imncls
c0aabbec0f
Merge branch 'master' of https://github.com/tootsuite/mastodon
...
# Conflicts:
# app/controllers/settings/exports_controller.rb
# app/models/media_attachment.rb
# app/models/status.rb
# app/views/about/show.html.haml
# docker_entrypoint.sh
# spec/views/about/show.html.haml_spec.rb
2018-02-23 23:28:31 +09:00
Eugen Rochko
eb5b1b45d9
Fix #6526 : Only store redirect location if not in JSON format ( #6528 )
2018-02-22 00:51:30 +01:00
David Yip
6d1023b2e9
Merge remote-tracking branch 'tootsuite/master' into merge-upstream
...
Conflicts:
app/javascript/styles/mastodon/components.scss
2018-02-02 08:39:52 -06:00
Alexander
23ce0c86da
pam authentication ( #5303 )
...
* add pam support, without extra column
* bugfixes for pam login
* document options
* fix code style
* fix codestyle
* fix tests
* don't call remember_me without password
* fix codestyle
* improve checks for pam usage (should fix tests)
* fix remember_me part 1
* add remember_token column because :rememberable requires either a password or this column.
* migrate db for remember_token
* move pam_authentication to the right place, fix logic bug in edit.html.haml
* fix tests
* fix pam authentication, improve username lookup, add comment
* valid? is sometimes not honored, return nil instead trying to authenticate with pam
* update devise_pam_authenticatable2 and adjust code. Fixes sideeffects observed in tests
* update devise_pam_authenticatable gem, fixes for codeconventions, fix finding user
* codeconvention fixes
* code convention fixes
* fix idention
* update dependency, explicit conflict check
* fix disabled password updates if in pam mode
* fix check password if password is present, fix templates
* block registration if account is maintained by pam
* Revert "block registration if account is maintained by pam"
This reverts commit 8e7a083d650240b6fac414926744b4b90b435f20.
* fix identation error introduced by rebase
* block usernames maintained by pam
* document pam settings better
* fix code style
2018-02-02 10:18:55 +01:00
David Yip
22286ee6cd
Merge remote-tracking branch 'personal/merge/tootsuite/master' into gs-master
2018-01-07 13:30:52 -06:00
David Yip
9e5b431655
Use error pack when rendering error pages. Fixes #305 .
2018-01-07 13:30:17 -06:00
Jenkins
8704a190c0
Merge remote-tracking branch 'tootsuite/master' into glitchsoc/master
2018-01-07 15:17:13 +00:00
Yamagishi Kazutoshi
c89bb8ae40
Fix force_ssl conditional ( #6201 )
2018-01-07 15:19:23 +01:00
Yamagishi Kazutoshi
63c17a66b8
Fix unintended cache ( #6214 )
2018-01-07 15:12:59 +01:00
David Yip
a37e295901
Merge remote-tracking branch 'ykzts/fix-unintended-cache' into gs-master
2018-01-07 00:32:24 -06:00
Yamagishi Kazutoshi
4f24f54739
Fix unintended cache
2018-01-07 14:59:12 +09:00
Jenkins
796a39a283
Merge remote-tracking branch 'tootsuite/master' into glitchsoc/master
2018-01-04 23:17:11 +00:00
ThibG
662fa866ee
Make sure private toots remain private and do not end up in HTTP caches ( #6175 )
2018-01-04 14:39:38 +01:00
Eugen Rochko
f2d71eae4b
Cache JSON of immutable ActivityPub representations ( #6171 )
2018-01-04 01:21:38 +01:00
David Yip
01f91695f5
Merge remote-tracking branch 'origin/master' into merge-upstream
...
Conflicts:
app/controllers/auth/confirmations_controller.rb
2017-12-30 17:20:07 -06:00
Eugen Rochko
9427823d5c
Add more instance stats APIs ( #6125 )
...
* Add GET /api/v1/instance/peers API to reveal known domains
* Add GET /api/v1/instance/activity API
* Make new APIs disableable, exclude private statuses from activity stats
* Fix code style issue
* Fix week timestamps
2017-12-29 19:52:04 +01:00
kibigo!
