Commit Graph

1424 Commits (a1aaba08a73db5dccf2b122203ee47eb4cfd002b)

Author SHA1 Message Date
Emelia Smith 8b4d7b22ed Allow reports with long comments from remote instances, but truncate (#25028) 2023-05-22 13:15:21 +02:00
Claire 844d8e101e Add hCaptcha support (#25019) 2023-05-16 23:27:35 +02:00
Claire 99f1302cc3 Fix reports not being closed when performing batch suspensions (#24988) 2023-05-16 14:56:49 +02:00
Matt Jankowski d65d954409 Extract StatusSafeReblogInsert concern from Status (#24821) 2023-05-04 14:06:20 +02:00
Nick Schonning 2f2c8f671b Autofix Rubocop Style/HashSyntax (#23754) 2023-05-04 05:54:26 +02:00
Matt Jankowski e8537a3a01 Fix Performance/CollectionLiteralInLoop cop (#24819) 2023-05-04 05:33:55 +02:00
Claire 90b45c5040 Fix various edge cases with local moves (#24812) 2023-05-03 19:19:25 +02:00
Claire f89b5c08b6 Fix own posts not getting delivered to own lists (#24810) 2023-05-03 19:17:40 +02:00
Matt Jankowski b7e49e1a70 Fix Performance/MethodObjectAsBlock cop (#24798) 2023-05-03 10:30:54 +02:00
Matt Jankowski ec265b7d8a Fix Rails/ActiveRecordCallbacksOrder cop (#24689) 2023-05-02 18:23:35 +02:00
Matt Jankowski 7a843ed550 Extract AccountSearch concern from Account (#24716) 2023-05-02 18:21:36 +02:00
Matt Jankowski 4d1f9d4278 Rename `with_lock` to `with_redis_lock` to avoid confusion with ActiveRecord's method (#24741) 2023-05-02 18:16:07 +02:00
Matt Jankowski 621e53f8fc Fix Performance/Sum cop (#24788) 2023-05-02 16:10:40 +02:00
Claire a247f77162 Change lists to be able to include accounts with pending follow requests (#19727) 2023-05-02 14:40:36 +02:00
Matt Jankowski 182bb4595f Fix Lint/DuplicateBranch cop (#24766) 2023-05-02 12:57:11 +02:00
Claire abce7cf2b9 Rewrite import feature (#21054) 2023-05-02 12:08:48 +02:00
Matt Jankowski bdbc9d0036 Fix Rails/CompactBlank cop (#24690) 2023-04-30 14:07:21 +02:00
Matt Jankowski e9e394fe57 Fix Rails/InverseOf cop (#24732) 2023-04-30 14:06:53 +02:00
Nick Schonning 519ae8c0c6 Drop EOL Ruby 2.7 (#24237) 2023-04-27 01:46:18 +02:00
Claire d1e9e79cb7 Minor clean up and optimization of the automatic post deletion code (#24613) 2023-04-21 16:53:50 +02:00
Robert R George 335b53ab48 Add trend management to admin API (#24257) 2023-04-18 11:33:30 +02:00
Heitor de Melo Cardozo a34c422490 Change moderation search an account using the username with @ (#24242) 2023-04-17 14:16:36 +02:00
Claire 1afa6d8cbf Refactor `Status._insert_record` slightly and tighten the test around reblogs of discarded statuses (#24516) 2023-04-12 12:47:05 +02:00
Kuba Suder 158d6fcb43 fixed typo in a constant name (#24511) 2023-04-12 10:06:57 +02:00
Claire 6ccd12b521 Fix unescaped user input in LDAP query (#24379) 2023-04-04 12:42:38 +02:00
Nick Schonning 5f1a0f550b Autofix Rubocop Rails/IgnoredColumnsAssignment (#23761) 2023-03-31 15:07:22 +02:00
Christian Schmidt 41190c8172 Wrong type for user setting when default is defined by lambda (#24321) 2023-03-31 07:33:17 +02:00
Eugen Rochko c75fccf033 Change user settings to be stored in a more optimal way (#23630)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-03-30 14:44:00 +02:00
Claire af57bcd3cf Fix user archive takeout when using OpenStack Swift or S3 providers with no ACL support (#24200) 2023-03-27 17:07:37 +02:00
