466daf1 Allow set the voting period to just 5 minutes (#10525)
* Add spec of PollValidator for #10190

* Raise fraction less than 1 second

* format

* simplify time initialize
2019-04-09 17:02:12 +02:00
Thibaut Girka f5f6d23d55 Merge branch 'master' into glitch-soc/merge-upstream
Conflicts:
- config/locales/pl.yml
  Conflict caused by new upstream string too close to glitch-specific
  “flavour” string. Took both strings.
2019-04-08 15:57:56 +02:00
Eugen Rochko 2c63e0292a
Fix admin validation being too strict about usernames (#10449)
* Fix admin validation being too strict about usernames

Fix #10446

* Strip Setting.site_contact_username consistently throughout the codebase
2019-04-06 17:53:17 +02:00
Thibaut Girka fae53e1a39 Merge branch 'master' into glitch-soc/merge-upstream 2019-03-26 17:39:20 +01:00
ThibG 0c46bd11aa Fix HTML validation (#10354)
* Fix HTML validation

* Report first HTML error instead on validation error
2019-03-26 17:33:26 +01:00
Thibaut Girka fcce135d27 Merge branch 'master' into glitch-soc/merge-upstream
Conflicts:
- app/controllers/admin/settings_controller.rb
- app/models/form/admin_settings.rb

Conflicts caused by upstream refactoring, while we have
flavours and skins, with the flavour_and_skin pseudo-setting.
2019-03-26 16:01:59 +01:00
Eugen Rochko 555c4e11ba
Add validations to admin settings (#10348)
* Add validations to admin settings

- Validate correct HTML markup
- Validate presence of contact username & e-mail
- Validate that all usernames are valid
- Validate that enums have expected values

* Fix code style issue

* Fix tests
2019-03-23 14:07:04 +01:00
Thibaut Girka 4806232997 Merge branch 'master' into glitch-soc/merge-upstream 2019-03-06 11:29:06 +01:00
Eugen Rochko 5996be994d
Fix poll validation issues (#10186)
- Fix missing interpolation argument in PollValidator
- Fix PollValidator rejecting exact allowed min/max durations
2019-03-06 04:54:11 +01:00
Thibaut Girka f513317ba2 Merge branch 'master' into glitch-soc/merge-upstream
Conflicts:
- app/models/status.rb
- db/schema.rb

Both conflicts are caused by us having extra database columns.
2019-03-05 19:23:16 +01:00
ThibG f2a1b8b96b Widen allowed time windows for polls (#10162) 2019-03-04 22:46:38 +01:00
Eugen Rochko 8fe93b0701
Fix vote validation for polls with multiple choices (#10138) 2019-03-03 23:41:30 +01:00
Eugen Rochko 230a012f00
Add polls (#10111)
* Add polls

Fix #1629

* Add tests

* Fixes

* Change API for creating polls

* Use name instead of content for votes

* Remove poll validation for remote polls

* Add polls to public pages

* When updating the poll, update options just in case they were changed

* Fix public pages showing both poll and other media
2019-03-03 22:18:23 +01:00
Thibaut Girka 0e34e91661 Merge branch 'master' into glitch-soc/merge-upstream 2019-02-12 20:32:48 +01:00
Franck Zoccolo 4f0322dcae Add support for IPv6 only MXes in Email validation (#10009)
* Add support for IPv6 only MXes

* Fixed email validator tests
2019-02-12 14:48:04 +01:00
Thibaut Girka a2a64ecd3e Merge branch 'master' into glitch-soc/merge-upstream
Conflicts:
- .eslintrc.yml
  Removed, as upstream removed it.
- app/controllers/admin/statuses_controller.rb
  Minor code cleanup when porting one of our features.
- app/models/account.rb
  Note length validation has changed upstream.
  We now use upstream's validation (dropped legacy glitch-soc
  account metadata stuff) but with configurable limit.
- app/services/post_status_service.rb
  Upstream has added support for scheduled toots, refactoring
  the code a bit. Adapted our changes to this refactoring.
- app/views/stream_entries/_detailed_status.html.haml
  Not a real conflict, changes too close.
- app/views/stream_entries/_simple_status.html.haml
  Not a real conflict, changes too close.
2019-01-10 21:00:30 +01:00
Eugen Rochko 45899cfa69
Change note length validation to ignore mention domains and URLs (#9717)
Fix #4419
2019-01-05 07:16:46 +01:00
ysksn 19abf4ef0b Add specs for UnreservedUsernameValidator (#9698)
* Add specs for UnreservedUsernameValidator

