Claire
49e1162a30
Fix issues when attempting to appeal an old strike ( #17554 )
...
* Display an error when an appeal could not be submitted
* Do not offer users to appeal old strikes
* Fix 500 error when trying to appeal a strike that is too old
* Avoid using an extra translatable string
3 years ago
Claire
5b5b9deebd
Fix opening the emoji picker scrolling the single-column view to the top ( #17579 )
...
Fixes #17577
3 years ago
Claire
ab98d2e539
Fix edge case where settings/admin page sidebar would be incorrectly hidden ( #17580 )
3 years ago
Claire
efb2377148
Change relays handling to not record boosts ( #17571 )
...
* Change relays handling to not record boosts
* Update tests
3 years ago
Claire
4d49bb4b52
Fix performance of server-side filtering ( #17575 )
...
Fixes #17567
3 years ago
Claire
488c4e1712
Change dasbhoard links for “new users” and “active users” ( #17570 )
...
Make them filter for local accounts by default
3 years ago
Eugen Rochko
82f8d19424
Add appeals ( #17364 )
...
* Add appeals
* Add ability to reject appeals and ability to browse pending appeals in admin UI
* Add strikes to account page in settings
* Various fixes and improvements
- Add separate notification setting for appeals, separate from reports
- Fix style of links in report/strike header
- Change approving an appeal to not restore statuses (due to federation complexities)
- Change style of successfully appealed strikes on account settings page
- Change account settings page to only show unappealed or recently appealed strikes
* Change appealed_at to overruled_at
* Fix missing method error
3 years ago
Jeong Arm
0ad6f982af
Fix admin statuses page order with media ( #17538 )
3 years ago
Jeong Arm
cf8fee1379
Add `from:` query operator to search syntax ( #16526 )
...
* Add 'by:userhandle' parameter to search api
* Use search syntax for "by" prefix
* Codeclimate
* Use 'from' instead of 'by'
3 years ago
Eugen Rochko
77529aba86
Fix privacy policy link not being visible on small screens ( #17533 )
...
Fix #17482
3 years ago
Eugen Rochko
518ac93f00
Fix duplicate accounts when searching by IP range in admin UI ( #17524 )
3 years ago
Claire
e806b2325e
Fix empty batch statuses selection causing a 500 error ( #17532 )
...
* Fix empty batch statuses selection causing a 500 error
* Simplify current_params
3 years ago
Claire
d10eb06cb4
Fix controls for unchangeable properties on status edit not being disabled ( #17531 )
...
Fixes #17520
3 years ago
Eugen Rochko
f53e4c250e
Fix layout of the report page on smaller screens in admin UI ( #17523 )
...
Fix #17491
3 years ago
Jeong Arm
63c1a70f35
Enable domain purge button on suspended domains too ( #17209 )
...
* Enable domain purge button on suspended domains too
* Change unless to if
3 years ago
Eugen Rochko
8ffc48ebfa
Add notifications when a reblogged status has been updated ( #17404 )
...
* Add notifications when a reblogged status has been updated
* Change wording to say "edit" instead of "update" and add missing controls
* Replace previous update notifications with the most up-to-date one
3 years ago
Eugen Rochko
9b42aad433
Change actions in reports to require only one click ( #17487 )
3 years ago
Eugen Rochko
51573dfbc9
Change reblogs to not count towards hashtag trends anymore ( #17501 )
3 years ago
Eugen Rochko
e331119201
Fix deletes not being signed in authorized fetch mode ( #17484 )
...
Fix #17483
3 years ago
Claire
2e551a9c6e
Fix Undo Announce sometimes inlining the originally Announced status ( #17516 )
...
* Change tests to have more specific expectations on sent ActivityPub payloads
* Check that payload doesn't actually contain the contents of the boosted toot
* Fix Undo Announce sometimes inlining the originally Announced status
3 years ago
Eugen Rochko
84bd87e444
New Crowdin updates ( #16858 )
...
