Commit graph

1620 commits

Author SHA1 Message Date
Claire
3a24754229
Change GIF max matrix size error to explicitly mention GIF files (#27927) 2023-11-24 09:31:28 +00:00
Matt Jankowski
4be12791e6
Remove default_scope from StatusEdit class (#28042) 2023-11-23 09:26:11 +00:00
Eugen Rochko
cdc57c74b7
Fix unsupported time zone or locale preventing sign-up (#28035)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-11-22 11:38:07 +00:00
Matt Jankowski
d2aacea8da
Reduce .times usage in AccountSearch spec, use constant for default limit (#27946) 2023-11-20 09:08:22 +00:00
ppnplus
2b038b4f89
Added Thai diacritics and tone marks in HASHTAG_INVALID_CHARS_RE (#26576) 2023-11-14 15:33:59 +00:00
Matt Jankowski
b7807f3d84
Use normalizes to prepare Webhook#events value (#27605) 2023-11-13 22:47:44 +00:00
Eugen Rochko
0d14fcebae
Change link previews to keep original URL from the status (#27312) 2023-11-13 09:58:28 +00:00
Matt Jankowski
45770c9306
Fix Performance/MapMethodChain cop (#27744) 2023-11-07 13:01:09 +00:00
Matt Jankowski
bbad5b6456
Remove false positive cop detection (#27457) 2023-11-07 10:44:15 +00:00
Claire
6c52f8286b
Fix posts from force-sensitized accounts being able to trend (#27620) 2023-10-30 22:32:25 +00:00
Claire
93e4cdc31b
Fix hashtag matching pattern matching some URLs (#27584) 2023-10-27 14:04:51 +00:00
Matt Jankowski
12550a6a28
Use Rails.env.local? shorthand method to check env (#27519) 2023-10-26 21:20:41 +00:00
Matt Jankowski
714e3ae5b5
Use Rails 7.1 normalizes feature (#27521) 2023-10-24 10:06:10 +00:00
Matt Jankowski
e93a75f1a1
Rails 7.1 update (#25963) 2023-10-23 17:58:29 +00:00
Claire
8b770ce811
Add warnings to report action logs (#27425) 2023-10-23 14:30:46 +02:00
Claire
bcae744275
Fix some link anchors being recognized as hashtags (#27271) 2023-10-23 14:19:38 +02:00
Matt Jankowski
b0213472df
Validate allowed schemes on preview card URLs (#27485) 2023-10-23 09:50:02 +02:00
Matt Jankowski
63a2a4b074
Fix Performance/DeletePrefix cop (#27448) 2023-10-18 10:32:09 +02:00
Matt Jankowski
08a376cbcb
Fix Style/CombinableLoops cop (#27429) 2023-10-16 16:36:28 +02:00
Claire
340c390849
Fix crash when filtering for “dormant” relationships (#27306) 2023-10-06 12:58:16 +02:00
Matt Jankowski
c676bc91e9
Dont match mention in url query string (#25656)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-10-03 17:01:45 +02:00
Matt Jankowski
2016c5d912
Fix deprecation warning about rewhere: true being default behavior (Rails 7.1 prep) (#27190) 2023-09-28 16:52:23 +02:00
Matt Jankowski
3060bfa4bd
Extract filename and csv helper methods from Form::Import (#26129) 2023-09-28 16:22:05 +02:00
Claire
686406cc2d
Fix filtering audit log for entries about disabling 2FA (#27186) 2023-09-28 13:41:24 +02:00
Essem
bd810391d6
Properly remove tIME chunk from PNG uploads (#27111) 2023-09-25 19:21:07 +02:00
Claire
1bd7455d81
Fix inefficient queries in “Follows and followers” as well as several admin pages (#27116) 2023-09-25 15:06:43 +02:00
Claire
39da3d86f8
Fix ActiveRecord using two connection pools when no replica is defined (#27061) 2023-09-22 16:01:59 +02:00
Claire
e4f5114aaf
Fix obsolete cache key in status cache invalidation logic (#26934) 2023-09-15 19:52:28 +02:00
Eugen Rochko
fc6825055b
Change score half-life for trending posts from 2 hours to 1 hour (#26915) 2023-09-14 09:20:14 +02:00
Robert R George
20666482ef
Added admin api for managing tags (#26872) 2023-09-13 11:22:53 +02:00
Claire
81caafbe84
Fix performances of profile directory (#26842) 2023-09-07 18:55:25 +02:00
Claire
355e3fb529
Simplify Account.by_recent_status and Account.by_recent_sign_in scopes (#26840) 2023-09-07 15:38:11 +02:00
Colette Kerr
8a9d7aeb1e
Change DCT method used for JPEG encoding to float (#26675) 2023-09-07 05:26:25 +02:00
Claire
b83e487502
Fix moderator rights inconsistencies (#26729) 2023-09-06 16:40:19 +02:00
Claire
cab4cbfa5c
Fix “Scoped order is ignored, it's forced to be batch order.” warnings (#26793) 2023-09-05 15:37:23 +02:00
Eugen Rochko
05093266e6
Fix some video encoding failing due to uneven dimensions (#26766) 2023-09-02 09:02:44 +02:00
Claire
16681e0f20
Add admin notifications for new Mastodon versions (#26582) 2023-09-01 17:47:07 +02:00
