Commit graph

429 commits

Author SHA1 Message Date
Eugen Rochko
42b8220632 Fix #1624 - Send e-mail notifications to admins about new reports (#3949) 2017-06-27 00:04:00 +02:00
Eugen Rochko
5e8d037e27 Fix #3910 - Require OTP authentication to disable 2FA (#3935)
* Fix #3910 - Require OTP authentication to disable 2FA. Also, remove ability
to generate new OTP backup codes *after* initial backup codes were handed
out during activation

* Restore recovery code re-generation

* Improve display of some 2FA elements
2017-06-25 23:51:46 +02:00
Eugen Rochko
d821aba002 Rename "Credentials" page to "Security" for clarity (#3941)
* Rename "Credentials" page to "Security" for clarity

* Change "security" icon from cog to lock
2017-06-25 22:13:02 +02:00
Eugen Rochko
f7301bd5b9 Add overview of active sessions (#3929)
* Add overview of active sessions

* Better display of browser/platform name

* Improve how browser information is stored and displayed for sessions overview

* Fix test
2017-06-25 16:54:30 +02:00
Eugen Rochko
4a618908e8 Account deletion (#3728)
* Add form for account deletion

* If avatar or header are gone from source, remove them

* Add option to have SuspendAccountService remove user record, add tests

* Exclude suspended accounts from search
2017-06-14 18:01:27 +02:00
Yamagishi Kazutoshi
1be48dd805 Refactor views/admin/reports/show.html.haml (#3656) 2017-06-09 15:08:06 +02:00
Eugen Rochko
8902e265b4 Add explit admin actions to (re)subscribe/unsubscribe remote accounts (#3640)
* Add explit admin actions to (re)subscribe/unsubscribe remote accounts
and re-download avatar/header

* Improve how admin NSFW toggle looks
2017-06-08 14:58:22 +02:00
Sorin Davidoi
8acadeea76 fix: Warn if JavaScript is disabled (#3634) 2017-06-08 00:52:56 +02:00
Eugen Rochko
f7a30e2fae Added support for configurable reserved usernames (fix of #1382) (#3566)
* Added support for configurable reserved usernames

* Added reserved usernames from mastodon issue 1355

* Fix reserved usernames
2017-06-05 01:03:45 +02:00
Matt Jankowski
de4681b2be Move admin/pubsubhubbub controller to admin/subscriptions (#3442) 2017-05-31 20:39:35 +02:00
alpaca-tc
7ee5fc5d68 Toggle sensitive from admin page (#3261) 2017-05-23 19:45:43 +02:00
Eugen Rochko
226c9836e4 Add reset button to admin accounts search, improve looks a little (#3100) 2017-05-18 00:38:01 +02:00
alpaca-tc
e89e4355eb Add filter to AccountFilter (#2968) 2017-05-17 03:00:34 +02:00
Hiroaki Ninomiya
cb50ecdb07 chore(landing_strip): hide signup path unless the instance allows registration. (#3055) 2017-05-16 00:41:09 +02:00
Eugen Rochko
0291b73de7 Fix Ukrainian malformed locale submitted in #2893, i18n-tasks normalize (#2896) 2017-05-08 01:46:36 +02:00
Matt Jankowski
2bd132d458 Replace best_in_place editor on admin settings page (#2789)
* Remove best_in_place

* Replace best_in_place usage with rails helpers

* Move admin/settings#index to #edit action

* Remove click_to__edit from i18n
2017-05-04 18:12:44 +02:00
alpaca-tc
db92eec876 Localize 'throttled' (#2755) 2017-05-03 23:36:19 +02:00
Kaylee
7880671f35 Add option to disable two factor auth in admin accounts panel. (#2584)
* Add option to disable two factor auth in admin accounts panel.
Closes #2578

* Add @mjankowski's suggestions.
* Moves destroy actions behind User#disable_two_factor!
* Adds spec coverage for Admin:TwoFactorAuthenticationsController and User#disable_two_factor!
2017-05-02 21:07:12 +02:00
Drew Gates
f485fa31f3 grammar fixes (#2695)
“such as” should be used instead of “like” under imports->preface.

Reworded imports->preface and recovery_instructions for better flow.
2017-05-01 20:21:19 -04:00
Evan Minto
122d59ac41 Change ActivityPub paging to match spec. Clean up ActivityPub outbox changes. (#2410)
* Change ActivityPub paging to match spec. Clean up ActivityPub outbox changes.

* Fix code style and test failures for OutboxController.