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.json (French)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.json (French)
[ci skip]
* New translations simple_form.en.yml (French)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations simple_form.en.yml (French)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations devise.en.yml (French)
[ci skip]
* New translations devise.en.yml (French)
[ci skip]
* New translations activerecord.en.yml (French)
[ci skip]
* New translations en.yml (Thai)
[ci skip]
* New translations en.yml (Thai)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations en.yml (Chinese Simplified)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (Scottish Gaelic)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (Thai)
[ci skip]
* New translations en.yml (Hebrew)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (Thai)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations en.yml (Slovak)
[ci skip]
* New translations en.yml (Italian)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations en.yml (Korean)
[ci skip]
* New translations en.json (Slovenian)
[ci skip]
* New translations en.json (Slovenian)
[ci skip]
* New translations activerecord.en.yml (Slovenian)
[ci skip]
* New translations en.yml (Slovenian)
[ci skip]
* New translations doorkeeper.en.yml (Slovenian)
[ci skip]
* New translations activerecord.en.yml (Slovenian)
[ci skip]
* New translations simple_form.en.yml (Slovenian)
[ci skip]
* New translations devise.en.yml (Slovenian)
[ci skip]
* New translations simple_form.en.yml (Slovenian)
[ci skip]
* New translations en.json (Persian)
[ci skip]
* New translations en.yml (Japanese)
[ci skip]
* New translations en.yml (Swedish)
[ci skip]
* New translations en.yml (Swedish)
[ci skip]
* New translations en.json (Slovenian)
[ci skip]
* New translations devise.en.yml (Slovenian)
[ci skip]
* New translations en.json (Slovenian)
[ci skip]
* New translations en.json (Slovenian)
[ci skip]
* New translations en.yml (Slovenian)
[ci skip]
* New translations en.json (Slovenian)
[ci skip]
* New translations doorkeeper.en.yml (Slovenian)
[ci skip]
* New translations en.yml (Slovenian)
[ci skip]
* New translations en.yml (Slovenian)
[ci skip]
* New translations simple_form.en.yml (Slovenian)
[ci skip]
* New translations devise.en.yml (Slovenian)
[ci skip]
* New translations en.yml (Swedish)
[ci skip]
* New translations en.yml (Slovenian)
[ci skip]
* New translations en.yml (Japanese)
[ci skip]
* New translations simple_form.en.yml (Catalan)
[ci skip]
* New translations en.yml (Catalan)
[ci skip]
* New translations simple_form.en.yml (Catalan)
[ci skip]
* New translations simple_form.en.yml (Catalan)
[ci skip]
* New translations en.yml (Catalan)
[ci skip]
* New translations en.json (Catalan)
[ci skip]
* New translations simple_form.en.yml (Catalan)
[ci skip]
* New translations doorkeeper.en.yml (Catalan)
[ci skip]
* New translations en.yml (Catalan)
[ci skip]
* New translations en.json (Catalan)
[ci skip]
* New translations en.yml (Arabic)
[ci skip]
* New translations en.yml (Arabic)
[ci skip]
* New translations en.yml (Arabic)
[ci skip]
* New translations en.yml (Thai)
[ci skip]
* New translations en.yml (Thai)
[ci skip]
* New translations en.yml (Thai)
[ci skip]
* New translations en.yml (Thai)
[ci skip]
* New translations en.yml (Thai)
[ci skip]
* New translations en.yml (Slovak)
[ci skip]
* New translations en.yml (Vietnamese)
[ci skip]
* New translations en.yml (Occitan)
[ci skip]
* New translations en.json (Occitan)
[ci skip]
* New translations simple_form.en.yml (Chinese Simplified)
[ci skip]
* New translations en.json (Arabic)
[ci skip]
* New translations en.json (Arabic)
[ci skip]
* New translations en.json (Arabic)
