Commit Graph

1778 Commits (355fba4db8c93da78b985bc8c6859714a61ce607)

Author SHA1 Message Date
Eugen Rochko 17881148e4 Revert filtering public timelines by locale by default (#20294) 2022-11-10 05:34:42 +01:00
trwnh 9d3cf4d9d4 Make account endorsements idempotent (fix #19045) (#20118)
* Make account endorsements idempotent (fix #19045)

* Accept suggestion to use exists? instead of find_by + nil check

Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>

* fix logic (unless, not if)

* switch to using `find_or_create_by!`

Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
2022-11-08 16:39:15 +01:00
trwnh 9596a1374d Fix uncaught 500 error on invalid `replies_policy` (Fix #19097) (#20126) 2022-11-08 16:37:28 +01:00
Claire 99cdfec05e Merge branch 'main' into glitch-soc/merge-upstream 2022-11-07 19:53:30 +01:00
Claire 811f8d2175 Fix crash when external auth provider has no display_name set (#19962)
Fixes #19913
2022-11-07 15:43:24 +01:00
Claire 495243d9ae Merge branch 'main' into glitch-soc/merge-upstream 2022-11-07 07:50:47 +01:00
Claire bfb8121e94 Fix crash in legacy filter creation controller (#19878) 2022-11-07 03:38:53 +01:00
Claire 20fb459dee Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `app/javascript/mastodon/features/compose/components/poll_form.js`:
  glitch-soc change because of having changed the default number of
  available poll options.
  Applied upstream's changes while keeping glitch-soc's default number of
  poll options.
- `public/oops.png`:
  We had a minor graphics change, probably not worth diverging from upstream.
  Took upstream version.
2022-11-06 09:50:41 +01:00
Eugen Rochko b38a465476 Change `AUTHORIZED_FETCH` to not block unauthenticated REST API access (#19803)
New environment variable `DISALLOW_UNAUTHENTICATED_API_ACCESS`
2022-11-05 22:56:03 +01:00
Claire 4b0e72b2b7 Fix reblogs being discarded after the reblogged status (#19731) 2022-11-04 16:31:44 +01:00
Claire a5e1f56347 Fix inaccurate admin log entry for re-sending confirmation e-mails (#19674)
Fixes #19593
2022-11-02 18:50:21 +01:00
prplecake 0527968d31 Allow number of trending hashtags to be customizable (#1884) 2022-11-02 09:20:47 +01:00
Eugen Rochko 529fe25add Change post-processing to be deferred only for large media types (#19617) 2022-11-01 15:27:58 +01:00
Claire 78f77cb5d4 Change featured hashtag deletion to be done synchronously (#19590) 2022-10-31 16:31:44 +01:00
Claire 4a8b813a1f Merge branch 'main' into glitch-soc/merge-upstream 2022-10-31 08:37:32 +01:00
Eugen Rochko fdfe1eae4a Remove language filtering from hashtag timelines (#19563) 2022-10-30 21:29:23 +01:00
Claire 96bd245f04 Merge branch 'main' into glitch-soc/merge-upstream 2022-10-30 19:35:59 +01:00
Claire 8c94b641a9 Fix invites (#19560)
Fixes #19507

