chinwagsocial/app/controllers/concerns
ThibG 406adfca27
Backport fixes to 3.2 (#15360)
* Fix 2FA/sign-in token sessions being valid after password change (#14802)

If someone tries logging in to an account and is prompted for a 2FA
code or sign-in token, even if the account's password or e-mail is
updated in the meantime, the session will show the prompt and allow
the login process to complete with a valid 2FA code or sign-in token

* Fix Move handler not being triggered when failing to fetch target (#15107)

When failing to fetch the target account, the ProcessingWorker fails
as expected, but since it hasn't cleared the `move_in_progress` flag,
the next attempt at processing skips the `Move` activity altogether.

This commit changes it to clear the flag when encountering any
unexpected error on fetching the target account. This is likely to
occur because, of, e.g., a timeout, when many instances query the
same actor at the same time.

* Fix slow distinct queries where grouped queries are faster (#15287)

About 2x speed-up on inboxes query

* Fix possible inconsistencies in tag search (#14906)

Do not downcase the queried tag before passing it to postgres when searching:
- tags are not downcased on creation
- `arel_table[:name].lower.matches(pattern)` generates an ILIKE anyway
- if Postgres and Rails happen to use different case-folding rules,
  downcasing before query but not before insertion may mean that some
  tags with some casings are not searchable

* Fix updating account counters when account_stat is not yet created (#15108)

* Fix account processing failing because of large collections (#15027)

Fixes #15025

* Fix downloading remote media files when server returns empty filename (#14867)

Fixes #14817

* Fix webfinger redirect handling in ResolveAccountService (#15187)

* Fix webfinger redirect handling in ResolveAccountService

ResolveAccountService#process_webfinger! handled a one-step webfinger
redirection, but only accepting the result if it matched the exact URI passed
as input, defeating the point of a redirection check.

Instead, use the same logic as in `ActivityPub::FetchRemoteAccountService`,
updating the resulting `acct:` URI with the result of the first webfinger
query.

* Add tests

* Remove dependency on unused and unmaintained http_parser.rb gem (#14574)

It seems that years ago, the “http” gem dependend on the “http_parser.rb” gem
(it now depends on the “http-parser” gem), and, still years ago, we pulled
it from git in order to benefit from a bugfix that wasn't released yet (#7467).

* Add tootctl maintenance fix-duplicates (#14860, #15201, #15264, #15349, #15359)

* Fix old migration script not being able to run if it fails midway (#15361)

* Fix old migration script not being able to run if it fails midway

Improve the robustness of a migration script likely to fail because of database
corruption so it can run again once database corruptions are fixed.

* Display a specific error message in case of index corruption

Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
Co-authored-by: Claire <claire.github-309c@sitedethib.com>

Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2020-12-18 23:31:14 +01:00
..
account_controller_concern.rb Add ActivityPub secure mode (#11269) 2019-07-11 20:11:09 +02:00
account_owned_concern.rb Add whitelist mode (#11291) 2019-07-30 11:10:46 +02:00
accountable_concern.rb Add logging of admin actions (#5757) 2017-11-24 02:05:53 +01:00
authorization.rb Add moderator role and add pundit policies for admin actions (#5635) 2017-11-11 20:23:33 +01:00
cache_concern.rb Add (back) rails-level JSON caching (#11333) 2019-07-21 22:32:16 +02:00
challengable_concern.rb Add password challenge to 2FA settings, e-mail notifications (#11878) 2019-09-18 16:37:27 +02:00
export_controller_concern.rb Add account migration UI (#11846) 2019-09-19 20:58:19 +02:00
localized.rb Fix not working I18n on 2FA and Sign in token page (#14087) 2020-06-20 13:30:13 +02:00
rate_limit_headers.rb Add specific rate limits for posting and following (#13172) 2020-03-08 15:17:39 +01:00
session_tracking_concern.rb Update session activation time (fixes #5605) (#7408) 2018-05-11 13:20:58 +02:00
sign_in_token_authentication_concern.rb Backport fixes to 3.2 (#15360) 2020-12-18 23:31:14 +01:00
signature_authentication.rb Allow retrieval of private statuses (single or in outbox) using HTTP signatures (#6225) 2018-02-02 10:19:59 +01:00
signature_verification.rb Add support for latest HTTP Signatures spec draft (#14556) 2020-10-19 15:41:25 +02:00
status_controller_concern.rb Refactor controllers for statuses, accounts, and more (#11249) 2019-07-08 12:03:45 +02:00
two_factor_authentication_concern.rb Backport fixes to 3.2 (#15360) 2020-12-18 23:31:14 +01:00
user_tracking_concern.rb Backport fixes to 3.2 (#15360) 2020-12-18 23:31:14 +01:00