Eugen Rochko 1d2a941bc8 Change media upload limits and remove client-side resizing (#23726) 2023-03-25 10:00:03 +01:00
Claire 12eb6740d1 Fix Rails cache namespace being overriden with `v2` for cached statuses (#24202) 2023-03-22 15:47:44 +01:00
Takeshi Umeda df68ba2e6a Refactoring relations_map (#24195) 2023-03-21 10:32:58 +01:00
Vyr Cossont d1b3f02926 Webhooks for local status.create, status.update, account.update (#24133) 2023-03-19 07:47:54 +01:00
Eugen Rochko ef0c6a43ed Change user backups to use expiring URLs for download when possible (#24136) 2023-03-16 22:46:52 +01:00
Christian Schmidt 7583523bf0 Replace `Status#translatable?` with language matrix in separate endpoint (#24037) 2023-03-16 11:07:24 +01:00
Claire 980472efc8 Fix unconfirmed accounts being registered as active users (#23803) 2023-03-06 16:00:08 +01:00
Jean byroot Boussier 08c2938b4a Upgrade to latest redis-rb 4.x and fix deprecations (#23616)
Co-authored-by: Jean Boussier <jean.boussier@gmail.com>
2023-03-04 16:38:28 +01:00
Christian Schmidt cc0c37cd69 Only offer translation for supported languages (#23879) 2023-03-03 21:06:31 +01:00
Claire 5acc02793a Fix external authentication not running onboarding code for new users (#23458) 2023-03-03 20:45:55 +01:00
Claire 6943192f5e Fix server error when failing to follow back followers from `/relationships` (#23787) 2023-03-03 20:36:18 +01:00
Claire 7bc43c91a0 Fix “Remove all followers from the selected domains” being more destructive than it claims (#23805) 2023-03-03 20:25:15 +01:00
Matt Jankowski 35cbd0685d Fix deprecation warning about merging conditions (#23618) 2023-03-02 16:21:04 +01:00
Matt Jankowski 385ae6681d Fix single-record invalid condition on PollVote (#23810) 2023-02-27 09:31:15 +01:00
Claire 0fb32f919f Fix inefficiency when searching accounts per username in admin interface (#23801) 2023-02-22 11:53:13 +01:00
Nick Schonning eed0829d3f Autofix Rubocop Rails/WhereEquals (#23759) 2023-02-21 03:20:56 +09:00
Nick Schonning e6312104c7 Autofix Rubocop remaining Layout rules (#23679) 2023-02-20 06:58:28 +01:00
Nick Schonning c08d9e5e5c Autofix Rubocop Style/UnpackFirst (#23741) 2023-02-20 06:51:43 +01:00
Nick Schonning 448f0929a7 Autofix Rubocop Rails/EnumHash (#23737) 2023-02-20 05:00:36 +01:00
Nick Schonning 483fabc53f Autofix Rubocop Rails/RedundantForeignKey (#23731) 2023-02-20 02:19:40 +01:00
Nick Schonning 49f1168050 Autofix Rubocop Style/RedundantBegin (#23703) 2023-02-19 07:09:40 +09:00
Nick Schonning 3f9d7419d1 Autofix Rubocop Style/Lambda (#23696) 2023-02-18 12:39:00 +01:00
Nick Schonning 793f8c7dd5 Autofix Rubocop Style/IfUnlessModifier (#23697) 2023-02-18 12:37:47 +01:00
Nick Schonning b7d4391c4d Autofix Rubocop Lint/AmbiguousOperatorPrecedence (#23681) 2023-02-18 04:30:23 +01:00
Nick Schonning 31ca76fe2c Run rubocop formatting except line length (#23632) 2023-02-18 06:56:20 +09:00
Aaron Patterson edc6f486bf Upgrade to Ruby 3.2 (#22928)
Co-authored-by: Matthew Ford <matt@bitzesty.com>
2023-02-15 08:30:27 +01:00
Claire 1a094b002d Fix admin-set follow recommandations being case-sensitive (#23500)
Fixes #23472
2023-02-10 11:14:58 +01:00
Claire cdcf981ad7 Fix server status URL being a required server setting (#23499) 2023-02-10 10:20:43 +01:00
Nick Schonning ae45c9ccd4 Apply Rubocop Rails/WhereNot (#23448)
* Apply Rubocop Rails/WhereNot