Fix regression from #19296
2022-10-30 19:04:39 +01:00
Claire 525919c04f Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `app/javascript/mastodon/locales/ja.json`:
  Upstream change too close to a glitch-soc-specific string.
  The glitch-soc-specific string should not have been in this file, so it
  has been moved to `app/javascript/flavours/glitch/locales/ja.js`.
- `app/javascript/packs/public.js`:
  Upstream refactored a part, that as usual is split and duplicated in various
  pack files. Updated those pack files accordingly.
- `app/views/layouts/application.html.haml`:
  Upstream fixed custom.css path in a different way than we did, went with
  upstream's change.
2022-10-30 18:15:28 +01:00
Eugen Rochko 69f2f514d2 Fix admin APIs returning deleted object instead of empty object upon delete (#19479)
Fix #19153
2022-10-30 02:43:57 +02:00
Eugen Rochko fa30d092f2 Fix language not being saved when editing status (#19543)
Fix #19542
2022-10-30 02:43:27 +02:00
Claire 1686374b2f Fix domain block export not exporting blocks with only media rejection 2022-10-28 20:14:25 +02:00
Claire 0060eb5dcf Merge branch 'main' into glitch-soc/merge-upstream 2022-10-28 19:23:58 +02:00
Eugen Rochko 4435be82db Fix uncaught error when invalid date is supplied to API (#19480)
Fix #19213
2022-10-27 14:30:52 +02:00
Eugen Rochko 3e5588bf70 Add ability to view previous edits of a status in admin UI (#19462)
* Add ability to view previous edits of a status in admin UI

* Change moderator access to posts to be controlled by a separate policy
2022-10-26 13:42:29 +02:00
Eugen Rochko 6c1c7d9d3b Change unauthenticated search to not support pagination in REST API (#19326)
- Only exact search matches for queries with < 5 characters
- Do not support queries with `offset` (pagination)
- Return HTTP 401 on truthy `resolve` instead of overriding to false
2022-10-26 12:10:02 +02:00
Eugen Rochko 7b0b8221a5 Fix IP blocks not having a unique index (#19456) 2022-10-25 21:43:44 +02:00
Yamagishi Kazutoshi 9e8b91092a Fix `Settings::FeaturedTagsController` (#19418)
Regression from #19409
2022-10-22 23:14:58 +02:00
Takeshi Umeda 64b46b9ae5 Change featured tag updates to add/remove activity (#19409)
* Change featured tag updates to add/remove activity

* Fix to check for the existence of feature tag

* Rename service and worker

* Merge AddHashtagSerializer with AddSerializer

* Undo removal of sidekiq_options
2022-10-22 18:30:55 +02:00
Eugen Rochko 2130895196 Change settings area to be separated into categories in admin UI (#19407)
And update all descriptions
2022-10-22 11:44:41 +02:00
Eugen Rochko 0fdfbe555e Change public accounts pages to mount the web UI (#19319)
* Change public accounts pages to mount the web UI

* Fix handling of remote usernames in routes

- When logged in, serve web app
- When logged out, redirect to permalink
- Fix `app-body` class not being set sometimes due to name conflict

* Fix missing `multiColumn` prop

* Fix failing test

* Use `discoverable` attribute to control indexing directives

* Fix `<ColumnLoading />` not using `multiColumn`

* Add `noindex` to accounts in REST API

* Change noindex directive to not be rendered by default before a route is mounted

* Add loading indicator for detailed status in web UI

* Fix missing indicator appearing while account is loading in web UI
2022-10-20 14:35:29 +02:00
Takeshi Umeda fd61882f1a Add synchronization of remote featured tags (#19380)
* Add LIMIT of featured tag to instance API response

* Add featured_tags_collection_url to Account

* Add synchronization of remote featured tags

* Deliver update activity when updating featured tag

* Remove featured_tags_collection_url

* Revert "Add featured_tags_collection_url to Account"

This reverts commit cff349fc27b104ded2df6bb5665132dc24dab09c.

* Add hashtag sync from featured collections

* Fix tag name normalize

* Add target option to fetch featured collection

* Refactor fetch_featured_tags_collection_service

* Add LIMIT of featured tag to v1/instance API response
2022-10-20 09:15:52 +02:00
prplecake ed8c16377f Make "No $entity selected" errors more accurate (#19356)
Previously all controllers would use the single "No accounts changed as
none were selected" message. This commit changes them to read "tags",
"posts", "emojis", etc. where necessary.
2022-10-15 00:20:54 +02:00
Eugen Rochko e376f33207 Change about page to be mounted in the web UI (#19345) 2022-10-13 14:42:37 +02:00
Eugen Rochko dac14696a0 Add server banner to web app, add `GET /api/v2/instance` to REST API (#19294)
Cherry-picked d2528b26b6