Claire
9e26cd5503
Add authorized_fetch server setting in addition to env var (#25798) 2023-09-01 15:41:10 +02:00
Eugen Rochko
ecd76fa413
Fix videos not playing in some browsers due to unsupported color space (#26745) 2023-08-31 17:21:06 +02:00
Claire
9e77ab7db2
Change private statuses index to index without crutches (#26713) 2023-08-29 17:51:13 +02:00
Eugen Rochko
01b87a1632
Change video compression parameters (#26631) 2023-08-28 19:40:08 +02:00
Claire
0cce7fb617
Fix incorrect call to PublicStatusesIndex.import (#26697) 2023-08-28 15:04:57 +02:00
Eugen Rochko
5694e24bbf
Fix unnecessary condition causing seqscan when indexing (#26689) 2023-08-27 22:37:35 +02:00
jsgoldstein
30c191aaa0
Add new public status index (#26344)
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-08-24 16:40:04 +02:00
Daniel M Brasil
f337008819
Fix timeout on invalid set of exclusionary parameters in /api/v1/timelines/public (#26239) 2023-08-23 15:50:23 +02:00
Claire
9ed0c91a37
Add auto-refresh of accounts we get new messages/edits of (#26510) 2023-08-21 16:09:26 +02:00
Claire
ee702e36e5
Change follow recommendation materialized view to be faster in most cases (#26545)
Co-authored-by: Renaud Chaput <renchap@gmail.com>
2023-08-18 18:20:55 +02:00
Claire
60b9fa641d
Fix cached posts including stale stats (#26409) 2023-08-17 16:11:48 +02:00
Claire
cc4560d95b
Change “privacy and reach” settings so that unchecking boxes always increase privacy and checking them always increase reach (#26508) 2023-08-17 09:13:26 +02:00
Claire
0446394465
Fix “legal” report category not showing up in moderation interface (#26509) 2023-08-16 16:38:33 +02:00
Claire
90ec88d58b
Add support for indexable attribute on remote actors (#26485)
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
2023-08-14 18:54:51 +02:00
Claire
fc5ab2dc83
Add privacy tab in profile settings (#26484)
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
2023-08-14 18:52:45 +02:00
Claire
2c204d904b
Change DB_REPLICA_* environment variables to REPLICA_DB_* (#26386) 2023-08-08 13:59:40 +02:00
Claire
d5bee37c57
Fix missing cached preview cards attributes (#26343) 2023-08-04 16:13:47 +02:00
Claire
9405e9af58
Fix incorrect model annotation for List#exclusive (#26313) 2023-08-04 09:00:31 +02:00
Claire
3105fef21a
Rename “read” database to “replica” for consistency (#26326) 2023-08-03 16:17:09 +02:00
Christian Schmidt
8da99ffb0d
Add alt text for preview card thumbnails (#26184) 2023-08-03 15:41:51 +02:00
Christian Schmidt
f2257069b2
Fix AVIF attachments (#26264) 2023-08-01 19:34:11 +02:00
Claire
b4e739ff0f
Change interaction modal in web UI (#26075)
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
2023-07-27 16:11:17 +02:00
Eugen Rochko
7bd8ef355c
Add published_at attribute to preview cards (#26153) 2023-07-25 13:40:35 +02:00
Vyr Cossont
394d1f19b1
Add report.updated webhook (#24211) 2023-07-24 17:37:38 +02:00
Eugen Rochko
4d01d1a1ee
Remove 16:9 cropping from web UI (#26132) 2023-07-24 13:46:55 +02:00
Claire
5cbc402687
Fix replica being used even if not explicitly defined (#26074) 2023-07-21 11:30:53 +02:00
Claire
1e3b19230a
Add stricter protocol fields validation for accounts (#25937) 2023-07-20 18:23:48 +02:00
Eugen Rochko
26e522ac55
Fix not actually connecting to the configured replica (#25977) 2023-07-17 08:26:52 +02:00
Matt Jankowski
644c5fddd8
Refactor Status.tagged_with_all for brakeman SQL injection warning (#25941) 2023-07-13 15:52:37 +02:00
Matt Jankowski
ce43ed144c
Rails 7.0 update (#25668) 2023-07-13 09:36:07 +02:00
Matt Jankowski
1ef014802b
Refactor Trends::Query to avoid brakeman sql injection warnings (#25881) 2023-07-12 14:19:20 +02:00
Matt Jankowski
b8b2470cf8
Fix Style/SlicingWithRange cop (#25923) 2023-07-12 10:03:06 +02:00
Eugen Rochko
610cf6c371
Fix trend calculation working on too many items at a time (#25835) 2023-07-08 20:16:48 +02:00
Matt Jankowski
cf33028f35
Admin mailer parameterization (#25759) 2023-07-08 20:03:38 +02:00
Claire
94fbac77e7
Fix processing of media files with unusual names (#25788) 2023-07-07 13:35:22 +02:00
Claire
dc8f1fbd97
Merge pull request from GHSA-9928-3cp5-93fm
* Fix attachments getting processed despite failing content-type validation

