Claire
d706570d30
Add memorial
attribute to REST API ( #23591 )
2023-02-14 13:50:55 +01:00
Claire
0ae0740826
Add API parameter to safeguard unexpect mentions in new posts ( #18350 )
2023-02-13 16:36:29 +01:00
Varun Sharma
1ac0afccc2
Add tests to indicate inclusion of self replies in statuses endpoint ( #23266 )
2023-02-13 16:04:26 +01:00
Claire
5410c06ca1
Add tests for REST::AccountSerializer
( #23319 )
2023-02-13 13:23:59 +01:00
Claire
ea4cffac37
Fix unbounded recursion in post discovery ( #23506 )
...
* Add a limit to how many posts can get fetched as a result of a single request
* Add tests
* Always pass `request_id` when processing `Announce` activities
---------
Co-authored-by: nametoolong <nametoolong@users.noreply.github.com>
2023-02-10 22:16:37 +01:00
Nick Schonning
ae45c9ccd4
Apply Rubocop Rails/WhereNot ( #23448 )
...
* Apply Rubocop Rails/WhereNot
* Update spec for where.not
2023-02-08 10:39:57 +01:00
Nick Schonning
8a2b91488a
Apply Rubocop Style/ExpandPathArguments ( #23450 )
2023-02-08 07:06:20 +01:00
Nick Schonning
38ec6d27d8
Autofix Rails/EagerEvaluationLogMessage ( #23429 )
...
* Autofix Rails/EagerEvaluationLogMessage
* Update spec for debug block syntax
2023-02-07 03:44:36 +01:00
Claire
a173d5248f
Fix UserCleanupScheduler
crash when an unconfirmed account has a moderation note ( #23318 )
...
* Fix `UserCleanupScheduler` crash when an unconfirmed account has a moderation note
* Add tests
2023-02-07 01:14:44 +01:00
Claire
3536a88bc9
Change POST /settings/applications/:id
to regenerate token on scopes change ( #23359 )
...
Fixes #23096
2023-02-02 12:03:49 +01:00
Claire
9e5f274ba9
Add roles
attribute to Account entities in REST API ( #23255 )
2023-01-25 19:55:40 +01:00
Claire
1c279cca28
Fix email with empty domain name labels passing validation ( #23246 )
...
* Fix email with empty domain name labels passing validation
`EmailMxValidator` would allow empty labels because `Resolv::DNS` is
particularly lenient about them, but the email would be invalid and
unusable.
* Add tests
2023-01-24 20:18:41 +01:00
Claire
d28bbdfd48
Fix account activation being triggered before email confirmation ( #23245 )
...
* Add tests
* Fix account activation being triggered before email confirmation
Fixes #23098
2023-01-24 19:40:21 +01:00
Markus Unterwaditzer
4a902cc7f6
Suppress AddressFamilyError in link verification ( #23204 )
...
* Suppress AddressFamilyError
* clarify comment
2023-01-23 13:05:54 +01:00
Claire
1e9d799c0a
Add missing policy
attribute to WebPushSubscriptionSerializer
( #23210 )
...
* Add missing `policy` attribute to `WebPushSubscriptionSerializer`
Fixes #23145
* Add tests
2023-01-23 13:05:30 +01:00
Claire
b131e01db7
Add more specific error messages to HTTP signature verification ( #21617 )
...
* Return specific error on failure to parse Date header
* Add error message when preferredUsername is not set
* Change error report to be JSON and include more details
* Change error report to differentiate unknown account and failed refresh
* Add tests
2023-01-18 16:47:56 +01:00
Claire
592fe1a3bd
Add confirmation screen when handling reports ( #22375 )
...
* Add confirmation screen on moderation actions
* Add flash notice when a report has been processed
* Refactor tests
* Add tests
2023-01-18 16:40:09 +01:00
Claire
42aa864c84
Add support for editing media description and focus point of already-posted statuses ( #20878 )
...
* Add backend support for editing media attachments of existing posts
* Allow editing media attachments of already-posted toots
* Add tests
2023-01-18 16:33:55 +01:00
Claire
0687eb20da
Change domain block CSV parsing to be more robust and handle more lists ( #21470 )
...
* Change domain block CSV parsing to be more robust and handle more lists
* Add some tests
* Improve domain block import validation and reporting
2023-01-18 16:20:52 +01:00
Claire
64952cef52
Fix crash when marking statuses as sensitive while some statuses are deleted ( #22134 )
...
* Do not offer to mark statuses as sensitive if there is no undeleted status with media attachments
* Fix crash when marking statuses as sensitive while some statuses are deleted
Fixes #21910
* Fix multiple strikes being created for a single report when selecting “Mark as sensitive”
* Add tests
2023-01-13 10:46:52 +01:00
Claire
614dd22095
Fix sanitizer parsing link text as HTML when stripping unsupported links ( #22558 )
2023-01-11 22:21:10 +01:00
Markus Unterwaditzer
b7f37e68ad
fix: allow verification when page size exceeds 1MB (using HTML5 parser) ( #22879 )
...
