Commit graph

5585 commits

Author SHA1 Message Date
ThibG
af6d356279
Fix first poll option not being focused when adding a poll (#13740)
Fixes #13698
2020-05-12 15:29:44 +02:00
Takeshi Umeda
5daae6dc61
Fix keybase config serializer (#13742) 2020-05-12 15:28:29 +02:00
dependabot-preview[bot]
78202e9138
Bump doorkeeper from 5.3.3 to 5.4.0 (#13733)
* Bump doorkeeper from 5.3.3 to 5.4.0

Bumps [doorkeeper](https://github.com/doorkeeper-gem/doorkeeper) from 5.3.3 to 5.4.0.
- [Release notes](https://github.com/doorkeeper-gem/doorkeeper/releases)
- [Changelog](https://github.com/doorkeeper-gem/doorkeeper/blob/master/CHANGELOG.md)
- [Commits](https://github.com/doorkeeper-gem/doorkeeper/compare/v5.3.3...v5.4.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

* Fix tests

* Fix use of Doorkeeper::AccessToken.find_or_create_for

* Fix tests?

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Thibaut Girka <thib@sitedethib.com>
2020-05-12 15:25:33 +02:00
Takeshi Umeda
d8bad8fbf6
Fix not publishing update of remote timeline (#13745)
* Fix not publishing update of remote timeline

* fix @ missing

* if/unless to if/else
2020-05-12 15:24:35 +02:00
ThibG
4bcef12bad
Fix sr locale being selected over sr-Latn (#13693)
* Fix sr locale being selected over sr-Latn

* Update tests
2020-05-11 01:09:21 +02:00
Eugen Rochko
4b766f9846
Refactor monkey-patching of Goldfinger (#12561) 2020-05-10 11:41:43 +02:00
taicv
4a2ea2e51b
Add vi to available locales (#13542)
* Enable selecting Vietnamese language in Admin Dashboard

* Update settings_helper.rb

Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
2020-05-10 11:25:35 +02:00
Eugen Rochko
8be4c2ba21
Add ability to remove identity proofs from account (#13682)
Fix #12613
2020-05-10 11:21:10 +02:00
Takeshi Umeda
26b08a3c54
Add remote only to public timeline (#13504)
* Add remote only to public timeline

* Fix code style
2020-05-10 10:36:18 +02:00
Eugen Rochko
e9ecbca70d
Fix error within error when limiting backtrace to 3 lines (#13120)
Fix #13086, close #13113
2020-05-10 10:30:27 +02:00
ThibG
45202f79ef
Remove confusing “You are already signed in.” flash message (#13547)
When attempting to access the log-in page while already logged in,
Devise's `require_no_authentication` kicks in and sets a flash
message “You are already signed in.”

In almost all cases, this also causes a redirect to /web, which
does not display or clear flash messages, thus leaving the message
to a potentially much later date, like for instance, accessing
/preferences several minutes after being redirected to /web.
2020-05-10 10:16:39 +02:00
ThibG
a4240fd027
Improve RSS entries for statuses (#13592)
* Improve RSS entries for statuses

- Render polls in both accounts and tags serializers
- Refactor RSS serializers
- Change title preview to include ellipsis when truncated
- Change title preview to show CW instead of toot text
- Add tests

* Remove title from OEmbed serialization

Twitter doesn't serialize title either, and tihs allows us to move the
title formatting code to the RSS serializers.
2020-05-10 09:50:54 +02:00
ThibG
e1629a7758
Remove 'unsafe-inline' from Content-Security-Policy style-src (#13679)
* Make sure wicg-inert doesn't rely on inline CSS

* Remove unsafe-inline from style-src
2020-05-08 21:22:57 +02:00
Eugen Rochko
0d62e09707
Fix failing jest test (#13681) 2020-05-08 21:21:57 +02:00
ThibG
f1e0fa80f6
Fix own following/followers not showing muted users (#13614)
Fixes #13612
2020-05-08 20:36:34 +02:00
Taras Gogol
6748a5acb1
Fix followings list order | Issue #13538 (#13676) 2020-05-08 20:17:16 +02:00
Eugen Rochko
5cff7910c2
Add more ActivityPub controller tests (#13590) 2020-05-03 22:19:24 +02:00
ThibG
c0b849bdfd
Fix use of inline CSS in public pages (#13576)
Change `account_link_to` to use an image tag rather than some
inline CSS. Dropped the `size` parameter in the process, but it wasn't
used for anything except the default value of 36px.