Conflicts:
- `app/serializers/initial_state_serializer.rb`:
  Upstream changed stuff, we had extra attributes.
  Applied upstream changes while keeping our extra attributes.
- `app/serializers/rest/instance_serializer.rb`:
  Upstream actually moved that to `app/serializers/rest/v1/instance_serializer.rb`,
  so updated that file by keeping our extra attributes, and took upstream's
  version of `app/serializers/rest/instance_serializer.rb`.
- `spec/views/about/show.html.haml_spec.rb`:
  Took upstream's version.
2022-10-09 19:51:39 +02:00
Eugen Rochko a56ab9f111 [Glitch] Allow non-logged users to access /web
Port babebc4e8a to glitch-soc

Signed-off-by: Claire <claire.github-309c@sitedethib.com>
2022-10-09 18:23:15 +02:00
Eugen Rochko b24b85b63f Add support for language preferences for trending statuses and links (#18288) 2022-10-08 16:45:40 +02:00
Eugen Rochko 378e00b59c Change privacy policy to be rendered in web UI, add REST API (#19310)
Source string no longer localized, Markdown instead of raw HTML
2022-10-08 06:01:11 +02:00
Claire e3a35fea7b Fix /privacy-policy not using the appropriate resource packs (#1853)
Fixes #1852

This was an oversight from last upstream merge, failing to account for
glitch-soc's theming system.
2022-10-07 11:35:31 +02:00
Eugen Rochko ce7d058a91 Remove setting that disables account deletes (#17683) 2022-10-06 10:16:47 +02:00
Eugen Rochko 8ad51fba6c Change public statuses pages to mount the web UI (#19301) 2022-10-06 02:26:34 +02:00
Eugen Rochko 82d3e178ba Remove previous landing page (#19300) 2022-10-06 02:19:45 +02:00
Eugen Rochko 448d8ae2df Add server rules to sign-up flow (#19296) 2022-10-05 18:57:33 +02:00
Eugen Rochko 85a10f182e Change public timelines to be filtered by current locale by default (#19291)
In the absence of an opt-in to multiple specific languages in the
preferences, it makes more sense to filter by the user's presumed
language only (interface language or `lang` override)
2022-10-05 03:48:06 +02:00
Eugen Rochko c603978cf6 Add server banner to web app, add `GET /api/v2/instance` to REST API (#19294) 2022-10-05 03:47:56 +02:00
Claire c2c59a75cb Fix deleted pinned posts potentially counting towards the pinned posts limit (#19005)
Fixes #18938
2022-10-05 00:16:40 +02:00
Eugen Rochko 58c367fb47 Remove code for rendering public and hashtag timelines outside the web UI (#19257) 2022-10-04 20:13:46 +02:00
Claire 6b9e47b82b Revert "Change search API to be accessible without being logged in (#18963)"
This reverts commit 4207f3d8fc.
2022-10-02 18:46:28 +02:00
Claire a4fc7ac922 Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `app/controllers/home_controller.rb`:
  Upstream made it so `/web` is available to non-logged-in users
  and `/` redirects to `/web` instead of `/about`.
  Kept our version since glitch-soc's WebUI doesn't have what's
  needed yet and I think /about is still a much better landing
  page anyway.
- `app/models/form/admin_settings.rb`:
  Upstream added new settings, and glitch-soc had an extra setting.
  Not really a conflict.
  Added upstream's new settings.
- `app/serializers/initial_state_serializer.rb`:
  Upstream added a new `server` initial state object.
  Not really a conflict.
  Merged upstream's changes.
- `app/views/admin/settings/edit.html.haml`:
  Upstream added new settings.
  Not really a conflict.
  Merged upstream's changes.
- `app/workers/scheduler/feed_cleanup_scheduler.rb`:
  Upstream refactored that part and removed the file.
  Ported our relevant changes into `app/lib/vacuum/feeds_vacuum.rb`
- `config/settings.yml`:
  Upstream added new settings.
  Not a real conflict.
  Added upstream's new settings.
2022-10-02 18:46:22 +02:00
Eugen Rochko c04359a63b Change path of privacy policy page (#19249) 2022-09-29 06:22:12 +02:00
Eugen Rochko babebc4e8a Add logged-out access to the web UI (#18961) 2022-09-29 04:39:33 +02:00
Eugen Rochko a593188ded Add user content translations with configurable backends (#19218) 2022-09-23 23:00:12 +02:00
Claire e1d78575c4 Refactor ActivityPub handling to prepare for non-Account actors (#19212)
* Move ActivityPub::FetchRemoteAccountService to ActivityPub::FetchRemoteActorService

