Commit Graph

1320 Commits (fbe173fe3537d0ee6c711fd85af0c650e3c8b09a)

Author SHA1 Message Date
Eugen Rochko c75fccf033 Change user settings to be stored in a more optimal way (#23630)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-03-30 14:44:00 +02:00
Claire af57bcd3cf Fix user archive takeout when using OpenStack Swift or S3 providers with no ACL support (#24200) 2023-03-27 17:07:37 +02:00
Matt Jankowski 85e90f4b7d Move link header setting to after_action (#24251) 2023-03-26 00:40:01 +01:00
Matt Jankowski cc5208f020 Add allow_other_host in redirects which may go outside app (#24252) 2023-03-26 00:38:32 +01:00
Claire 12eb6740d1 Fix Rails cache namespace being overriden with `v2` for cached statuses (#24202) 2023-03-22 15:47:44 +01:00
Matt Jankowski 7a82026971 Remove references to non-existent actions (#24183) 2023-03-20 20:03:44 +01:00
Jean byroot Boussier dfc075c9d4 Workaround the ActiveRecord / Marshal serialization bug on Ruby 3.2 (#24142)
Co-authored-by: Jean Boussier <jean.boussier@gmail.com>
2023-03-17 14:37:30 +01:00
CSDUMMI e7c5ccafca Link to the Identity provider's account settings from the account settings (#24100)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-03-17 10:09:01 +01:00
Eugen Rochko ef0c6a43ed Change user backups to use expiring URLs for download when possible (#24136) 2023-03-16 22:46:52 +01:00
Christian Schmidt 7583523bf0 Replace `Status#translatable?` with language matrix in separate endpoint (#24037) 2023-03-16 11:07:24 +01:00
Nick Schonning 0717d1b058 Autofix Rubocop Style/RedundantArgument (#23798) 2023-03-16 10:34:00 +09:00
Claire 8a618c8eca Fix misleading error code when receiving invalid WebAuthn credentials (#23568) 2023-03-15 04:15:20 +01:00
CSDUMMI cfc04637b5 Redirect users to SLO at the IdP after logging them out of Mastodon. (#24020) 2023-03-15 03:52:40 +01:00
CSDUMMI 5f9f43d051 Prefer the stored location as after_sign_in_path in Omniauth Callback Controller (#24073) 2023-03-13 00:06:27 +01:00
Claire 6943192f5e Fix server error when failing to follow back followers from `/relationships` (#23787) 2023-03-03 20:36:18 +01:00
Claire 7bc43c91a0 Fix “Remove all followers from the selected domains” being more destructive than it claims (#23805) 2023-03-03 20:25:15 +01:00
Nick Schonning a0e4d69c12 Autofix Rubocop Rails/FindById (#23762) 2023-02-21 10:21:48 +09:00
Nick Schonning e6312104c7 Autofix Rubocop remaining Layout rules (#23679) 2023-02-20 06:58:28 +01:00
Nick Schonning ae51248ffe Enable Rubocop HTTP status rules (#23717) 2023-02-20 11:16:40 +09:00
Nick Schonning 49f1168050 Autofix Rubocop Style/RedundantBegin (#23703) 2023-02-19 07:09:40 +09:00
Nick Schonning 7f8439ee07 Autofix Rubocop Style/TrailingCommaInArguments (#23694) 2023-02-18 12:39:58 +01:00
Nick Schonning 793f8c7dd5 Autofix Rubocop Style/IfUnlessModifier (#23697) 2023-02-18 12:37:47 +01:00
Nick Schonning b7d4391c4d Autofix Rubocop Lint/AmbiguousOperatorPrecedence (#23681) 2023-02-18 04:30:23 +01:00
Claire 0ae0740826 Add API parameter to safeguard unexpect mentions in new posts (#18350) 2023-02-13 16:36:29 +01:00
Claire 1c08aef482 Remove posts count and last posts from ActivityPub representation of hashtag collections (#23460) 2023-02-08 17:57:25 +01:00
Nick Schonning e0a02f8696 Apply Rubocop Style/NegatedIfElseCondition (#23451) 2023-02-08 07:07:36 +01:00
Nick Schonning e276e530ea Apply Rubocop Performance/RedundantSplitRegexpArgument (#23443)
* Apply Rubocop Performance/RedundantSplitRegexpArgument

* Update app/controllers/concerns/signature_verification.rb
2023-02-08 02:25:20 +01:00
Claire 3536a88bc9 Change `POST /settings/applications/:id` to regenerate token on scopes change (#23359)
Fixes #23096
2023-02-02 12:03:49 +01:00
Eugen Rochko 99787fa30d Change notifications per page from 15 to 40 in REST API (#23348) 2023-02-01 11:23:54 +01:00
Claire b131e01db7 Add more specific error messages to HTTP signature verification (#21617)
* Return specific error on failure to parse Date header