Dropped CSS rules that were always overriden, and defaulted to 36px width
and height instead.
2020-05-03 22:04:18 +02:00
Yamagishi Kazutoshi
e223fd8c61
Revert "improve status title (#8596)" (#13591)
This reverts commit 05756c9a14.
2020-05-03 18:48:13 +02:00
Eugen Rochko
988b0493fe
Add more tests for ActivityPub controllers (#13585) 2020-05-03 16:30:36 +02:00
kaiyou
3511528e50
Only check locally when deduplicating usernames (#13581)
When deduplicating account usernames for OAuthable users, the routine did check if any account was known with that username, including remote accounts. This caused some unnecessary deduplication, and usernames ending with unexpected trailing _1.
This fixes #13580
2020-04-30 14:39:05 +02:00
ThibG
b8ba977497
Fix admin-facing uses of inline CSS (#13575)
* Move .back-button inline styles to CSS file

All occurrences of the back-button CSS class used the same inline
CSS rules, so moved them over to the CSS file

* Fix “Add new domain block” button using inline CSS

* Replace common pattern of inline-styled button boxes by a CSS class

In particular, switching from `float: left/right` to a flexbox with
`justify-content: space-between`. This implied changing the order of
a few HTML tags and adding an empty `div` in one case.

Also removed a `margin-bottom` rule that wasn't needed due to the
margins of surrounding elements.

* Move account admin view inline CSS to CSS file
2020-04-28 19:39:16 +02:00
ThibG
77ec0875ea
Fix page incorrectly scrolling when bringing up dropdown menus (#13574)
Fixes #13573

For some reason (I suspect this may be related to focusing the item before it
got drown by the browser), Firefox scrolls to top when bringing up dropdown
menus with pre-selected items.

This commit uses the “preventScroll” option as, due to the placement behavior,
the menu should be visible anyway and not trigger scrolling.
2020-04-28 13:19:39 +02:00
ThibG
0e362b7678
Fix end-user-facing uses of inline CSS (#13438)
* Move some inline styles to CSS files

* Move default_account_display_name span to fix useless tags with duplicate id

* Change handling of public pages spoiler text from inline CSS to dataset attribute

* Use the `dir` HTML attribute instead of inline CSS

* Move status action bar inline CSS to CSS file

* Hide logo resources from CSS file, not inline CSS

Fixes #11601

* Move translation prompt styling from inline CSS to CSS file

* Move “invited by” styling on registration form from inline to CSS file

* Use the progress tag to display poll results in JS fallback

* Fix poll results JS-less fallback when the user has voted for an option

* Change account public page “moved” notice to use img tags instead of inline CSS

* Move OTP hint inline CSS to SCSS file

* Hide JS-less fallback vote progressbars from accessibility tools

Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
2020-04-28 10:16:55 +02:00
ThibG
ad9c7aefe6
Refactor/cleanup TIMELINE_DELETE-related code (#13175) 2020-04-28 09:53:42 +02:00
ThibG
04eb599864
Fix messed up z-index when NoScript blocks media/previews (#13449)
Fixes #13444
2020-04-28 09:44:17 +02:00
ThibG
b3d0de8b40
Fix /public showing public instead of community timeline for logged-in users (#13499) 2020-04-28 09:43:45 +02:00
ThibG
b40d68cc31
Add invites_enabled to API (#13501) 2020-04-28 09:43:34 +02:00
Eugen Rochko
c3ca3801f2
Add separate cache directory for non-local uploads (#12821) 2020-04-26 23:29:08 +02:00
Eugen Rochko
2744f61696
Fix not being able to resolve public resources in development environment (#13505) 2020-04-25 22:01:08 +02:00
ThibG
be637146f3
Fix uninformative error message when uploading unsupported image files (#13540)
Attempting to upload image files that the browser is unable to load results
in “Oops! An unexpected error occurred.”

This commit changes the error handling so that an unprocessable image results
in the file being sent anyway, which might cover a few corner cases, and
provide a slightly better error message.
2020-04-25 12:27:29 +02:00
ThibG
c955f98d36
Fix expanded video player issues (#13541)
Fixes #13536

- Expanding a paused video doesn't autoplay anymore
- Default volume level for the expanded video inherited from the original video

Position/playing state/volume are carried over from the original video player
to the modal, but they're not reported back to the modal as it would require
deeper changes.
2020-04-25 12:16:05 +02:00
Takeshi Umeda
46b2cc184f
Fix enable/disable relay failures (#13535) 2020-04-23 22:04:18 +02:00
Irie Aoi
c5c8f68031
Set max-width and max-height to gif video (#13533) 2020-04-23 15:49:33 +02:00
ThibG
80182eda62
Fix and refactor keyboard navigation in dropdown menus (#13528)
Fixes #13527

- Fixes caught keyboard events being needlessly propagated
- Let up/down arrows wrap around like the tab key does
- Refactor common code
2020-04-21 15:13:26 +02:00
sternenseemann
679980f77c
Allow users to delete their header and avatar (#13234)
This is achieved by sending a DELETE request to
/settings/profile/pictures/{avatar,header} via a link that is part of
the upload form's hint of the respective picture.
2020-04-20 14:03:03 +02:00
D Anzorge
29f5353f8b
Update Twemoji to 12.1.5 (#13021)
* Update Twemoji to 12.1.5

