zelo72
/
mastodon
mirror of https://github.com/mastodon/mastodon
2
2
Fork 1
Code Issues 9 Releases Wiki Activity
12,903 Commits 86 Branches 254 Tags 944 MiB
Commit Graph

1315 Commits

Author SHA1 Message Date
Daniel M Brasil ea7fa048f3 Fix `/api/v1/timelines/tag/:hashtag` allowing for unauthenticated access when public preview is disabled (#26237) 2023-09-05 19:16:09 +02:00
Claire 6339806f05 Fix blocking subdomains of an already-blocked domain (#26392) 2023-09-05 19:16:09 +02:00
Claire f8930a67a0 Change /api/v1/statuses/:id/history to always return at least one item (#25510) 2023-07-06 13:45:40 +02:00
Claire e65e3a6d14 Add finer permission requirements for managing webhooks (#25463) 2023-07-06 13:45:40 +02:00
Claire 8acbfc6ab1 Fix wrong view being displayed when a webhook fails validation (#25464) 2023-07-06 13:45:40 +02:00
Daniel M Brasil fd1ffd72eb Fix incorrect pagination headers in `/api/v2/admin/accounts` (#25477) 2023-07-06 13:45:40 +02:00
Claire 2779bce9a2 Add fallback redirection when getting a webfinger query `LOCAL_DOMAIN@LOCAL_DOMAIN` (#23600) 
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
 2023-07-06 13:45:40 +02:00
Claire 1301af60e0 Fix race condition when reblogging a status (#25016) 2023-07-06 13:45:40 +02:00
Claire b3cbcd7447 Fix “Authorized applications” inefficiently and incorrectly getting last use date (#25060) 2023-07-06 13:45:40 +02:00
Claire 72d96bf17a Remove invalid X-Frame-Options: ALLOWALL (#25070) 2023-07-06 13:45:40 +02:00
Claire 036ac5b5c9 Fix ArgumentError when loading newer Private Mentions (#25399) 2023-07-06 13:45:40 +02:00
Claire 3e1724e972 Fix multiple N+1s in ConversationsController (#25134) 2023-07-06 13:45:40 +02:00
Claire bc8592627b Fix user archive takeouts when using OpenStack Swift (#24431) 2023-07-06 13:45:40 +02:00
Claire 51572ac615 Fix invalid/expired invites being processed on sign-up (#24337) 2023-04-04 12:41:27 +02:00
Claire ae64c5b7ec Fix user archive takeout when using OpenStack Swift or S3 providers with no ACL support (#24200) 2023-04-04 12:41:27 +02:00
Eugen Rochko 6db76875fd Change user backups to use expiring URLs for download when possible (#24136) 2023-03-16 22:48:42 +01:00
Claire 8c4ea7d715 Fix misleading error code when receiving invalid WebAuthn credentials (#23568) 2023-03-16 11:45:53 +01:00
Claire aff3f850de Fix server error when failing to follow back followers from `/relationships` (#23787) 2023-03-13 18:39:35 +01:00
Claire 0dc342df81 Fix “Remove all followers from the selected domains” being more destructive than it claims (#23805) 2023-03-13 18:36:15 +01:00
Claire 832595d1e7
Remove posts count and last posts from ActivityPub representation of hashtag collections (#23460) 2023-02-08 17:57:25 +01:00
Nick Schonning f68bb52556
Apply Rubocop Style/NegatedIfElseCondition (#23451) 2023-02-08 07:07:36 +01:00
Nick Schonning 2e652aa81c
Apply Rubocop Performance/RedundantSplitRegexpArgument (#23443) 
* Apply Rubocop Performance/RedundantSplitRegexpArgument

* Update app/controllers/concerns/signature_verification.rb
 2023-02-08 02:25:20 +01:00
Claire 20a479ff7c
Change `POST /settings/applications/:id` to regenerate token on scopes change (#23359) 
Fixes #23096
 2023-02-02 12:03:49 +01:00
Eugen Rochko 21780c0204
Change notifications per page from 15 to 40 in REST API (#23348) 2023-02-01 11:23:54 +01:00
Claire 68dcbcb7bf
Add more specific error messages to HTTP signature verification (#21617) 
* Return specific error on failure to parse Date header