* Add a restrictive ImageMagick security policy tailored for Mastodon

* Fix misdetection of MP3 files with large cover art

* Reject unprocessable audio/video files instead of keeping them unchanged
2023-07-06 15:05:05 +02:00
Eugen Rochko
ba06a2f104
Revert "Rails 7 update" (#25667) 2023-07-02 11:14:22 +02:00
Matt Jankowski
50c2a03695
Rails 7 update (#24241) 2023-07-02 10:38:53 +02:00
Matt Jankowski
683ba5ecb1
Fix rails rewhere deprecation warning in directories api controller (#25625) 2023-07-01 21:48:16 +02:00
jsgoldstein
4581a528f7
Change account search to match by text when opted-in (#25599)
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
2023-06-29 13:05:21 +02:00
Claire
602c458ab6
Add finer permission requirements for managing webhooks (#25463) 2023-06-22 14:52:25 +02:00
Claire
ebfeaebedb
Fix /api/v1/conversations sometimes returning empty accounts (#25499) 2023-06-20 18:32:26 +02:00
Claire
ec91ea4457
Fix missing validation on default_privacy setting (#25513) 2023-06-20 18:32:14 +02:00
Claire
dd07393e75
Fix user settings not getting validated (#25508) 2023-06-19 14:06:06 +01:00
Daniel M Brasil
d9c6f70cc6
Fix ArgumentError in /api/v1/admin/accounts/:id/action (#25386) 2023-06-14 15:21:36 +02:00
Claire
ec59166844
Fix ArgumentError when loading newer Private Mentions (#25399) 2023-06-14 08:54:52 +02:00
Renaud Chaput
1cb4514d0e
Add missing report category translation (#25400) 2023-06-13 15:05:40 +02:00
Eugen Rochko
4c9406bdb0
Add time zone preference (#25342) 2023-06-10 03:29:37 +02:00
Eugen Rochko
67d17ce194
Add legal as report category (#23941) 2023-06-06 23:41:59 +02:00
Nick Schonning
c66250abf1
Autofix Rubocop Regex Style rules (#23690)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-06-06 14:50:51 +02:00
Eugen Rochko
4eda233e09
Add webhook templating (#23289)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-06-06 10:42:47 +02:00
Darius Kazemi
bacb674921
Add exclusive lists (#22048)
Co-authored-by: Liam Cooke <liam@liamcooke.com>
Co-authored-by: John Holdun <john@johnholdun.com>
Co-authored-by: Effy Elden <effy@effy.space>
Co-authored-by: Lina Reyne <git@lina.pizza>
Co-authored-by: Lina <20880695+necropolina@users.noreply.github.com>
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-06-05 09:37:02 +02:00
Claire
8884d1ece0
Add support for importing lists (#25203) 2023-06-01 14:47:31 +02:00
Claire
2b45fecde1
Fix multiple N+1s in ConversationsController (#25134) 2023-06-01 02:41:51 +02:00
Christian Schmidt
69057467cb
Translate CW, poll options and media descriptions (#24175)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-06-01 00:10:21 +02:00
Claire
b6519ab3f5
Fix inconsistent naming of Instance.by_domain_and_subdomain (#25159) 2023-05-31 09:57:24 +02:00
Claire
1d588d58f1
Improve various queries against account domains (#25126) 2023-05-25 09:27:16 +02:00
Claire
dfa5889fc0
Change Identity to not destroy associated User on destroy (#25098) 2023-05-23 15:00:36 +02:00
Matt Jankowski
9f5deb310b
Fix Performance/MapCompact cop (#24797)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-05-23 10:49:12 +02:00
Emelia Smith
19f9098551
Allow reports with long comments from remote instances, but truncate (#25028) 2023-05-22 13:15:21 +02:00
Claire
bec6a1cad4
Add hCaptcha support (#25019) 2023-05-16 23:27:35 +02:00
Claire
3ed3d54bf3
Fix reports not being closed when performing batch suspensions (#24988) 2023-05-16 14:56:49 +02:00
Matt Jankowski
0b249ebdb0
Extract StatusSafeReblogInsert concern from Status (#24821) 2023-05-04 14:06:20 +02:00
Nick Schonning
da3bd913ae
Autofix Rubocop Style/HashSyntax (#23754) 2023-05-04 05:54:26 +02:00
Matt Jankowski
2c6c398c60
Fix Performance/CollectionLiteralInLoop cop (#24819) 2023-05-04 05:33:55 +02:00
Claire
a2a22bad23
Fix various edge cases with local moves (#24812) 2023-05-03 19:19:25 +02:00
Claire
1e75eb690d
Fix own posts not getting delivered to own lists (#24810) 2023-05-03 19:17:40 +02:00
Matt Jankowski
a0c9f2447e
Fix Performance/MethodObjectAsBlock cop (#24798) 2023-05-03 10:30:54 +02:00
Matt Jankowski
b5c4b47746
Fix Rails/ActiveRecordCallbacksOrder cop (#24689) 2023-05-02 18:23:35 +02:00
Matt Jankowski
38b2974a83
Extract AccountSearch concern from Account (#24716) 2023-05-02 18:21:36 +02:00
Matt Jankowski
f1c1dd0118
Rename with_lock to with_redis_lock to avoid confusion with ActiveRecord's method (#24741) 2023-05-02 18:16:07 +02:00
Matt Jankowski
5e060e1f44
Fix Performance/Sum cop (#24788) 2023-05-02 16:10:40 +02:00
Claire
6693a4fe7c
Change lists to be able to include accounts with pending follow requests (#19727) 2023-05-02 14:40:36 +02:00
Matt Jankowski
88d33f361f
Fix Lint/DuplicateBranch cop (#24766) 2023-05-02 12:57:11 +02:00
Claire
32a030dd74
Rewrite import feature (#21054) 2023-05-02 12:08:48 +02:00
Matt Jankowski
d902a707a3
