Commit graph

349 commits

Author SHA1 Message Date
Matt Jankowski
67dea31b0f 2FA controller cleanup (#2296)
* Add spec coverage for settings/two_factor_auth area

* extract setup method for qr code

* Move otp required check to before action

* Merge method only used once

* Remove duplicate view

* Consolidate creation of @codes for backup

* Move settings/2fq#recovery_codes to settings/recovery_codes#create

* Rename settings/two_factor_auth#disable to #destroy

* Add coverage for the otp required path on 2fa#show

* Clean up the recovery codes list styles

* Move settings/two_factor_auth to settings/two_factor_authentication

* Reorganize the settings two factor auth area

Updated to use a flow like:

- settings/two_factor_authentication goes to a #show view which has a button
  either enable or disable 2fa on the account
- the disable button turns off the otp requirement for the user
- the enable button cycles the user secret and redirects to a confirmation page
- the confirmation page is a #new view which shows the QR code for user
- that page posts to #create which verifies the code, and creates the recovery
  codes
- that create action shares a view with a recovery codes controller which can be
  used separately to reset codes if needed
2017-04-22 04:23:17 +02:00
Koala Yeung
935aecdc32 Add Indonesian (Bahasa Indonesia / id) translation (#2200)
* add Indonesian (Bahasa Indonesia) translation

add id.jsx
add translations on email views
add devise.id.yml
add doorkeeper.id.yml
add id.yml
add simple_form.id.yml

update id locale on mastodon.jsx, index.jsx, settings_helper.rb, and
application.rb

* add Indonesian (Bahasa Indonesia) translation

add id.jsx
add translations on email views
add devise.id.yml
add doorkeeper.id.yml
add id.yml
add simple_form.id.yml

update id locale on mastodon.jsx, index.jsx, settings_helper.rb, and
application.rb

* fix InvalidLocaleData on a string

* fix InvalidLocaleData on a string

* Fix language keys in Indonesian ruby locale (id)

Use "id" instead of "en" as object keys.

* Removed obsoleted translation (id)
2017-04-21 19:16:26 +02:00
Matt Jankowski
452dc6b5fe Use local_time gem for timezone replacement (#2174)
For the 'time ago' value of stream entry simple statuses and the timestamp value
of detailed statuses - output their UTC value and use the browser timezone to
convert locally.
2017-04-21 18:19:59 +02:00
Sebastian Morr
74c474a652 Display remaining characters when editing display name and bio (#2219) 2017-04-21 18:17:21 +02:00
Yamagishi Kazutoshi
ceecf96208 Add crossorigin="anonymous" to about (#2272) 2017-04-21 18:06:43 +02:00
Jérémy Benoist
b3329c362e Open authorized application in a new window (#2250)
Like it's already done when you click on an application from a toot, it's opening in a new window.
0254ee9795/app/views/stream_entries/_detailed_status.html.haml (L41)
2017-04-21 16:44:14 +02:00
Ash Furrow
a0ed88a99b Adds version to about/more and API (#2181)
* Adds version.

* Cleans up code.

* Removes standalone endpoint and adds version to instance endpoint.

* Addresses feedback from #2181.
2017-04-21 03:30:59 +02:00
Matt Jankowski
2dda356e3f Clean up settings/preferences controller (#2237)
* Add missing fields group on preferences page

* Clean up settings/preferences controller

* Extract a UserSettingsDecorator
2017-04-21 03:26:52 +02:00
Matt Jankowski
598d3defd5 Use default locale for html lang in layouts (#2212) 2017-04-20 13:09:31 +02:00
Matt Jankowski
7f8044d913 Link to profile/feed/salmon from admin/accounts show page (#2186) 2017-04-20 04:00:02 +02:00
Eugen
baabbce672 Fix double-escaping of display names in <title> (#2155) 2017-04-19 17:46:24 +02:00
Matt Jankowski
708bdd53f1 Remove unused view files in accounts/ (#2153) 2017-04-19 17:19:23 +02:00
Yamagishi Kazutoshi
2510119f19 Add meta tags for OGP to following & follow page (#2052)
* Add meta tags for OGP to following & follow page

* simplify render helper

* Follow up #2133

* og:type is only accounts/show

* revert accounts/{following,followers}
2017-04-19 17:17:32 +02:00
Matt Jankowski
8bac0350d1 Restful refactor of accounts/ routes (#2133)
* Add routing specs for accounts followers and following actions

* Use more restful route naming for public account follow pages

Moves two actions:
- accounts#followers to accounts/follower_accounts#index
- accounts#following to accounts/following_accounts#index

Adds routing spec to ensure prior URLs are preserved.
2017-04-19 13:52:37 +02:00
Matt Jankowski
55e1503522 Instances list in admin (#2095)
* Add admin/instances index action

* Add link to instances admin page

* View lists instances

* Instances, grouped by domain, ordered by count

* Use Account.remote scope

* Extract method: Account.by_domain_accounts
2017-04-18 21:09:07 +02:00
Matt Jankowski
66d8f99a30 Admin reports with accounts (#2092)
* Add a ReportFilter class