* Add error message when preferredUsername is not set

* Change error report to be JSON and include more details

* Change error report to differentiate unknown account and failed refresh

* Add tests
 2023-01-18 16:47:56 +01:00
Claire 343e1fe8e9
Add confirmation screen when handling reports (#22375) 
* Add confirmation screen on moderation actions

* Add flash notice when a report has been processed

* Refactor tests

* Add tests
 2023-01-18 16:40:09 +01:00
Claire 4b92e59f4f
Add support for editing media description and focus point of already-posted statuses (#20878) 
* Add backend support for editing media attachments of existing posts

* Allow editing media attachments of already-posted toots

* Add tests
 2023-01-18 16:33:55 +01:00
Claire b034dc42be
Fix /api/v1/admin/trends/tags using wrong serializer (#18943) 
* Fix /api/v1/admin/trends/tags using wrong serializer

Fix regression from #18641

* Only use `REST::Admin::TagSerializer` when the user can `manage_taxonomies`

* Fix admin trending hashtag component to not link if `id` is unknown
 2023-01-18 16:28:18 +01:00
Claire fcc4c9b34a
Change domain block CSV parsing to be more robust and handle more lists (#21470) 
* Change domain block CSV parsing to be more robust and handle more lists

* Add some tests

* Improve domain block import validation and reporting
 2023-01-18 16:20:52 +01:00
Carl Schwan f33e22ae4c
Allow changing hide_collections setting with the api (#22790) 
* Allow changing hide_collections setting with the api

This is currently only possible with app/controllers/settings/profiles_controller.rb
and is the only difference in the allowed parameter between the two controllers

* Fix the lint issue

* Use normal indent
 2023-01-13 16:40:21 +01:00
Claire aefefc74c4
Change referrer-policy to no-referrer application-wide (#23014) 2023-01-10 05:18:43 +01:00
Claire 18d00055f4
Add dropdown menu item to open admin interface for remote domains (#21895) 
* Allow /admin/instances/:domain to handle IDNs

* Add dropdown menu item to open admin interface for remote domains
 2023-01-05 14:03:46 +01:00
Claire 42f9693d00
Fix PermalinkRedirector not applying to users with moved accounts (#22497) 
Fixes #22262
 2023-01-05 13:40:27 +01:00
Claire 8556a649d5
Fix changing domain block severity not undoing individual account effects (#22135) 
* Fix changing domain block severity not undoing individual account effects

Fixes #22133

* Add tests
 2022-12-15 17:45:02 +01:00
David Vega 1b5d207131
Fix single name variables on controller folder (#20092) 
Co-authored-by: petrokoriakin1 <116151189+petrokoriakin1@users.noreply.github.com>

Co-authored-by: petrokoriakin1 <116151189+petrokoriakin1@users.noreply.github.com>
Co-authored-by: Effy Elden <effy@effy.space>
 2022-12-15 17:11:58 +01:00
Claire 623d3d2e32
Change CSP directives on API to be tight and concise (#20960) 2022-12-15 16:40:32 +01:00
nametoolong 63b379c2d9
Fix N+1 queries from in NotificationsController (#21202) 
Co-authored-by: Nonexistent <nx@example.org>
 2022-12-15 16:18:20 +01:00
Effy Elden 441cac758f
Allow adding relays while secure mode & limited federation mode are enabled (#22324) 2022-12-15 15:56:05 +01:00
Francis Murillo 5fb1c3e934
Revoke all authorized applications on password reset (#21325) 
* Clear sessions on password change