99e8710095
Javascript intl8n flavour support
2017-12-10 11:08:04 -08:00
kibigo!
5758a12491
Skins shouldn't apply to fallback flavours
2017-12-07 14:49:54 -08:00
kibigo!
41f9a4d4e4
Fix common packs when other pack also there
2017-12-06 15:34:19 -08:00
kibigo!
882055afd0
Rename themes -> flavours ? ?
2017-12-03 23:26:40 -08:00
kibigo!
36b9f4df56
Skins support
2017-11-30 19:29:47 -08:00
kibigo!
8aeda4f064
Finalized theme loading and stuff
2017-11-20 22:13:37 -08:00
kibigo!
5845057adb
Themed prefetching
2017-11-16 21:37:08 -08:00
Eugen Rochko
3df46ce5a8
Fix some rubocop style issues ( #5730 )
2017-11-17 10:06:26 +09:00
Eugen Rochko
97178b6d86
Add moderator role and add pundit policies for admin actions ( #5635 )
...
* Add moderator role and add pundit policies for admin actions
* Add rake task for turning user into mod and revoking it again
* Fix handling of unauthorized exception
* Deliver new report e-mails to staff, not just admins
* Add promote/demote to admin UI, hide some actions conditionally
* Fix unused i18n
2017-11-11 20:23:33 +01:00
Andrew
b4842ef0b9
Add support for multiple themes ( #4959 )
...
* Add support for selecting a theme
* Fix codeclimate issues
* Look up site default style if current user is not available due to e.g. not being logged in
* Remove outdated comment in common.js
* Address requested changes in themes PR
* Fix codeclimate issues
* Explicitly check current_account in application controller and only check theme availability if non-nil
* codeclimate
* explicit precedence with &&
* Fix code style in application_controller according to @nightpool's suggestion, use default style in embedded.html.haml
* codeclimate: indentation + return
2017-09-19 16:36:23 +02:00
Eugen Rochko
fd69694749
Add "signed in as" header to some pages ( #4523 )
2017-08-05 04:24:58 +02:00
Eugen Rochko
0217e15dd3
Fix #4058 - Use a long-lived cookie to keep track of user-level sessions ( #4091 )
...
* Fix #4058 - Use a long-lived cookie to keep track of user-level sessions
* Fix tests, smooth migrate from previous session-based identifier
2017-07-07 23:25:15 +02:00
Eugen Rochko
ad531f90b1
Bind web UI access tokens to sessions ( #3940 )
...
* Add overview of active sessions
* Better display of browser/platform name
* Improve how browser information is stored and displayed for sessions overview
* Fix test
* Fix #2347 - Bind web UI access token to session
When you logout, session also destroys the access token, so it's no longer
valid. If access token is destroyed some other way, the session is also
destroyed, requiring a re-login.
Fix #1681 - Add scheduler to remove revoked access tokens and grants
* Fix test
2017-06-25 23:51:32 +02:00
Yamagishi Kazutoshi
09f5091102
Show error message to suspended user ( #3281 )
2017-05-24 16:39:09 +02:00
Yamagishi Kazutoshi
410a684c3b
Change "Account.any?" to "Account.exists?" ( #3217 )
2017-05-22 15:02:30 +02:00
Akihiko Odaki
cbd9804857
single_user_mode? always returns boolean ( #3215 )
...
This change also adds a specification for the method.
2017-05-22 06:00:06 +02:00
Matt Jankowski
52b2a25ace
Error responses cleanup ( #2692 )
...
* Use respond_with_error for forbidden errors
* Wrap up common error code into single method
2017-05-01 22:24:36 +02:00
Matt Jankowski
a5c8ffcaf9
Extract user tracking into concern ( #2600 )
2017-04-30 00:28:16 +02:00
alpaca-tc
31d49716c6
Localize with i18n for Devise::FailureApp ( #2309 )
...
This PR fixes I18n.locale for rake middlewares. Mastodon uses Devise that depends on Warden.
Warden::Manager can be found in rake middleware. It is outside of the controller.