* Add reports and targeted_reports relationships to Account

* Use ReportFilter from admin/reports controller

* Link to admin/reports filtered views from admin account show view

* Add indexes to reports.account_id and reports.target_account_id
2017-04-18 19:36:18 +02:00
Matt Jankowski
84b5fae8e3 Simplify renders in views (#2084)
* Simplify render in mailer views

* Simplify render in about/more view

* Simplify render in accounts follow views

* Simplify render in recovery code views

* Simplify render in stream entry embed

* Simplify render in stream entries status partial

* Simplify render in authorize follow new view
2017-04-18 17:15:30 +02:00
Eugen Rochko
57d784f1e4 Merge branch 'pause-gif' of git://github.com/patf/mastodon into patf-pause-gif 2017-04-18 01:25:50 +02:00
Matt Jankowski
389f8f8249 Instance helper to replace site title helper (#2038)
* Move site title helper to instance helper (name change only)

* Remove newline in <title> tag

* Add site_hostname helper method to wrap up local_domain value

* Use site_hostname helper in places that need local_domain value
2017-04-18 00:16:32 +02:00
Matt Jankowski
f96f8d0176 Use .presence instead of ternary on site description for og: content (#2033) 2017-04-17 23:19:45 +02:00
Eugen
15ec4ae07b Fix #1972, fix #1870 - Fix special characters in XML, add tests (#1988)
Also improve efficiency of the mastodon:maintenance:add_static_avatars task
2017-04-17 19:58:54 +02:00
Patrick Figel
ffb99325ca Add gif auto-play/pause preference
This introduces a new per-user preference called
"Auto-play animated GIFs", which is enabled by default. When a
user disables this setting, gifs in toots become click-to-play.

Previews of animated gifs were changed to display the video play
button so that users can distinguish them from regular images.

This setting also affects account avatars in the detailed account
view, which was changed to use the same hover-to-play mechanism
that is used for animated avatars in timelines.

Fixes #1652
2017-04-17 12:14:03 +02:00
Dale Price
f3b86c1bda Add mask-icon.svg (#1572) (#1585)
* Add mask-icon (#1572)

* use updated svg logo for mask-icon
2017-04-17 10:39:54 +02:00
Yuki Nakagawa
548ff54714 Optimize user setting page for mobile browser (#1924)
* Remove overflow because it blocks scrolling on mobile safari.

* Add “-webkit-overflow-scrolling: touch;” to enable smooth scroll on mobile safari and other webkit browsers.

* Use radio buttons in user setting page.

Because select tags with long text are not fit in the width of mobile devices.

* Add flex property to fit labels to devise width.

* Change font size of select.

It causes auto zooming on mobile safari.
2017-04-17 10:37:00 +02:00
anon
f8ae12909c Fix tiny typo, and added link to terms and conditions in confirmation email for Japanese. (#1975) (#1975) 2017-04-17 10:32:09 +02:00
Eugen
1955a3f444 Do not display "reset password" in admin UI for remote accounts (#1960) 2017-04-16 23:15:58 +02:00
Eugen
6d70a80263 Onboarding modal (#1883)
* Basic onboarding modal that's shown to users once

* Lay out pages 2 through 5, add images, style modals (#1509)

* Lay out pages 2 through 5

Added images and laid out pages 2 through 5 in the jsx file. SCSS will
come, still working on just seeing if this works at all.

* Fix jsx errors, add images to modal pages, style modal pages

* Add animations to onboarding pager changes, improve wording and styling

* Finishing touches on the onboarding

* Add missing propTypes

* Update wording
2017-04-16 20:32:00 +02:00
Matt Jankowski
f87b51fda8 I18n health warnings (#1949)
* Rename admin.domain_block to admin.domain_blocks in prep for i18n improvement

* Use implicit controller/action path for i18n in admin/domain_blocks

* Add DomainBlock#accounts has_many

* Avoid i18n health warning for `en` locale by using symbol scope with :count

* Remove unused i18n key: plaintext_secret_html

* Remove unused i18n key two_factor_auth.warning

* Remove final will_paginate i18n keys

* Remove unused key two_factor_auth.recovery_codes

* Remove unused key: admin.reports.comment.none

* Remove unused reports. i18n namespace (moved to admin.reports)

* Ignore keys from locales which override activemodel and activerecord errors

* Revert "Remove unused key: admin.reports.comment.none"

This reverts commit 350ef2685fadc069e619bb6d1066190de195d942.

