Commit Graph

7757 Commits (8b271d6d25a8e885564ff1ef41dea31def4aa3a8)

Author SHA1 Message Date
ThibG 52cda33b82 Fix invites not being disabled upon account suspension (#11412)
* Disable invite links from disabled/suspended users

* Add has_many invites relationship to users

* Destroy unused invites when suspending an account
2019-07-26 18:55:33 +02:00
Clar Fon ea0b3589ff Remove pre from version, add extra suffix variable (#11407) 2019-07-26 07:57:27 +02:00
ThibG 9000d604e9 Change settings to show restricted accounts only what they have access to (#11394)
Follow-up to 6be7b414e2
2019-07-25 04:22:09 +02:00
Eugen Rochko 93a6ab5a32 Change account domain block to clear out notifications and follows (#11393) 2019-07-25 04:17:35 +02:00
Rey Tucker 24d2316f63 Don't delete periods when validating username uniqueness (#11392) (#11400)
* Check to make sure usernames with '.' cannot be created

* Add test for instance actor account name conflicts

This makes sure that migration 20190715164535_add_instance_actor
won't fail if there's already an account that is named the same
as the domain (minus the .)

* Put the test into the correct context...

* Add another test to split this into two validations

* Don't delete periods when validating username uniqueness (#11392)

The 20190715164535_add_instance_actor migration fails if there's
already a username similar to the domain name, e.g. if you are
'vulpine.club' and have a user named 'vulpineclub', validation
fails.

Upon further review, usernames with periods are dropped by the
regular expression in the Account class, so we don't need to
worry about it here.

Fixes #11392
2019-07-24 14:19:17 +02:00
Yamagishi Kazutoshi 28ac87249e Remove modules.localIdentName (#11398) 2019-07-23 15:47:48 +02:00
ThibG 1635e401b6 Fix scrolling in single-column mode on Chrome (#11395)
Fixes #11389
2019-07-23 15:47:18 +02:00
dependabot-preview[bot] 884e20c028 Bump active_model_serializers from 0.10.9 to 0.10.10 (#11311)
* Bump active_model_serializers from 0.10.9 to 0.10.10

Bumps [active_model_serializers](https://github.com/rails-api/active_model_serializers) from 0.10.9 to 0.10.10.
- [Release notes](https://github.com/rails-api/active_model_serializers/releases)
- [Changelog](https://github.com/rails-api/active_model_serializers/blob/v0.10.10/CHANGELOG.md)
- [Commits](https://github.com/rails-api/active_model_serializers/compare/v0.10.9...v0.10.10)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

* Add root option to render method
2019-07-23 11:10:42 +02:00
Daigo 3 Dango ac219b6f88 List columns within the method (#11377)
To avoid the exception:

NoMethodError: undefined method `perform' for nil:NilClass
.../vendor/bundle/ruby/2.6.0/gems/strong_migrations-0.4.1/lib/strong_migrations/migration.rb:14:in `method_missing'
.../vendor/bundle/ruby/2.6.0/gems/activerecord-5.2.3/lib/active_record/migration.rb:604:in `method_missing'
.../db/migrate/20170918125918_ids_to_bigints.rb:69:in `<class:IdsToBigints>'
.../db/migrate/20170918125918_ids_to_bigints.rb:3:in `<top (required)>'
2019-07-23 11:08:11 +02:00
dependabot-preview[bot] 290c72062e Bump css-loader from 2.1.1 to 3.1.0 (#11382)
* Bump css-loader from 2.1.1 to 3.1.0

Bumps [css-loader](https://github.com/webpack-contrib/css-loader) from 2.1.1 to 3.1.0.
- [Release notes](https://github.com/webpack-contrib/css-loader/releases)
- [Changelog](https://github.com/webpack-contrib/css-loader/blob/master/CHANGELOG.md)
- [Commits](https://github.com/webpack-contrib/css-loader/compare/v2.1.1...v3.1.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