Fix Rails/CompactBlank cop (#24690) 2023-04-30 14:07:21 +02:00
Matt Jankowski
af824db398
Fix Rails/InverseOf cop (#24732) 2023-04-30 14:06:53 +02:00
Nick Schonning
49fad26eca
Drop EOL Ruby 2.7 (#24237) 2023-04-27 01:46:18 +02:00
Claire
b0eba1a060
Minor clean up and optimization of the automatic post deletion code (#24613) 2023-04-21 16:53:50 +02:00
Robert R George
4db8230194
Add trend management to admin API (#24257) 2023-04-18 11:33:30 +02:00
Heitor de Melo Cardozo
bc75e62ca6
Change moderation search an account using the username with @ (#24242) 2023-04-17 14:16:36 +02:00
Claire
f53d009778
Refactor Status._insert_record slightly and tighten the test around reblogs of discarded statuses (#24516) 2023-04-12 12:47:05 +02:00
Kuba Suder
aca2cd1528
fixed typo in a constant name (#24511) 2023-04-12 10:06:57 +02:00
Claire
0e919397db
Fix unescaped user input in LDAP query (#24379) 2023-04-04 12:42:38 +02:00
Nick Schonning
cb2ce842b0
Autofix Rubocop Rails/IgnoredColumnsAssignment (#23761) 2023-03-31 15:07:22 +02:00
Christian Schmidt
b4f38edf74
Wrong type for user setting when default is defined by lambda (#24321) 2023-03-31 07:33:17 +02:00
Eugen Rochko
a9b5598c97
Change user settings to be stored in a more optimal way (#23630)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-03-30 14:44:00 +02:00
Claire
e084b5b82d
Fix user archive takeout when using OpenStack Swift or S3 providers with no ACL support (#24200) 2023-03-27 17:07:37 +02:00
Eugen Rochko
9bda933740
Change media upload limits and remove client-side resizing (#23726) 2023-03-25 10:00:03 +01:00
Claire
2626097869
Fix Rails cache namespace being overriden with v2 for cached statuses (#24202) 2023-03-22 15:47:44 +01:00
Takeshi Umeda
38c84f57b6
Refactoring relations_map (#24195) 2023-03-21 10:32:58 +01:00
Vyr Cossont
94cbd808b5
Webhooks for local status.create, status.update, account.update (#24133) 2023-03-19 07:47:54 +01:00
Eugen Rochko
75e5a6e437
Change user backups to use expiring URLs for download when possible (#24136) 2023-03-16 22:46:52 +01:00
Christian Schmidt
bd047acc35
Replace Status#translatable? with language matrix in separate endpoint (#24037) 2023-03-16 11:07:24 +01:00
Claire
86f8aa2db2
Fix unconfirmed accounts being registered as active users (#23803) 2023-03-06 16:00:08 +01:00
Jean byroot Boussier
922837dc96
Upgrade to latest redis-rb 4.x and fix deprecations (#23616)
Co-authored-by: Jean Boussier <jean.boussier@gmail.com>
2023-03-04 16:38:28 +01:00
Christian Schmidt
5a8c651e8f
Only offer translation for supported languages (#23879) 2023-03-03 21:06:31 +01:00
Claire
6b16b77ab0
Fix external authentication not running onboarding code for new users (#23458) 2023-03-03 20:45:55 +01:00
Claire
f8bb4d0d6b
Fix server error when failing to follow back followers from /relationships (#23787) 2023-03-03 20:36:18 +01:00
Claire
c2a046ded1
Fix “Remove all followers from the selected domains” being more destructive than it claims (#23805) 2023-03-03 20:25:15 +01:00
Matt Jankowski
af578e8ce0
Fix deprecation warning about merging conditions (#23618) 2023-03-02 16:21:04 +01:00
Matt Jankowski
4bb39ac3c3
Fix single-record invalid condition on PollVote (#23810) 2023-02-27 09:31:15 +01:00
Claire
f682478de8
Fix inefficiency when searching accounts per username in admin interface (#23801) 2023-02-22 11:53:13 +01:00
Nick Schonning
9909b4b653
Autofix Rubocop Rails/WhereEquals (#23759) 2023-02-21 03:20:56 +09:00
Nick Schonning
717683d1c3
Autofix Rubocop remaining Layout rules (#23679) 2023-02-20 06:58:28 +01:00
Nick Schonning
d2dcb6c45a
Autofix Rubocop Style/UnpackFirst (#23741) 2023-02-20 06:51:43 +01:00
Nick Schonning
63e6353886
Autofix Rubocop Rails/EnumHash (#23737) 2023-02-20 05:00:36 +01:00
Nick Schonning
597767a9f7
Autofix Rubocop Rails/RedundantForeignKey (#23731) 2023-02-20 02:19:40 +01:00
Nick Schonning
2177daeae9
Autofix Rubocop Style/RedundantBegin (#23703) 2023-02-19 07:09:40 +09:00
Nick Schonning
ab7816a414
Autofix Rubocop Style/Lambda (#23696) 2023-02-18 12:39:00 +01:00
Nick Schonning
e2a3ebb271
Autofix Rubocop Style/IfUnlessModifier (#23697) 2023-02-18 12:37:47 +01:00
Nick Schonning
a6f77aa28a
Autofix Rubocop Lint/AmbiguousOperatorPrecedence (#23681) 2023-02-18 04:30:23 +01:00
Nick Schonning
669f6d2c0a
Run rubocop formatting except line length (#23632) 2023-02-18 06:56:20 +09:00
Aaron Patterson
fb8503e861
Upgrade to Ruby 3.2 (#22928)
Co-authored-by: Matthew Ford <matt@bitzesty.com>
2023-02-15 08:30:27 +01:00
Claire
a9c220242b
Fix admin-set follow recommandations being case-sensitive (#23500)
Fixes #23472
2023-02-10 11:14:58 +01:00
Claire
67de888bad
Fix server status URL being a required server setting (#23499) 2023-02-10 10:20:43 +01:00
Nick Schonning
0592937264
Apply Rubocop Rails/WhereNot (#23448)
* Apply Rubocop Rails/WhereNot