* Update spec for where.not
2023-02-08 10:39:57 +01:00
Nick Schonning 4a49c50e64 Apply Rubocop Performance/BlockGivenWithExplicitBlock (#23441)
* Apply Rubocop Performance/BlockGivenWithExplicitBlock

* Unprefix used block parameter
2023-02-08 10:36:23 +01:00
Nick Schonning e0a02f8696 Apply Rubocop Style/NegatedIfElseCondition (#23451) 2023-02-08 07:07:36 +01:00
Nick Schonning faa8b582de Apply Rubocop Style/RedundantAssignment (#23452) 2023-02-08 07:06:50 +01:00
Nick Schonning 0ea80860f4 Apply Rubocop Performance/RedundantBlockCall (#23440) 2023-02-08 00:58:18 +01:00
Nick Schonning 38ec6d27d8 Autofix Rails/EagerEvaluationLogMessage (#23429)
* Autofix Rails/EagerEvaluationLogMessage

* Update spec for debug block syntax
2023-02-07 03:44:36 +01:00
Eugen Rochko 92e5feb621 Add setting for status page URL (#23390) 2023-02-04 04:56:06 +01:00
Claire 9e5f274ba9 Add `roles` attribute to Account entities in REST API (#23255) 2023-01-25 19:55:40 +01:00
Claire d28bbdfd48 Fix account activation being triggered before email confirmation (#23245)
* Add tests

* Fix account activation being triggered before email confirmation

Fixes #23098
2023-01-24 19:40:21 +01:00
Jeong Arm c5474e725f Fix Account Strike causing PG not null validation error (#23178) 2023-01-21 10:22:22 +01:00
Claire 340be8d706 Add option to make the landing page be /about even when trends are enabled (#20808)
* Add option to make the landing page be /about even when trends are enabled

* Restablish /explore as landing page by default
2023-01-18 16:43:58 +01:00
Claire 592fe1a3bd Add confirmation screen when handling reports (#22375)
* Add confirmation screen on moderation actions

* Add flash notice when a report has been processed

* Refactor tests

* Add tests
2023-01-18 16:40:09 +01:00
Claire 267f5c242f Fix situations in which instance actor can be set to a Mastodon-incompatible name (#22307)
* Validate internal actor

* Use “internal.actor” by default for the server actor username

* Fix instance actor username on the fly if it includes ':'

* Change actor name from internal.actor to mastodon.internal
2023-01-18 16:33:03 +01:00
Claire 0687eb20da Change domain block CSV parsing to be more robust and handle more lists (#21470)
* Change domain block CSV parsing to be more robust and handle more lists

* Add some tests

* Improve domain block import validation and reporting
2023-01-18 16:20:52 +01:00
David Freedman 4d0985ce9c Don't crash on unobtainable avatars (#22462) 2023-01-13 16:40:06 +01:00
Claire 64952cef52 Fix crash when marking statuses as sensitive while some statuses are deleted (#22134)
* Do not offer to mark statuses as sensitive if there is no undeleted status with media attachments

* Fix crash when marking statuses as sensitive while some statuses are deleted

Fixes #21910

* Fix multiple strikes being created for a single report when selecting “Mark as sensitive”

* Add tests
2023-01-13 10:46:52 +01:00
Kaspar V 1cd04e5d77 Fix/remove calling private method with send in model (#22951)
* fix(status): remove send usage for private unlink_from_conversations

- make unlink_from_conversations public method
- rename unlink_from_conversations to unlink_from_conversations!
- fix send call on private method in statuses_vacuum and batched_remove_status_service

* fix(feeds_vacuum): replace find_in_batches with in_batches

because active record query results should be a little more efficient than
itterating with map and each. Postgres can grasp such lists of ids much quicker
than ruby can.
Will probably make allmost no difference, but cannot hurt either.
2023-01-11 21:57:24 +01:00
Darius Kazemi b8408d85ea Fix account search not returning followed accounts first (#22956)
* Make autosuggest for mentions return followed accounts first

This makes it so that (when elasticsearch is disabled) when a user types '@foo' in the compose box, they are first going to get accounts they follow ordered by the ranking algorithm, and then second they will get accounts they do not follow, also ordered by the ranking algorithm.

