me/glitchier-soc
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
5732 commits 2 branches 0 tags 429 MiB
Commit graph

718 commits

Author SHA1 Message Date
David Yip
799b205766 Merge remote-tracking branch 'origin/master' into merge-upstream 
Conflicts:
	.travis.yml
	app/lib/user_settings_decorator.rb
	app/models/user.rb
	app/serializers/initial_state_serializer.rb
	app/views/stream_entries/_detailed_status.html.haml
	app/views/stream_entries/_simple_status.html.haml
	config/locales/simple_form.en.yml
 2018-02-09 09:25:53 -06:00
Eugen Rochko
219b28e172 Add preference to always display sensitive media (#6448) 2018-02-09 00:26:57 +01:00
Jenkins
777559fa5f Merge remote-tracking branch 'tootsuite/master' into glitchsoc/master 2018-02-08 23:17:14 +00:00
abcang
1f2aa77758 Fix response of signature_verification_failure_reason (#6441) 2018-02-08 05:00:45 +01:00
David Yip
4f8122a98c Merge remote-tracking branch 'origin/master' into merge-upstream 
Conflicts:
	.env.production.sample
	app/controllers/auth/confirmations_controller.rb
	db/schema.rb
 2018-02-04 16:36:19 -06:00
abcang
6e12cb4524 Exclude nil from relationships array (#6427) 2018-02-04 12:32:10 +01:00
Renato "Lond" Cerqueira
6528c0c101 Add option to show only local toots in timeline preview (#6292) 
* Add option to show only local toots in timeline preview
Right know, toots from all the known fediverse are shown in the main
page of an instance. That however doesn't reflect the instance itself.
With this option the admin may choose to display only local toots so
that users checking the instance get a better idea of internal
conversations.

* Fix issues pointed by codeclimate and eslint

* Add default message for community timeline

* Update pl.yml
 2018-02-04 06:00:10 +01:00
Eugen Rochko
5322013f25 CAS + SAML authentication feature (#6425) 
* Cas authentication feature

* Config

* Remove class_eval + Omniauth initializer

* Codeclimate review

* Codeclimate review 2

* Codeclimate review 3

* Remove uid/email reconciliation

* SAML authentication

* Clean up code

* Improve login form

* Fix code style issues

* Add locales
 2018-02-04 05:42:13 +01:00
David Yip
6d1023b2e9 Merge remote-tracking branch 'tootsuite/master' into merge-upstream 
Conflicts:
      app/javascript/styles/mastodon/components.scss
 2018-02-02 08:39:52 -06:00
ThibG
f7651c3449 Allow HTTP caching of atom-rendered public toots (OStatus compatibility) (#6207) 2018-02-02 10:54:04 +01:00
puckipedia
081ba8fc90 Allow retrieval of private statuses (single or in outbox) using HTTP signatures (#6225) 2018-02-02 10:19:59 +01:00
Alexander
23ce0c86da pam authentication (#5303) 
* add pam support, without extra column

* bugfixes for pam login

* document options

* fix code style

* fix codestyle

* fix tests

* don't call remember_me without password

* fix codestyle

* improve checks for pam usage (should fix tests)

* fix remember_me part 1

* add remember_token column because :rememberable requires either a password or this column.

* migrate db for remember_token

* move pam_authentication to the right place, fix logic bug in edit.html.haml

* fix tests

* fix pam authentication, improve username lookup, add comment

* valid? is sometimes not honored, return nil instead trying to authenticate with pam

* update devise_pam_authenticatable2 and adjust code. Fixes sideeffects observed in tests

* update devise_pam_authenticatable gem, fixes for codeconventions, fix finding user

* codeconvention fixes

* code convention fixes

* fix idention

* update dependency, explicit conflict check

* fix disabled password updates if in pam mode

* fix check password if password is present, fix templates

* block registration if account is maintained by pam

* Revert "block registration if account is maintained by pam"

This reverts commit 8e7a083d650240b6fac414926744b4b90b435f20.

