Commit graph

661 commits

Author SHA1 Message Date
Matt Jankowski
c97b611b6b
Fix RSpec/InferredSpecType cop (#24736) 2023-05-04 05:49:53 +02:00
Matt Jankowski
710745e16b
Fix RSpec/ContextWording cop (#24739) 2023-05-04 05:49:08 +02:00
Matt Jankowski
cf18cc2891
Fix RSpec/MultipleSubjects cop (#24738) 2023-05-04 05:48:35 +02:00
Matt Jankowski
08fb9d300a
Spec coverage for settings/preferences/* controllers (#24825) 2023-05-04 05:44:27 +02:00
Matt Jankowski
3df665fd23
Fix Lint/ConstantDefinitionInBlock cop (#24763) 2023-05-03 10:32:30 +02:00
Matt Jankowski
05e3abe9d9
Fix Lint/EmptyClass cop (#24795) 2023-05-02 21:06:51 +02:00
Matt Jankowski
570079f8ce
Fix Performance/TimesMap cop (#24789) 2023-05-02 18:07:16 +02:00
Claire
9189e90ff2
Add fallback redirection when getting a webfinger query LOCAL_DOMAIN@LOCAL_DOMAIN (#23600)
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
2023-05-02 17:42:42 +02:00
Claire
6693a4fe7c
Change lists to be able to include accounts with pending follow requests (#19727) 2023-05-02 14:40:36 +02:00
Claire
32a030dd74
Rewrite import feature (#21054) 2023-05-02 12:08:48 +02:00
Matt Jankowski
d00e45a7d3
Fix Rails/I18nLocaleAssignment cop (#24693) 2023-04-30 14:07:03 +02:00
Nick Schonning
a3393d0d07
Autofix Rubocop RSpec/MatchArray (#24050) 2023-04-26 20:21:54 +02:00
Nick Schonning
90beba57d8
Autofix Rubocop Rails/ResponseParsedBody (#24051) 2023-04-26 17:25:07 +02:00
Claire
276c39361b
Fix anonymous visitors getting a session cookie on first visit (#24584) 2023-04-25 16:51:38 +02:00
Matt Jankowski
0a5f0a8b20
Remove instance variables from helper usage (#24203) 2023-04-23 22:35:54 +02:00
Claire
58a1b2e330
Fix caching logic with regards to Accept-Language, Cookie, and Signature (#24604) 2023-04-23 22:27:24 +02:00
Eugen Rochko
e98c86050a
Refactor Cache-Control and Vary definitions (#24347) 2023-04-19 16:07:29 +02:00
Robert R George
4db8230194
Add trend management to admin API (#24257) 2023-04-18 11:33:30 +02:00
Matt Jankowski
36eeb70d53
Spec coverage on Settings/ controllers specs (#24221) 2023-04-11 11:35:39 +02:00
Eugen Rochko
a9b5598c97
Change user settings to be stored in a more optimal way (#23630)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-03-30 14:44:00 +02:00
Eugen Rochko
9bda933740
Change media upload limits and remove client-side resizing (#23726) 2023-03-25 10:00:03 +01:00
Christian Schmidt
bd047acc35
Replace Status#translatable? with language matrix in separate endpoint (#24037) 2023-03-16 11:07:24 +01:00
Claire
a232a1feb8
Fix misleading error code when receiving invalid WebAuthn credentials (#23568) 2023-03-15 04:15:20 +01:00
Matt Jankowski
688287c59d
Coverage improvement round-out following up previous work (#23987) 2023-03-10 13:33:30 +01:00
Matt Jankowski
c599e289d8
Fix spec for api/v1/statuses/translations (#23956) 2023-03-04 23:17:46 +01:00
Matt Jankowski
42ddc45133
Admin controllers specs (#23917) 2023-03-04 17:13:28 +01:00
Matt Jankowski
ad585fb195
Specs api v1 controllers (#23930) 2023-03-04 17:12:54 +01:00
Matt Jankowski
6a57c42316
Settings controllers specs (#23915) 2023-03-04 16:56:43 +01:00
Claire
3f52e717fa
Add tests for moderation actions without custom text (#23184) 2023-03-03 20:50:46 +01:00
Claire
c2a046ded1
Fix “Remove all followers from the selected domains” being more destructive than it claims (#23805) 2023-03-03 20:25:15 +01:00
