Commit graph

231 commits

Author SHA1 Message Date
Eugen Rochko
4d01d1a1ee
Remove 16:9 cropping from web UI () 2023-07-24 13:46:55 +02:00
Matt Jankowski
ce43ed144c
Rails 7.0 update () 2023-07-13 09:36:07 +02:00
Claire
94fbac77e7
Fix processing of media files with unusual names () 2023-07-07 13:35:22 +02:00
Claire
dc8f1fbd97
Merge pull request from GHSA-9928-3cp5-93fm
* Fix attachments getting processed despite failing content-type validation

* Add a restrictive ImageMagick security policy tailored for Mastodon

* Fix misdetection of MP3 files with large cover art

* Reject unprocessable audio/video files instead of keeping them unchanged
2023-07-06 15:05:05 +02:00
Eugen Rochko
ba06a2f104
Revert "Rails 7 update" () 2023-07-02 11:14:22 +02:00
Matt Jankowski
50c2a03695
Rails 7 update () 2023-07-02 10:38:53 +02:00
jsgoldstein
4581a528f7
Change account search to match by text when opted-in ()
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
2023-06-29 13:05:21 +02:00
Matt Jankowski
0b249ebdb0
Extract StatusSafeReblogInsert concern from Status () 2023-05-04 14:06:20 +02:00
Claire
1e75eb690d
Fix own posts not getting delivered to own lists () 2023-05-03 19:17:40 +02:00
Matt Jankowski
38b2974a83
Extract AccountSearch concern from Account () 2023-05-02 18:21:36 +02:00
Matt Jankowski
f1c1dd0118
Rename with_lock to with_redis_lock to avoid confusion with ActiveRecord's method () 2023-05-02 18:16:07 +02:00
Claire
6693a4fe7c
Change lists to be able to include accounts with pending follow requests () 2023-05-02 14:40:36 +02:00
Claire
32a030dd74
Rewrite import feature () 2023-05-02 12:08:48 +02:00
Matt Jankowski
d902a707a3
Fix Rails/CompactBlank cop () 2023-04-30 14:07:21 +02:00
Matt Jankowski
af824db398
Fix Rails/InverseOf cop () 2023-04-30 14:06:53 +02:00
Nick Schonning
49fad26eca
Drop EOL Ruby 2.7 () 2023-04-27 01:46:18 +02:00
Claire
0e919397db
Fix unescaped user input in LDAP query () 2023-04-04 12:42:38 +02:00
Eugen Rochko
a9b5598c97
Change user settings to be stored in a more optimal way ()
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-03-30 14:44:00 +02:00
Eugen Rochko
9bda933740
Change media upload limits and remove client-side resizing () 2023-03-25 10:00:03 +01:00
Takeshi Umeda
38c84f57b6
Refactoring relations_map () 2023-03-21 10:32:58 +01:00
Claire
6b16b77ab0
Fix external authentication not running onboarding code for new users () 2023-03-03 20:45:55 +01:00
Nick Schonning
d2dcb6c45a
Autofix Rubocop Style/UnpackFirst () 2023-02-20 06:51:43 +01:00
Nick Schonning
2177daeae9
Autofix Rubocop Style/RedundantBegin () 2023-02-19 07:09:40 +09:00
Nick Schonning
ab7816a414
Autofix Rubocop Style/Lambda () 2023-02-18 12:39:00 +01:00
Nick Schonning
e2a3ebb271
Autofix Rubocop Style/IfUnlessModifier () 2023-02-18 12:37:47 +01:00
Nick Schonning
669f6d2c0a
Run rubocop formatting except line length () 2023-02-18 06:56:20 +09:00
Nick Schonning
8c1b65c7dd
Apply Rubocop Style/RedundantAssignment () 2023-02-08 07:06:50 +01:00
Nick Schonning
ed570050c6
Autofix Rails/EagerEvaluationLogMessage ()
* Autofix Rails/EagerEvaluationLogMessage

* Update spec for debug block syntax
2023-02-07 03:44:36 +01:00
Claire
d1387579b9
Fix situations in which instance actor can be set to a Mastodon-incompatible name ()
* Validate internal actor

* Use “internal.actor” by default for the server actor username

* Fix instance actor username on the fly if it includes ':'