* fix identation error introduced by rebase

* block usernames maintained by pam

* document pam settings better

* fix code style
 2018-02-02 10:18:55 +01:00
Jenkins
3cd4a0804b Merge remote-tracking branch 'tootsuite/master' into glitchsoc/master 2018-01-24 19:17:11 +00:00
Eugen Rochko
f378280e49 Fix #6331 (#6341) 
UserTrackingConcern is circumvented by SessionsController#create
because it calls warden, which calls the User#update_tracked_fields!
method directly. Move returning user logic to that method.
 2018-01-23 20:52:30 +01:00
Akihiko Odaki
b5162e2aff Rename ResolveRemoteAccountService to ResolveAccountService (#6327) 
The service used to be named ResolveRemoteAccountService resolves local
accounts as well.
 2018-01-22 14:25:09 +01:00
David Yip
a95ca95b7b Merge remote-tracking branch 'origin/master' into merge-upstream 
Conflicts:
	app/controllers/settings/two_factor_authentication/confirmations_controller.rb
 2018-01-21 13:36:10 -06:00
Aboobacker MK
a1979b50c9 Redirect to 2FA creation page when otp_secret is not available (#6314) 2018-01-21 13:21:28 +01:00
David Yip
d45ebe26dc Merge remote-tracking branch 'origin/master' into merge-upstream 
Conflicts:
	app/javascript/styles/mastodon/components.scss
	app/javascript/styles/mastodon/modal.scss
 2018-01-19 15:22:10 -06:00
Eugen Rochko
92df0bba59 Fix regeneration marker not expiring (#6290) 
* Fix regeneration key not getting expired

* Add rake task to remove old regeneration markers
 2018-01-18 20:29:56 +01:00
David Yip
b1155460ba Merge remote-tracking branch 'origin/master' into merge-upstream 
Conflicts:
      app/javascript/styles/mastodon/components.scss
 2018-01-17 18:37:09 -06:00
Eugen Rochko
9cfbbbce1f Fix home regeneration (#6251) 
* Fix regeneration marker not being removed after completion

* Return HTTP 206 from /api/v1/timelines/home if regeneration in progress
Prioritize RegenerationWorker by putting it into default queue

* Display loading indicator and poll home timeline while it regenerates

* Add graphic to regeneration message

* Make "not found" indicator consistent with home regeneration
 2018-01-17 23:56:03 +01:00
Jenkins
8c41fb4acc Merge remote-tracking branch 'tootsuite/master' into glitchsoc/master 2018-01-17 16:17:10 +00:00
りんすき
1827d142ee implement web share target (#6278) 
* web share target

* fix

* fix
 2018-01-17 17:08:10 +01:00
Jenkins
6e821c4273 Merge remote-tracking branch 'tootsuite/master' into glitchsoc/master 2018-01-15 06:17:15 +00:00
Patrick Figel
2a27afc656 Suppress CSRF token warnings (#6240) 
CSRF token checking was enabled for API controllers in #6223,
producing "Can't verify CSRF token authenticity" log spam. This
disables logging of failed CSRF checks.

This also changes the protection strategy for
PushSubscriptionsController to use exceptions, making it consistent
with other controllers that use sessions.
 2018-01-15 06:51:23 +01:00
David Yip
53854707ce Thank you, Officer Murphy 2018-01-10 12:10:43 -06:00
David Yip
ec1199404c The flavour parameter is unused, so omit it (#317) 2018-01-10 12:09:42 -06:00
David Yip
28e652d35d Allow for user object to be empty. Fixes #317. 
If a flavour has only one skin, the skin selector will be omitted.  This
omits the user[setting_skin] field, and because that's the only
user[...] field on the page, the entire user object will not be present
in the request handler's params object.

