Commit Graph

587 Commits (f8e9555e73d3d6b34d83375d2958f50323acd78b)

Author SHA1 Message Date
Eugen Rochko 8efdf1a898 Do not push DMs into the home feed (#8940)
* Do not push DMs into the home feed

* Show DMs column after sending a DM, if DMs column is not already shown
2018-10-11 01:31:03 +02:00
Eugen Rochko c9b5168ebd Add conversations API (#8832)
* Add conversations API

* Add web UI for conversations

* Add test for conversations API

* Add tests for ConversationAccount

* Improve web UI

* Rename ConversationAccount to AccountConversation

* Remove conversations on block and mute

* Change last_status_id to be a denormalization of status_ids

* Add optimistic locking
2018-10-07 23:44:58 +02:00
Eugen Rochko 24f168e58e Fix link verification for remote accounts (#8868) 2018-10-04 15:47:03 +02:00
Eugen Rochko 52168073a3 Support link verification with redirects (#8735)
(e.g. URL shortener)
2018-09-20 00:10:35 +02:00
Yamagishi Kazutoshi 6d970d6e71 Fix failed profile verification when rel attribute including values other than me (#8733) 2018-09-19 16:47:31 +02:00
Eugen Rochko 3f9f3a351b Fix VerifyAccountLinksWorker not being queued (#8721)
UX-wise, people expect that saving the profile will re-check links even without changing fields content. Bug-wise, `@account` was undefined.

Regression from #8703
2018-09-18 23:57:21 +02:00
Eugen Rochko d3105031f8 Redesign forms, verify link ownership with rel="me" (#8703)
* Verify link ownership with rel="me"

* Add explanation about verification to UI

* Perform link verifications

* Add click-to-copy widget for verification HTML

* Redesign edit profile page

* Redesign forms

* Improve responsive design of settings pages

* Restore landing page sign-up form

* Fix typo

* Support <link> tags, add spec

* Fix links not being verified on first discovery and passive updates
2018-09-18 16:45:58 +02:00
ThibG 441238b938 Handle relative URLs when fetching OEmbed/OpenGraph cards (#8669) 2018-09-10 18:26:28 +02:00
Eugen Rochko 601a0dc6cc Add preference for report notification e-mails, skip for duplicates (#8559)
If an unresolved report for the same target account already exists,
no new notification is generated
2018-09-02 00:11:58 +02:00
Eugen Rochko 1d319c531e Add CLI task for rotating keys (#8466)
* If an Update is signed with known key, skip re-following procedure

Because it means the remote actor did *not* lose their database

* Add CLI method for rotating keys

    bin/tootctl accounts rotate [USERNAME]

Generates a new RSA key per account and sends out an Update activity
signed with the old key.

* Key rotation: Space out Update fan-outs every 5 minutes per 1000 accounts

* Skip suspended accounts in key rotation
2018-08-26 20:21:03 +02:00
Eugen Rochko f9836d593c Bump interactions count when a follow happens (#8468) 2018-08-26 20:02:45 +02:00
Eugen Rochko 63859550d3 Delay e-mail notifications by 2 minutes (#8438)
Fix #8430
2018-08-26 16:53:19 +02:00
ThibG 5da13c3980 Do not crash if remote custom emoji does not define updated date (fixes #8376) (#8377) 2018-08-23 00:27:58 +02:00
Eugen Rochko bb7dce98a0 Improve federated ID validation (#8372)
* Fix URI not being sufficiently validated with prefetched JSON

* Add additional id validation to OStatus documents, when possible
2018-08-22 20:55:14 +02:00
Eugen Rochko 025e7c6f8c Add favourites to archive takeout (#8351)
Remove experimental key export
2018-08-22 19:33:10 +02:00
Eugen Rochko fe88a4f42c Get rid of all batch order warnings (#8334) 2018-08-21 12:25:50 +02:00
Eugen Rochko 35c99eeb0f Increase reach of Delete->Actor activities (#8305)
Fix #7316
2018-08-20 13:28:05 +02:00
ThibG 8f788fe92a Do not process outgoing mentions to suspended accounts (#8272) 2018-08-18 19:42:13 +02:00
ThibG c16294d20a Use correct activity id in Accept when receiving duplicate Follow (fixes #8218) (#8244) 2018-08-17 14:08:17 +02:00
ThibG fff6297a24 Allow accessing local private/DM messages by URL (#8196)
* Allow accessing local private/DM messages by URL