ActivityPub::FetchRemoteAccountService is kept as a wrapper for when the actor is
specifically required to be an Account

* Refactor SignatureVerification to allow non-Account actors

* fixup! Move ActivityPub::FetchRemoteAccountService to ActivityPub::FetchRemoteActorService

* Refactor ActivityPub::FetchRemoteKeyService to potentially return non-Account actors

* Refactor inbound ActivityPub payload processing to accept non-Account actors

* Refactor inbound ActivityPub processing to accept activities relayed through non-Account

* Refactor how Account key URIs are built

* Refactor Request and drop unused key_id_format parameter

* Rename ActivityPub::Dereferencer `signature_account` to `signature_actor`
2022-09-21 22:45:57 +02:00
Claire 2b97fbbd88 Fix typo in SignatureVerification (#19209)
Fix regression from #15605
2022-09-21 14:48:35 +02:00
Eugen Rochko f4e91041b2 Add ability to filter followed accounts' posts by language (#19095) 2022-09-20 23:51:21 +02:00
Claire b8853ddcb9 Improve error reporting and logging when processing remote accounts (#15605)
* Add a more descriptive PrivateNetworkAddressError exception class

* Remove unnecessary exception class to rescue clause

* Remove unnecessary include to JsonLdHelper

* Give more neutral error message when too many webfinger redirects

* Remove unnecessary guard condition

* Rework how “ActivityPub::FetchRemoteAccountService” handles errors

Add “suppress_errors” keyword argument to avoid raising errors in
ActivityPub::FetchRemoteAccountService#call (default/previous behavior).

* Rework how “ActivityPub::FetchRemoteKeyService” handles errors

Add “suppress_errors” keyword argument to avoid raising errors in
ActivityPub::FetchRemoteKeyService#call (default/previous behavior).

* Fix Webfinger::RedirectError not being a subclass of Webfinger::Error

* Add suppress_errors option to ResolveAccountService

Defaults to true (to preserve previous behavior). If set to false,
errors will be raised instead of caught, allowing the caller to be
informed of what went wrong.

* Return more precise error when failing to fetch account signing AP payloads

* Add tests

* Fixes

* Refactor error handling a bit

* Fix various issues

* Add specific error when provided Digest is not 256 bits of base64-encoded data

* Please CodeClimate

* Improve webfinger error reporting
2022-09-20 23:30:26 +02:00
Claire 534077cea2 Fix REST API sometimes returning HTML on error (#19135)
Fixes #19115
2022-09-08 09:44:36 +02:00
Claire a6d6d303f7 Fix error when accessing /filters/:id/statuses on glitch-soc (#1837)
I failed to account for glitch-soc's theming system when merging
from upstream.
2022-08-31 11:55:27 +02:00
Claire 2a7538aeed Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `app/controllers/settings/preferences_controller.rb`:
  Upstream dropping `digest` from notifications emails while we have more
  notification emails settings.
  Removed `digest` from our list while keeping our extra settings.
- `app/javascript/packs/admin.js`:
  Conflicts caused by glitch-soc's theming system.
  Applied the changes to `app/javascript/core/admin.js`.
- `app/views/settings/preferences/other/show.html.haml`:
  Upstream removed a setting close to a glitch-soc-only setting.
  Applied upstream's change.
2022-08-28 11:31:00 +02:00
Eugen Rochko 4207f3d8fc Change search API to be accessible without being logged in (#18963)
But with the resolve option turned off
2022-08-28 03:45:19 +02:00
Eugen Rochko 7c8bba150b Change following and followers API to be accessible without being logged in (#18964) 2022-08-28 03:45:07 +02:00
Eugen Rochko e7cc67d505 Add admin API for managing e-mail domain blocks (#19066) 2022-08-28 03:37:55 +02:00
Eugen Rochko a0bb5674d9 Add admin API for managing canonical e-mail blocks (#19067) 2022-08-28 03:31:54 +02:00
Eugen Rochko 71f59e78b8 Add admin API for managing IP blocks (#19065) 2022-08-27 20:56:47 +02:00
Eugen Rochko 7300beadd9 Remove digest e-mails (#17985)
* Remove digest e-mails