* Change actor name from internal.actor to mastodon.internal
2023-01-18 16:33:03 +01:00
David Freedman
ff70e50199
Don't crash on unobtainable avatars () 2023-01-13 16:40:06 +01:00
Claire
70415714f1
Add follow request banner on account header ()
* Add requested_by to relationship maps

* Display whether an account has requested to follow you on their profile
2022-12-15 18:50:11 +01:00
Claire
c8849d6cee
Fix unbounded recursion in account discovery ()
* Fix trying to fetch posts from other users when fetching featured posts

* Rate-limit discovery of new subdomains

* Put a limit on recursively discovering new accounts
2022-12-07 00:15:24 +01:00
Eugen Rochko
552d69ad96
Fix error when invalid domain name is submitted ()
Fix 
2022-11-14 08:07:14 +01:00
Eugen Rochko
9bc0a6c861
Fix metadata scrubbing removing color profile from images () 2022-11-11 09:20:10 +01:00
Claire
86f6631d28
Remove dead code and refactor status threading code ()
* Remove dead code

* Remove unneeded/broken parameters and refactor descendant computation
2022-11-10 22:30:00 +01:00
Eugen Rochko
50948b46aa
Add ability to filter followed accounts' posts by language () 2022-09-20 23:51:21 +02:00
Claire
50487db122
Add ability to filter individual posts ()
* Add database table for status-specific filters

* Add REST endpoints, entities and attributes

* Show status filters in /filters interface

* Perform server-side filtering for individual posts filters

* Fix filtering on context mismatch

* Refactor `toServerSideType` by moving it to its own module

* Move loupe and delete icons to their own module

* Add ability to filter individual posts from WebUI

* Replace keyword list by warnings (expired, context mismatch)

* Refactor server-side filtering code

* Add tests
2022-08-25 04:27:47 +02:00
Eugen Rochko
44b2ee3485
Add customizable user roles ()
* Add customizable user roles

* Various fixes and improvements

* Add migration for old settings and fix tootctl role management
2022-07-05 02:41:40 +02:00
Claire
02851848e9
Revamp post filtering system ()
* Add model for custom filter keywords

* Use CustomFilterKeyword internally

Does not change the API

* Fix /filters/edit and /filters/new

* Add migration tests

* Remove whole_word column from custom_filters (covered by custom_filter_keywords)

* Redesign /filters

Instead of a list, present a card that displays more information and handles
multiple keywords per filter.

* Redesign /filters/new and /filters/edit to add and remove keywords

This adds a new gem dependency: cocoon, as well as a npm dependency:
cocoon-js-vanilla. Those are used to easily populate and remove form fields
from the user interface when manipulating multiple keyword filters at once.

* Add /api/v2/filters to edit filter with multiple keywords

Entities:
- `Filter`: `id`, `title`, `filter_action` (either `hide` or `warn`), `context`
  `keywords`
- `FilterKeyword`: `id`, `keyword`, `whole_word`

API endpoits:
- `GET /api/v2/filters` to list filters (including keywords)
- `POST /api/v2/filters` to create a new filter
  `keywords_attributes` can also be passed to create keywords in one request
- `GET /api/v2/filters/:id` to read a particular filter
- `PUT /api/v2/filters/:id` to update a new filter
  `keywords_attributes` can also be passed to edit, delete or add keywords in
   one request
- `DELETE /api/v2/filters/:id` to delete a particular filter
- `GET /api/v2/filters/:id/keywords` to list keywords for a filter
- `POST /api/v2/filters/:filter_id/keywords/:id` to add a new keyword to a
   filter
- `GET /api/v2/filter_keywords/:id` to read a particular keyword
- `PUT /api/v2/filter_keywords/:id` to edit a particular keyword
- `DELETE /api/v2/filter_keywords/:id` to delete a particular keyword

* Change from `irreversible` boolean to `action` enum

* Remove irrelevent `irreversible_must_be_within_context` check

* Fix /filters/new and /filters/edit with update for filter_action

* Fix Rubocop/Codeclimate complaining about task names

* Refactor FeedManager#phrase_filtered?

This moves regexp building and filter caching to the `CustomFilter` class.

This does not change the functional behavior yet, but this changes how the
cache is built, doing per-custom_filter regexps so that filters can be matched
independently, while still offering caching.