(Provided the user pasting the URL is authorized to see the toot, obviously)

* Fix SearchServiceSpec tests
2018-08-15 19:33:36 +02:00
Eugen Rochko 3dc21c1ff6 Prevent ActivityPub movedTo recursion (#8092)
Fix #8051
2018-07-28 17:14:55 -04:00
Eugen Rochko 38f413e583 Fix activity:interactions counter to count all interactions (#8037) 2018-07-16 18:35:43 +02:00
Eugen Rochko 171c20ce72 Add federation relay support (#7998)
* Add federation relay support

* Add admin UI for managing relays

* Include actor on relay-related activities

* Fix i18n
2018-07-13 02:16:06 +02:00
Eugen Rochko 68d884e556 Send undo of boost to original poster if reblog (#7959)
Fix #7874
2018-07-05 20:57:50 +02:00
Eugen Rochko e57d9177dc Fix check for PotentialFriendshipTracker when replying (#7933) 2018-07-03 05:00:44 +02:00
Eugen Rochko aa4e75166b Re-add follow recommendations API (#7918)
* Re-add follow recommendations API

    GET /api/v1/suggestions

Removed in 30f9e9e624 due to Neo4J
dependency. The algorithm uses triadic closures, takes into account
suspensions, blocks, mutes, domain blocks, excludes locked and moved
accounts, and prefers more recently updated accounts.

* Track interactions with people you don't follow

Replying to, favouriting and reblogging someone you're not following
will make them show up in follow recommendations. The interactions
have different weights:

- Replying is 1
- Favouriting is 10 (decidedly positive interaction, but private)
- Reblogging is 20

Following them, muting or blocking will remove them from the list,
obviously.

* Remove triadic closures, ensure potential friendships are trimmed
2018-07-03 01:47:56 +02:00
Eugen Rochko f91fa10804 Allow selecting default posting language instead of auto-detect (#7828)
* Allow selecting default posting language instead of auto-detect

* Enable default language setting in credentials API

* Fix form saving
2018-06-17 18:57:31 +02:00
Eugen Rochko 907694df6a Add autofollow option to invites (#7805)
* Add autofollow option to invites

* Trigger CodeClimate rebuild
2018-06-15 18:00:23 +02:00
Eugen Rochko 681ac8580a Remove placeholder text for media-only toots (#7806)
Ref: 0c2a08adeb

This breaks compatibility with pre-2.3.0 Mastodon and older
software, but at the time of writing the network is >80% above
that version.

Compatibility broken only for toots with no text.
2018-06-15 15:51:51 +02:00
Eugen Rochko b051d74029 Fix domain hiding logic (#7765)
* Send rejections to followers when user hides domain they're on

* Use account domain blocks for "authorized followers" action

Replace soft-blocking (block & unblock) behaviour with follow rejection

* Split sync and async work of account domain blocking

Do not create domain block when removing followers by domain, that
is probably unexpected from the user's perspective.

* Adjust confirmation message for domain block

* yarn manage:translations
2018-06-09 22:46:54 +02:00
Yamagishi Kazutoshi 1a145c6af1 Skip processing when HEAD method returns 501 (#7730) 2018-06-04 13:42:53 +02:00
Akihiko Odaki 3114ac9655 Do not mark remote status sensitive even if spoiler text is present (#7395)
Old statuses and statuses from Pawoo, which runs a modified version of
Mastodon, may not have been marked sensitive even if spoiler text is
present.

Such statuses are still not marked sensitve if they are local or
arrived before version upgrade. Marking recently fetched remote status
sensitive contradicts the behavior.