* Attempt to fix CI errors.
2017-04-25 15:06:06 +02:00
Eugen
da022e1e4f Run i18n-tasks normalize (#2412) 2017-04-24 20:52:55 +02:00
Effy Elden
1801a36414 Report processing improvements (#2349)
* Expose media attachments on reported statuses directly

* Comment out unused bulk report checkbox. Add title to report comment for viewing full comment. Add 'contents' column, with icons and numerical indicators to show the number of referenced statuses and media attachments in the report

* Link account name on authorize_follow card back to account

* Add localisation string for report_contents

* Show new admin accounts card partial on report view. Apply simple_format to report comment so newlines are preserved.

* Add new admin accounts card partial, for display quick useful admin stats (e.g. report history, moderation status).

* Fix localized variable
2017-04-24 00:44:37 +02:00
Eugen
501514960a Followers-only post federation (#2111)
* Make private toots get PuSHed to subscription URLs that belong to domains where you have approved followers

* Authorized followers controller, stub for bulk action

* Soft block in the background

* Add simple test for new controller

* Rename Settings::FollowersController to Settings::FollowerDomainsController, paginate results,
rename "private" post setting to "followers-only", fix pagination style, improve post privacy
preferences style, improve warning style

* Extract compose form warnings into own container, show warning when posting to followers-only with unlocked account
2017-04-24 00:38:37 +02:00
ymmtmdk
072c6f1527 Add link for domain in land strip (#2306)
* Add link for domain in land strip

* Use root_path

* Avoid repeating code
2017-04-23 21:45:03 +02:00
Evan Minto
66fd8e7821 ActivityPub: Add basic, read-only support for Outboxes, Notes, and Create/Announce Activities (#2197)
* Clean up collapsible components

* Expose user Outboxes and AS2 representations of statuses

* Save work thus far.

* Fix bad merge.

* Save my work

* Clean up pagination.

* First test working.

* Add tests.

* Add Forbidden error template.

* Revert yarn.lock changes.

* Fix code style deviations and use localized instead of hardcoded English text.
2017-04-23 05:21:10 +02:00
Ash Furrow
723f25a999 Admin UI for confirming users (#2245)
* Shows confirmed status in list.

* Adds ability to confirm users in admin UI.

* Added new english translations.

* Addresses feedback from #2245.

* More feedback.
2017-04-23 04:43:42 +02:00
Matt Jankowski
67dea31b0f 2FA controller cleanup (#2296)
* Add spec coverage for settings/two_factor_auth area

* extract setup method for qr code

* Move otp required check to before action

* Merge method only used once

* Remove duplicate view

* Consolidate creation of @codes for backup

* Move settings/2fq#recovery_codes to settings/recovery_codes#create

* Rename settings/two_factor_auth#disable to #destroy

* Add coverage for the otp required path on 2fa#show

* Clean up the recovery codes list styles

* Move settings/two_factor_auth to settings/two_factor_authentication

* Reorganize the settings two factor auth area

Updated to use a flow like:

- settings/two_factor_authentication goes to a #show view which has a button
  either enable or disable 2fa on the account
- the disable button turns off the otp requirement for the user
- the enable button cycles the user secret and redirects to a confirmation page
- the confirmation page is a #new view which shows the QR code for user
- that page posts to #create which verifies the code, and creates the recovery
  codes
- that create action shares a view with a recovery codes controller which can be
  used separately to reset codes if needed
2017-04-22 04:23:17 +02:00
Ash Furrow
a0ed88a99b Adds version to about/more and API (#2181)
* Adds version.

* Cleans up code.

* Removes standalone endpoint and adds version to instance endpoint.

* Addresses feedback from #2181.
2017-04-21 03:30:59 +02:00
Eugen
96268e76e6 Fix wording on admin instances view, fix typos in language detector spec (#2106) 2017-04-18 23:39:51 +02:00
Matt Jankowski
55e1503522 Instances list in admin (#2095)
* Add admin/instances index action

* Add link to instances admin page

* View lists instances

* Instances, grouped by domain, ordered by count

* Use Account.remote scope

* Extract method: Account.by_domain_accounts
2017-04-18 21:09:07 +02:00
Matt Jankowski
66d8f99a30 Admin reports with accounts (#2092)
* Add a ReportFilter class

* Add reports and targeted_reports relationships to Account

* Use ReportFilter from admin/reports controller

* Link to admin/reports filtered views from admin account show view

* Add indexes to reports.account_id and reports.target_account_id
2017-04-18 19:36:18 +02:00
Matt Jankowski
f87b51fda8 I18n health warnings (#1949)
* Rename admin.domain_block to admin.domain_blocks in prep for i18n improvement

* Use implicit controller/action path for i18n in admin/domain_blocks

* Add DomainBlock#accounts has_many

* Avoid i18n health warning for `en` locale by using symbol scope with :count

* Remove unused i18n key: plaintext_secret_html

* Remove unused i18n key two_factor_auth.warning

* Remove final will_paginate i18n keys

* Remove unused key two_factor_auth.recovery_codes

* Remove unused key: admin.reports.comment.none

* Remove unused reports. i18n namespace (moved to admin.reports)

* Ignore keys from locales which override activemodel and activerecord errors

* Revert "Remove unused key: admin.reports.comment.none"

This reverts commit 350ef2685fadc069e619bb6d1066190de195d942.