* Update spec for where.not
2023-02-08 10:39:57 +01:00
Nick Schonning
0d1f192c54
Apply Rubocop Performance/BlockGivenWithExplicitBlock (#23441)
* Apply Rubocop Performance/BlockGivenWithExplicitBlock

* Unprefix used block parameter
2023-02-08 10:36:23 +01:00
Nick Schonning
f68bb52556
Apply Rubocop Style/NegatedIfElseCondition (#23451) 2023-02-08 07:07:36 +01:00
Nick Schonning
8c1b65c7dd
Apply Rubocop Style/RedundantAssignment (#23452) 2023-02-08 07:06:50 +01:00
Nick Schonning
cec005068f
Apply Rubocop Performance/RedundantBlockCall (#23440) 2023-02-08 00:58:18 +01:00
Nick Schonning
ed570050c6
Autofix Rails/EagerEvaluationLogMessage (#23429)
* Autofix Rails/EagerEvaluationLogMessage

* Update spec for debug block syntax
2023-02-07 03:44:36 +01:00
Eugen Rochko
8f590b0a21
Add setting for status page URL (#23390) 2023-02-04 04:56:06 +01:00
Claire
13a2abacc8
Add roles attribute to Account entities in REST API (#23255) 2023-01-25 19:55:40 +01:00
Claire
6883fddb19
Fix account activation being triggered before email confirmation (#23245)
* Add tests

* Fix account activation being triggered before email confirmation

Fixes #23098
2023-01-24 19:40:21 +01:00
Jeong Arm
a1abda39dd
Fix Account Strike causing PG not null validation error (#23178) 2023-01-21 10:22:22 +01:00
Claire
3970a6f433
Add option to make the landing page be /about even when trends are enabled (#20808)
* Add option to make the landing page be /about even when trends are enabled

* Restablish /explore as landing page by default
2023-01-18 16:43:58 +01:00
Claire
343e1fe8e9
Add confirmation screen when handling reports (#22375)
* Add confirmation screen on moderation actions

* Add flash notice when a report has been processed

* Refactor tests

* Add tests
2023-01-18 16:40:09 +01:00
Claire
d1387579b9
Fix situations in which instance actor can be set to a Mastodon-incompatible name (#22307)
* Validate internal actor

* Use “internal.actor” by default for the server actor username

* Fix instance actor username on the fly if it includes ':'

* Change actor name from internal.actor to mastodon.internal
2023-01-18 16:33:03 +01:00
Claire
fcc4c9b34a
Change domain block CSV parsing to be more robust and handle more lists (#21470)
* Change domain block CSV parsing to be more robust and handle more lists