* Use instance variable
2019-01-03 13:10:02 +09:00
Thibaut Girka 571d219bb9 Merge branch 'master' into glitch-soc/merge-upstream
Conflicts manually resolved:
- app/services/post_status_service.rb
- config/locales/simple_form.pl.yml
- config/routes.rb
- config/webpack/loaders/sass.js
- config/webpack/shared.js
- package.json
- yarn.lock
2019-01-02 15:36:53 +01:00
ysksn 05edec6917 Add specs for BlackListedEmailValidator (#9651)
* Add specs for BlackListedEmailValidator

* Use instance variable
2018-12-29 07:23:44 +01:00
ysksn 4725aeec9f Add specs for DisallowedHashtagsValidator (#9653)
In order to implement tests easier, `#select_tags` created.
2018-12-29 07:22:51 +01:00
ysksn ccb9c1b952 Add pending specs for StatusLengthValidator (#9647)
* Add pending specs of StatusLengthValidator

* Use instance variable
2018-12-28 08:18:47 +01:00
Thibaut Girka 65e994b29b Merge branch 'master' into glitch-soc/merge-upstream
Conflicts:
- app/controllers/directories_controller.rb
- app/controllers/settings/applications_controller.rb
- app/controllers/settings/base_controller.rb
- app/controllers/settings/deletes_controller.rb
- app/controllers/settings/exports_controller.rb
- app/controllers/settings/follower_domains_controller.rb
- app/controllers/settings/imports_controller.rb
- app/controllers/settings/migrations_controller.rb
- app/controllers/settings/notifications_controller.rb
- app/controllers/settings/preferences_controller.rb
- app/controllers/settings/sessions_controller.rb
- app/controllers/settings/two_factor_authentication/confirmations_controller.rb
- app/controllers/settings/two_factor_authentication/recovery_codes_controller.rb
- app/controllers/settings/two_factor_authentications_controller.rb

Conflicts were due to some refactoring already made in glitch-soc
when introducing flavours.
2018-12-15 10:45:53 +01:00
Eugen Rochko dbb1ee269f
Improve e-mail MX validator and add tests (#9489) 2018-12-10 22:53:25 +01:00
Thibaut Girka 9201398507 Merge branch 'master' into glitch-soc/merge-upstream 2018-11-09 14:56:31 +01:00
Eugen Rochko 7f4adfaf77
Fix follow limit validator reporting lower number past threshold (#9230)
* Fix follow limit validator reporting lower number past threshold

* Avoid floating point follow limit
2018-11-08 21:06:01 +01:00
Thibaut Girka 00fcdebed7 Merge branch 'master' into glitch-soc/merge-upstream
Conflicts:
	db/migrate/20170716191202_add_hide_notifications_to_mute.rb
	spec/controllers/application_controller_spec.rb

Took our version, upstream changes were only minor style linting.
2018-10-05 15:23:57 +02:00
Eugen Rochko a46ab86adf
Limit the number of people that can be followed from one account (#8807)
Configurable soft limit of 7,500, and above that, configurable
ratio of 1.1 * followers, controlled by:

- MAX_FOLLOWS_THRESHOLD
- MAX_FOLLOWS_RATIO

Fix #2311
2018-10-04 17:36:11 +02:00
Thibaut Girka 6141c2a035 Merge branch 'master' into glitch-soc/merge-upstream 2018-07-26 21:22:43 +02:00
abcang 9ad334f65c Call address instead of exchange (#8076) 2018-07-26 04:49:28 +02:00
Thibaut Girka d392020da6 Merge branch 'master' into glitch-soc/tentative-merge
Conflicts:
	README.md
	app/controllers/statuses_controller.rb
	app/lib/feed_manager.rb
	config/navigation.rb
	spec/lib/feed_manager_spec.rb