* Perform server-side filtering and output result in REST API

* Fix numerous filters_changed events being sent when editing multiple keywords at once

* Add some tests

* Use the new API in the WebUI

- use client-side logic for filters we have fetched rules for.
  This is so that filter changes can be retroactively applied without
  reloading the UI.
- use server-side logic for filters we haven't fetched rules for yet
  (e.g. network error, or initial timeline loading)

* Minor optimizations and refactoring

* Perform server-side filtering on the streaming server

* Change the wording of filter action labels

* Fix issues pointed out by linter

* Change design of “Show anyway” link in accordence to review comments

* Drop “irreversible” filtering behavior

* Move /api/v2/filter_keywords to /api/v1/filters/keywords

* Rename `filter_results` attribute to `filtered`

* Rename REST::LegacyFilterSerializer to REST::V1::FilterSerializer

* Fix systemChannelId value in streaming server

* Simplify code by removing client-side filtering code

The simplifcation comes at a cost though: filters aren't retroactively
applied anymore.
2022-06-28 09:42:13 +02:00
Alexander Ivanov
379a7a7ca7
Add support for webp uploads () 2022-05-27 20:06:40 +02:00
Eugen Rochko
6cf57c6765
Refactor how Redis locks are created ()
* Refactor how Redis locks are created

* Fix autorelease duration on account deletion lock
2022-05-13 00:02:35 +02:00
Eugen Rochko
7b0fe4aef9
Fix opening and closing Redis connections instead of using a pool ()
* Fix opening and closing Redis connections instead of using a pool

* Fix Redis connections not being returned to the pool in CLI commands
2022-04-29 22:43:07 +02:00
Eugen Rochko
3917353645
Fix single Redis connection being used across all threads ()
* Fix single Redis connection being used across all Sidekiq threads

* Fix tests
2022-04-28 17:47:34 +02:00
Claire
33cd80d69c
Fix instance actor being incorrectly created when running migrations ()
* Add migration test about instance actor key

* Fix old migration

* Work around incorrect database state
2022-04-26 21:22:09 +02:00
Eugen Rochko
71f2b95106
Fix edits with no actual changes being allowed ()
* Fix edits with no actual changes being allowed locally

* Fix edits with no actual changes being allowed through ActivityPub

* Fix false positive changes caused by description processing in model

* Fix not recording poll expiration update

* Fix test

* Revert changes to ProcessStatusUpdateService

* Various fixes and improvements

* Fix code style issues

* Various changes and improvements

* Add guard clause
2022-03-26 00:38:44 +01:00
Claire
642528f455
Update fix-duplicates maintenance task ()
* Update fix-duplicates task to 2022_02_10_153119

Also add support for Appeal to AccountMerging#merge_with!

* Update fix-duplicates task to 2022_03_07_094650

* Update fix-duplicates task to 2022_03_09_213005

* Update fix-duplicates task to 2022_03_07_083603

* Update fix-duplicates task to 2022_03_10_060626

* Update fix-duplicates script to 2022_03_07_083603

* Update fix-duplicates task to 2022_03_10_060706

* Update fix-duplicates task to 2022_03_10_060959

* Silence CodeClimate
2022-03-12 08:33:11 +01:00
chandrn7
a6ed6845c9
Allow login through OpenID Connect ()
* added OpenID Connect as an SSO option

* minor fixes

* added comments, removed an option that shouldn't be set

* fixed Gemfile.lock

* added newline to end of Gemfile.lock

* removed tab from Gemfile.lock

* remove chomp

* codeclimate changes and small name change to make function's purpose clearer

* codeclimate fix

* added SSO buttons to /about page

* minor refactor

* minor style change

* removed spurious change

* removed unecessary conditional from ensure_valid_username and added support for auth.info.name in user_params_from_auth

* minor changes
2022-03-09 12:07:35 +01:00
Eugen Rochko
14f436c457
Add notifications for statuses deleted by moderators () 2022-01-17 09:41:33 +01:00
Eugen Rochko
7de0ee7aba
Remove Keybase integration () 2021-11-26 05:58:18 +01:00
Takeshi Umeda
17f4e457b3
Add remove from followers api ()
* Add followed_by? to account_interactions

* Add RemoveFromFollowersService

* Fix AccountBatch to use RemoveFromFollowersService

* Add remove from followers API
2021-10-18 12:02:35 +02:00