* Add some tests

* Improve domain block import validation and reporting
2023-01-18 16:20:52 +01:00
David Freedman
ff70e50199
Don't crash on unobtainable avatars (#22462) 2023-01-13 16:40:06 +01:00
Claire
21a1a8ee88
Fix crash when marking statuses as sensitive while some statuses are deleted (#22134)
* Do not offer to mark statuses as sensitive if there is no undeleted status with media attachments

* Fix crash when marking statuses as sensitive while some statuses are deleted

Fixes #21910

* Fix multiple strikes being created for a single report when selecting “Mark as sensitive”

* Add tests
2023-01-13 10:46:52 +01:00
Kaspar V
ae62e5fa53
Fix/remove calling private method with send in model (#22951)
* fix(status): remove send usage for private unlink_from_conversations

- make unlink_from_conversations public method
- rename unlink_from_conversations to unlink_from_conversations!
- fix send call on private method in statuses_vacuum and batched_remove_status_service

* fix(feeds_vacuum): replace find_in_batches with in_batches

because active record query results should be a little more efficient than
itterating with map and each. Postgres can grasp such lists of ids much quicker
than ruby can.
Will probably make allmost no difference, but cannot hurt either.
2023-01-11 21:57:24 +01:00
Darius Kazemi
264655c53a
Fix account search not returning followed accounts first (#22956)
* Make autosuggest for mentions return followed accounts first

This makes it so that (when elasticsearch is disabled) when a user types '@foo' in the compose box, they are first going to get accounts they follow ordered by the ranking algorithm, and then second they will get accounts they do not follow, also ordered by the ranking algorithm.

This makes behavior more consistent with user expectation and also with results when elasticsearch is enabled.

* Fix ranking order to correct direction

* One more fixup per @gargron suggestion

* Tweak to ranking to no longer include following modifier
2023-01-06 07:35:52 +01:00
Claire
acec1fb745
Fix site upload validations (#22479)
* Fix site settings media upload handling of DimensionsValidationError

Fixes #22234

* Fix underlying validations not being performed for site uploads
2023-01-05 13:42:03 +01:00
Claire
3654c94583
Strip spaces around URL when adding a relay (#22655)
* Strip spaces around URL when adding a relay

Fixes #22650

* Gracefuly handle URL parsing errors in URL validator
2023-01-05 13:33:33 +01:00
Alexander Ivanov
8eb29741b4
Add webhook account.approved (#22938)
* Webhook `account.approved` when preparing new user

* Update Webhook.EVENTS
2023-01-05 13:29:49 +01:00
Partho Ghosh
115ab2869b
Fix ・ detection in hashtag regex to construct hashtag correctly (#22888)
* Fix ・ detection in hashtag regex to construct hashtag correctly

* Fixed rubocop liniting issues

* More rubocop linting fix
2023-01-04 02:12:48 +01:00
Claire
70415714f1
Add follow request banner on account header (#20785)
* Add requested_by to relationship maps

* Display whether an account has requested to follow you on their profile
2022-12-15 18:50:11 +01:00
Claire
2644a28cb3
Change remote media files to be downloaded outside of transactions (#21796) 2022-12-15 18:09:48 +01:00
Jeong Arm
3656a6b9cc
Add "disabled" user filter for admin/accounts UI (#21282) 2022-12-15 17:30:47 +01:00
Jeong Arm
d412147d02
Save avatar or header correctly even if other one fails (#18465)
* Save avatar or header correctly if other one fails

* Fix test
2022-12-15 17:11:14 +01:00
Francis Murillo
5fb1c3e934
Revoke all authorized applications on password reset (#21325)
* Clear sessions on password change

* Rename User::clear_sessions to revoke_access for a clearer meaning

* Add reset paassword controller test

* Use User.find instead of User.find_for_authentication for reset password test

* Use redirect and render for better test meaning in reset password

Co-authored-by: Effy Elden <effy@effy.space>
2022-12-15 15:47:06 +01:00
Claire
ed07f10ca8
Fix failure when “Require a reason to join” is set with open registrations (#22127) 2022-12-07 16:39:58 +01:00
Claire
b59fb28e90
Fix 500 error when trying to migrate to an invalid address (#21462)
* Fix 500 error when trying to migrate to an invalid address

* Add tests
2022-12-07 02:35:39 +01:00
Claire
c8849d6cee
Fix unbounded recursion in account discovery (#22025)
* Fix trying to fetch posts from other users when fetching featured posts

* Rate-limit discovery of new subdomains

* Put a limit on recursively discovering new accounts
2022-12-07 00:15:24 +01:00
Claire
69137f4a90
Fix irreversible and whole_word parameters handling in /api/v1/filters (#21988)
Fixes #21965
2022-12-07 00:10:53 +01:00
Claire
57b893d505
Fix spaces not being stripped in admin account search (#21324)
Fixes #21058

Regression from #18641
2022-11-27 20:47:29 +01:00
Kaspar V
47f0d7021e
refactor(vacuum statuses): reduce amount of db queries and load for each query - improve performance (#21487)
* refactor(statuses_vacuum): remove dead code - unused

Method is not called inside class and private.
Clean up dead code.

