Commit Graph

359 Commits (f93d4d340d8dddd34eae7a9c6d9d316a13464628)

Author SHA1 Message Date
Patrick Figel 15b393201e Add recovery code support for two-factor auth (#1773)
* Add recovery code support for two-factor auth

When users enable two-factor auth, the app now generates ten
single-use recovery codes. Users are encouraged to print the codes
and store them in a safe place.

The two-factor prompt during login now accepts both OTP codes and
recovery codes.

The two-factor settings UI allows users to regenerated lost
recovery codes. Users who have set up two-factor auth prior to
this feature being added can use it to generate recovery codes
for the first time.

Fixes #563 and fixes #987

* Set OTP_SECRET in test enviroment

* add missing .html to view file names
2017-04-15 13:26:03 +02:00
Matt Jankowski c784b1f95a Use site title on tags#show page (#1802) 2017-04-15 02:37:20 +02:00
Joachim Viide cbf0e1b1c8 Send initial state in a <script type="application/json"> tag (#1806) 2017-04-15 02:32:42 +02:00
Matt Jankowski 22f1d9099a Admin reports controller improvements (#1714)
* Simplify admin/reports controller filtering for index

* Rename parameter to resolved

* Fix issue where reports view could not access filter_link_to

* Add coverage for admin/reports controller

* DRY up resolution of related reports for target account

* Clean up admin/reports routes

* Add Report#statuses method

* DRY up current account action taken params

* Rubocop styles
2017-04-14 11:10:28 +02:00
maxypy c06f09dfe2 Implementing Subresource Integrity (#1729)
* Add sprockets-rails to Gemfile

* Add sprockets-rails to Gemfile.lock

* Update show.html.haml

* Update index.html.haml

* Update admin.html.haml

* Update auth.html.haml

* Update embedded.html.haml

* Update public.html.haml
2017-04-14 11:09:20 +02:00
Thomas Citharel 6524136728 Translate admin (#1702)
* Translate the domain_block panel

Signed-off-by: Thomas Citharel <tcit@tcit.fr>

* Translate PubSubHubbub section

Signed-off-by: Thomas Citharel <tcit@tcit.fr>

* translate account section and correct typos

* move reports translation & translate sidebar

Signed-off-by: Thomas Citharel <tcit@tcit.fr>

* normalize l18n
2017-04-13 21:49:07 +02:00
Alyssa Ross bd0152fb39 terms: remove redundant words (#1578)
"at least X" and "X or older" have identical meanings.
Using both together feels a little jarring.
2017-04-13 19:50:19 +02:00
Isabelle Knott 79cefa3739 Do not show media attachment as og:image if it was marked as NSFW (#1693) 2017-04-13 15:59:43 +02:00
Daijiro Wachi 16204ba91f Use input type `number` for Two-factor code (#1683) 2017-04-13 13:13:17 +02:00
Matt Jankowski d8789124ae Clean up well-known routes/controllers (#1649)
* Add request spec for host meta route returning xml

* Add routing spec for xrd routes

* Update well-known routes

* Move webfinger and host-meta actions to their own controllers
2017-04-13 13:09:07 +02:00
Matt Jankowski 26ea2f70bd Admin accounts controller cleanup (#1664)
* Remove unused account_params method in admin/accounts controller

* Introduce AccountFilter to find accounts

* Use AccountFilter in admin/accounts controller

* Use more restful routes admin silence and suspension area

* Add admin/silences and admin/suspensions controllers
2017-04-13 13:04:23 +02:00
Matt Jankowski 0a6cfca260 Settings export refactor (#1646)
* Refactor Export to take an account and know about the export types

* Use Export instance in settings/exports#show
2017-04-13 13:02:02 +02:00
Knut Erik 3689d4aa7b Added norwegian version of terms of service and privacy policy (#1625) 2017-04-12 20:28:56 +02:00
Ben Roberts 462e956164 significant improvement in microformats markup (#1063)
* significant improvement in microformats markup

This is a huge improvement and I believe will close #965.

Had these microformats reviewed by others in the community to help
ensure they are at least correct, if not complete.

I did not want to change the structure of the page, and so there it does
not fully mark up the entire ancestry chain, or reply chain, only the
direct decendants and direct ancestors are correctly associated, but
this is likely fine as the most important bit is to have access to the
urls for those toots which are now correctly fetchable.