Nick Schonning
6bd7003799
Fix mispelled spec filenames (#23834) 2023-02-23 11:28:56 +01:00
Nick Schonning
84cc805cae
Enable Style/FrozenStringLiteralComment for specs (#23790) 2023-02-22 09:55:31 +09:00
Nick Schonning
0cfdd1a401
Enable Rubocop Style/StringConcatenation defaults (#23792) 2023-02-22 09:54:36 +09:00
Nick Schonning
35d032500b
Autofix Rubocop Security/IoMethods (#23757) 2023-02-21 03:21:19 +09:00
Nick Schonning
717683d1c3
Autofix Rubocop remaining Layout rules (#23679) 2023-02-20 06:58:28 +01:00
Nick Schonning
5116347eb7
Autofix Rubocop RSpec/BeEq (#23740) 2023-02-20 06:14:50 +01:00
Nick Schonning
bf785df9fe
Audofix Rubocop Style/WordArray (#23739) 2023-02-20 06:14:10 +01:00
Nick Schonning
4552685f6b
Autofix Rubocop RSpec/LeadingSubject (#23670) 2023-02-20 13:24:14 +09:00
Nick Schonning
4ea1e0fceb
Enable Rubocop RSpec/ExpectActual (#23720) 2023-02-20 05:00:59 +01:00
Nick Schonning
38a1d8bb85
Autofix Rubocop RSpec/ImplicitSubject (#23721) 2023-02-20 05:00:48 +01:00
Nick Schonning
5179c47087
Autofix Rubocops RSpec/ScatteredLet (#23725) 2023-02-20 11:17:41 +09:00
Nick Schonning
aef0051fd0
Enable Rubocop HTTP status rules (#23717) 2023-02-20 11:16:40 +09:00
Nick Schonning
bd1d57c230
Autofix Rubocop RSpec/EmptyLineAfterSubject (#23719) 2023-02-20 02:46:00 +01:00
Nick Schonning
65ba0d92ef
Enable Rubocop RSpec/NotToNot (#23723) 2023-02-20 02:33:27 +01:00
Nick Schonning
a2fdb388eb
Autofix Rubocop RSpec/ReturnFromStub (#23724) 2023-02-20 02:32:10 +01:00
Nick Schonning
21bf326356
Autofix Rubocop Rails/Pluck (#23730) 2023-02-20 02:28:40 +01:00
Nick Schonning
81ad6c2e39
Autofix Rubocop Style/StringLiterals (#23695) 2023-02-19 07:38:14 +09:00
Nick Schonning
3680e032b4
Autofix Rubocop RSpec/EmptyLineAfterFinalLet (#23707) 2023-02-19 07:10:19 +09:00
Nick Schonning
167709f6b0
Autofix Rubocop Style/BlockDelimiters (#23706) 2023-02-19 07:00:17 +09:00
Nick Schonning
5069769cbe
Autofix Rubocop Style/TrailingCommaInHashLiteral (#23693) 2023-02-18 23:33:41 +09:00
Nick Schonning
b4cbfff3eb
Autofix Rubocop RSpec/ExcessiveDocstringSpacing (#23666) 2023-02-18 12:47:37 +01:00
Nick Schonning
a7db0b41cd
Autofix Rubocop Lint/ParenthesesAsGroupedExpression (#23682) 2023-02-18 04:00:05 +01:00
Nick Schonning
c0a645f647
Autofix Rubocop RSpec/ExampleWording (#23667) 2023-02-18 03:26:20 +01:00
Nick Schonning
634368c491
Autofix Rubocop Lint/SymbolConversion (#23683) 2023-02-18 03:23:49 +01:00
Nick Schonning
6d42820e5d
Autofix Rubocop Lint/AmbiguousOperator (#23680) 2023-02-18 03:22:01 +01:00
Nick Schonning
ac59d6f19f
Enable Rubocop Style/NumericLiterals (#23647) 2023-02-18 11:05:57 +09:00
Nick Schonning
669f6d2c0a
Run rubocop formatting except line length (#23632) 2023-02-18 06:56:20 +09:00
Nick Schonning
68b1071f86
Autofix Rubocop RSpec/BeNil (#23653) 2023-02-17 21:45:27 +09:00
Claire
d6930b3847
Add API parameter to safeguard unexpect mentions in new posts (#18350) 2023-02-13 16:36:29 +01:00
Varun Sharma
45e2936c89
Add tests to indicate inclusion of self replies in statuses endpoint (#23266) 2023-02-13 16:04:26 +01:00
Claire
20a479ff7c
Change POST /settings/applications/:id to regenerate token on scopes change (#23359)
Fixes #23096
2023-02-02 12:03:49 +01:00
Claire
448be26b34
Add missing policy attribute to WebPushSubscriptionSerializer (#23210)
* Add missing `policy` attribute to `WebPushSubscriptionSerializer`