* Rename User::clear_sessions to revoke_access for a clearer meaning

* Add reset paassword controller test

* Use User.find instead of User.find_for_authentication for reset password test

* Use redirect and render for better test meaning in reset password

Co-authored-by: Effy Elden <effy@effy.space>
 2022-12-15 15:47:06 +01:00
Francis Murillo f6492a7c4d
Log admin approve and reject account (#22088) 
* Log admin approve and reject account

* Add unit tests for approve and reject logging
 2022-12-07 00:25:18 +01:00
Claire 69137f4a90
Fix irreversible and whole_word parameters handling in /api/v1/filters (#21988) 
Fixes #21965
 2022-12-07 00:10:53 +01:00
Claire 68d1df8bc3
Fix some performance issues with /admin/instances (#21907) 
/admin/instances?availability=failing remains wholly unefficient
 2022-12-01 10:32:10 +01:00
Claire 51a33ce77a
Fix not being able to follow more than one hashtag (#21285) 
Fixes regression from #20860
 2022-11-21 10:35:09 +01:00
Claire 48e136605a
Fix form-action CSP directive for external login (#20962) 2022-11-17 22:59:07 +01:00
Claire 4ae97a2e4c
Fix OAuth flow being broken by recent CSP change (#20958) 2022-11-17 21:31:52 +01:00
lenore gilbert c373148b3d
Support for import/export of instance-level domain blocks/allows for 4.x w/ additional fixes (#20597) 
* Allow import/export of instance-level domain blocks/allows (#1754)

* Allow import/export of instance-level domain blocks/allows.
Fixes #15095

* Pacify circleci

* Address simple code review feedback

* Add headers to exported CSV

* Extract common import/export functionality to
AdminExportControllerConcern

* Add additional fields to instance-blocked domain export

* Address review feedback

* Split instance domain block/allow import/export into separate pages/controllers

* Address code review feedback

* Pacify DeepSource

* Work around Paperclip::HasAttachmentFile for Rails 6

* Fix deprecated API warning in export tests

* Remove after_commit workaround

(cherry picked from commit 94e98864e3)

* Add confirmation page when importing blocked domains (#1773)

* Move glitch-soc-specific strings to glitch-soc-specific locale files

* Add confirmation page when importing blocked domains

(cherry picked from commit b91196f4b7)

* Fix authorization check in domain blocks controller

(cherry picked from commit 7527937758)

* Fix error strings for domain blocks and email-domain blocks

Corrected issue with non-error message used for Mastodon:NotPermittedError in Domain Blocks
Corrected issue Domain Blocks using the Email Domain Blocks message on ActionContoller::ParameterMissing
Corrected issue with Email Domain Blocks using the not_permitted string from "custom emojii's"

* Ran i18n-tasks normalize to address test failure

* Removed unused admin.export_domain_blocks.not_permitted string

Removing unused string as indicated by Check i18n

* Fix tests

(cherry picked from commit 9094c2f52c)

* Fix domain block export not exporting blocks with only media rejection

(cherry picked from commit 26ff48ee48)

* Fix various issues with domain block import

- stop using Paperclip for processing domain allow/block imports
- stop leaving temporary files
- better error handling
- assume CSV files are UTF-8-encoded

(cherry picked from commit cad824d8f501b95377e4f0a957e5a00d517a1902)

Co-authored-by: Levi Bard <taktaktaktaktaktaktaktaktaktak@gmail.com>
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
 2022-11-17 11:05:09 +01:00
Claire cbb0153bd0
Fix invalid/empty RSS feed link on account pages (#20772) 
Fixes #20770
 2022-11-17 10:58:33 +01:00
trwnh 7fdeed5fbc
Make tag following idempotent (#20860) 2022-11-17 10:55:59 +01:00
Claire 00b2720ef0
Change automatic post deletion configuration to be accessible to redirected users (#20774) 
Fixes #20550
 2022-11-17 10:55:23 +01:00
trwnh e1f819fd78
Fix pagination of followed tags (#20861) 
* Fix missing pagination headers on followed tags

* Fix typo
 2022-11-17 10:54:10 +01:00