[ci skip]
* New translations en.json (Arabic)
[ci skip]
* New translations en.json (Arabic)
[ci skip]
* New translations en.yml (Thai)
[ci skip]
* New translations en.json (Thai)
[ci skip]
* New translations en.json (Norwegian Nynorsk)
[ci skip]
* New translations en.json (Norwegian Nynorsk)
[ci skip]
* New translations en.json (Norwegian)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations en.yml (Thai)
[ci skip]
* New translations en.yml (Thai)
[ci skip]
* New translations en.yml (Persian)
[ci skip]
* New translations simple_form.en.yml (Thai)
[ci skip]
* New translations en.yml (Thai)
[ci skip]
* New translations en.yml (Thai)
[ci skip]
* New translations en.yml (Thai)
[ci skip]
* New translations en.yml (Thai)
[ci skip]
* New translations en.yml (Thai)
[ci skip]
* New translations en.json (Thai)
[ci skip]
* New translations simple_form.en.yml (Thai)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations en.yml (Korean)
[ci skip]
* New translations en.yml (Portuguese)
[ci skip]
* New translations en.yml (Hungarian)
[ci skip]
* New translations en.yml (Armenian)
[ci skip]
* New translations en.yml (Georgian)
[ci skip]
* New translations en.yml (Lithuanian)
[ci skip]
* New translations en.yml (Dutch)
[ci skip]
* New translations en.yml (Norwegian)
[ci skip]
* New translations en.yml (Polish)
[ci skip]
* New translations en.yml (Albanian)
[ci skip]
* New translations en.yml (Basque)
[ci skip]
* New translations en.yml (Serbian (Cyrillic))
[ci skip]
* New translations en.yml (Turkish)
[ci skip]
* New translations en.yml (Ukrainian)
[ci skip]
* New translations en.yml (Chinese Traditional)
[ci skip]
* New translations en.yml (Icelandic)
[ci skip]
* New translations en.yml (Portuguese, Brazilian)
[ci skip]
* New translations en.yml (Indonesian)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations en.yml (Finnish)
[ci skip]
* New translations en.yml (Greek)
[ci skip]
* New translations en.yml (Galician)
[ci skip]
* New translations en.yml (Slovak)
[ci skip]
* New translations en.yml (Chinese Simplified)
[ci skip]
* New translations en.yml (Swedish)
[ci skip]
* New translations en.yml (Arabic)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations en.yml (Catalan)
[ci skip]
* New translations en.yml (Italian)
[ci skip]
* New translations en.yml (Japanese)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (Slovenian)
[ci skip]
* New translations en.yml (German)
[ci skip]
* New translations en.yml (Vietnamese)
[ci skip]
* New translations en.yml (Thai)
[ci skip]
* New translations en.yml (Scottish Gaelic)
[ci skip]
* New translations en.yml (Occitan)
[ci skip]
* New translations en.yml (Persian)
[ci skip]
* New translations en.yml (Romanian)
[ci skip]
* New translations en.yml (Czech)
[ci skip]
* New translations en.yml (Danish)
[ci skip]
* New translations en.yml (Spanish, Mexico)
[ci skip]
* New translations en.yml (Kabyle)
[ci skip]
* New translations en.yml (Sardinian)
[ci skip]
* New translations en.yml (Corsican)
[ci skip]
* New translations en.yml (Sorani (Kurdish))
[ci skip]
* New translations en.yml (Kurmanji (Kurdish))
[ci skip]
* New translations en.yml (Asturian)
[ci skip]
* New translations en.yml (Chinese Traditional, Hong Kong)
[ci skip]
* New translations en.yml (Esperanto)
[ci skip]
* New translations en.yml (Welsh)
[ci skip]
* New translations en.yml (Latvian)
[ci skip]
* New translations en.yml (Estonian)
[ci skip]
* New translations en.yml (Kazakh)
[ci skip]
* New translations en.yml (Norwegian Nynorsk)
[ci skip]
* New translations en.yml (Kurmanji (Kurdish))
[ci skip]
* New translations en.yml (Catalan)
[ci skip]
* New translations en.yml (Chinese Traditional)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (Galician)