* fix: allow verification when page size exceeds 1MB
Truncates the page after 1MB instead
Closes #15316
* switch to HTML5 parser, fix rubocop errors
* undo rubocop fixes
Co-authored-by: Chris Zubak-Skees <chriszs@gmail.com>
2023-01-11 21:59:13 +01:00
Claire
6ccc1c09b6
Fix possible race conditions when suspending/unsuspending accounts ( #22363 )
...
* Fix possible race conditions when suspending/unsuspending accounts
* Fix tests
Tests were assuming SuspensionWorker and UnsuspensionWorker would do the
suspending/unsuspending themselves, but this has changed.
2023-01-05 13:47:21 +01:00
Jeong Arm
5180ae5bf6
Fix home TL could contain post from who blocked me ( #22849 )
...
* Fix home tl contains post from who blocked me
* Add test
* Fix feed_manager's build_crutches
blocked_by was not includes status' owner
* Add test for status from I blocked
* Fix typo
2023-01-05 13:30:38 +01:00
Partho Ghosh
5cdba7b239
Fix ・ detection in hashtag regex to construct hashtag correctly ( #22888 )
...
* Fix ・ detection in hashtag regex to construct hashtag correctly
* Fixed rubocop liniting issues
* More rubocop linting fix
2023-01-04 02:12:48 +01:00
Claire
cfeb01b17f
Add follow request banner on account header ( #20785 )
...
* Add requested_by to relationship maps
* Display whether an account has requested to follow you on their profile
2022-12-15 18:50:11 +01:00
Claire
94d294202b
Fix changing domain block severity not undoing individual account effects ( #22135 )
...
* Fix changing domain block severity not undoing individual account effects
Fixes #22133
* Add tests
2022-12-15 17:45:02 +01:00
Jeong Arm
0bcfa2b429
Save avatar or header correctly even if other one fails ( #18465 )
...
* Save avatar or header correctly if other one fails
* Fix test
2022-12-15 17:11:14 +01:00
Neil Matatall
728cfe0c1c
Use Rails tag API to build RSS feed for spoilers and polls ( #20163 )
...
* Use Rails tag API to build RSS feed for spoilers and polls
While the previous method did not contain a bug or a potential issue,
the tag API can be very resilient against future problems and reduces the
amount of manual management of the escape status of the content.
I've added tests to ensure that the formatting is broken and still
escapes control characters correctly.
* this seems cleaner and passes
* Incorporate feedback by moving the br to its own line and using the tag helper over the string constant for the br tag itself
* whoops, tag helper doesn't use a self-closing tag
2022-12-15 16:39:41 +01:00
Ikko Ashimine
3c4c932938
Fix typo in application_helper_spec.rb ( #20981 )
...
enviroment -> environment
2022-12-15 16:20:55 +01:00
Francis Murillo
3a11a90dd3
Revoke all authorized applications on password reset ( #21325 )
...
* Clear sessions on password change
* Rename User::clear_sessions to revoke_access for a clearer meaning
* Add reset paassword controller test
* Use User.find instead of User.find_for_authentication for reset password test
* Use redirect and render for better test meaning in reset password
Co-authored-by: Effy Elden <effy@effy.space>
2022-12-15 15:47:06 +01:00
Meisam
ad2610c413
Validate nodeinfo response by schema ( #21395 )
...
* add json-schema to :test in Gemfile
* Create node_info_2.0_schema.json
* test match_response_schema
* Create match_response_schema.rb
* Update nodeinfo_controller_spec.rb
* Rename spec/support/node_info_2.0_schema.json to spec/support/schema/node_info_2.0_schema.json
* Update match_response_schema.rb
* cleanup
* additionally validate the json schema itself
disable throwing errors
test the schema matcher
* rename nodeinfo schema to nodeinfo_2.0
* use Rails.root.join to construct the path
* prettify json
* sync Gemfile.lock
2022-12-15 15:43:05 +01:00
Claire
d4e4d272e1
Fix 500 error when trying to migrate to an invalid address ( #21462 )
...
* Fix 500 error when trying to migrate to an invalid address
* Add tests
2022-12-07 02:35:39 +01:00
Francis Murillo
5ad9fea52a
Log admin approve and reject account ( #22088 )
...
* Log admin approve and reject account
* Add unit tests for approve and reject logging
2022-12-07 00:25:18 +01:00
Claire
aec7de494f
Fix unbounded recursion in account discovery ( #22025 )
...
* Fix trying to fetch posts from other users when fetching featured posts
* Rate-limit discovery of new subdomains
* Put a limit on recursively discovering new accounts
2022-12-07 00:15:24 +01:00
Claire
b97260426b
Fix irreversible and whole_word parameters handling in /api/v1/filters ( #21988 )
...
Fixes #21965
2022-12-07 00:10:53 +01:00
Claire
be16e6f26c
Fix attachments of edited statuses not being fetched ( #21565 )
...
* Fix attachments of edited statuses not being fetched
* Fix tests
2022-11-27 20:39:05 +01:00
Claire
655ad99a37
Fix not being able to follow more than one hashtag ( #21285 )
...