* refactor(statuses_vacuum): make retention_period present test explicit

This private method only hides functionality.
It is best practice to be as explicit as possible.

* refactor(statuses_vacuum): improve query performance

- fix statuses_scope having sub-select for Account.remote scope by
  `joins(:account).merge(Account.remote)`
- fix statuses_scope unnecessary use of `Status.arel_table[:id].lt`
  because it is inexplicit, bad practice and even slower than normal
  `.where('statuses.id < ?'`
- fix statuses_scope remove select(:id, :visibility) for having reusable
  active record query batches (no re queries)
- fix vacuum_statuses! to use in_batches instead of find_in_batches,
  because in_batches delivers a full blown active record query result,
  in stead of an array - no requeries necessary
- send(:unlink_from_conversations) not to perform another db query, but
  reuse the in_batches result instead.
- remove now obsolete remove_from_account_conversations method
- remove_from_search_index uses array of ids, instead of mapping
  the ids from an array - this should be more efficient
- use the in_batches scope to call delete_all, instead of running
  another db query for this - because it is again more efficient
- add TODO comment for calling models private method with send

* refactor(status): simplify unlink_from_conversations

- add `has_many through:` relation mentioned_accounts
- use model scope local instead of method call `Status#local?`
- more readable add account to inbox_owners when account.local?

* refactor(status): searchable_by way less sub selects

These queries all included a sub-select. Doing the same with a joins
should be more efficient.
Since this method does 5 such queries, this should be significant,
since it technically halves the query count.

This is how it was:

```ruby
[3] pry(main)> Status.first.mentions.where(account: Account.local, silent: false).explain
  Status Load (1.6ms)  SELECT "statuses".* FROM "statuses" WHERE "statuses"."deleted_at" IS NULL ORDER BY "statuses"."id" DESC LIMIT $1  [["LIMIT", 1]]
  Mention Load (1.5ms)  SELECT "mentions".* FROM "mentions" WHERE "mentions"."status_id" = $1 AND "mentions"."account_id" IN (SELECT "accounts"."id" FROM "accounts" WHERE "accounts"."domain" IS NULL) AND "mentions"."silent" = $2  [["status_id", 109382923142288414], ["silent", false]]
=> EXPLAIN for: SELECT "mentions".* FROM "mentions" WHERE "mentions"."status_id" = $1 AND "mentions"."account_id" IN (SELECT "accounts"."id" FROM "accounts" WHERE "accounts"."domain" IS NULL) AND "mentions"."silent" = $2 [["status_id", 109382923142288414], ["silent", false]]
                                                    QUERY PLAN
------------------------------------------------------------------------------------------------------------------
 Nested Loop  (cost=0.15..23.08 rows=1 width=41)
   ->  Seq Scan on accounts  (cost=0.00..10.90 rows=1 width=8)
         Filter: (domain IS NULL)
   ->  Index Scan using index_mentions_on_account_id_and_status_id on mentions  (cost=0.15..8.17 rows=1 width=41)
         Index Cond: ((account_id = accounts.id) AND (status_id = '109382923142288414'::bigint))
         Filter: (NOT silent)
(6 rows)
```

This is how it is with this change:

```ruby
[4] pry(main)> Status.first.mentions.joins(:account).merge(Account.local).active.explain
  Status Load (1.7ms)  SELECT "statuses".* FROM "statuses" WHERE "statuses"."deleted_at" IS NULL ORDER BY "statuses"."id" DESC LIMIT $1  [["LIMIT", 1]]
  Mention Load (0.7ms)  SELECT "mentions".* FROM "mentions" INNER JOIN "accounts" ON "accounts"."id" = "mentions"."account_id" WHERE "mentions"."status_id" = $1 AND "accounts"."domain" IS NULL AND "mentions"."silent" = $2  [["status_id", 109382923142288414], ["silent", false]]
=> EXPLAIN for: SELECT "mentions".* FROM "mentions" INNER JOIN "accounts" ON "accounts"."id" = "mentions"."account_id" WHERE "mentions"."status_id" = $1 AND "accounts"."domain" IS NULL AND "mentions"."silent" = $2 [["status_id", 109382923142288414], ["silent", false]]
                                                    QUERY PLAN
------------------------------------------------------------------------------------------------------------------
 Nested Loop  (cost=0.15..23.08 rows=1 width=41)
   ->  Seq Scan on accounts  (cost=0.00..10.90 rows=1 width=8)
         Filter: (domain IS NULL)
   ->  Index Scan using index_mentions_on_account_id_and_status_id on mentions  (cost=0.15..8.17 rows=1 width=41)
         Index Cond: ((account_id = accounts.id) AND (status_id = '109382923142288414'::bigint))
         Filter: (NOT silent)
(6 rows)
```
2022-11-27 20:41:18 +01:00
afontenot
f17fc5742e
Clear voter count when poll is reset (#21700)
When a poll is edited, we reset the poll and remove all previous
votes. However, prior to this commit, the voter count on the poll
was not reset. This leads to incorrect percentages being shown in
poll results.