[ci skip]
* New translations en.yml (Hebrew)
[ci skip]
* New translations en.json (Hebrew)
[ci skip]
* New translations en.yml (Catalan)
[ci skip]
* New translations en.yml (Greek)
[ci skip]
* New translations en.yml (Polish)
[ci skip]
* New translations en.yml (Hungarian)
[ci skip]
* New translations en.yml (Japanese)
[ci skip]
* New translations en.yml (Albanian)
[ci skip]
* New translations en.yml (Italian)
[ci skip]
* New translations en.yml (Indonesian)
[ci skip]
* New translations en.yml (Icelandic)
[ci skip]
* New translations en.yml (Swedish)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations en.yml (Turkish)
[ci skip]
* New translations en.yml (Thai)
[ci skip]
* New translations en.yml (Danish)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations en.yml (Ukrainian)
[ci skip]
* New translations en.yml (Latvian)
[ci skip]
* New translations en.yml (Thai)
[ci skip]
* New translations en.yml (Thai)
[ci skip]
* New translations en.yml (Thai)
[ci skip]
* New translations en.yml (Thai)
[ci skip]
* New translations devise.en.yml (Thai)
[ci skip]
* New translations en.yml (Thai)
[ci skip]
* New translations devise.en.yml (Thai)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations devise.en.yml (Thai)
[ci skip]
* New translations devise.en.yml (Thai)
[ci skip]
* New translations en.yml (Spanish, Mexico)
[ci skip]
* New translations en.yml (German)
[ci skip]
* New translations en.yml (Ukrainian)
[ci skip]
* New translations en.yml (Latvian)
[ci skip]
* New translations en.yml (Kurmanji (Kurdish))
[ci skip]
* New translations en.yml (Catalan)
[ci skip]
* New translations en.yml (Catalan)
[ci skip]
* New translations en.yml (Danish)
[ci skip]
* New translations en.yml (Vietnamese)
[ci skip]
* New translations en.yml (Chinese Traditional)
[ci skip]
* New translations en.yml (Turkish)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (Greek)
[ci skip]
* New translations en.json (Greek)
[ci skip]
* New translations en.yml (Galician)
[ci skip]
* New translations en.json (Greek)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations en.yml (Chinese Simplified)
[ci skip]
* New translations en.yml (Kabyle)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations en.yml (Slovenian)
[ci skip]
* New translations simple_form.en.yml (Slovenian)
[ci skip]
* New translations en.yml (Hungarian)
[ci skip]
* New translations en.yml (Icelandic)
[ci skip]
* New translations simple_form.en.yml (Polish)
[ci skip]
* New translations en.yml (Esperanto)
[ci skip]
* New translations en.json (Dutch)
[ci skip]
* New translations en.json (Dutch)
[ci skip]
* New translations en.yml (Dutch)
[ci skip]
* New translations en.yml (Dutch)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations en.yml (Thai)
[ci skip]
* New translations en.yml (Thai)
[ci skip]
* Ran `i18n-tasks normalize`
* Ran `yarn manage:translations`
* Add space
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
3 years ago
Eugen Rochko
64a94a889b
Chore: Disable menu items for editing statuses in web UI ( #17497 )
...
Feature must be unlocked in a separate release for max. compatibility
3 years ago
Claire
c6de53c1a9
Fix NoMethodError in StatusUpdateDistributionWorker ( #17499 )
...
* Add tests
* Fix NoMethodError in StatusUpdateDistributionWorker
* Fix tests
3 years ago
Claire
2e7bc0fbf5
Fix poll votes not being properly reset on poll change ( #17498 )
...
* Fix poll votes not being properly reset on poll change
* Fix and add tests
* Fix poll update handling when the number of options changes
3 years ago
Eugen Rochko
6dfda3670f
Fix outdated iso-639 reference in update status service ( #17496 )
3 years ago
Eugen Rochko
cb76142d9e
Add editing for published statuses ( #17320 )
...