Fixes regression from #20860
2022-11-21 10:35:09 +01:00
David Leadbeater
72a60150de
Don't allow URLs that contain non-normalized paths to be verified ( #20999 )
...
* Don't allow URLs that contain non-normalized paths to be verified
This stops things like https://example.com/otheruser/../realuser where
"/otheruser" appears to be the verified URL, but the actual URL being
verified is "/realuser" due to the "/../".
Also fix a test to use 'https', so it is testing the right thing, now
that since #20304 https is required.
* missing do
2022-11-20 19:28:13 +01:00
Rose
b54c639482
Fix style for hashes ( #20518 )
...
* Fix style for hashes
Make the style for hashes consistent.
* New style
More consistency
2022-11-17 11:05:39 +01:00
lenore gilbert
498e9478c7
Support for import/export of instance-level domain blocks/allows for 4.x w/ additional fixes ( #20597 )
...
* Allow import/export of instance-level domain blocks/allows (#1754 )
* Allow import/export of instance-level domain blocks/allows.
Fixes #15095
* Pacify circleci
* Address simple code review feedback
* Add headers to exported CSV
* Extract common import/export functionality to
AdminExportControllerConcern
* Add additional fields to instance-blocked domain export
* Address review feedback
* Split instance domain block/allow import/export into separate pages/controllers
* Address code review feedback
* Pacify DeepSource
* Work around Paperclip::HasAttachmentFile for Rails 6
* Fix deprecated API warning in export tests
* Remove after_commit workaround
(cherry picked from commit b8319d0578
)
* Add confirmation page when importing blocked domains (#1773 )
* Move glitch-soc-specific strings to glitch-soc-specific locale files
* Add confirmation page when importing blocked domains
(cherry picked from commit 73a2e3326f
)
* Fix authorization check in domain blocks controller
(cherry picked from commit 655bac2c3a
)
* Fix error strings for domain blocks and email-domain blocks
Corrected issue with non-error message used for Mastodon:NotPermittedError in Domain Blocks
Corrected issue Domain Blocks using the Email Domain Blocks message on ActionContoller::ParameterMissing
Corrected issue with Email Domain Blocks using the not_permitted string from "custom emojii's"
* Ran i18n-tasks normalize to address test failure
* Removed unused admin.export_domain_blocks.not_permitted string
Removing unused string as indicated by Check i18n
* Fix tests
(cherry picked from commit 1ba41b34c1
)
* Fix domain block export not exporting blocks with only media rejection
(cherry picked from commit 1686374b2f
)
* Fix various issues with domain block import
- stop using Paperclip for processing domain allow/block imports
- stop leaving temporary files
- better error handling
- assume CSV files are UTF-8-encoded
(cherry picked from commit cad824d8f501b95377e4f0a957e5a00d517a1902)
Co-authored-by: Levi Bard <taktaktaktaktaktaktaktaktaktak@gmail.com>
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2022-11-17 11:05:09 +01:00
Joshua Wood
e0940d04f1
Handle links with no href in VerifyLinkService ( #20741 )
...
Before this change, the following error would cause VerifyAccountLinksWorker to fail:
NoMethodError: undefined method `downcase' for nil:NilClass
[PROJECT_ROOT]/app/services/verify_link_service.rb:31 :in `block in link_back_present?`
2022-11-17 10:59:35 +01:00
Eugen Rochko
e18c8537e6
Fix rate limiting for paths with formats ( #20675 )
2022-11-14 20:26:31 +01:00
trwnh
72d3607229
Move V2 Filter methods under /api/v2 prefix ( #20622 )
...
* Move V2 Filter methods under /api/v2 prefix
* move over the tests too
2022-11-14 08:34:07 +01:00
Eugen Rochko
2b3b063852
Fix error when invalid domain name is submitted ( #19474 )
...
Fix #19175
2022-11-14 08:07:14 +01:00
Eugen Rochko
8b98bebc17
Fix error when passing unknown filter param in REST API ( #20626 )
...
Fix #19156
2022-11-14 08:06:06 +01:00
Hampton Lintorn-Catlin
277e2590e2
Support UTF-8 Characters in Domains During CSV Import ( #20592 )
...
* Support UTF-8 Characters in Domains During Import
* Update Changelong
2022-11-14 05:52:13 +01:00
Emily Strickland
2095b41aff
Test blank account field verifiability ( #20458 )
...
* Test blank account field verifiability
This change tests the need for #20428 , which ensures that we guard against a situation in which `at_xpath` returns `nil`.
* Test verifiability of blank fields for remote account profiles
This adds a counterpart test for remote account profiles' fields' verifiability when those fields are blank. I previously added the same test for local accounts.
2022-11-13 21:02:09 +01:00
F
1a8e2f5fb2
Test the native_locale_name of a non-standard locale ( #20284 )
...
`:en` is English for both `standard_locale_name` and
`native_locale_name`, and so makes for a poor test candidate for
differentiating between them.
2022-11-11 00:06:18 +01:00
Eugen Rochko
ea7cc10811
Change link verification to ignore IDN domains ( #20295 )
...
Fix #3833
2022-11-10 06:27:45 +01:00