This commit accounts for that scenario by avoiding params.require(:user)
and instead picking out what we need from the params hash.
 2018-01-10 12:09:42 -06:00
Jenkins
f9a0b246e5 Merge remote-tracking branch 'tootsuite/master' into glitchsoc/master 2018-01-09 05:17:13 +00:00
nightpool
eac9039a63 Refactor /api/web APIs to use the centralized axios instance (#6223) 
Also adds the ability to decouple the centralized axios logic from the
state dispatcher
 2018-01-08 20:01:33 +01:00
Jenkins
1f469edac1 Merge remote-tracking branch 'tootsuite/master' into glitchsoc/master 2018-01-08 10:17:15 +00:00
Eugen Rochko
c8f0be1d6d Revert #5772 (#6221) 2018-01-08 10:57:52 +01:00
David Yip
22286ee6cd Merge remote-tracking branch 'personal/merge/tootsuite/master' into gs-master 2018-01-07 13:30:52 -06:00
David Yip
9e5b431655 Use error pack when rendering error pages. Fixes #305. 2018-01-07 13:30:17 -06:00
Jenkins
8704a190c0 Merge remote-tracking branch 'tootsuite/master' into glitchsoc/master 2018-01-07 15:17:13 +00:00
Yamagishi Kazutoshi
c89bb8ae40 Fix force_ssl conditional (#6201) 2018-01-07 15:19:23 +01:00
Yamagishi Kazutoshi
63c17a66b8 Fix unintended cache (#6214) 2018-01-07 15:12:59 +01:00
David Yip
a37e295901 Merge remote-tracking branch 'ykzts/fix-unintended-cache' into gs-master 2018-01-07 00:32:24 -06:00
Yamagishi Kazutoshi
4f24f54739 Fix unintended cache 2018-01-07 14:59:12 +09:00
Jenkins
86007e913d Merge remote-tracking branch 'tootsuite/master' into glitchsoc/master 2018-01-05 22:17:12 +00:00
TheKinrar
3491c5e145 Represent numbers by strings in instance activity API (#6198) 
Fixes #6197.
 2018-01-05 22:38:33 +01:00
Jenkins
796a39a283 Merge remote-tracking branch 'tootsuite/master' into glitchsoc/master 2018-01-04 23:17:11 +00:00
ThibG
662fa866ee Make sure private toots remain private and do not end up in HTTP caches (#6175) 2018-01-04 14:39:38 +01:00
Eugen Rochko
f2d71eae4b Cache JSON of immutable ActivityPub representations (#6171) 2018-01-04 01:21:38 +01:00
Jenkins
a7b8cb9493 Merge remote-tracking branch 'tootsuite/master' into glitchsoc/master 2018-01-03 20:17:13 +00:00
Akihiko Odaki
7a0479c830 Allow to dereference Follow object for ActivityPub (#5772) 
* Allow to dereference Follow object for ActivityPub

* Accept IRI as object representation for Accept activity
 2018-01-03 18:08:57 +01:00
Jenkins
b42e6973a1 Merge remote-tracking branch 'tootsuite/master' into glitchsoc/master 2018-01-03 04:17:11 +00:00
ThibG
308ff05149 Allow HTTP caching of json view of public statuses (#6115) 
* Allow HTTP caching of json view of public statuses

HTML views are not cached as they can contain private statuses as well

* Disable session cookies for ActivityPub json rendering of public toots
 2018-01-03 04:57:57 +01:00
Patrick Figel
3c20cfd734 Add confirmation step for email changes (#6071) 
* Add confirmation step for email changes

This adds a confirmation step for email changes of existing users.
Like the initial account confirmation, a confirmation link is sent
to the new address.

Additionally, a notification is sent to the existing address when
the change is initiated. This message includes instruction to reset
the password immediately or to contact the instance admin if the
change was not initiated by the account owner.

Fixes #3871

* Add review fixes
 2018-01-02 16:55:00 +01:00
David Yip
ed572490c1 Merge remote-tracking branch 'origin/master' into merge-upstream 
Conflicts:
	app/controllers/authorize_follows_controller.rb
	app/javascript/styles/mastodon/components.scss
 2018-01-02 00:11:41 -06:00