* Add editing for published statuses
* Fix change of multiple-choice boolean in poll not resetting votes
* Remove the ability to update existing media attachments for now
3 years ago
Eugen Rochko
2c9def57b3
Add `category` and `rule_ids` params to `POST /api/v1/reports` ( #17492 )
3 years ago
Eugen Rochko
6732217dd0
Change languages to be listed under standard instead of native name in admin UI ( #17485 )
3 years ago
Eugen Rochko
948da1a958
Add edit history to web UI ( #17390 )
...
* Add edit history to web UI
* Change history reducer to store items per status
* Fix missing loading prop
3 years ago
Eugen Rochko
b0021ca3d5
Fix error in suggestions API due to typo ( #17486 )
...
Regression from #17479
3 years ago
Eugen Rochko
a44cc7931a
Remove language detection through cld3 ( #17478 )
...
* Remove language detection through cld3
* Update app/helpers/languages_helper.rb
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
3 years ago
Eugen Rochko
1e5989c612
Add global `locale` param ( #17464 )
...
- Remove the session-based locale stickyness
3 years ago
Eugen Rochko
d979087a98
Fix localization of cold-start follow recommendations ( #17479 )
3 years ago
Claire
edd7dad3e2
Fix Ruby 2.5 incompatibility ( #17465 )
3 years ago
Eugen Rochko
73a585dd64
Fix structured data parsing from links choking on bad data ( #17403 )
...
* Fix structured data parsing from links choking on bad data
- Fix og:url meta tag being prioritized over canonical link tag
- Fix structured data parsing choking on commented-out CDATA declarations
- Fix HTML entities in title, description, provider_name, author_name
- Change structured data parsing to attempt every JSON-LD script tag
* Remove unnecessary slash escapes from CDATA regex pattern
3 years ago
Claire
42fdf52f0c
Fix replies collection incorrectly looping ( #17462 )
...
* Refactor tests
* Add tests
* Fix replies collection incorrectly looping
3 years ago
Claire
621d92114d
Fix errors when multiple Delete are received for a given actor ( #17460 )
3 years ago
Claire
5d53b3c8a7
Fix instance actor not being dereferenceable ( #17457 )
...
* Add tests
* Fix instance actor not being dereferenceable
* Fix tests
* Fix tests for real
3 years ago
Eugen Rochko
25d1195a04
Fix error on account relationships page in admin UI ( #17444 )
3 years ago
Claire
b3190c2cd6
Fix compacted JSON-LD possibly causing compatibility issues on forwarding ( #17428 )
3 years ago
Claire
ec8cf0e39b
Fix response_to_recipient? CTE ( #17427 )
3 years ago
Claire
b891d09d2f
Compact JSON-LD signed incoming activities ( #17426 )
...
Co-authored-by: Puck Meerburg <puck@puck.moe>
3 years ago
Claire
2657ca3b5e
Fix requiring an extra restart after recent post-deployment migrations ( #17422 )
...
Follow-up to #16409
3 years ago
Claire
8919f6cf63
Change public profile pages to be disabled for unconfirmed users ( #17385 )
...
Fixes #17382
Note that unconfirmed and unapproved accounts can still be searched for
and their (empty) account retrieved using the REST API.
3 years ago
Claire
33ea1c9008
Fix Sidekiq warnings about JSON serialization ( #17381 )
...
* Fix Sidekiq warnings about JSON serialization
This occurs on every symbol argument we pass, and every symbol key in hashes,
because Sidekiq expects strings instead.
See https://github.com/mperham/sidekiq/pull/5071
We do not need to change how workers parse their arguments because this has
not changed and we were already converting to symbols adequately or using
`with_indifferent_access`.
* Set Sidekiq to raise on unsafe arguments in test mode
In order to more easily catch issues that would produce warnings in production
code.