In the case of authentication failed, warden calls throw(:warden). At the time Warden::Manager
delegates request to failure_app to generate response and flash[:alert] after catching it.
Unfortunately, I18n.locale is already reset then because I18n.with_locale is enabled only
inside the controller. If we used I18n.locale=, Devise::FailureApp could get the current locale.
2017-04-25 15:06:41 +02:00
Matt Jankowski
f93d4d340d
Return force_ssl to the controller ( #2380 )
2017-04-24 02:44:05 +02:00
Evan Minto
227f45402d
ActivityPub: Add basic, read-only support for Outboxes, Notes, and Create/Announce Activities ( #2197 )
...
* Clean up collapsible components
* Expose user Outboxes and AS2 representations of statuses
* Save work thus far.
* Fix bad merge.
* Save my work
* Clean up pagination.
* First test working.
* Add tests.
* Add Forbidden error template.
* Revert yarn.lock changes.
* Fix code style deviations and use localized instead of hardcoded English text.
2017-04-23 05:21:10 +02:00
Matt Jankowski
04e2d502e0
Move force_ssl check to production config ( #2165 )
...
The force_ssl method from controllers does not add all of the options that the
sitewide configuration in a config block does. For example, HSTS enforcement is
not added by the controller method, but is added by this style.
2017-04-23 04:22:22 +02:00
Takayoshi Nishida
3ba9a8c1db
Fix #2195 - Set locale to error pages ( #2255 )
...
* Fix #2195 - Set locale to error pages
* Fix #2195 - Cut duplicate process into one method
2017-04-21 18:11:20 +02:00
Eugen
ba6b4c6e62
Make file attachment on MediaAttachment optional ( #1865 )
...
Create MediaAttachment but without actual file download when domain is blocked with reject_media set to true
Clean up old media files when creating a new domain block with reject_media set to true
Return remote_url in media attachments API if local file is not present
Undo domain block action in admin UI
Ability to enable reject_media from admin UI
2017-04-16 12:51:30 +02:00
Marcin Cieślak
d67b8e90ea
Give SINGLE_USER a chance to register ( #1820 )
...
An attempt to open a brand new Mastodon instance configured
as SINGLE_USER_MODE=true will cause an exception.
Enable temporary registration if we have no users in the database
Fixes #1817
2017-04-15 16:46:27 +02:00
Eugen Rochko
07f42f0824
Fix #1165 - before_action was called before protect_from_forgery
2017-04-08 02:30:50 +02:00
Eugen Rochko
9bb84337a7
Allow setting of default language through config
...
Setting of locale in controller extracted to Localized concern,
the doorkeeper authorized applications controller moved under
custom namespace with inclusion of Localized, which resolves the
"it sometimes appears in a different random language" bug
2017-04-07 12:40:26 +02:00
Eugen Rochko
7a56845060
Only call regeneration worker after first login after a 14 day break
2017-04-04 02:00:10 +02:00
Eugen Rochko
1ee4c6415c
Catching rack timeout from rails doesn't work
2017-04-02 21:12:18 +02:00
Eugen Rochko
00e99e58db
Add proper error page for request timeouts
2017-04-02 19:43:44 +02:00
Eugen Rochko
20d91848cf
Fix wrong HTTP status codes on error pages
2017-03-19 20:03:28 +01:00
Eugen Rochko
2c29cc400e
Improve error page layouting. 500 page has to stay static because it's
...
used from nginx when Rails fails.
2017-01-21 22:30:47 +01:00
Effy Elden
80f186cdf0
Add nice error page for CSRF errors/cookie issue, and fix error page handling altogether
2017-01-15 10:30:23 +11:00
Eugen Rochko
d253b0dec6
Fix #86 - resolve layout breaking on zoom-out on accounts grid
2016-12-26 18:48:33 +01:00
Eugen Rochko
7752662f97
Add filters for suspended accounts
2016-12-06 18:03:30 +01:00
Eugen Rochko
2d4ce8a867
Fix #248 - Reload all accounts when fetching from cache
2016-12-03 18:21:26 +01:00
Eugen Rochko
8260628fc8
Fix pt translations, improve pre-cache queries, removing will_paginate
...