* Update i18n key reference to match moved location

* Add missing `en` keys to i18n

* Tell i18n-tasks to ignore missing attributes that dont need overwriting

* Add i18n-tasks unused to travis
2017-04-16 19:37:01 +02:00
Eugen
5d710b1139 Make file attachment on MediaAttachment optional (#1865)
Create MediaAttachment but without actual file download when domain is blocked with reject_media set to true
Clean up old media files when creating a new domain block with reject_media set to true
Return remote_url in media attachments API if local file is not present
Undo domain block action in admin UI
Ability to enable reject_media from admin UI
2017-04-16 12:51:30 +02:00
Patrick Figel
df4ff9a8e1 Add recovery code support for two-factor auth (#1773)
* Add recovery code support for two-factor auth

When users enable two-factor auth, the app now generates ten
single-use recovery codes. Users are encouraged to print the codes
and store them in a safe place.

The two-factor prompt during login now accepts both OTP codes and
recovery codes.

The two-factor settings UI allows users to regenerated lost
recovery codes. Users who have set up two-factor auth prior to
this feature being added can use it to generate recovery codes
for the first time.

Fixes #563 and fixes #987

* Set OTP_SECRET in test enviroment

* add missing .html to view file names
2017-04-15 13:26:03 +02:00
Matt Jankowski
619817d29e Remove unused will_paginate.page_gap key from i18n (#1815)
This value was changed recently, and every locale which had it set was using the
same value as the default. This value is still the default in the new location.
2017-04-15 02:30:55 +02:00
Matt Jankowski
9f182346d7 Use english in reported by translation (#1713) 2017-04-13 21:49:46 +02:00
Thomas Citharel
c0c56db0fa Translate admin (#1702)
* Translate the domain_block panel

Signed-off-by: Thomas Citharel <tcit@tcit.fr>

* Translate PubSubHubbub section

Signed-off-by: Thomas Citharel <tcit@tcit.fr>

* translate account section and correct typos

* move reports translation & translate sidebar

Signed-off-by: Thomas Citharel <tcit@tcit.fr>

* normalize l18n
2017-04-13 21:49:07 +02:00
Eugen
9e5c1c487e Apply i18n-tasks normalize to locales (#1696) 2017-04-13 19:18:32 +02:00
Matt Jankowski
7f0a865b05 Allow import/export of mutes list (#1541)
* Allow export of mutes list

* Allow importing of mutes list

* Refactor to use Settings::Exports::BaseController and DRY up exports code
2017-04-12 18:20:44 +02:00
Thomas Citharel
d90d23699c Make Reporting admin section translatable (#1549)
* Make Reporting admin section translatable

And translate it into english and french

Signed-off-by: Thomas Citharel <tcit@tcit.fr>

* Make subject of emails translatable and improve french translation

Signed-off-by: Thomas Citharel <tcit@tcit.fr>

* Make error pages translatable and translate them in english and french

Signed-off-by: Thomas Citharel <tcit@tcit.fr>

* Translate site setting section

* Insert instance in registration emails and improve them a bit

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2017-04-12 17:11:49 +02:00
Matt Jankowski
4ada50985a Pagination improvements (#1445)
* Replace will_paginate with kaminari

* Use #page instead of #paginate in controllers

* Replace will_paginate.page_gap with pagination.truncate in i18n

* Customize kaminari views to match prior styles

* Set kaminari options to match prior behavior

* Replace will_paginate with paginate in views
2017-04-11 01:11:41 +02:00
Eugen
9acdb166e8 Fix #795, fix #704, fix #835 - 2FA requires confirmation to be enabled (#1278)
* Fix #795, fix #704, fix #835 - 2FA requires confirmation to be enabled
TOTP secret is not shown again after 2FA is enabled