Considering what people expected when they authored such statuses, this
change removes the sensitivity enforcement.
2018-06-04 04:46:14 +02:00
Eugen Rochko 946091af45 Exclude unlisted, private and direct toots from affecting trends (#7686) 2018-05-31 16:47:28 +02:00
Eugen Rochko 9e3f9b8250 Improve counter caches on Status and Account (#7644)
Do not touch statuses_count on accounts table when mass-destroying
statuses to reduce load when removing accounts, same for
reblogs_count and favourites_count

Do not count statuses with direct visibility in statuses_count

Fix #828
2018-05-30 02:50:23 +02:00
Eugen Rochko dc7bf28635 Reduce wasted work in RemoveStatusService due to inactive followers (#7672) 2018-05-29 22:55:33 +02:00
Eugen Rochko 8a3b9d26fb Track trending tags (#7638)
* Track trending tags

- Half-life of 1 day
- Historical usage in daily buckets (last 7 days stored)
- GET /api/v1/trends

Fix #271

* Add trends to web UI

* Don't render compose form on search route, adjust search results header

* Disqualify tag from trends if it's in disallowed hashtags setting

* Count distinct accounts using tag, ignore silenced accounts
2018-05-27 21:45:30 +02:00
Eugen Rochko f68736088b Use #any? instead of #exists? when checking media attachments (#7570)
If media_attachments are not loaded, SQL query is the same, but
the #exists? method performs SQL query even if preloaded
2018-05-21 16:01:16 +02:00
Yamagishi Kazutoshi ccc240b59c Add media timeline (#6631) 2018-05-21 12:43:38 +02:00
Akihiko Odaki 5dadb6896b Raise Mastodon::RaceConditionError if Redis lock failed (#7511)
An explicit error allows user agents to know the error and Sidekiq to
retry.
2018-05-16 12:29:45 +02:00
unarist 63a10a7ffe Fix custom emoji handling in UpdateRemoteProfileService (OStatus) (#7501)
This patch fixes NoMethodError and others in RemoteProfileUpdateWorker.
2018-05-15 16:03:34 +02:00
Wiktor 37136f5986 Fix account URI when updating ActivityPub account (#7488)
Updates account `uri` field on each call to `update_account` instead of
only once during `create_account` to mirror the same behavior in OStatus
`ResolveAccountService` class [0].

ActivityPub accounts are identified using `@username` and `@domain` pair
instead of URI since #6842.

This fixes #7479: a bug when the account identified by `@username` and
`@domain` changes its URI.

[0]:
060fa11ee2/app/services/resolve_account_service.rb (L121)
2018-05-14 22:56:45 +02:00
abcang e6c952476c Call media.present? because media may be nil (#7474) 2018-05-14 12:51:53 +02:00
ThibG 74c2a46423 Fetch boosted statuses on behalf of a follower (fixes #7426) (#7459)
When an ActivityPub Announce is processed and the boosted toot is not known,
fetch it on behalf of one of the booster's followers. This is to allow
fetching self-boosts of previously-unknown private toots.

If fetching on behalf of a user fails, try fetching it anonymously: the
selected follower of a boosting user may be banned by the boosted toot's
author.
2018-05-12 16:48:32 +02:00
Eugen Rochko e86a4fe36b Add REST API for Web Push Notifications subscriptions (#7445)
- POST /api/v1/push/subscription
- PUT /api/v1/push/subscription
- DELETE /api/v1/push/subscription
- New OAuth scope: "push" (required for the above methods)
2018-05-11 11:49:12 +02:00
Yamagishi Kazutoshi 6092325a48 Rescue Mastodon::LengthValidationError in FetchLinkCardService (#7424) 2018-05-09 08:39:08 +02:00
Surinna Curtis a2b84b644b Take the first recognized actor_type. (#7410) 2018-05-08 13:30:04 +02:00
ThibG 10be4c496c Fix hashtags not being federated on mentions (fixes #6900) (#7406) 2018-05-08 03:36:59 +02:00
Eugen Rochko 7ff3c849d1 Bot nameplates (#7391)
* Store actor type in database

* Add bot nameplate to web UI, add setting to preferences, API, AP
Fix #7365

* Fix code style issues
2018-05-07 09:31:07 +02:00
Eugen Rochko b890e5830c Support explicitly supplying language code for status via REST API (#7389) 2018-05-07 09:30:53 +02:00
Eugen Rochko ef1a273322 Fix handling of malformed ActivityPub payloads when URIs are nil (#7370)
* Fix handling of malformed ActivityPub payloads when URIs are nil

* Gracefully handle JSON-LD canonicalization failures
2018-05-05 18:22:34 +02:00