3 years ago
Claire
6e8d231e27
Fix local distribution of edited statuses ( #17380 )
...
Because `FanOutOnWriteService#update?` was broken, edits were considered as new
toots and a regular `update` payload was sent.
3 years ago
Eugen Rochko
b6364cf1ad
Fix poll updates being saved as status edits ( #17373 )
...
Fix #17344
3 years ago
Claire
d045ba2add
Fix link_to_login argument handling when a block is passed ( #17345 )
3 years ago
Claire
e92ac5b769
Fix error-prone SQL queries ( #15828 )
...
* Fix error-prone SQL queries in Account search
While this code seems to not present an actual vulnerability, one could
easily be introduced by mistake due to how the query is built.
This PR parameterises the `to_tsquery` input to make the query more robust.
* Harden code for Status#tagged_with_all and Status#tagged_with_none
Those two scopes aren't used in a way that could be vulnerable to an SQL
injection, but keeping them unchanged might be a hazard.
* Remove unneeded spaces surrounding tsquery term
* Please CodeClimate
* Move advanced_search_for SQL template to its own function
This avoids one level of indentation while making clearer that the SQL template
isn't build from all the dynamic parameters of advanced_search_for.
* Add tests covering tagged_with, tagged_with_all and tagged_with_none
* Rewrite tagged_with_none to avoid multiple joins and make it more robust
* Remove obsolete brakeman warnings
* Revert "Remove unneeded spaces surrounding tsquery term"
The two queries are not strictly equivalent.
This reverts commit 86f16c537e06c6ba4a8b250f25dcce9f049023ff.
3 years ago
Claire
41d64ee271
Change `percent` to `rate` in retention metrics API ( #16910 )
3 years ago
Claire
06f653972a
Add OMNIAUTH_ONLY environment variable to enforce externa log-in ( #17288 )
...
* Remove support for OAUTH_REDIRECT_AT_SIGN_IN
Fixes #15959
Introduced in #6540 , OAUTH_REDIRECT_AT_SIGN_IN allowed skipping the log-in form
to instead redirect to the external OmniAuth login provider.
However, it did not prevent the log-in form on /about introduced by #10232 from
appearing, and completely broke with the introduction of #15228 .
As I restoring that previous log-in flow without introducing a security
vulnerability may require extensive care and knowledge of how OmniAuth works,
this commit removes support for OAUTH_REDIRECT_AT_SIGN_IN instead for the time
being.
* Add OMNIAUTH_ONLY environment variable to enforce external log-in only
* Disable user registration when OMNIAUTH_ONLY is set to true
* Replace log-in links When OMNIAUTH_ONLY is set with exactly one OmniAuth provider
3 years ago
Claire
12bb24ea35
Remove support for OAUTH_REDIRECT_AT_SIGN_IN ( #17287 )
...
Fixes #15959
Introduced in #6540 , OAUTH_REDIRECT_AT_SIGN_IN allowed skipping the log-in form
to instead redirect to the external OmniAuth login provider.
However, it did not prevent the log-in form on /about introduced by #10232 from
appearing, and completely broke with the introduction of #15228 .
As I restoring that previous log-in flow without introducing a security
vulnerability may require extensive care and knowledge of how OmniAuth works,
this commit removes support for OAUTH_REDIRECT_AT_SIGN_IN instead for the time
being.
3 years ago
Claire
8114f4208f
Remove leftover database columns from Devise::Models::Rememberable ( #17191 )
...
* Remove leftover database columns from Devise::Models::Rememberable
* Update fix-duplication maintenance script
* Improve errors/warnings in the fix-duplicates maintenance script
3 years ago
Claire
335049cc33
Fix text being incorrectly pre-selected in composer textarea on /share ( #17339 )
...
Fixes #17295
3 years ago
Claire
68a9057420
Add post edited notice in admin and public UIs ( #17335 )
...
* Add edited toot flag on public pages
* Add toot edit flag to admin pages
3 years ago
Eugen Rochko
a427958026
Fix error when using raw distribution worker ( #17334 )
...