* Clean up
2017-04-08 22:20:08 +02:00
Chad Pytel
ad5ddd5e95 Use I18n for media attachment validation errors
These are currently user facing errors, but are not localized. This adds the
ability for these messages to be localized.
2017-04-07 14:23:18 -04:00
Eugen Rochko
667ffafef8 Fix spec 2017-04-05 03:31:26 +02:00
Eugen Rochko
5f54981846 New admin setting: open/close registrations, with custom message, from the admin UI 2017-04-04 15:28:12 +02:00
Eugen Rochko
5e26295e06 Fix #700 - hide spoilers on static pages 2017-03-31 13:54:36 +02:00
Eugen Rochko
e8875c6046 Import feature for following/blocking lists (addresses #62, #177, #201, #454) 2017-03-30 19:42:33 +02:00
Eugen Rochko
f864fee116 Fix up some localizations 2017-03-26 13:22:38 +02:00
Eugen Rochko
8803ca9efe Improved landing page 2017-03-21 19:18:37 +01:00
Eugen Rochko
6b1db5c2b2 Add landing strip 2017-03-20 03:36:29 +01:00
Eugen Rochko
56d998cbdb Export follow/block lists as CSV 2017-03-19 20:29:41 +01:00
shel
38dceb3bf7 Promote Apps (#670)
"Various apps are available" is now a hyperlink
2017-03-17 16:16:39 +01:00
Eugen Rochko
6b81d10030 Add digest e-mails 2017-03-04 00:00:48 +01:00
Eugen Rochko
175a9b9caa Fix #104 - Style OAuth authorized applications page
Add ability to search accounts by display name
2017-02-27 00:15:00 +01:00
Eugen Rochko
63886bdc59 Fix #587 - Display TOTP secret next to QR code 2017-02-13 20:56:03 +01:00
Eugen Rochko
d2619e0b53 Site title is now a setting 2017-02-10 22:37:11 +01:00
shel
2d6f603c2b Add link to other instances text
Text for link to other instances
2017-02-10 13:08:47 -05:00
Eugen Rochko
347a153b3d Add API modifiers to limit returned toots from public/hashtag timelines
to only those from local users; Add link to "extended information" to
getting started in the UI; Add defaults for posting privacy; Change
how publish button looks depending on posting privacy chosen
2017-02-06 23:16:20 +01:00
Eugen Rochko
c2fbd144cf Add "open in web" link to detailed public status pages 2017-01-30 23:01:37 +01:00
Eugen Rochko
23b997ae55 Split 2FA login into two prompts 2017-01-28 20:43:38 +01:00
Eugen Rochko
f4bc9620a9 Update settings to re-use admin layout, one big navigation tree, improve settings forms 2017-01-28 03:56:10 +01:00
Eugen Rochko
ba192f12e3 Added optional two-factor authentication 2017-01-27 20:35:16 +01:00
Eugen Rochko
999cde94a6 Instead of using spoiler boolean and spoiler_text, simply check for non-blank spoiler_text
Federate spoiler_text using warning attribute on <content /> instead of a <category term="spoiler" />
Clean up schema file from accidental development migrations
2017-01-25 01:29:16 +01:00
Eugen Rochko
e9737c2235 Fix tests, add applications to eager loading/cache for statuses, fix
application website validation, don't link to app website if website isn't set,
also comment out animated boost icon from #464 until it's consistent with non-animated version
2017-01-15 14:01:33 +01:00
Effy Elden
e45fed58cb Add a textual 'Back to Mastodon' link in footer of settings pages 2017-01-15 11:03:35 +11:00
Eugen Rochko
c01dd089ff Adding about/more page with extended information that can be set up by an admin 2017-01-13 20:16:38 +01:00
Jessica Stokes
bb033c1d37
"Reblog" -> "boost" in more places
A couple of places were using "reblog" rather than "boost" - this updates them to match the web UI
2017-01-04 18:00:50 -08:00
Eugen Rochko
8f47f6a7ec Adding remote follow button 2017-01-01 19:54:34 +01:00
Eugen Rochko
d7dc84439c Add ability to use remote follow function on other sites 2016-12-29 16:54:54 +01:00
Eugen Rochko
2146ac91a0 Follow requests send e-mail notifications, but are excluded from notifications API
Better initial state for unlisted/nsfw toggles
2016-12-26 21:52:03 +01:00
Eugen Rochko
3689c119f0 Replacing follow requests in the settings area with in-UI column 2016-12-26 21:33:51 +01:00
Eugen Rochko
b302b9202b Add page for authorizing/rejecting follow requests 2016-12-23 00:04:52 +01:00
Eugen Rochko
e09d3a2c66 Fix #249 - use window.location hack to let people login from sandboxed iOS homescreen 2016-12-21 00:13:13 +01:00
Eugen Rochko
5ae1b39ec9 Adjusting public display of statuses to look similar to logged-in UI,
fix #361 with rich OEmbed display via iframe, fix #237 by hiding sensitive
content behind a spoiler on public pages
2016-12-18 19:47:11 +01:00
Eugen Rochko
b362de2232 Adding configurable e-mail blacklist 2016-12-04 19:07:02 +01:00
Eugen Rochko
85d1b74ac3 Adding german localization 2016-11-18 15:53:46 +01:00
Eugen Rochko
546c4718e7 Localizations for most server-side strings 2016-11-16 00:55:33 +01:00
Eugen Rochko
3ce6ac0ce2 Adding some localizations 2016-11-15 23:02:57 +01:00
Eugen Rochko
9c4856bdb1 Initial commit 2016-02-20 22:53:20 +01:00