Conflicts were resolved by taking both versions for each change.
This means the two filter systems (glitch-soc's keyword mutes and tootsuite's
custom filters) are in place, which will be changed in a follow-up commit.
2018-07-09 07:13:59 +02:00
Eugen Rochko 32a4b524fb
In e-mail validator, fallback from MX to A record (#7955)
Fix #7831
2018-07-05 20:57:24 +02:00
Thibaut Girka c087738270 Merge branch 'master' into glitch-soc/merge-upstream 2018-05-29 13:52:26 +02:00
takayamaki 03f4c214b4 fix: Don't validate MX record in development (#7654) 2018-05-28 19:14:24 +02:00
Thibaut Girka 659b8a12ec Merge branch 'master' into glitch-soc/merge-upstream
Conflicts:
	config/locales/ca.yml
	config/locales/nl.yml
	config/locales/oc.yml
	config/locales/pt-BR.yml

Resolved conflicts by removing upstream-specific changes
2018-05-27 13:20:15 +02:00
Eugen Rochko 63c7b91572 Validate that e-mail resolves with MX and it's not blacklisted (#7631)
Original patch by @j-a4
2018-05-27 11:58:08 +09:00
David Yip c816701550
Merge remote-tracking branch 'origin/master' into gs-master
Conflicts:
 	.travis.yml
 	Gemfile.lock
 	README.md
 	app/controllers/settings/follower_domains_controller.rb
 	app/controllers/statuses_controller.rb
 	app/javascript/mastodon/locales/ja.json
 	app/lib/feed_manager.rb
 	app/models/media_attachment.rb
 	app/models/mute.rb
 	app/models/status.rb
 	app/services/mute_service.rb
 	app/views/home/index.html.haml
 	app/views/stream_entries/_simple_status.html.haml
 	config/locales/ca.yml
 	config/locales/en.yml
 	config/locales/es.yml
 	config/locales/fr.yml
 	config/locales/nl.yml
 	config/locales/pl.yml
 	config/locales/pt-BR.yml
 	config/themes.yml
2018-05-03 17:23:44 -05:00
Emelia Smith 60b871d56c Implement the ability for instances to define a list of disallowed hashtags (#7176)
The goal here isn't to prevent these hashtags from existing, but just to strongly curtail their usage; The hashtags may still exist in the database via federated status, or from being created prior to this feature.
2018-04-23 23:52:58 +02:00
Jenkins e3d0d72b29 Merge remote-tracking branch 'tootsuite/master' into glitchsoc/master 2018-04-14 09:17:23 +00:00
Renato "Lond" Cerqueira 14d86eb0d0 Allow more than the max pins if account is not local (#7105)
Sidekiq sometimes throws errors for users that have more pinned items
than the allowed by the local instance. It should only validate the
number of pins for local accounts.
2018-04-12 20:36:02 +02:00
David Yip d2cdc2b5a3
Merge remote-tracking branch 'origin/master' into gs-master 2018-03-27 10:44:12 -05:00
Eugen Rochko 2a90da1837
Fix UniqueUsernameValidator comparison (#6926)
Comparison was downcasing only one side, therefore if previously
existing account had a non-lowercase spelling, it would be ignored
when checking for duplicates.

New rake task `mastodon:maintenance:find_duplicate_usernames` will
help find constraint violations that might have occured from the
presence of this bug.

Bump version to 2.3.3
2018-03-27 04:33:57 +02:00
Jenkins 6290cd7969 Merge remote-tracking branch 'tootsuite/master' into glitchsoc/master 2018-03-21 17:17:20 +00:00
Eugen Rochko 93897134ca
Permit dots in usernames with conditions (#6844)
* Permit dots in usernames with conditions

- Dot cannot be the start or end of username
- a.lice and al.ice are considered the same during sign-up

* Fix regex mixin flags
2018-03-21 10:26:53 +01:00
David Yip a6fb1c58ee
Merge remote-tracking branch 'origin/master' into merge-upstream
Conflicts:
	.env.production.sample
	app/controllers/auth/confirmations_controller.rb
	db/schema.rb
2018-02-04 16:36:19 -06:00
abcang 9b6223f5e2 Validation of count works even when text of status is nil (#6429) 2018-02-04 12:32:41 +01:00
David Yip 4c1fd9a19c
Merge remote-tracking branch 'tootsuite/master' into merge-upstream
Conflicts:
      app/javascript/styles/mastodon/components.scss
2018-02-02 08:39:52 -06:00
Alexander 04fef7b888 pam authentication (#5303)
* add pam support, without extra column

* bugfixes for pam login

* document options

* fix code style

* fix codestyle

* fix tests

* don't call remember_me without password

* fix codestyle

* improve checks for pam usage (should fix tests)

* fix remember_me part 1

* add remember_token column because :rememberable requires either a password or this column.