This makes behavior more consistent with user expectation and also with results when elasticsearch is enabled.

* Fix ranking order to correct direction

* One more fixup per @gargron suggestion

* Tweak to ranking to no longer include following modifier
2023-01-06 07:35:52 +01:00
Claire d809eb0e83 Fix site upload validations (#22479)
* Fix site settings media upload handling of DimensionsValidationError

Fixes #22234

* Fix underlying validations not being performed for site uploads
2023-01-05 13:42:03 +01:00
Claire ee5686999e Strip spaces around URL when adding a relay (#22655)
* Strip spaces around URL when adding a relay

Fixes #22650

* Gracefuly handle URL parsing errors in URL validator
2023-01-05 13:33:33 +01:00
Alexander Ivanov d126de71a6 Add webhook `account.approved` (#22938)
* Webhook `account.approved` when preparing new user

* Update Webhook.EVENTS
2023-01-05 13:29:49 +01:00
Partho Ghosh 5cdba7b239 Fix ・ detection in hashtag regex to construct hashtag correctly (#22888)
* Fix ・ detection in hashtag regex to construct hashtag correctly

* Fixed rubocop liniting issues

* More rubocop linting fix
2023-01-04 02:12:48 +01:00
Claire cfeb01b17f Add follow request banner on account header (#20785)
* Add requested_by to relationship maps

* Display whether an account has requested to follow you on their profile
2022-12-15 18:50:11 +01:00
Claire b821678966 Change remote media files to be downloaded outside of transactions (#21796) 2022-12-15 18:09:48 +01:00
Jeong Arm 429687c59f Add "disabled" user filter for admin/accounts UI (#21282) 2022-12-15 17:30:47 +01:00
Jeong Arm 0bcfa2b429 Save avatar or header correctly even if other one fails (#18465)
* Save avatar or header correctly if other one fails

* Fix test
2022-12-15 17:11:14 +01:00
Francis Murillo 3a11a90dd3 Revoke all authorized applications on password reset (#21325)
* Clear sessions on password change

* Rename User::clear_sessions to revoke_access for a clearer meaning

* Add reset paassword controller test

* Use User.find instead of User.find_for_authentication for reset password test

* Use redirect and render for better test meaning in reset password

Co-authored-by: Effy Elden <effy@effy.space>
2022-12-15 15:47:06 +01:00
Claire 145a3506b3 Fix failure when “Require a reason to join” is set with open registrations (#22127) 2022-12-07 16:39:58 +01:00
Claire d4e4d272e1 Fix 500 error when trying to migrate to an invalid address (#21462)
* Fix 500 error when trying to migrate to an invalid address

* Add tests
2022-12-07 02:35:39 +01:00
Claire aec7de494f Fix unbounded recursion in account discovery (#22025)
* Fix trying to fetch posts from other users when fetching featured posts

* Rate-limit discovery of new subdomains

* Put a limit on recursively discovering new accounts
2022-12-07 00:15:24 +01:00
Claire b97260426b Fix irreversible and whole_word parameters handling in /api/v1/filters (#21988)
Fixes #21965
2022-12-07 00:10:53 +01:00
Claire 851c6d647f Fix spaces not being stripped in admin account search (#21324)
Fixes #21058

Regression from #18641
2022-11-27 20:47:29 +01:00
Kaspar V f2ec356cb6 refactor(vacuum statuses): reduce amount of db queries and load for each query - improve performance (#21487)
* refactor(statuses_vacuum): remove dead code - unused

Method is not called inside class and private.
Clean up dead code.

* refactor(statuses_vacuum): make retention_period present test explicit

This private method only hides functionality.
It is best practice to be as explicit as possible.

