Commit Graph

40 Commits (a0b5e9a1b1627ac0d03eaa7c207861804a5195cd)

Author SHA1 Message Date
Matt Jankowski 8dec215a57 Fix RSpec/ContextWording cop (#24739) 2023-05-04 05:49:08 +02:00
Matt Jankowski c48dd42fa8 Misc coverage improvements for validators (#23928) 2023-03-04 17:00:00 +01:00
Nick Schonning 247bf6e812 Enable Rubocop Style/StringConcatenation defaults (#23792) 2023-02-22 09:54:36 +09:00
Nick Schonning 754c417e29 Autofix Rubocop RSpec/LeadingSubject (#23670) 2023-02-20 13:24:14 +09:00
Nick Schonning a25f6522da Enable Rubocop RSpec/NotToNot (#23723) 2023-02-20 02:33:27 +01:00
Nick Schonning 1de4bdbaf4 Autofix Rubocop RSpec/ReturnFromStub (#23724) 2023-02-20 02:32:10 +01:00
Nick Schonning a63cb79201 Autofix Rubocop RSpec/EmptyLineAfterFinalLet (#23707) 2023-02-19 07:10:19 +09:00
Nick Schonning 31ca76fe2c Run rubocop formatting except line length (#23632) 2023-02-18 06:56:20 +09:00
Claire 1c279cca28 Fix email with empty domain name labels passing validation (#23246)
* Fix email with empty domain name labels passing validation

`EmailMxValidator` would allow empty labels because `Resolv::DNS` is
particularly lenient about them, but the email would be invalid and
unusable.

* Add tests
2023-01-24 20:18:41 +01:00
Eugen Rochko 0eb2db6b52 Add administrative webhooks (#18510)
* Add administrative webhooks

* Fix error when webhook is deleted before delivery worker runs
2022-06-09 21:57:36 +02:00
Eugen Rochko 1cd4518c29 Remove IP matching from e-mail domain blocks (#18190)
Clear out e-mail domain blocks created from automatically resolved DNS records
2022-04-29 23:27:03 +02:00
Eugen Rochko d6d285eb75 Fix being able to post URLs longer than 4096 characters (#17908) 2022-03-30 14:46:03 +02:00
Eugen Rochko ea5bf21a1d Change e-mail domain blocks to block IPs dynamically (#17635)
* Change e-mail domain blocks to block IPs dynamically

* Update app/workers/scheduler/email_domain_block_refresh_scheduler.rb

Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>

* Update app/workers/scheduler/email_domain_block_refresh_scheduler.rb

Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>

Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
2022-02-24 17:28:23 +01:00
luzpaz b97e7364f3 Fix various typos (#17621)
Found via `codespell -q 3 -S ./CHANGELOG.md,./AUTHORS.md,./config/locales,./app/javascript/mastodon/locales -L ba,keypair,medias,ro`
2022-02-22 20:14:17 +01:00
Claire 5aade2baac Add support for private pinned posts (#16954)
* Add support for private pinned toots

* Allow local user to pin private toots

* Change wording to avoid "direct message"
2022-01-17 00:49:55 +01:00
Eugen Rochko c9bb0e576d Add canonical e-mail blocks for suspended accounts (#16049)
Prevent new accounts from being created using the same underlying
e-mail as a suspended account using extensions and period
permutations. Stores e-mails as a SHA256 hash
2021-04-17 03:14:25 +02:00
Claire ebe08f4335 Bypass MX validation for explicitly allowed domains (#15930)
* Bypass MX validation for explicitly allowed domains

This spares some lookups and prevent issues in some edge cases with
local domains.

* Add tests

* Fix test
2021-03-19 23:48:47 +01:00
Claire 3feb291d90 Prepare Mastodon for zeitwerk autoloader (#15917)
* Prepare Mastodon for zeitwerk autoloader (Rails 6)

Add inflections and rename/move a few classes.

In particular, app/lib/exceptions.rb and app/lib/sanitize_config.rb
were manually loaded while still in autoload paths.

* Add inflection for Url → URL
2021-03-19 02:42:43 +01:00
Claire 53d99e7426 Fix URL scanning in note length validator and preview card fetching (#15827)
* Add tests

* Fix URL scanning in note length validator and preview card fetching
2021-03-04 00:12:26 +01:00
Claire a33f8f787a Update twitter-text from 1.14 to 3.1.0 and fix toot character counting (#15382)
* Update twitter-text from 1.14 to 3.1.0

* Disable emoji parsing

* Properly depend on twitter-text for url detection

* Fix some URLs being wrongly detected client-side

* Add test for server-side validation of non-autolinkable URLs

* Fix server-side status length counting
2021-03-02 12:02:56 +01:00
Eugen Rochko ade70733f7 Add `details` to error response for `POST /api/v1/accounts` in REST API (#15803) 2021-03-01 04:59:13 +01:00
ThibG 8baad22f68 Improve email address validation (#14565)
* Increase DNS timeout from 1 second to 5 seconds for MX check

1 seconds is rather short when using a recursive DNS resolver which
hasn't got a cached result already available. Use 5 seconds instead,
which is the timeout value we use for outgoing HTTP queries.