* localIdentName -> modules.localIdentName
2019-07-23 11:07:47 +02:00
dependabot-preview[bot] adbe5310fa Bump browser from 2.5.3 to 2.6.1 (#11388)
Bumps [browser](https://github.com/fnando/browser) from 2.5.3 to 2.6.1.
- [Release notes](https://github.com/fnando/browser/releases)
- [Changelog](https://github.com/fnando/browser/blob/master/CHANGELOG.md)
- [Commits](https://github.com/fnando/browser/compare/v2.5.3...v2.6.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-07-22 23:11:01 +09:00
dependabot-preview[bot] c7f90215b1 Bump oj from 3.7.12 to 3.8.0 (#11387)
Bumps [oj](https://github.com/ohler55/oj) from 3.7.12 to 3.8.0.
- [Release notes](https://github.com/ohler55/oj/releases)
- [Changelog](https://github.com/ohler55/oj/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/ohler55/oj/compare/v3.7.12...v3.8.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-07-22 23:07:42 +09:00
dependabot-preview[bot] fe26f82cca Bump rubocop from 0.72.0 to 0.73.0 (#11384)
Bumps [rubocop](https://github.com/rubocop-hq/rubocop) from 0.72.0 to 0.73.0.
- [Release notes](https://github.com/rubocop-hq/rubocop/releases)
- [Changelog](https://github.com/rubocop-hq/rubocop/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop-hq/rubocop/compare/v0.72.0...v0.73.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-07-22 23:06:34 +09:00
dependabot-preview[bot] 43a34ed422 Bump premailer-rails from 1.10.2 to 1.10.3 (#11386)
Bumps [premailer-rails](https://github.com/fphilipe/premailer-rails) from 1.10.2 to 1.10.3.
- [Release notes](https://github.com/fphilipe/premailer-rails/releases)
- [Changelog](https://github.com/fphilipe/premailer-rails/blob/master/CHANGELOG.md)
- [Commits](https://github.com/fphilipe/premailer-rails/compare/v1.10.2...v1.10.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-07-22 23:05:34 +09:00
dependabot-preview[bot] 179bb74f47 Bump capybara from 3.25.0 to 3.26.0 (#11385)
Bumps [capybara](https://github.com/teamcapybara/capybara) from 3.25.0 to 3.26.0.
- [Release notes](https://github.com/teamcapybara/capybara/releases)
- [Changelog](https://github.com/teamcapybara/capybara/blob/master/History.md)
- [Commits](https://github.com/teamcapybara/capybara/compare/3.25.0...3.26.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-07-22 23:04:17 +09:00
Eugen Rochko 6be7b414e2 Change unconfirmed user login behaviour (#11375)
Allow access to account settings, 2FA, authorized applications, and
account deletions to unconfirmed and pending users, as well as
users who had their accounts disabled. Suspended users cannot update
their e-mail or password or delete their account.

Display account status on account settings page, for example, when
an account is frozen, limited, unconfirmed or pending review.

After sign up, login users straight away and show a simple page that
tells them the status of their account with links to account settings
and logout, to reduce onboarding friction and allow users to correct
wrongly typed e-mail addresses.

Move the final sign-up step of SSO integrations to be the same
as above to reduce code duplication.
2019-07-22 10:48:50 +02:00
dependabot-preview[bot] e144b8db05 Bump eslint from 5.16.0 to 6.1.0 (#11383)
Bumps [eslint](https://github.com/eslint/eslint) from 5.16.0 to 6.1.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/master/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v5.16.0...v6.1.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-07-22 17:37:11 +09:00
dependabot-preview[bot] 52d1aea1ed Bump babel-eslint from 10.0.1 to 10.0.2 (#11381)
Bumps [babel-eslint](https://github.com/babel/babel-eslint) from 10.0.1 to 10.0.2.
- [Release notes](https://github.com/babel/babel-eslint/releases)
- [Commits](https://github.com/babel/babel-eslint/compare/v10.0.1...v10.0.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-07-22 17:36:55 +09:00
dependabot-preview[bot] 53a0a8f91a Bump intl-relativeformat from 6.4.2 to 6.4.3 (#11380)
Bumps [intl-relativeformat](https://github.com/formatjs/formatjs) from 6.4.2 to 6.4.3.
- [Release notes](https://github.com/formatjs/formatjs/releases)
- [Commits](https://github.com/formatjs/formatjs/compare/intl-relativeformat@6.4.2...intl-relativeformat@6.4.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-07-22 16:27:44 +09:00
dependabot-preview[bot] 9fc0c8fd37 Bump @clusterws/cws from 0.14.0 to 0.15.0 (#11379)
Bumps @clusterws/cws from 0.14.0 to 0.15.0.