* refactor(statuses_vacuum): improve query performance

- fix statuses_scope having sub-select for Account.remote scope by
  `joins(:account).merge(Account.remote)`
- fix statuses_scope unnecessary use of `Status.arel_table[:id].lt`
  because it is inexplicit, bad practice and even slower than normal
  `.where('statuses.id < ?'`
- fix statuses_scope remove select(:id, :visibility) for having reusable
  active record query batches (no re queries)
- fix vacuum_statuses! to use in_batches instead of find_in_batches,
  because in_batches delivers a full blown active record query result,
  in stead of an array - no requeries necessary
- send(:unlink_from_conversations) not to perform another db query, but
  reuse the in_batches result instead.
- remove now obsolete remove_from_account_conversations method
- remove_from_search_index uses array of ids, instead of mapping
  the ids from an array - this should be more efficient
- use the in_batches scope to call delete_all, instead of running
  another db query for this - because it is again more efficient
- add TODO comment for calling models private method with send

* refactor(status): simplify unlink_from_conversations

- add `has_many through:` relation mentioned_accounts
- use model scope local instead of method call `Status#local?`
- more readable add account to inbox_owners when account.local?

* refactor(status): searchable_by way less sub selects

These queries all included a sub-select. Doing the same with a joins
should be more efficient.
Since this method does 5 such queries, this should be significant,
since it technically halves the query count.

This is how it was:

```ruby
[3] pry(main)> Status.first.mentions.where(account: Account.local, silent: false).explain
  Status Load (1.6ms)  SELECT "statuses".* FROM "statuses" WHERE "statuses"."deleted_at" IS NULL ORDER BY "statuses"."id" DESC LIMIT $1  [["LIMIT", 1]]
  Mention Load (1.5ms)  SELECT "mentions".* FROM "mentions" WHERE "mentions"."status_id" = $1 AND "mentions"."account_id" IN (SELECT "accounts"."id" FROM "accounts" WHERE "accounts"."domain" IS NULL) AND "mentions"."silent" = $2  [["status_id", 109382923142288414], ["silent", false]]
=> EXPLAIN for: SELECT "mentions".* FROM "mentions" WHERE "mentions"."status_id" = $1 AND "mentions"."account_id" IN (SELECT "accounts"."id" FROM "accounts" WHERE "accounts"."domain" IS NULL) AND "mentions"."silent" = $2 [["status_id", 109382923142288414], ["silent", false]]
                                                    QUERY PLAN
------------------------------------------------------------------------------------------------------------------
 Nested Loop  (cost=0.15..23.08 rows=1 width=41)
   ->  Seq Scan on accounts  (cost=0.00..10.90 rows=1 width=8)
         Filter: (domain IS NULL)
   ->  Index Scan using index_mentions_on_account_id_and_status_id on mentions  (cost=0.15..8.17 rows=1 width=41)
         Index Cond: ((account_id = accounts.id) AND (status_id = '109382923142288414'::bigint))
         Filter: (NOT silent)
(6 rows)
```

This is how it is with this change:

```ruby
[4] pry(main)> Status.first.mentions.joins(:account).merge(Account.local).active.explain
  Status Load (1.7ms)  SELECT "statuses".* FROM "statuses" WHERE "statuses"."deleted_at" IS NULL ORDER BY "statuses"."id" DESC LIMIT $1  [["LIMIT", 1]]
  Mention Load (0.7ms)  SELECT "mentions".* FROM "mentions" INNER JOIN "accounts" ON "accounts"."id" = "mentions"."account_id" WHERE "mentions"."status_id" = $1 AND "accounts"."domain" IS NULL AND "mentions"."silent" = $2  [["status_id", 109382923142288414], ["silent", false]]
=> EXPLAIN for: SELECT "mentions".* FROM "mentions" INNER JOIN "accounts" ON "accounts"."id" = "mentions"."account_id" WHERE "mentions"."status_id" = $1 AND "accounts"."domain" IS NULL AND "mentions"."silent" = $2 [["status_id", 109382923142288414], ["silent", false]]
                                                    QUERY PLAN
------------------------------------------------------------------------------------------------------------------
 Nested Loop  (cost=0.15..23.08 rows=1 width=41)
   ->  Seq Scan on accounts  (cost=0.00..10.90 rows=1 width=8)
         Filter: (domain IS NULL)
   ->  Index Scan using index_mentions_on_account_id_and_status_id on mentions  (cost=0.15..8.17 rows=1 width=41)
         Index Cond: ((account_id = accounts.id) AND (status_id = '109382923142288414'::bigint))
         Filter: (NOT silent)
(6 rows)
```
2022-11-27 20:41:18 +01:00
afontenot 05b1b5790f Clear voter count when poll is reset (#21700)
When a poll is edited, we reset the poll and remove all previous
votes. However, prior to this commit, the voter count on the poll
was not reset. This leads to incorrect percentages being shown in
poll results.