* improve code climate

* trying to pass code climate tests

* code climate

* fix p-summary for content warning posts

* fix error introduced when merging via github
2017-04-12 20:04:33 +02:00
David Libeau c5ce944e25 Fix target blank on "open_in_web" link (#1612)
When you render the "embed" view in an iframe, this link bugs when clicked, due to missing target blank.
2017-04-12 13:09:58 -04:00
Matt Jankowski d1ebb63c54 Quick best practice cleanup of views/helpers (#1546)
* Remove trailing whitespace

* Use query methods instead of explicit .blank? checks
2017-04-12 18:24:18 +02:00
Matt Jankowski bf7306636e Allow import/export of mutes list (#1541)
* Allow export of mutes list

* Allow importing of mutes list

* Refactor to use Settings::Exports::BaseController and DRY up exports code
2017-04-12 18:20:44 +02:00
Thomas Citharel cd2324b07b Make Reporting admin section translatable (#1549)
* Make Reporting admin section translatable

And translate it into english and french

Signed-off-by: Thomas Citharel <tcit@tcit.fr>

* Make subject of emails translatable and improve french translation

Signed-off-by: Thomas Citharel <tcit@tcit.fr>

* Make error pages translatable and translate them in english and french

Signed-off-by: Thomas Citharel <tcit@tcit.fr>

* Translate site setting section

* Insert instance in registration emails and improve them a bit

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2017-04-12 17:11:49 +02:00
Matt Jankowski ca70fe5ae7 Simplify the way the embed view is created (#1590)
* Add coverage for embedded status view

* Refactor embed view to eliminate @external_links variable
2017-04-12 16:12:42 +02:00
Matt Jankowski 63e46e27f0 Refactor exports controller (#1567)
* Add basic coverage for settings/exports controller

* Remove unused @account variable from settings/exports controller

* Add coverage for download export actions

* Remove deprecated `render :text` in favor of `send_data` for csv downloads

* Add model to handle exports

* Use Export class in settings/exports controller

* Simplify settings/exports controller methods

* Move settings/export to more restful routes
2017-04-11 22:00:43 +02:00
lindwurm 25c5f86211 [about] Moving docs link to tootsuite/documentation (#1573)
related: 4d876e9453

Signed-off-by: lindwurm <lindwurm.q@gmail.com>
2017-04-11 21:57:05 +02:00
pinfort 601d93bfc3 Add Japanese translation (#1552)
* add device.ja.yml

* update device.ja.yml

* add file simple_form.ja.yml

* 👍Added doorkeeper.ja.yml

* add ja.yml

* Update doorkeeper.ja.yml

fixed url to uri

* update ja.yml

* fix some translations

* fix japanese grammar of a translate

* fix some translates

* fix ja.yml

* add ja.jsx

* add Japanese user mail views

* Added japanese translate locales

* Added :ja to available_locales

こっちも

* Added "日本語" to HUMAN_LOCALES

* Imported/Added ja to addLocaleData

* update ja.jsx
2017-04-11 21:52:09 +02:00
Eugen Rochko b440b2a9ee Merge branch 'master' of https://github.com/blackle/mastodon into blackle-master 2017-04-11 20:43:56 +02:00
blackle e7d77f4e13 Allow user to disable the boost confirm dialog in preferences 2017-04-11 10:10:16 -04:00
Matt Jankowski fcec9fcd99 Pagination improvements (#1445)
* Replace will_paginate with kaminari

* Use #page instead of #paginate in controllers

* Replace will_paginate.page_gap with pagination.truncate in i18n

* Customize kaminari views to match prior styles

* Set kaminari options to match prior behavior

* Replace will_paginate with paginate in views
2017-04-11 01:11:41 +02:00
Eugen e0977567e7 When avatar/header are GIF, generate static versions (#1428)
* When avatar/header are GIF, generate static versions.
Account API returns "avatar"/"avatar_static", "header"/"header_static"
Static version is the same as original for other cases
Web UI de-animates avatars in toots, lists of users

Fix #441, fix #596, prerequisite for #1064

* Fix JS test

* Add rake task to generate static avatars/headers from GIF ones, add test
2017-04-11 00:38:58 +02:00
Matt Jankowski 37c9ee5a10 Fix issue with missing emojify class in views (#1455)
* Add missing emojify class to landing strip