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-07-22 16:27:16 +09:00
Daigo 3 Dango 8262f43036 Bind servers to 0.0.0.0 in Procfile (#11378)
* Bind to 0.0.0.0

* Make Procfile common to main and streaming apps
2019-07-22 06:16:30 +02:00
Eugen Rochko 79b9eee938 Add (back) rails-level JSON caching (#11333) 2019-07-21 22:32:16 +02:00
ThibG ee7254e8eb Fix boost to original audience not working on mobile (#11371) 2019-07-21 18:11:09 +02:00
ThibG 99b3dd5b00 Play animated custom emoji on hover (#11348)
* Play animated custom emoji on hover in status

* Play animated custom emoji on hover in display names

* Play animated custom emoji on hover in bios/bio fields

* Add support for animation on hover on public pages emojis too

* Fix tests

* Code style cleanup
2019-07-21 18:10:40 +02:00
Eugen Rochko 9027d911d0 Fix `alerts` booleans not being typecast correctly in push subscription (#11343)
* Fix `alerts` booleans not being typecast correctly in push subscription

Fix #10789

* Fix typo
2019-07-21 18:10:07 +02:00
Eugen Rochko 2b4fa0d6fa Change locale detection to run once per session (#8657)
Fix #6462
2019-07-21 18:08:02 +02:00
Eugen Rochko f9ed4354b1 Remove WebSub subscriptions (#11303) 2019-07-21 04:08:00 +02:00
ThibG 2582701b72 Display custom emoji in bio field names (#11350)
Already displayed in public pages, but not WebUI
2019-07-21 03:40:27 +02:00
ysksn 1f72e6226a Not to create an account if already exist (#11366) 2019-07-21 03:40:08 +02:00
ThibG 6d5f00fdfe Disallow numeric-only hashtags (#11363)
* Add spec covering numeric-only hashtags

* Fix hashtag regex
2019-07-19 23:22:35 +02:00
ThibG 47dfcc601b Fix some flash notices/alerts staying on unrelated pages (#11364) 2019-07-19 23:13:21 +02:00
dependabot-preview[bot] 2fe3965d17 Bump strong_migrations from 0.4.0 to 0.4.1 (#11307)
Bumps [strong_migrations](https://github.com/ankane/strong_migrations) from 0.4.0 to 0.4.1.
- [Release notes](https://github.com/ankane/strong_migrations/releases)
- [Changelog](https://github.com/ankane/strong_migrations/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ankane/strong_migrations/compare/v0.4.0...v0.4.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-07-20 01:08:02 +09:00
Eugen Rochko de4ead8fc6 Change single-column mode to scroll the whole page (#11359)
Fix #10840
2019-07-19 09:25:22 +02:00
ThibG 026f3a9d2d Fix avatar animation on hover when not logged in (#11349) 2019-07-19 09:18:23 +02:00
koyu ee3ab5a51d Added logout to dropdown menu (#11353)
* Added logout to dropdown menu

* Triggering build-and-test with empty commit as it seems it failed due to some internal failure

* Looks fine, ready to review

* Added changes from review

* method can be null without any problems

* Also target can be null
2019-07-19 03:58:46 +02:00
ThibG 773130d51a Fix sanitizing lists contents (#11354)
* Add test

* Fix code for sanitizing nested lists stripping all tags
2019-07-19 01:44:58 +02:00
ThibG c2126e3f98 Add ActivityPub actor representing the entire server (#11321)
* Add support for an instance actor

* Skip username validation for local Application accounts

* Add migration script to create instance actor

* Make Codeclimate happy

* Switch to id -99 for instance actor

* Remove unused `icon` and `image` attributes from instance actor

* Use if/elsif/else instead of return + ternary operator

* Add instance actor to fresh installs

* Use instance actor as instance representative

Use instance actor for forwarding reports, relay operations, and spam
auto-reporting.