* Add more precise error messages for invalid e-mail addresses
2020-08-12 12:40:25 +02:00
abcang 94bc823eb6 Search account domain in lowercase (#13016)
* Search account domain in lowercase

* fix rubocop error

* fix spec/models/account_spec.rb
2020-02-01 15:42:24 +01:00
Eugen Rochko c058ffd67b Fix validations of reactions limit (#12955) 2020-01-25 16:00:29 +01:00
Eugen Rochko 05e9cd13eb Change admin UI for hashtags and add back whitelisted trends (#11490)
Fix #271

Add back the `GET /api/v1/trends` API with the caveat that it does
not return tags that have not been allowed to trend by the staff.

When a hashtag begins to trend (internally) and that hashtag has
not been previously reviewed by the staff, the staff is notified.

The new admin UI for hashtags allows filtering hashtags by where
they are used (e.g. in the profile directory), whether they have
been reviewed or are pending reviewal, they show by how many people
the hashtag is used in the directory, how many people used it
today, how many statuses with it have been created today, and it
allows fixing the name of the hashtag to make it more readable.

The disallowed hashtags feature has been reworked. It is now
controlled from the admin UI for hashtags instead of from
the file `config/settings.yml`
2019-08-05 19:54:29 +02:00
ThibG 4ad004d2ef Fix “invited by” not showing up for invited accounts in admin interface (#10791) 2019-05-19 21:40:36 +02:00
Eugen Rochko c3b1f6963b Change e-mail whitelist/blacklist to not be checked when invited (#10683)
* Change e-mail whitelist/blacklist to not be checked when invited

And only when creating an account, not when updating it later

Fix #10648

* Fix test
2019-05-03 23:44:44 +02:00
Hinaloe da343470c4 Allow set the voting period to just 5 minutes (#10525)
* Add spec of PollValidator for #10190

* Raise fraction less than 1 second

* format

* simplify time initialize
2019-04-09 17:02:12 +02:00
Franck Zoccolo ffe97d5dda Add support for IPv6 only MXes in Email validation (#10009)
* Add support for IPv6 only MXes

* Fixed email validator tests
2019-02-12 14:48:04 +01:00
ysksn cd51dfdd76 Add specs for UrlValidator (#9699) 2019-01-03 13:10:20 +09:00
ysksn 3cab7b9a17 Add specs for UnreservedUsernameValidator (#9698)
* Add specs for UnreservedUsernameValidator

* Use instance variable
2019-01-03 13:10:02 +09:00
ysksn 41afd670c9 Add specs for FollowLimitValidator (#9655) 2018-12-29 08:24:52 +01:00
ysksn 5eb6d7e3e0 Add specs for BlackListedEmailValidator (#9651)
* Add specs for BlackListedEmailValidator

* Use instance variable
2018-12-29 07:23:44 +01:00
ysksn a3b4684435 Add specs for DisallowedHashtagsValidator (#9653)
In order to implement tests easier, `#select_tags` created.
2018-12-29 07:22:51 +01:00
ysksn 44c1647ea1 Add specs for StatusPinValidator (#9648) 2018-12-28 18:09:32 +09:00
ysksn c4559969b4 Add pending specs for StatusLengthValidator (#9647)
* Add pending specs of StatusLengthValidator

* Use instance variable
2018-12-28 08:18:47 +01:00
Eugen Rochko 8d3910afdd Improve e-mail MX validator and add tests (#9489) 2018-12-10 22:53:25 +01:00
ysksn 994c20699c Remove pending spec (#9454)
Since dots are not allowed in username,
this spec is no longer needed.
2018-12-07 16:38:50 +01:00
unarist 0fb7252ac4 Add a spec for UniqueUsernameValidator (#6927)
Note that this spec has a pending test about dots in the username,
because allowing it has been reverted for now.
2018-03-27 05:22:58 +02:00
Eugen Rochko 39b0588256 Count all URLs in text as 23 characters flat, do not count domain part of usernames (#4427)
* Count all URLs in text as 23 characters flat, do not count domain part of usernames

* Add new status text counting logic to web UI
2017-07-29 00:06:29 +02:00