* Add missing emojify class to simple_status partial
2017-04-10 21:27:52 +02:00
Olivier Humbert d473a092e3 French translation update (#1271)
* Update confirmation_instructions.fr.html.erb

consistency across the French translation

* Update 

consistency across the French translation

* Update fr.yml

a bunch of consistency across the French translation + a few typos

* Update doorkeeper.fr.yml

consistency across the French translation (punctuation)
2017-04-09 14:55:58 +02:00
Matt Jankowski 41b79ae693 Clean up about page (#1282)
* Add InstancePresenter to expose site details

* Clean up about controller, use instance presenter
2017-04-09 14:47:25 +02:00
Eugen b532134503 Fix #795, fix #704, fix #835 - 2FA requires confirmation to be enabled (#1278)
* Fix #795, fix #704, fix #835 - 2FA requires confirmation to be enabled
TOTP secret is not shown again after 2FA is enabled

* Clean up
2017-04-08 22:20:08 +02:00
Thomas Citharel a9863c1708 Update french translation (#1148)
Add french translation for emails sent

Signed-off-by: Thomas Citharel <tcit@tcit.fr>

Add non-breaking spaces

Signed-off-by: Thomas Citharel <tcit@tcit.fr>

changes and fixes to the nbsps

Signed-off-by: Thomas Citharel <tcit@tcit.fr>

French update

a few fixes

Signed-off-by: Thomas Citharel <tcit@tcit.fr>

fixes

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2017-04-08 13:11:16 +02:00
Matt Jankowski 0d9a420c1a Use Setting.site_title value for `og:site_name` occurrences (#1194)
* Add helper method to return Setting.site_title

* Use site_title helper in application layout

* Use site_title value for og:site_name
2017-04-08 12:15:40 +02:00
Joël Quenneville 8a67fb5eca DRY up reblog vs original status check
Checking reblog vs original status was happening in multiple places
across the app. For views, this logic was encapsulated in a helper
method named `proper_status` but in the other layers of the app, the
logic was duplicated.

Because the logic is used at all layers of the app, we extracted it into
a `Status#proper` method on the model and changed all uses of the logic
to use this method. There is now a single source of truth for this
condition.

We added test coverage to untested methods that got refactored.
2017-04-07 14:18:30 -04:00
Eugen ef7240169a Merge branch 'master' into feature-customized-default-locale 2017-04-07 13:07:03 +02:00
Jantso Porali fb0ce9d38d Update Finnish translations, add sample Minio config (#954) 2017-04-07 12:58:12 +02:00
Eugen Rochko 9bb84337a7 Allow setting of default language through config
Setting of locale in controller extracted to Localized concern,
the doorkeeper authorized applications controller moved under
custom namespace with inclusion of Localized, which resolves the
"it sometimes appears in a different random language" bug
2017-04-07 12:40:26 +02:00
Eugen 1781fcaea4 Force UTF8 encoding on generated XML (#1140) 2017-04-07 11:09:14 +02:00
Eugen 24c77e57b2 Rewrite Atom generation from stream entries to use Ox instead of Nokogiri (#1124)
* Rewrite Atom generation from stream entries to use Ox instead of Nokogiri::Builder

StreamEntry is now limited to only statuses, which allows some optimization. Removed
extra queries on AccountsController#show. AtomSerializer instead of AtomBuilderHelper
used in AccountsController#show, StreamEntriesController#show, StreamEntryRenderer
and PubSubHubbub::DistributionWorker

PubSubHubbub::DistributionWorker moves n+1 DomainBlock query to PubSubHubbub::DeliveryWorker
instead.