* Remove digest-related code
2022-08-25 23:38:22 +02:00
Eugen Rochko 1206e691bd Add ability to select all accounts matching search for batch actions (#19053) 2022-08-25 23:33:34 +02:00
Eugen Rochko f9ebc320ed Add audit log entries for user roles (#19040)
* Refactor audit log schema

* Add audit log entries for user roles
2022-08-25 20:39:40 +02:00
Claire a0c630d5ff Merge branch 'main' into glitch-soc/merge-upstream 2022-08-25 05:07:39 +02:00
Claire 522fbf9d13 Add ability to filter individual posts (#18945)
* Add database table for status-specific filters

* Add REST endpoints, entities and attributes

* Show status filters in /filters interface

* Perform server-side filtering for individual posts filters

* Fix filtering on context mismatch

* Refactor `toServerSideType` by moving it to its own module

* Move loupe and delete icons to their own module

* Add ability to filter individual posts from WebUI

* Replace keyword list by warnings (expired, context mismatch)

* Refactor server-side filtering code

* Add tests
2022-08-25 04:27:47 +02:00
Eugen Rochko b2e1224baa Add ability to block sign-ups from IP (#19037) 2022-08-24 19:00:37 +02:00
Claire 081005232f Merge branch 'main' into glitch-soc/merge-upstream 2022-07-22 09:58:35 +02:00
Claire 4536638050 Fix /api/v1/tags/:id route constraints (#18854)
The constraint was applied prior to decoding, and rejected anything containing
the '%' character, which would be used for anything with non-ASCII unicode
characters.
2022-07-20 17:06:52 +02:00
Claire b50ab06371 Merge branch 'main' into glitch-soc/merge-upstream
- `.env.production.sample`:
  Our sample config file is very different from upstream since it is much more
  complete. Upstream added documentation for a few env variables.
  Copied the new variables/documentation from upstream.
- `app/lib/feed_manager.rb`:
  Upstream added a timeline type (hashtags), while glitch-soc already had an
  extra one (direct messages). Not really a conflict but textually close
  changes.
  Ported upstream's changes.
- `app/models/custom_emoji.rb`:
  Upstream upped the custom emoji size limit, while glitch-soc had configurable
  limits.
  Upped the default limits accordingly.
- `streaming/index.js`:
  Upstream reworked how hastags were normalized. Minor conflict due to
  glitch-soc's handling of instance-local posts.
  Ported upstream's changes.
2022-07-17 22:07:20 +02:00
Eugen Rochko 265c09fef1 Add ability to follow hashtags (#18809) 2022-07-17 13:49:29 +02:00
Eugen Rochko 38d04135bf Change how hashtags are normalized (#18795)
* Change how hashtags are normalized