Fixes #23145

* Add tests
2023-01-23 13:05:30 +01:00
Claire
68dcbcb7bf
Add more specific error messages to HTTP signature verification (#21617)
* Return specific error on failure to parse Date header

* Add error message when preferredUsername is not set

* Change error report to be JSON and include more details

* Change error report to differentiate unknown account and failed refresh

* Add tests
2023-01-18 16:47:56 +01:00
Claire
343e1fe8e9
Add confirmation screen when handling reports (#22375)
* Add confirmation screen on moderation actions

* Add flash notice when a report has been processed

* Refactor tests

* Add tests
2023-01-18 16:40:09 +01:00
Claire
fcc4c9b34a
Change domain block CSV parsing to be more robust and handle more lists (#21470)
* Change domain block CSV parsing to be more robust and handle more lists

* Add some tests

* Improve domain block import validation and reporting
2023-01-18 16:20:52 +01:00
Claire
21a1a8ee88
Fix crash when marking statuses as sensitive while some statuses are deleted (#22134)
* Do not offer to mark statuses as sensitive if there is no undeleted status with media attachments

* Fix crash when marking statuses as sensitive while some statuses are deleted

Fixes #21910

* Fix multiple strikes being created for a single report when selecting “Mark as sensitive”

* Add tests
2023-01-13 10:46:52 +01:00
Claire
8556a649d5
Fix changing domain block severity not undoing individual account effects (#22135)
* Fix changing domain block severity not undoing individual account effects

Fixes #22133

* Add tests
2022-12-15 17:45:02 +01:00
Francis Murillo
5fb1c3e934
Revoke all authorized applications on password reset (#21325)
* Clear sessions on password change

* Rename User::clear_sessions to revoke_access for a clearer meaning

* Add reset paassword controller test

* Use User.find instead of User.find_for_authentication for reset password test

* Use redirect and render for better test meaning in reset password

Co-authored-by: Effy Elden <effy@effy.space>
2022-12-15 15:47:06 +01:00
Meisam
6cdbc345f4
Validate nodeinfo response by schema (#21395)
* add json-schema to :test in Gemfile

* Create node_info_2.0_schema.json

* test match_response_schema

* Create match_response_schema.rb

* Update nodeinfo_controller_spec.rb

* Rename spec/support/node_info_2.0_schema.json to spec/support/schema/node_info_2.0_schema.json

* Update match_response_schema.rb

* cleanup

* additionally validate the json schema itself

disable throwing errors

test the schema matcher

* rename nodeinfo schema to nodeinfo_2.0

* use Rails.root.join to construct the path

* prettify json

* sync Gemfile.lock
2022-12-15 15:43:05 +01:00
Francis Murillo
f6492a7c4d
Log admin approve and reject account (#22088)
* Log admin approve and reject account

* Add unit tests for approve and reject logging
2022-12-07 00:25:18 +01:00
Claire
69137f4a90
Fix irreversible and whole_word parameters handling in /api/v1/filters (#21988)
Fixes #21965
2022-12-07 00:10:53 +01:00
Claire
51a33ce77a
Fix not being able to follow more than one hashtag (#21285)
Fixes regression from #20860
2022-11-21 10:35:09 +01:00
Rose
4f15fd0ba1
Fix style for hashes (#20518)
* Fix style for hashes

Make the style for hashes consistent.