SVGs from Twemoji repo https://github.com/twitter/twemoji

* Update emoji_map.json to Unicode 12
2020-04-19 23:38:31 +02:00
Takeshi Umeda
2c7128c7f0
Add local only to hashtag timeline (#13502) 2020-04-18 21:52:39 +02:00
ThibG
a1ce9cbb67
Fix uploaded image orientation in some browsers (#13493)
Some browsers (at least recent Chrome versions) automatically take
image metadata into account when drawing images into a canvas.
There seem to be no way to prevent that behavior, and the only
way to detect it seems to compare with a known image.

See: https://github.com/w3c/csswg-drafts/issues/4666
Solution adapted from: 1e4df70782
2020-04-18 15:37:03 +02:00
ThibG
e12a5635da
Fix not being able to vote (#13490)
Fix regression introduced by ab8d7c0680
2020-04-17 21:54:25 +02:00
ThibG
89077fb657
Fix admin actions log crash when displaying updates of deleted announcements (#13489)
Fixes #13487
2020-04-17 19:54:58 +02:00
Gurgen Hayrapetyan
ab8d7c0680
Fix Poll fetchPoll action not being debounced. (#13485)
* Fix Poll fetchPoll action not being debounced.

* Fix unused import in the Poll component
2020-04-16 20:16:20 +02:00
Takeshi Umeda
04c8d825f6
Fix DeliveryWorker not to call failure_tracker when inbox_url is unavailable (#13482) 2020-04-16 08:04:10 +02:00
ThibG
3825e1943f
Fix confusing error when failing to add an alias to an unknown account (#13480)
Follow-up to #13452, fixing broken `uri.nil?` test.

Also remove the separate check for `uri` presence, as that would result
in a “Please review 2 errors below” while only one would be listed.
2020-04-15 20:33:53 +02:00
Eugen Rochko
5edff32733
Change delivery failure tracking to work with hostnames instead of URLs (#13437) 2020-04-15 20:33:24 +02:00
ThibG
5524258da9
Fix “Email changed” notification sometimes having wrong e-mail (#13475)
* Fix “Email changed” notification sometimes having wrong e-mail

Fixes #6778

The root of the issue is that `send_devise_notification` was called before
the changes were properly commited to the database, causing the mailer to
pick previous values if running too early.

Devise's documentation provides guidance on how to handle that[1][2], however,
I have found it to not be working, as the following happens, in that order:
- `send_devise_notification` is called for the `email_changed` notification.
  In that case, `changed?` is false and `saved_changes?` is true, so
  if we use the former, we have the same issue.
- the `after_commit` hook is called
- `send_devise_notification` is called for the `confirmation_instructions`
  notification.
  In that case, `changed?` is still false, and `saved_changes?` still true,
  so if we use the latter, that second notification email is simply not
  going to be sent (as we would be queuing the notification *after*
  executing the after_commit hook).

This is because it may be called from either an `after_update` or
`after_commit` hook, the difference not being a call to `save` but the
transaction actually being committed to the database. This may arguably
be a bug in Devise, or Devise's notification.

The proposed workaround is inspired by Devise's documentation but checks
whether a transaction is open to make the call whether to immediately
send the notification or defer it to the `after_commit` hook.

[1]: https://www.rubydoc.info/github/plataformatec/devise/Devise%2FModels%2FAuthenticatable:send_devise_notification
[2]: 406915cb78/lib/devise/models/authenticatable.rb (L133-L194)

* Fix cases when sending notifications without changing the model

* Defer sending if and only if in transaction including current record
2020-04-15 16:13:44 +02:00
ThibG
f7e011919e
Fix account aliases page (#13452)
* Fix error not being displayed when adding an account alias, add error for self-references

Co-Authored-By: Mélanie Chauvel (ariasuni) <perso@hack-libre.org>

* Add “You have no aliases.” note in confusing empty aliases table

Co-Authored-By: Mélanie Chauvel (ariasuni) <perso@hack-libre.org>

Co-authored-by: Mélanie Chauvel (ariasuni) <perso@hack-libre.org>
2020-04-13 06:41:43 +02:00
Leonie
f6c18e8829
Fix API footer link in Web UI (#13441)
Co-authored-by: koyu <me@koyu.spac>
2020-04-12 13:38:14 +02:00
ThibG
ec31b1b752
Fix WebUI pagination of following, followers, follow requests, blocks and mutes lists (#13445)
* Fix following, followers and follow requests pagination

* Fix pagination of blocks and mutes
2020-04-12 13:38:00 +02:00
ThibG
9d24bcc5e6
Fix styling of polls in JS-less fallback on public pages (#13436) 2020-04-07 18:21:58 +02:00