All Salmon slaps that aren't based on StreamEntry still use AtomBuilderHelper and Nokogiri

* All Salmon slaps now use Ox instead of Nokogiri. No touch from status on account
2017-04-07 05:56:56 +02:00
Eugen Rochko 353a30810c New admin setting: open/close registrations, with custom message, from the admin UI 2017-04-04 15:28:12 +02:00
Eugen Rochko c9ffa7ab1d Add basic logging of who resolved report 2017-04-03 19:35:00 +02:00
Eugen Rochko ceaafb22d3 When taking action on a report (silence/suspend), it dismisses all other
reports for that user automatically
2017-04-03 19:19:54 +02:00
Eugen Rochko 6ebe31e716 Make default admin UI page reports. Add admin UI for creating a domain block 2017-04-03 18:55:06 +02:00
Eugen Rochko 1ee4c6415c Catching rack timeout from rails doesn't work 2017-04-02 21:12:18 +02:00
Eugen Rochko 00e99e58db Add proper error page for request timeouts 2017-04-02 19:43:44 +02:00
Eugen Rochko e407ed24a6 Fix landing page sign up form ignoring username field 2017-04-02 04:13:22 +02:00
Eugen Rochko 355b9278d5 Fix some views still not using counter caches 2017-03-31 14:02:07 +02:00
Eugen Rochko be9accbacc Fix #700 - hide spoilers on static pages 2017-03-31 13:54:36 +02:00
Eugen Rochko 244da78105 Import feature for following/blocking lists (addresses #62, #177, #201, #454) 2017-03-30 19:42:33 +02:00
Eugen Rochko 96e58cf289 Add counter caches for a large performance increase on API requests 2017-03-30 15:06:59 +02:00
Eugen Rochko a4ce8b09fb Fix #690 - Webfinger should handle new shortform profile URLs now (nice) 2017-03-28 11:25:43 +02:00
Eugen Rochko 74fb333eb7 Fix up some localizations 2017-03-26 13:22:38 +02:00
Eugen Rochko 6cce7c58a0 Fix public profile pagination links 2017-03-25 19:16:17 +01:00
Eugen Rochko 0ef0ea3e34 Fix #675 - return created_at in notifications API 2017-03-24 03:55:45 +01:00
Eugen Rochko b3cb765a94 Prettier account and stream entry URLs 2017-03-22 19:55:14 +01:00
Eugen Rochko c78e325f39 Web UI support for the new omnisearch 2017-03-22 04:09:28 +01:00
Eugen Rochko 3893f75a51 New API method: /api/v1/search
Returns accounts, statuses, hashtags arrays
2017-03-22 02:32:27 +01:00
Eugen Rochko 6e561f6544 Don't list "direct" under default post privacy settings 2017-03-21 19:45:25 +01:00
Eugen Rochko 8785e271bf Improved landing page 2017-03-21 19:18:37 +01:00
Eugen Rochko 47c74efa85 Add landing strip 2017-03-20 03:36:29 +01:00
Eugen Rochko b339e488fe Export follow/block lists as CSV 2017-03-19 20:29:41 +01:00
Eugen Rochko 450f6cbcac Start page links a bit more readable 2017-03-17 20:49:34 +01:00
shel 5c7b222769 Promote Apps (#670)
"Various apps are available" is now a hyperlink
2017-03-17 16:16:39 +01:00
Eugen Rochko c97f817e40 Fix #525 - Add instance information API 2017-03-15 23:12:48 +01:00
Eugen 6599b27b2b Merge branch 'master' into mastodon-site-api 2017-03-15 22:55:22 +01:00
Eugen Rochko 4b93cf88e5 Fix #431 - convert gif to webm during upload. Web UI treats them like it did
before. In the API, attachments now can be either image, video or gifv. Gifv
is to be treated like images in terms of behaviour, but are videos by file
type.
2017-03-04 23:02:24 +01:00
Eugen Rochko 0cb5a2a0a7 Add digest e-mails 2017-03-04 00:00:48 +01:00
Kit Redgrave 4554ccd5d0 Mute button progress so far. WIP, doesn't entirely work correctly. 2017-03-01 22:31:21 -06:00
Eugen Rochko edf03c8cd9 Fix #186 - Add RTL support to the compose form textarea and statuses output 2017-02-28 01:52:31 +01:00
Kibigo b39356835b Adds site metadata access to the API 2017-02-27 04:06:25 -08:00
Eugen Rochko a741049a77 Fix #104 - Style OAuth authorized applications page
Add ability to search accounts by display name
2017-02-27 00:15:00 +01:00
Eugen Rochko 014cb5e998 Quick fix for avatars with the same URL not being perceived as updated and in need of re-download 2017-02-17 01:50:01 +01:00