* migrate db for remember_token

* move pam_authentication to the right place, fix logic bug in edit.html.haml

* fix tests

* fix pam authentication, improve username lookup, add comment

* valid? is sometimes not honored, return nil instead trying to authenticate with pam

* update devise_pam_authenticatable2 and adjust code. Fixes sideeffects observed in tests

* update devise_pam_authenticatable gem, fixes for codeconventions, fix finding user

* codeconvention fixes

* code convention fixes

* fix idention

* update dependency, explicit conflict check

* fix disabled password updates if in pam mode

* fix check password if password is present, fix templates

* block registration if account is maintained by pam

* Revert "block registration if account is maintained by pam"

This reverts commit 8e7a083d650240b6fac414926744b4b90b435f20.

* fix identation error introduced by rebase

* block usernames maintained by pam

* document pam settings better

* fix code style
2018-02-02 10:18:55 +01:00
David Yip a057ed5cfe
Merge remote-tracking branch 'tootsuite/master' into merge-upstream 2017-12-12 02:54:13 -06:00
Eugen Rochko 2f4c5f504f
Limit users to 50 lists, remove pagination from lists API (#5933) 2017-12-09 01:32:29 +01:00
Lain Iwakura ca5440b93d Rename MAX_CHARS to MAX_TOOT_CHARS to be more specific. 2017-11-14 17:56:38 +01:00
Lain Iwakura dae8916544 Code style fixes. 2017-11-14 16:54:04 +01:00
Lain Iwakura 6cd192b9fb Make character limit configurable. 2017-11-14 16:22:34 +01:00
utam0k b3af3f9f8c Implement EmailBlackList (#5109)
* Implement BlacklistedEmailDomain

* Use Faker::Internet.domain_name

* Remove note column

* Add frozen_string_literal comment

* Delete unnecessary codes

* Sort alphabetically

* Change of wording

* Rename BlacklistedEmailDomain to EmailDomainBlock
2017-10-04 15:16:10 +02:00
Eugen Rochko 56af04dbb4 Fix #4918 - Limit pinned toots to 5 (#4923) 2017-09-13 11:04:32 +02:00
Eugen Rochko 9caa90025f Pinned statuses (#4675)
* Pinned statuses

* yarn manage:translations
2017-08-25 01:41:18 +02:00
Eugen Rochko e1fcad34a9 Fix length validator counting things that look like URIs like URLs (#4462)
URI.extract is too strong, not limited to URLs, matched real text.
Same issue was present in language detector.
2017-07-31 05:06:20 +02:00
Eugen Rochko 53b2b1b238 Count all URLs in text as 23 characters flat, do not count domain part of usernames (#4427)
* Count all URLs in text as 23 characters flat, do not count domain part of usernames

* Add new status text counting logic to web UI
2017-07-29 00:06:29 +02:00
Gô Shoemake 29a22691d2 Fix character/grapheme count stuff (#3839)
* Bring Toot button in line with counter

Both should use stringz I guess

* Use grapheme_length for character count
2017-06-19 11:31:14 +02:00
Eugen Rochko cdff1da901 Correct validators so that existing error messages would look correct (#3668) 2017-06-09 19:46:01 +02:00
Eugen Rochko f7a30e2fae Added support for configurable reserved usernames (fix of #1382) (#3566)
* Added support for configurable reserved usernames

* Added reserved usernames from mastodon issue 1355

* Fix reserved usernames
2017-06-05 01:03:45 +02:00
Guillaume Lo Re 7177e37b99 Stricter whitelist rules (#2213)
* Stricter whitelist rules

* Linting

* Added spec for blacklisting

* Test subdomain blacklist on domain whitelist

* No need to split

* Change spec name
2017-04-26 01:22:51 +02:00
Eugen 17c591ffba Punycode URI normalization (#2370)
* Fix #2119 - Whenever about to send a HTTP request, normalize the URI

* Add test for IDN request in FetchLinkCardService

* Perform IDN normalization on domains before they are stored in the DB
2017-04-25 02:47:31 +02:00
Matt Jankowski b330d1f000 Organize coverage dirs (#1695)
* Add `Presenters` group to SimpleCov configuration

* Move validators to app/validators, add to simplecov config
2017-04-13 16:00:31 +02:00