* New style

More consistency
2022-11-17 11:05:39 +01:00
lenore gilbert
c373148b3d
Support for import/export of instance-level domain blocks/allows for 4.x w/ additional fixes (#20597)
* Allow import/export of instance-level domain blocks/allows (#1754)

* Allow import/export of instance-level domain blocks/allows.
Fixes #15095

* Pacify circleci

* Address simple code review feedback

* Add headers to exported CSV

* Extract common import/export functionality to
AdminExportControllerConcern

* Add additional fields to instance-blocked domain export

* Address review feedback

* Split instance domain block/allow import/export into separate pages/controllers

* Address code review feedback

* Pacify DeepSource

* Work around Paperclip::HasAttachmentFile for Rails 6

* Fix deprecated API warning in export tests

* Remove after_commit workaround

(cherry picked from commit 94e98864e39c010635e839fea984f2b4893bef1a)

* Add confirmation page when importing blocked domains (#1773)

* Move glitch-soc-specific strings to glitch-soc-specific locale files

* Add confirmation page when importing blocked domains

(cherry picked from commit b91196f4b73fff91997b8077619ae25b6d04a59e)

* Fix authorization check in domain blocks controller

(cherry picked from commit 75279377583c6e2aa04cc8d7380c593979630b38)

* Fix error strings for domain blocks and email-domain blocks

Corrected issue with non-error message used for Mastodon:NotPermittedError in Domain Blocks
Corrected issue Domain Blocks using the Email Domain Blocks message on ActionContoller::ParameterMissing
Corrected issue with Email Domain Blocks using the not_permitted string from "custom emojii's"

* Ran i18n-tasks normalize to address test failure

* Removed unused admin.export_domain_blocks.not_permitted string

Removing unused string as indicated by Check i18n

* Fix tests

(cherry picked from commit 9094c2f52c24e1c00b594e7c11cd00e4a07eb431)

* Fix domain block export not exporting blocks with only media rejection

(cherry picked from commit 26ff48ee48a5c03a2a4b0bd03fd322529e6bd960)

* Fix various issues with domain block import

- stop using Paperclip for processing domain allow/block imports
- stop leaving temporary files
- better error handling
- assume CSV files are UTF-8-encoded

(cherry picked from commit cad824d8f501b95377e4f0a957e5a00d517a1902)

Co-authored-by: Levi Bard <taktaktaktaktaktaktaktaktaktak@gmail.com>
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2022-11-17 11:05:09 +01:00
trwnh
b59ce0a60f
Move V2 Filter methods under /api/v2 prefix (#20622)
* Move V2 Filter methods under /api/v2 prefix

* move over the tests too
2022-11-14 08:34:07 +01:00
Eugen Rochko
552d69ad96
Fix error when invalid domain name is submitted (#19474)
Fix #19175
2022-11-14 08:07:14 +01:00
Claire
1dca08b76f
Fix admin action logs page (#19649)
* Add tests

* Fix crash when trying to display orphaned action logs

* Add migration for older admin action logs
2022-11-03 16:06:42 +01:00
Eugen Rochko
40c7f3e830
Fix account action type validation (#19476)
* Fix account action type validation

Fix #19143

* Fix #19145

* Fix code style issues
2022-10-30 02:44:32 +02:00
Eugen Rochko
1ae508bf2f
Change unauthenticated search to not support pagination in REST API (#19326)
- Only exact search matches for queries with < 5 characters
- Do not support queries with `offset` (pagination)
- Return HTTP 401 on truthy `resolve` instead of overriding to false
2022-10-26 12:10:02 +02:00
Eugen Rochko
7c152acb2c
Change settings area to be separated into categories in admin UI (#19407)
And update all descriptions
2022-10-22 11:44:41 +02:00
Eugen Rochko
839f893168
Change public accounts pages to mount the web UI (#19319)
* Change public accounts pages to mount the web UI

* Fix handling of remote usernames in routes

- When logged in, serve web app
- When logged out, redirect to permalink
- Fix `app-body` class not being set sometimes due to name conflict

* Fix missing `multiColumn` prop

* Fix failing test

* Use `discoverable` attribute to control indexing directives

* Fix `<ColumnLoading />` not using `multiColumn`

* Add `noindex` to accounts in REST API

* Change noindex directive to not be rendered by default before a route is mounted