Eugen Rochko 0613d66df8 Add UI to view report details, remove reported statuses, quick links to resolve/silence/suspend from report 2017-02-17 00:42:52 +01:00
Eugen Rochko 6917e53fe0 Adding index overview for reports in admin UI 2017-02-16 02:28:10 +01:00
Eugen Rochko 513a78d67b Fix admin UI for accounts somewhat 2017-02-15 00:22:58 +01:00
Eugen Rochko 2cc31b3194 Adding POST /api/v1/reports API, and a UI for submitting reports 2017-02-14 20:59:26 +01:00
Eugen Rochko a83dc927d8 Fix #587 - Display TOTP secret next to QR code 2017-02-13 20:56:03 +01:00
Eugen Rochko f09e8f5c40 Add "next" link to Atom feeds 2017-02-13 15:38:45 +01:00
Eugen Rochko f9f8f52fe9 Stop trying to shoehorn all Salmon updates into the poor database-connected
StreamEntry model. Simply render Salmon slaps as they are needed
2017-02-12 01:19:14 +01:00
Eugen Rochko b612b57b5d Improve public tag page 2017-02-10 23:21:01 +01:00
Eugen Rochko 32580cc661 Site title is now a setting 2017-02-10 22:37:11 +01:00
shel 059d21c0fe Add link to other instances list
This should help federation
2017-02-10 13:06:38 -05:00
Eugen 7037774d6e Merge pull request #603 from evanminto/activitypub-account
Expose ActivityStreams 2.0 representation of accounts
2017-02-07 02:08:40 +01:00
Evan Minto 6ed6544332 Add AS2 format to RABL files 2017-02-06 17:00:55 -08:00
Eugen Rochko b1f2683ecc Add API modifiers to limit returned toots from public/hashtag timelines
to only those from local users; Add link to "extended information" to
getting started in the UI; Add defaults for posting privacy; Change
how publish button looks depending on posting privacy chosen
2017-02-06 23:16:20 +01:00
Evan Minto 1b42dc495c Add trailing newline 2017-02-06 12:15:47 -08:00
Evan Minto 3c24673086 Simplify RABL 2017-02-06 11:39:08 -08:00
Evan Minto db7affbf5b Reuse existing controller and route 2017-02-06 01:19:26 -08:00
Eugen Rochko 419d2fd5a9 Fix #552 - Replace image links with image icons in status text in the UI 2017-02-05 15:25:55 +01:00
Eugen Rochko 6f8e499fd0 No replies filter on home timeline no longer hides self-replies 2017-02-05 02:02:46 +01:00
Evan Minto b56d24ed71 Add an account endpoint for ActivityPub and link to it on HTML profile pages 2017-02-04 14:46:23 -08:00
hoodie 8d6aa92b5e untested!! spoiler hotfix for replies
untested, my vagrant is bugged again, submitted at gargron's request
2017-02-04 17:33:46 -05:00
Eugen Rochko 9bd2b6be86 Make the streaming API also handle websockets (because trying to get the browser EventSource interface to
work flawlessly was a nightmare). WARNING: This commit makes the web UI connect to the streaming API instead
of ActionCable like before. This means that if you are upgrading, you should set that up beforehand.
2017-02-04 00:34:31 +01:00
Eugen Rochko 38b7551359 Add "open in web" link to detailed public status pages 2017-01-30 23:01:37 +01:00
Eugen Rochko c58da52e9f Split 2FA login into two prompts 2017-01-28 20:43:38 +01:00
Eugen Rochko 557de8e24c Update settings to re-use admin layout, one big navigation tree, improve settings forms 2017-01-28 03:56:10 +01:00
Eugen Rochko 9b8670c939 Added optional two-factor authentication 2017-01-27 20:35:16 +01:00
Eugen Rochko 922588157c Fix #537 - opengraph description should display spoiler text when present 2017-01-26 03:45:14 +01:00
Eugen Rochko 959e064186 Instead of using spoiler boolean and spoiler_text, simply check for non-blank spoiler_text
Federate spoiler_text using warning attribute on <content /> instead of a <category term="spoiler" />
Clean up schema file from accidental development migrations
2017-01-25 01:29:16 +01:00
blackle e25fc71c2c Implement a click-to-view spoiler system 2017-01-23 21:07:40 -05:00
Eugen Rochko 77a76d5171 Domain blocks now have varying severity - auto-suspend vs auto-silence 2017-01-23 17:38:38 +01:00