* Update i18n key reference to match moved location

* Add missing `en` keys to i18n

* Tell i18n-tasks to ignore missing attributes that dont need overwriting

* Add i18n-tasks unused to travis
2017-04-16 19:37:01 +02:00
Matt Jankowski
26ec042f38 Remove trailing whitespace in terms.no.html (#1933) 2017-04-16 16:38:13 +02:00
Matt Jankowski
73b0af5c93 Simplify the og:image and og:description code in stream_entries/show (#1934) 2017-04-16 16:38:02 +02:00
Matt Jankowski
7efde22c3a Use local vars in partials (#1935)
* Use local vars in accounts/header partial

* Use local variable in 2fa recovery codes partial
2017-04-16 16:37:49 +02:00
Eugen
5d710b1139 Make file attachment on MediaAttachment optional (#1865)
Create MediaAttachment but without actual file download when domain is blocked with reject_media set to true
Clean up old media files when creating a new domain block with reject_media set to true
Return remote_url in media attachments API if local file is not present
Undo domain block action in admin UI
Ability to enable reject_media from admin UI
2017-04-16 12:51:30 +02:00
Eugen
8a58942c80 Fix up recovery codes design a little (#1866) 2017-04-16 04:32:57 +02:00
Matt Jankowski
3834e1e69b View spec fix (#1888)
* Add option to disable verify partial doubles

* Add show_landing_strip? helper method

* Use show_landing_strip? helper in accounts and stream entries views

* Fix naming in view specs
2017-04-16 03:40:33 +02:00
Eugen
0d83569899 Fix cross-origin integrity (#1871)
See <https://glitch.social/users/bea/updates/434>
2017-04-15 22:48:30 +02:00
Naouak
3d3e32befb Check for a custom css file to help customization of instances (#1368)
* User can create a custom.scss to customize their instance without modifying gitted files.

* Add documentation for customization.

* Forgot the helper file

* Fix Style to pass codeclimate

* Requests from maintainer.
2017-04-15 22:47:48 +02:00
Marcin Cieślak
1c8477eab2 Give SINGLE_USER a chance to register (#1820)
An attempt to open a brand new Mastodon instance configured
as SINGLE_USER_MODE=true will cause an exception.

Enable temporary registration if we have no users in the database

Fixes #1817
2017-04-15 16:46:27 +02:00
Matt Jankowski
6670e6d33f Add password reset for users from admin accounts area (#1841) 2017-04-15 16:44:59 +02:00
Matt Jankowski
3b8908c114 About page contact email (#1839)
* Correct site_contact_email typo

* Separate about more page into partials, add specs
2017-04-15 13:33:25 +02:00
Alex Dunn
0f889523e4 views/about: use Setting.site_title instead of hardcoding (#1508) 2017-04-15 13:28:09 +02:00
Patrick Figel
df4ff9a8e1 Add recovery code support for two-factor auth (#1773)
* Add recovery code support for two-factor auth

When users enable two-factor auth, the app now generates ten
single-use recovery codes. Users are encouraged to print the codes
and store them in a safe place.

The two-factor prompt during login now accepts both OTP codes and
recovery codes.

The two-factor settings UI allows users to regenerated lost
recovery codes. Users who have set up two-factor auth prior to
this feature being added can use it to generate recovery codes
for the first time.

Fixes #563 and fixes #987

* Set OTP_SECRET in test enviroment

* add missing .html to view file names
2017-04-15 13:26:03 +02:00
Matt Jankowski
cde1f37d93 Use site title on tags#show page (#1802) 2017-04-15 02:37:20 +02:00
Joachim Viide
ef879a8839 Send initial state in a <script type="application/json"> tag (#1806) 2017-04-15 02:32:42 +02:00
Matt Jankowski
8b74aa4217 Admin reports controller improvements (#1714)
* Simplify admin/reports controller filtering for index

* Rename parameter to resolved

* Fix issue where reports view could not access filter_link_to

* Add coverage for admin/reports controller

* DRY up resolution of related reports for target account

* Clean up admin/reports routes

* Add Report#statuses method

* DRY up current account action taken params

* Rubocop styles
2017-04-14 11:10:28 +02:00
maxypy
a6807201d2 Implementing Subresource Integrity (#1729)
* Add sprockets-rails to Gemfile

* Add sprockets-rails to Gemfile.lock

* Update show.html.haml

* Update index.html.haml

* Update admin.html.haml

* Update auth.html.haml

* Update embedded.html.haml

* Update public.html.haml
2017-04-14 11:09:20 +02:00
Thomas Citharel
c0c56db0fa Translate admin (#1702)
* Translate the domain_block panel

Signed-off-by: Thomas Citharel <tcit@tcit.fr>

* Translate PubSubHubbub section

Signed-off-by: Thomas Citharel <tcit@tcit.fr>

* translate account section and correct typos

* move reports translation & translate sidebar

Signed-off-by: Thomas Citharel <tcit@tcit.fr>

* normalize l18n
2017-04-13 21:49:07 +02:00
Alyssa Ross
55b56e3f95 terms: remove redundant words (#1578)
"at least X" and "X or older" have identical meanings.
Using both together feels a little jarring.
2017-04-13 19:50:19 +02:00
Isabelle Knott
447b8bc44e Do not show media attachment as og:image if it was marked as NSFW (#1693) 2017-04-13 15:59:43 +02:00
Daijiro Wachi
4f781b17cc Use input type number for Two-factor code (#1683) 2017-04-13 13:13:17 +02:00
Matt Jankowski
137100dcf3 Clean up well-known routes/controllers (#1649)
* Add request spec for host meta route returning xml

* Add routing spec for xrd routes

* Update well-known routes

* Move webfinger and host-meta actions to their own controllers
2017-04-13 13:09:07 +02:00