Fixes #21696
2022-11-26 23:08:25 +01:00
Skyler Hawthorne ce10b313bb fix media uploads with ffmpeg 5 (#21191) 2022-11-25 16:20:47 +01:00
David Leadbeater 72a60150de Don't allow URLs that contain non-normalized paths to be verified (#20999)
* Don't allow URLs that contain non-normalized paths to be verified

This stops things like https://example.com/otheruser/../realuser where
"/otheruser" appears to be the verified URL, but the actual URL being
verified is "/realuser" due to the "/../".

Also fix a test to use 'https', so it is testing the right thing, now
that since #20304 https is required.

* missing do
2022-11-20 19:28:13 +01:00
lenore gilbert 498e9478c7 Support for import/export of instance-level domain blocks/allows for 4.x w/ additional fixes (#20597)
* Allow import/export of instance-level domain blocks/allows (#1754)

* Allow import/export of instance-level domain blocks/allows.
Fixes #15095

* Pacify circleci

* Address simple code review feedback

* Add headers to exported CSV

* Extract common import/export functionality to
AdminExportControllerConcern

* Add additional fields to instance-blocked domain export

* Address review feedback

* Split instance domain block/allow import/export into separate pages/controllers

* Address code review feedback

* Pacify DeepSource

* Work around Paperclip::HasAttachmentFile for Rails 6

* Fix deprecated API warning in export tests

* Remove after_commit workaround

(cherry picked from commit b8319d0578)

* Add confirmation page when importing blocked domains (#1773)

* Move glitch-soc-specific strings to glitch-soc-specific locale files

* Add confirmation page when importing blocked domains

(cherry picked from commit 73a2e3326f)

* Fix authorization check in domain blocks controller

(cherry picked from commit 655bac2c3a)

* Fix error strings for domain blocks and email-domain blocks

Corrected issue with non-error message used for Mastodon:NotPermittedError in Domain Blocks
Corrected issue Domain Blocks using the Email Domain Blocks message on ActionContoller::ParameterMissing
Corrected issue with Email Domain Blocks using the not_permitted string from "custom emojii's"

* Ran i18n-tasks normalize to address test failure

* Removed unused admin.export_domain_blocks.not_permitted string

Removing unused string as indicated by Check i18n

* Fix tests

(cherry picked from commit 1ba41b34c1)

* Fix domain block export not exporting blocks with only media rejection

(cherry picked from commit 1686374b2f)

* Fix various issues with domain block import

- stop using Paperclip for processing domain allow/block imports
- stop leaving temporary files
- better error handling
- assume CSV files are UTF-8-encoded

(cherry picked from commit cad824d8f501b95377e4f0a957e5a00d517a1902)

Co-authored-by: Levi Bard <taktaktaktaktaktaktaktaktaktak@gmail.com>
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2022-11-17 11:05:09 +01:00
Claire c7accdb6ac Change automatic post deletion configuration to be accessible to redirected users (#20774)
Fixes #20550
2022-11-17 10:55:23 +01:00
Claire 3e40b7ef8d Change batch account suspension to create a strike (#20897) 2022-11-17 10:52:51 +01:00
Eugen Rochko 2b3b063852 Fix error when invalid domain name is submitted (#19474)
Fix #19175
2022-11-14 08:07:14 +01:00
Eugen Rochko 8b98bebc17 Fix error when passing unknown filter param in REST API (#20626)
Fix #19156
2022-11-14 08:06:06 +01:00
Eugen Rochko 2018fe879c Fix image type not being set after conversion for convertible image types (#20624) 2022-11-14 07:13:14 +01:00
Eugen Rochko 12b819c78c Fix rules with same priority being sorted non-deterministically (#20623) 2022-11-14 06:28:19 +01:00