406adfca27
* Fix 2FA/sign-in token sessions being valid after password change (#14802) If someone tries logging in to an account and is prompted for a 2FA code or sign-in token, even if the account's password or e-mail is updated in the meantime, the session will show the prompt and allow the login process to complete with a valid 2FA code or sign-in token * Fix Move handler not being triggered when failing to fetch target (#15107) When failing to fetch the target account, the ProcessingWorker fails as expected, but since it hasn't cleared the `move_in_progress` flag, the next attempt at processing skips the `Move` activity altogether. This commit changes it to clear the flag when encountering any unexpected error on fetching the target account. This is likely to occur because, of, e.g., a timeout, when many instances query the same actor at the same time. * Fix slow distinct queries where grouped queries are faster (#15287) About 2x speed-up on inboxes query * Fix possible inconsistencies in tag search (#14906) Do not downcase the queried tag before passing it to postgres when searching: - tags are not downcased on creation - `arel_table[:name].lower.matches(pattern)` generates an ILIKE anyway - if Postgres and Rails happen to use different case-folding rules, downcasing before query but not before insertion may mean that some tags with some casings are not searchable * Fix updating account counters when account_stat is not yet created (#15108) * Fix account processing failing because of large collections (#15027) Fixes #15025 * Fix downloading remote media files when server returns empty filename (#14867) Fixes #14817 * Fix webfinger redirect handling in ResolveAccountService (#15187) * Fix webfinger redirect handling in ResolveAccountService ResolveAccountService#process_webfinger! handled a one-step webfinger redirection, but only accepting the result if it matched the exact URI passed as input, defeating the point of a redirection check. Instead, use the same logic as in `ActivityPub::FetchRemoteAccountService`, updating the resulting `acct:` URI with the result of the first webfinger query. * Add tests * Remove dependency on unused and unmaintained http_parser.rb gem (#14574) It seems that years ago, the “http” gem dependend on the “http_parser.rb” gem (it now depends on the “http-parser” gem), and, still years ago, we pulled it from git in order to benefit from a bugfix that wasn't released yet (#7467). * Add tootctl maintenance fix-duplicates (#14860, #15201, #15264, #15349, #15359) * Fix old migration script not being able to run if it fails midway (#15361) * Fix old migration script not being able to run if it fails midway Improve the robustness of a migration script likely to fail because of database corruption so it can run again once database corruptions are fixed. * Display a specific error message in case of index corruption Co-authored-by: Eugen Rochko <eugen@zeonfederated.com> Co-authored-by: Claire <claire.github-309c@sitedethib.com> Co-authored-by: Eugen Rochko <eugen@zeonfederated.com> Co-authored-by: Claire <claire.github-309c@sitedethib.com>
76 lines
2 KiB
Ruby
76 lines
2 KiB
Ruby
# frozen_string_literal: true
|
|
|
|
module Admin
|
|
class StatusesController < BaseController
|
|
helper_method :current_params
|
|
|
|
before_action :set_account
|
|
|
|
PER_PAGE = 20
|
|
|
|
def index
|
|
authorize :status, :index?
|
|
|
|
@statuses = @account.statuses.where(visibility: [:public, :unlisted])
|
|
|
|
if params[:media]
|
|
account_media_status_ids = @account.media_attachments.attached.reorder(nil).select(:status_id).group(:status_id)
|
|
@statuses.merge!(Status.where(id: account_media_status_ids))
|
|
end
|
|
|
|
@statuses = @statuses.preload(:media_attachments, :mentions).page(params[:page]).per(PER_PAGE)
|
|
@form = Form::StatusBatch.new
|
|
end
|
|
|
|
def show
|
|
authorize :status, :index?
|
|
|
|
@statuses = @account.statuses.where(id: params[:id])
|
|
authorize @statuses.first, :show?
|
|
|
|
@form = Form::StatusBatch.new
|
|
end
|
|
|
|
def create
|
|
authorize :status, :update?
|
|
|
|
@form = Form::StatusBatch.new(form_status_batch_params.merge(current_account: current_account, action: action_from_button))
|
|
flash[:alert] = I18n.t('admin.statuses.failed_to_execute') unless @form.save
|
|
|
|
redirect_to admin_account_statuses_path(@account.id, current_params)
|
|
rescue ActionController::ParameterMissing
|
|
flash[:alert] = I18n.t('admin.statuses.no_status_selected')
|
|
|
|
redirect_to admin_account_statuses_path(@account.id, current_params)
|
|
end
|
|
|
|
private
|
|
|
|
def form_status_batch_params
|
|
params.require(:form_status_batch).permit(:action, status_ids: [])
|
|
end
|
|
|
|
def set_account
|
|
@account = Account.find(params[:account_id])
|
|
end
|
|
|
|
def current_params
|
|
page = (params[:page] || 1).to_i
|
|
|
|
{
|
|
media: params[:media],
|
|
page: page > 1 && page,
|
|
}.select { |_, value| value.present? }
|
|
end
|
|
|
|
def action_from_button
|
|
if params[:nsfw_on]
|
|
'nsfw_on'
|
|
elsif params[:nsfw_off]
|
|
'nsfw_off'
|
|
elsif params[:delete]
|
|
'delete'
|
|
end
|
|
end
|
|
end
|
|
end
|