* Fix tests
2022-07-13 15:03:28 +02:00
Claire 655bac2c3a Fix authorization check in domain blocks controller 2022-07-05 11:57:30 +02:00
Claire 06a878c6b5 Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `app/controllers/admin/base_controller.rb`:
  Minor conflict caused by glitch-soc's theming system.
- `app/javascript/mastodon/initial_state.js`:
  Minor conflict caused by glitch-soc making use of max_toot_chars.
- `app/models/form/admin_settings.rb`:
  Minor conflict caused by glitch-soc's theming system.
- `app/models/trends.rb`:
  Minor conflict caused by glitch-soc having more granular
  notification settings for trends.
- `app/views/admin/accounts/index.html.haml`:
  Minor conflict caused by glitch-soc's theming system.
- `app/views/admin/instances/show.html.haml`:
  Minor conflict caused by glitch-soc's theming system.
- `app/views/layouts/application.html.haml`:
  Minor conflict caused by glitch-soc's theming system.
- `app/views/settings/preferences/notifications/show.html.haml`:
  Minor conflict caused by glitch-soc having more granular
  notification settings for trends.
- `config/navigation.rb`:
  Minor conflict caused by glitch-soc having additional
  navigation items for the theming system while upstream
  slightly changed every line.
2022-07-05 09:33:44 +02:00
Eugen Rochko e164d6a687 Add customizable user roles (#18641)
* Add customizable user roles

* Various fixes and improvements

* Add migration for old settings and fix tootctl role management
2022-07-05 02:41:40 +02:00
Claire 490417762f Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `.github/workflows/build-image.yml`:
  Fix erroneous deletion in a previous merge.
- `Gemfile`:
  Conflict caused by glitch-soc-only hCaptcha dependency
- `app/controllers/auth/sessions_controller.rb`:
  Minor conflict due to glitch-soc's theming system.
- `app/controllers/filters_controller.rb`:
  Minor conflict due to glitch-soc's theming system.
- `app/serializers/rest/status_serializer.rb`:
  Minor conflict due to glitch-soc having an extra `local_only` property
2022-06-28 11:11:18 +02:00
Claire 90e5a9bd98 Revamp post filtering system (#18058)
* Add model for custom filter keywords

* Use CustomFilterKeyword internally

Does not change the API

* Fix /filters/edit and /filters/new

* Add migration tests

* Remove whole_word column from custom_filters (covered by custom_filter_keywords)

* Redesign /filters

Instead of a list, present a card that displays more information and handles
multiple keywords per filter.

* Redesign /filters/new and /filters/edit to add and remove keywords

This adds a new gem dependency: cocoon, as well as a npm dependency:
cocoon-js-vanilla. Those are used to easily populate and remove form fields
from the user interface when manipulating multiple keyword filters at once.

* Add /api/v2/filters to edit filter with multiple keywords

Entities:
- `Filter`: `id`, `title`, `filter_action` (either `hide` or `warn`), `context`
  `keywords`
- `FilterKeyword`: `id`, `keyword`, `whole_word`

API endpoits:
- `GET /api/v2/filters` to list filters (including keywords)
- `POST /api/v2/filters` to create a new filter
  `keywords_attributes` can also be passed to create keywords in one request
- `GET /api/v2/filters/:id` to read a particular filter
- `PUT /api/v2/filters/:id` to update a new filter
  `keywords_attributes` can also be passed to edit, delete or add keywords in
   one request
- `DELETE /api/v2/filters/:id` to delete a particular filter
- `GET /api/v2/filters/:id/keywords` to list keywords for a filter
- `POST /api/v2/filters/:filter_id/keywords/:id` to add a new keyword to a
   filter
- `GET /api/v2/filter_keywords/:id` to read a particular keyword
- `PUT /api/v2/filter_keywords/:id` to edit a particular keyword
- `DELETE /api/v2/filter_keywords/:id` to delete a particular keyword

* Change from `irreversible` boolean to `action` enum

* Remove irrelevent `irreversible_must_be_within_context` check

* Fix /filters/new and /filters/edit with update for filter_action

* Fix Rubocop/Codeclimate complaining about task names

* Refactor FeedManager#phrase_filtered?

This moves regexp building and filter caching to the `CustomFilter` class.

This does not change the functional behavior yet, but this changes how the
cache is built, doing per-custom_filter regexps so that filters can be matched
independently, while still offering caching.