* Add error message when preferredUsername is not set

* Change error report to be JSON and include more details

* Change error report to differentiate unknown account and failed refresh

* Add tests
2023-01-18 16:47:56 +01:00
Claire 592fe1a3bd Add confirmation screen when handling reports (#22375)
* Add confirmation screen on moderation actions

* Add flash notice when a report has been processed

* Refactor tests

* Add tests
2023-01-18 16:40:09 +01:00
Claire 42aa864c84 Add support for editing media description and focus point of already-posted statuses (#20878)
* Add backend support for editing media attachments of existing posts

* Allow editing media attachments of already-posted toots

* Add tests
2023-01-18 16:33:55 +01:00
Claire 0ad00e71c5 Fix /api/v1/admin/trends/tags using wrong serializer (#18943)
* Fix /api/v1/admin/trends/tags using wrong serializer

Fix regression from #18641

* Only use `REST::Admin::TagSerializer` when the user can `manage_taxonomies`

* Fix admin trending hashtag component to not link if `id` is unknown
2023-01-18 16:28:18 +01:00
Claire 0687eb20da Change domain block CSV parsing to be more robust and handle more lists (#21470)
* Change domain block CSV parsing to be more robust and handle more lists

* Add some tests

* Improve domain block import validation and reporting
2023-01-18 16:20:52 +01:00
Carl Schwan 27751cd101 Allow changing hide_collections setting with the api (#22790)
* Allow changing hide_collections setting with the api

This is currently only possible with app/controllers/settings/profiles_controller.rb
and is the only difference in the allowed parameter between the two controllers

* Fix the lint issue

* Use normal indent
2023-01-13 16:40:21 +01:00
Claire 99ecd6a106 Change referrer-policy to no-referrer application-wide (#23014) 2023-01-10 05:18:43 +01:00
Claire c78d61f21a Add dropdown menu item to open admin interface for remote domains (#21895)
* Allow /admin/instances/:domain to handle IDNs

* Add dropdown menu item to open admin interface for remote domains
2023-01-05 14:03:46 +01:00
Claire 81ae025687 Fix PermalinkRedirector not applying to users with moved accounts (#22497)
Fixes #22262
2023-01-05 13:40:27 +01:00
Claire 94d294202b Fix changing domain block severity not undoing individual account effects (#22135)
* Fix changing domain block severity not undoing individual account effects

Fixes #22133

* Add tests
2022-12-15 17:45:02 +01:00
David Vega 4c10de8ae3 Fix single name variables on controller folder (#20092)
Co-authored-by: petrokoriakin1 <116151189+petrokoriakin1@users.noreply.github.com>

Co-authored-by: petrokoriakin1 <116151189+petrokoriakin1@users.noreply.github.com>
Co-authored-by: Effy Elden <effy@effy.space>
2022-12-15 17:11:58 +01:00
Claire 01f0da2a4f Change CSP directives on API to be tight and concise (#20960) 2022-12-15 16:40:32 +01:00
nametoolong 93ad2aba5e Fix N+1 queries from in NotificationsController (#21202)
Co-authored-by: Nonexistent <nx@example.org>
2022-12-15 16:18:20 +01:00
Effy Elden c7d4d21d99 Allow adding relays while secure mode & limited federation mode are enabled (#22324) 2022-12-15 15:56:05 +01:00
Francis Murillo 3a11a90dd3 Revoke all authorized applications on password reset (#21325)
* Clear sessions on password change

* Rename User::clear_sessions to revoke_access for a clearer meaning

* Add reset paassword controller test

* Use User.find instead of User.find_for_authentication for reset password test

* Use redirect and render for better test meaning in reset password

Co-authored-by: Effy Elden <effy@effy.space>
2022-12-15 15:47:06 +01:00
Francis Murillo 5ad9fea52a Log admin approve and reject account (#22088)
* Log admin approve and reject account

* Add unit tests for approve and reject logging
2022-12-07 00:25:18 +01:00
Claire b97260426b Fix irreversible and whole_word parameters handling in /api/v1/filters (#21988)
Fixes #21965
2022-12-07 00:10:53 +01:00
Claire 1bef772764 Fix some performance issues with /admin/instances (#21907)
/admin/instances?availability=failing remains wholly unefficient
2022-12-01 10:32:10 +01:00
Claire 655ad99a37 Fix not being able to follow more than one hashtag (#21285)
Fixes regression from #20860
2022-11-21 10:35:09 +01:00
Claire 3b81318a0f Fix form-action CSP directive for external login (#20962) 2022-11-17 22:59:07 +01:00
Claire aa37dc6aae Fix OAuth flow being broken by recent CSP change (#20958) 2022-11-17 21:31:52 +01:00