* Add loading indicator for detailed status in web UI

* Fix missing indicator appearing while account is loading in web UI
2022-10-20 14:35:29 +02:00
Eugen Rochko
1bd00036c2
Change about page to be mounted in the web UI (#19345) 2022-10-13 14:42:37 +02:00
Eugen Rochko
93f340a4bf
Remove setting that disables account deletes (#17683) 2022-10-06 10:16:47 +02:00
Eugen Rochko
58d5b28cb0
Remove previous landing page (#19300) 2022-10-06 02:19:45 +02:00
Eugen Rochko
02ba9cfa35
Remove code for rendering public and hashtag timelines outside the web UI (#19257) 2022-10-04 20:13:46 +02:00
Eugen Rochko
36f4c32a38
Change path of privacy policy page (#19249) 2022-09-29 06:22:12 +02:00
Eugen Rochko
43b5d5e38d
Add logged-out access to the web UI (#18961) 2022-09-29 04:39:33 +02:00
Claire
8cf7006d4e
Refactor ActivityPub handling to prepare for non-Account actors (#19212)
* Move ActivityPub::FetchRemoteAccountService to ActivityPub::FetchRemoteActorService

ActivityPub::FetchRemoteAccountService is kept as a wrapper for when the actor is
specifically required to be an Account

* Refactor SignatureVerification to allow non-Account actors

* fixup! Move ActivityPub::FetchRemoteAccountService to ActivityPub::FetchRemoteActorService

* Refactor ActivityPub::FetchRemoteKeyService to potentially return non-Account actors

* Refactor inbound ActivityPub payload processing to accept non-Account actors

* Refactor inbound ActivityPub processing to accept activities relayed through non-Account

* Refactor how Account key URIs are built

* Refactor Request and drop unused key_id_format parameter

* Rename ActivityPub::Dereferencer `signature_account` to `signature_actor`
2022-09-21 22:45:57 +02:00
Eugen Rochko
50948b46aa
Add ability to filter followed accounts' posts by language (#19095) 2022-09-20 23:51:21 +02:00
Claire
50487db122
Add ability to filter individual posts (#18945)
* Add database table for status-specific filters

* Add REST endpoints, entities and attributes

* Show status filters in /filters interface

* Perform server-side filtering for individual posts filters

* Fix filtering on context mismatch

* Refactor `toServerSideType` by moving it to its own module

* Move loupe and delete icons to their own module

* Add ability to filter individual posts from WebUI

* Replace keyword list by warnings (expired, context mismatch)

* Refactor server-side filtering code

* Add tests
2022-08-25 04:27:47 +02:00
Eugen Rochko
c3f0621a59
Add ability to follow hashtags (#18809) 2022-07-17 13:49:29 +02:00
Eugen Rochko
44b2ee3485
Add customizable user roles (#18641)
* Add customizable user roles

* Various fixes and improvements

* Add migration for old settings and fix tootctl role management
2022-07-05 02:41:40 +02:00
Claire
02851848e9
Revamp post filtering system (#18058)
* Add model for custom filter keywords

* Use CustomFilterKeyword internally

Does not change the API

* Fix /filters/edit and /filters/new

* Add migration tests

* Remove whole_word column from custom_filters (covered by custom_filter_keywords)

* Redesign /filters

Instead of a list, present a card that displays more information and handles
multiple keywords per filter.

* Redesign /filters/new and /filters/edit to add and remove keywords

This adds a new gem dependency: cocoon, as well as a npm dependency:
cocoon-js-vanilla. Those are used to easily populate and remove form fields
from the user interface when manipulating multiple keyword filters at once.

* Add /api/v2/filters to edit filter with multiple keywords

Entities:
- `Filter`: `id`, `title`, `filter_action` (either `hide` or `warn`), `context`
  `keywords`
- `FilterKeyword`: `id`, `keyword`, `whole_word`