from accounts/tags because it's a terribly inefficient way to paginate
large sets of data
2016-12-01 16:26:25 +01:00
Eugen Rochko
1bb1ec3b8d
Further abstract caching for includes
2016-11-30 15:57:56 +01:00
Eugen Rochko
329b2a326d
Normalize localizations, add stub for admin/accounts
2016-11-30 15:32:26 +01:00
Eugen Rochko
015cd99f41
Make User#current_sign_in_at actually track when user was last active,
...
by updating it at least every 24h if the user visits the site
2016-11-30 15:17:03 +01:00
Eugen Rochko
bee7aeaea5
Unify collection caching code
2016-11-29 15:49:39 +01:00
Eugen Rochko
f37efe8e56
Add simple admin overview of PuSH subscriptions
2016-11-28 18:45:13 +01:00
Eugen Rochko
8ab2fcbb2c
Mini Profiler not working well, remove it
2016-11-24 19:59:11 +01:00
Eugen Rochko
c60df460af
Rename "publish" to "toot" in english locale, fix lightbox showing old image
...
before loading new one, cache notifications API, fix missing follow button
on public profiles
2016-11-23 09:20:34 +01:00
Eugen Rochko
f6a975af8b
More query optimizations
2016-11-22 23:18:54 +01:00
Eugen Rochko
30010a6dbd
Moving some counter queries out of subqueries in the API
2016-11-22 22:59:54 +01:00
Eugen Rochko
80d58c6c04
Desktop notifications
2016-11-21 10:24:50 +01:00
Eugen Rochko
b8e6ca45e5
Add user locale setting
2016-11-16 17:56:31 +01:00
Eugen Rochko
e71b152d89
Fix rubocop issues, introduce usage of frozen literal to improve performance
2016-11-15 16:56:29 +01:00
Eugen Rochko
c02bdd64a0
Fix sign-in redirecting "back" to a missing image because missing static files hit the raise_not_found method
2016-10-06 15:42:00 +02:00
Eugen Rochko
fe77921e47
Catching more exceptions that slipped through, removing AR logging from
...
production as it's very verbose and not very useful
2016-10-05 13:26:44 +02:00
Eugen Rochko
9d59d7b463
Adding a block model and filter mentions from blocked users ( fix #60 )
2016-10-03 17:12:13 +02:00
Eugen Rochko
fc198a8b4c
Adding e-mail confirmations
2016-10-03 16:51:00 +02:00
Eugen Rochko
a0f85774c4
Redirect after sign in to previous page (unless it's a sign in/up/etc page)
2016-10-02 17:11:08 +02:00
Eugen Rochko
927333f4f8
Improve code style
2016-09-29 21:28:21 +02:00
Eugen Rochko
509c18eb13
Fix local follows, 404 in logs
2016-09-08 02:40:51 +02:00
Eugen Rochko
bc0692d75b
Removing mini-profiler that doesn't work, formatting timelines a bit better
2016-08-24 19:23:37 +02:00
Eugen Rochko
49520d6e62
Adding React.js, Redux, revamping dashboard
2016-08-24 17:56:44 +02:00
Eugen Rochko
8985f8e66c
Fixing more configuration issues with ActionCable
2016-08-18 18:39:35 +02:00
Eugen Rochko
8459acd123
Fix for force SSL issue with websockets
2016-08-18 17:48:57 +02:00
Eugen Rochko
6426819b6f
Fix tests
2016-08-18 17:22:44 +02:00
Eugen Rochko
6deb9f966e
Live timelines using ActionCable
2016-08-18 15:49:51 +02:00
Eugen Rochko
e24bfbde1a
Fixing FanOutOnWriteService, fixing Sidekiq not having enough DB connections
...
in the pool, adding a throttle of 60rpm per IP, adding mini profiler, adding
admin status to users
2016-03-25 14:12:24 +01:00
Eugen Rochko
9c4856bdb1
Initial commit
2016-02-20 22:53:20 +01:00