* Seed database in test environment

* Fix single-user mode

* Fix tests

* Fix specs to accomodate for an extra `Account`

* Auto-reject follows on instance actor

Following an instance actor might make sense, but we are not handling that
right now, so auto-reject.

* Fix webfinger lookup and serialization for instance actor

* Rename instance actor

* Make it clear in the HTML view that the instance actor should not be blocked

* Raise cache time for instance actor as there's no dynamic content

* Re-use /about/more with a flash message for instance actor profile
2019-07-19 01:44:42 +02:00
Eugen Rochko 02cf7a07ae Change Dockerfile to bind to 0.0.0.0 instead of docker-compose.yml (#11351) 2019-07-18 20:28:05 +02:00
Eugen Rochko 1d560713b6 Fix only one middle dot being recognized in hashtags (#11345)
Fix #10934
2019-07-18 03:02:56 +02:00
Eugen Rochko 01cff5ee60 Add aac, m4a, 3gp to allowed audio formats (#11342)
Fix #11186
2019-07-18 03:02:30 +02:00
Eugen Rochko c27fb14e9f Change language detection to include hashtags as words (#11341) 2019-07-18 03:02:15 +02:00
dependabot-preview[bot] 020daac19f Bump rack-attack from 6.0.0 to 6.1.0 (#11313)
Bumps [rack-attack](https://github.com/kickstarter/rack-attack) from 6.0.0 to 6.1.0.
- [Release notes](https://github.com/kickstarter/rack-attack/releases)
- [Changelog](https://github.com/kickstarter/rack-attack/blob/master/CHANGELOG.md)
- [Commits](https://github.com/kickstarter/rack-attack/compare/v6.0.0...v6.1.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-07-18 01:07:02 +02:00
dependabot-preview[bot] b856854767 Bump rubocop-rails from 2.2.0 to 2.2.1 (#11308)
Bumps [rubocop-rails](https://github.com/rubocop-hq/rubocop-rails) from 2.2.0 to 2.2.1.
- [Release notes](https://github.com/rubocop-hq/rubocop-rails/releases)
- [Changelog](https://github.com/rubocop-hq/rubocop-rails/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop-hq/rubocop-rails/compare/v2.2.0...v2.2.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-07-18 01:06:39 +02:00
dependabot-preview[bot] f4ecf3c821 Bump puma from 3.12.1 to 4.0.1 (#11306)
Bumps [puma](https://github.com/puma/puma) from 3.12.1 to 4.0.1.
- [Release notes](https://github.com/puma/puma/releases)
- [Changelog](https://github.com/puma/puma/blob/master/History.md)
- [Commits](https://github.com/puma/puma/compare/v3.12.1...v4.0.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-07-18 01:06:14 +02:00
ThibG 9bea975f52 Fix typo in StatusPolicy (#11344) 2019-07-18 00:48:26 +02:00
ThibG 9015b19e09 Add setting to disable the anti-spam (#11296)
* Add environment variable to disable the anti-spam

* Move antispam setting to admin settings

* Fix typo

* antispam → spam_check
2019-07-17 21:09:15 +02:00
Eugen Rochko 50caff4dc0 Change terms and privacy policy pages to always be accessible (#11334)
Fix #11328
2019-07-17 19:29:37 +02:00
ThibG 978792a112 Fix custom CSS controller (#11336) 2019-07-17 17:14:25 +02:00
ThibG ac154ccc95 Extend AUTHORIZED_FETCH mode to user blocks as well (#11332)
* Extend AUTHORIZED_FETCH mode to user blocks as well

* Move decision to deny access to StatusPolicy
2019-07-17 01:53:37 +02:00
ThibG a4b1083795 Fix caching headers in ActivityPub endpoints (#11331)
* Fix reverse-proxy caching in public fetch mode

* Fix caching in ActivityPub-specific controllers
2019-07-17 00:00:39 +02:00