* Perform server-side filtering and output result in REST API

* Fix numerous filters_changed events being sent when editing multiple keywords at once

* Add some tests

* Use the new API in the WebUI

- use client-side logic for filters we have fetched rules for.
  This is so that filter changes can be retroactively applied without
  reloading the UI.
- use server-side logic for filters we haven't fetched rules for yet
  (e.g. network error, or initial timeline loading)

* Minor optimizations and refactoring

* Perform server-side filtering on the streaming server

* Change the wording of filter action labels

* Fix issues pointed out by linter

* Change design of “Show anyway” link in accordence to review comments

* Drop “irreversible” filtering behavior

* Move /api/v2/filter_keywords to /api/v1/filters/keywords

* Rename `filter_results` attribute to `filtered`

* Rename REST::LegacyFilterSerializer to REST::V1::FilterSerializer

* Fix systemChannelId value in streaming server

* Simplify code by removing client-side filtering code

The simplifcation comes at a cost though: filters aren't retroactively
applied anymore.
2022-06-28 09:42:13 +02:00
Claire d0cc795d0f Add /api/v1/admin/domain_allows (#18668)
- `GET /api/v1/admin/domain_allows` lists allowed domains
- `GET /api/v1/admin/domain_allows/:id` shows one by ID
- `DELETE /api/v1/admin/domain_allows/:id` deletes a given domain from the list
  of allowed domains
- `POST /api/v1/admin/domain_allows` to allow a new domain:
  if that domain is already allowed, the existing DomainAllow will be returned
2022-06-23 23:12:01 +02:00
tateisu 6d1b8097a0 use Notification::TYPES for api push subscription alerts (#18709) 2022-06-23 01:44:27 +02:00
Claire d28d7d4b72 Fix suspicious sign-in mails never being sent (#18599)
* Add tests

* Fix suspicious sign-in mails never being sent
2022-06-21 15:16:22 +02:00
Claire 3b4abfe132 Merge branch 'main' into glitch-soc/merge-upstream 2022-06-10 11:51:43 +02:00
Eugen Rochko 0eb2db6b52 Add administrative webhooks (#18510)
* Add administrative webhooks

* Fix error when webhook is deleted before delivery worker runs
2022-06-09 21:57:36 +02:00
Claire a864904fad Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `app/javascript/styles/fonts/montserrat.scss`:
  Code style changes upstream, path changes in glitch-soc.
  Applied upstream's code style changes.
- `app/javascript/styles/fonts/roboto-mono.scss`:
  Code style changes upstream, path changes in glitch-soc.
  Applied upstream's code style changes.
- `app/javascript/styles/fonts/roboto.scss`:
  Code style changes upstream, path changes in glitch-soc.
  Applied upstream's code style changes.
- `app/models/account.rb`:
  Textual conflict only caused by glitch-soc using a different value
  for character limits in a nearby line.
  Applied upstream's changes.
- `app/views/statuses/_simple_status.html.haml`:
  Attribute added to a tag modified by glitch-soc.
  Added upstream's attributes.
- `yarn.lock`:
  Upstream added/updated dependencies close to glitch-soc-only ones.
  Updated/added upstream dependencies.
2022-06-02 09:49:38 +02:00
Claire 9f3bf956ad Add /api/v1/admin/domain_blocks (#18247)
* Add /api/v1/admin/domain_blocks

Fixes #18140

- `GET /api/v1/admin/domain_blocks` lists domain blocks
- `GET /api/v1/admin/domain_blocks/:id` shows one by ID
- `DELETE /api/v1/admin/domain_blocks/:id` deletes a given domain block
- `POST /api/v1/admin/domain_blocks` to create a new domain block:
  if it conflicts with an existing one, returns an error with
  an attribute `existing_domain_block` with the rendered domain block