Fixes #21696
2022-11-26 23:08:25 +01:00
Skyler Hawthorne
5b2ff8d32d
fix media uploads with ffmpeg 5 (#21191) 2022-11-25 16:20:47 +01:00
David Leadbeater
69378eac99
Don't allow URLs that contain non-normalized paths to be verified (#20999)
* Don't allow URLs that contain non-normalized paths to be verified

This stops things like https://example.com/otheruser/../realuser where
"/otheruser" appears to be the verified URL, but the actual URL being
verified is "/realuser" due to the "/../".

Also fix a test to use 'https', so it is testing the right thing, now
that since #20304 https is required.

* missing do
2022-11-20 19:28:13 +01:00
lenore gilbert
c373148b3d
Support for import/export of instance-level domain blocks/allows for 4.x w/ additional fixes (#20597)
* Allow import/export of instance-level domain blocks/allows (#1754)

* Allow import/export of instance-level domain blocks/allows.
Fixes #15095

* Pacify circleci

* Address simple code review feedback

* Add headers to exported CSV

* Extract common import/export functionality to
AdminExportControllerConcern

* Add additional fields to instance-blocked domain export

* Address review feedback

* Split instance domain block/allow import/export into separate pages/controllers

* Address code review feedback

* Pacify DeepSource

* Work around Paperclip::HasAttachmentFile for Rails 6

* Fix deprecated API warning in export tests

* Remove after_commit workaround

(cherry picked from commit 94e98864e39c010635e839fea984f2b4893bef1a)

* Add confirmation page when importing blocked domains (#1773)

* Move glitch-soc-specific strings to glitch-soc-specific locale files

* Add confirmation page when importing blocked domains

(cherry picked from commit b91196f4b73fff91997b8077619ae25b6d04a59e)

* Fix authorization check in domain blocks controller

(cherry picked from commit 75279377583c6e2aa04cc8d7380c593979630b38)

* Fix error strings for domain blocks and email-domain blocks

Corrected issue with non-error message used for Mastodon:NotPermittedError in Domain Blocks
Corrected issue Domain Blocks using the Email Domain Blocks message on ActionContoller::ParameterMissing
Corrected issue with Email Domain Blocks using the not_permitted string from "custom emojii's"

* Ran i18n-tasks normalize to address test failure

* Removed unused admin.export_domain_blocks.not_permitted string

Removing unused string as indicated by Check i18n

* Fix tests

(cherry picked from commit 9094c2f52c24e1c00b594e7c11cd00e4a07eb431)

* Fix domain block export not exporting blocks with only media rejection

(cherry picked from commit 26ff48ee48a5c03a2a4b0bd03fd322529e6bd960)

* Fix various issues with domain block import

- stop using Paperclip for processing domain allow/block imports
- stop leaving temporary files
- better error handling
- assume CSV files are UTF-8-encoded

(cherry picked from commit cad824d8f501b95377e4f0a957e5a00d517a1902)

Co-authored-by: Levi Bard <taktaktaktaktaktaktaktaktaktak@gmail.com>
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2022-11-17 11:05:09 +01:00
Claire
00b2720ef0
Change automatic post deletion configuration to be accessible to redirected users (#20774)
Fixes #20550
2022-11-17 10:55:23 +01:00
Claire
0cc77263fc
Change batch account suspension to create a strike (#20897) 2022-11-17 10:52:51 +01:00
Eugen Rochko
552d69ad96
Fix error when invalid domain name is submitted (#19474)
Fix #19175
2022-11-14 08:07:14 +01:00
Eugen Rochko
b31afc6294
Fix error when passing unknown filter param in REST API (#20626)
Fix #19156
2022-11-14 08:06:06 +01:00
Eugen Rochko
5c826c408d
Fix image type not being set after conversion for convertible image types (#20624) 2022-11-14 07:13:14 +01:00
Eugen Rochko
2e2ba39abf
Fix rules with same priority being sorted non-deterministically (#20623) 2022-11-14 06:28:19 +01:00
Jeong Arm
c4c1bee880
Fix trendable status without review (#20214) 2022-11-11 21:24:10 +01:00
Emily Strickland
96f51e593f
Guard against error extracting body from URL (#20428)
If `Nokogiri::HTML(value).at_xpath('//body')` fails to find the `body` element, it will return `nil`. We can guard against that with an early return. Avoids calling `children` on `Nilclass` in those cases.
2022-11-11 21:22:28 +01:00
Eugen Rochko
9bc0a6c861
Fix metadata scrubbing removing color profile from images (#20389) 2022-11-11 09:20:10 +01:00
Claire
86f6631d28
Remove dead code and refactor status threading code (#20357)
* Remove dead code

* Remove unneeded/broken parameters and refactor descendant computation
2022-11-10 22:30:00 +01:00