API endpoits:
- `GET /api/v2/filters` to list filters (including keywords)
- `POST /api/v2/filters` to create a new filter
  `keywords_attributes` can also be passed to create keywords in one request
- `GET /api/v2/filters/:id` to read a particular filter
- `PUT /api/v2/filters/:id` to update a new filter
  `keywords_attributes` can also be passed to edit, delete or add keywords in
   one request
- `DELETE /api/v2/filters/:id` to delete a particular filter
- `GET /api/v2/filters/:id/keywords` to list keywords for a filter
- `POST /api/v2/filters/:filter_id/keywords/:id` to add a new keyword to a
   filter
- `GET /api/v2/filter_keywords/:id` to read a particular keyword
- `PUT /api/v2/filter_keywords/:id` to edit a particular keyword
- `DELETE /api/v2/filter_keywords/:id` to delete a particular keyword

* Change from `irreversible` boolean to `action` enum

* Remove irrelevent `irreversible_must_be_within_context` check

* Fix /filters/new and /filters/edit with update for filter_action

* Fix Rubocop/Codeclimate complaining about task names

* Refactor FeedManager#phrase_filtered?

This moves regexp building and filter caching to the `CustomFilter` class.

This does not change the functional behavior yet, but this changes how the
cache is built, doing per-custom_filter regexps so that filters can be matched
independently, while still offering caching.

* Perform server-side filtering and output result in REST API

* Fix numerous filters_changed events being sent when editing multiple keywords at once

* Add some tests

* Use the new API in the WebUI

- use client-side logic for filters we have fetched rules for.
  This is so that filter changes can be retroactively applied without
  reloading the UI.
- use server-side logic for filters we haven't fetched rules for yet
  (e.g. network error, or initial timeline loading)

* Minor optimizations and refactoring

* Perform server-side filtering on the streaming server

* Change the wording of filter action labels

* Fix issues pointed out by linter

* Change design of “Show anyway” link in accordence to review comments

* Drop “irreversible” filtering behavior

* Move /api/v2/filter_keywords to /api/v1/filters/keywords

* Rename `filter_results` attribute to `filtered`

* Rename REST::LegacyFilterSerializer to REST::V1::FilterSerializer

* Fix systemChannelId value in streaming server

* Simplify code by removing client-side filtering code

The simplifcation comes at a cost though: filters aren't retroactively
applied anymore.
2022-06-28 09:42:13 +02:00
Claire
35588d09e2
Add /api/v1/admin/domain_allows (#18668)
- `GET /api/v1/admin/domain_allows` lists allowed domains
- `GET /api/v1/admin/domain_allows/:id` shows one by ID
- `DELETE /api/v1/admin/domain_allows/:id` deletes a given domain from the list
  of allowed domains
- `POST /api/v1/admin/domain_allows` to allow a new domain:
  if that domain is already allowed, the existing DomainAllow will be returned
2022-06-23 23:12:01 +02:00
Claire
327eed0076
Fix suspicious sign-in mails never being sent (#18599)
* Add tests

* Fix suspicious sign-in mails never being sent
2022-06-21 15:16:22 +02:00
Claire
28329ba62f
Add /api/v1/admin/domain_blocks (#18247)
* Add /api/v1/admin/domain_blocks

Fixes #18140

- `GET /api/v1/admin/domain_blocks` lists domain blocks
- `GET /api/v1/admin/domain_blocks/:id` shows one by ID
- `DELETE /api/v1/admin/domain_blocks/:id` deletes a given domain block
- `POST /api/v1/admin/domain_blocks` to create a new domain block:
  if it conflicts with an existing one, returns an error with
  an attribute `existing_domain_block` with the rendered domain block

* Simplify conflict handling as suggested in review
2022-06-01 17:31:36 +02:00
Claire
e34dd3644c
Remove unused filtered_languages column (#18533)
* Remove unused `filtered_languages` column

Fixes #18522

* Fix tests
2022-05-27 20:05:22 +02:00
luzpaz
898fe2fa8e
Fix typo in source setted->set (#18385)
Found via `codespell -q 3 -S ./CHANGELOG.md,./AUTHORS.md,./config/locales,./app/javascript/mastodon/locales -L ba,keypair,medias,ro`
2022-05-10 04:58:04 +02:00
Eugen Rochko
3917353645
Fix single Redis connection being used across all threads (#18135)
* Fix single Redis connection being used across all Sidekiq threads

* Fix tests
2022-04-28 17:47:34 +02:00
Eugen Rochko
6221b36b27
Remove sign-in token authentication, instead send e-mail about new sign-in (#17970) 2022-04-06 20:58:12 +02:00