* Simplify conflict handling as suggested in review
2022-06-01 17:31:36 +02:00
Claire 65259c7b68 Fix incorrect permission check for notifications destroy/dismiss endpoints (#1787) 2022-05-27 16:21:59 +02:00
Claire 17c2120267 Merge branch 'main' into glitch-soc/merge-upstream 2022-05-26 22:49:47 +02:00
Eugen Rochko b264197a1d Fix suspended users being able to access APIs that don't require a user (#18524) 2022-05-26 22:04:05 +02:00
Eugen Rochko 89d4d6fd3b Fix confirmation redirect to app without `Location` header (#18523) 2022-05-26 22:03:54 +02:00
Claire 61e105a326 Merge branch 'main' into glitch-soc/merge-upstream 2022-05-26 18:34:27 +02:00
Claire f5e6c776c1 Change unapproved and unconfirmed account to not be accessible in the REST API (#17530)
* Change unapproved and unconfirmed account to not be accessible in the REST API

* Change Account#searchable? to reject unconfirmed and unapproved users

* Disable search for unapproved and unconfirmed users in Account.search_for

* Disable search for unapproved and unconfirmed users in Account.advanced_search_for

* Remove unconfirmed and unapproved accounts from Account.searchable scope

* Prevent mentions to unapproved/unconfirmed accounts

* Fix some old tests for Account.advanced_search_for

* Add some Account.advanced_search_for tests for existing behaviors

* Add some tests for Account.search_for

* Add Account.advanced_search_for tests unconfirmed and unapproved accounts

* Add Account.searchable tests

* Fix Account.without_unapproved scope potentially messing with previously-applied scopes

* Allow lookup of unconfirmed/unapproved accounts through /api/v1/accounts/lookup

This is so that the API can still be used to check whether an username is free
to use.
2022-05-26 15:50:33 +02:00
Claire 73a2e3326f Add confirmation page when importing blocked domains (#1773)
* Move glitch-soc-specific strings to glitch-soc-specific locale files

* Add confirmation page when importing blocked domains
2022-05-16 18:26:49 +02:00
Claire fbfa953ad2 Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `app/services/remove_status_service.rb`:
  Conflict due to glitch-soc having extra code for a proper direct visibility
  timeline, in a part of the code upstream refactored.
  Restored glitch-soc's extra code in the refactored bit.
2022-05-16 09:42:32 +02:00
Levi Bard b8319d0578 Allow import/export of instance-level domain blocks/allows (#1754)
* Allow import/export of instance-level domain blocks/allows.
Fixes #15095

* Pacify circleci

* Address simple code review feedback

* Add headers to exported CSV

* Extract common import/export functionality to
AdminExportControllerConcern

* Add additional fields to instance-blocked domain export

* Address review feedback

* Split instance domain block/allow import/export into separate pages/controllers

* Address code review feedback

* Pacify DeepSource

* Work around Paperclip::HasAttachmentFile for Rails 6

* Fix deprecated API warning in export tests

* Remove after_commit workaround
2022-05-16 09:29:01 +02:00
Eugen Rochko f1707c6d50 Refactor how Redis locks are created (#18400)
* Refactor how Redis locks are created

* Fix autorelease duration on account deletion lock
2022-05-13 00:02:35 +02:00
Claire c6e7c928ab Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `package.json`:
  Not really a conflict, upstream updated a dependency textually adjacent to a
  glitch-soc-only one.
  Updated the dependency as upstream did.
2022-05-11 09:37:48 +02:00
Eugen Rochko 41ad817afa Change RSS feeds (#18356)
* Change RSS feeds

- Use date and time for titles instead of ellipsized text
- Use full content in body, even when there is a content warning
- Use media extensions

* Change feed icons and add width and height attributes to custom emojis

* Fix custom emoji animate on hover breaking

* Fix tests
2022-05-09 07:43:08 +02:00
Claire a62029ad4c Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `package.json`:
  Not really a conflict, upstream updated a dependency textually adjacent to a
  glitch-soc-only one.
  Updated the dependency as upstream did.
2022-05-03 10:16:49 +02:00