Regression from #16697
3 years ago
Eugen Rochko
bfbfbf5032
Fix error when processing poll updates ( #17333 )
...
Regression from #16697
3 years ago
Eugen Rochko
06b698a723
Add support for editing for published statuses ( #16697 )
...
* Add support for editing for published statuses
* Fix references to stripped-out code
* Various fixes and improvements
* Further fixes and improvements
* Fix updates being potentially sent to unauthorized recipients
* Various fixes and improvements
* Fix wrong words in test
* Fix notifying accounts that were tagged but were not in the audience
* Fix mistake
3 years ago
Jeong Arm
be15674215
Fix NameError on ActivityPub::FetchFeaturedCollectionService ( #17326 )
...
Related: #16954
3 years ago
Claire
833a5e4e52
Fix `pinned` attribute not being set for private self-posts ( #17304 )
3 years ago
Eugen Rochko
2fb76550a9
Add notifications for statuses deleted by moderators ( #17204 )
3 years ago
Claire
5aade2baac
Add support for private pinned posts ( #16954 )
...
* Add support for private pinned toots
* Allow local user to pin private toots
* Change wording to avoid "direct message"
3 years ago
Claire
928890bd38
Fix admin interface crash when displaying deleted user ( #17301 )
3 years ago
Eugen Rochko
7b3972c270
Remove IP tracking columns from users table ( #16409 )
3 years ago
Jeong Arm
52b05dad34
Gradually increase retry waiting for media processing ( #17271 )
3 years ago
Jeong Arm
db10cd8d15
Remove custom emojis on domain purge ( #17210 )
3 years ago
Claire
651e997a98
Fix media descriptions not being used for client-side filtering ( #17206 )
...
Fix oversight in #13837
3 years ago
Eugen Rochko
9a8784829f
Fix warnings on Rails boot ( #16946 )
3 years ago
Rens Groothuijsen
9d43863426
Fix tag rendering error in hashtag column settings ( #17184 )
...
* Flatten tags in configuration to regular array before converting to JSON
* Render filter tags using toJS instead of toJSON
3 years ago
Jeong Arm
ba93eb818b
Fix duplicate record on admin/accounts when searching with IP ( #17150 )
3 years ago
Claire
d8da1689c1
Add ability for admins to delete canonical email blocks ( #16644 )
...
* Add admin option to remove canonical email blocks from a deleted account
* Add tootctl canonical_email_blocks to inspect and remove canonical email blocks
3 years ago
Claire
44c8b6ff2f
Add ability to purge undeliverable domains from admin interface ( #16686 )
...
* Add ability to purge undeliverable domains from admin interface
* Add tests
3 years ago
Claire
36347cf494
Change title of retention chart ( #16909 )
...
Changes from “Retention” to “User retention rate by month after sign-up”.
This should make it much clearer to people not familiar with retention charts
what it actually means.
3 years ago
Claire
1e34cfabdd
Change list title input styling ( #17092 )
3 years ago
David Sterry
65ee707755
ignore hashtag suggestions if they vary only in case ( #16460 )
...
* ignore hashtag suggestions if they vary only in case
* remove console.logs and unused args
* consistently add space when dismissing suggestions
* linting
3 years ago
Takeshi Umeda
794d9d267d
Fix follow recommendation biased towards older accounts ( #17126 )
3 years ago
Eugen Rochko
2c6be5dc9a
Change trending hashtags threshold back from 15 to 5 ( #17122 )
3 years ago
heguro
2b292c44bc
Fix redirection when succeeded WebAuthn ( #17098 )
3 years ago
Rens Groothuijsen
8143d127a4
Show correct error message if chosen password is too long ( #17082 )
...
* Add correct error message for exceeding max length on password confirmation field
* Code style fixes
3 years ago
Eugen Rochko
7bf5924339
Add batch suspend for accounts in admin UI ( #17009 )
3 years ago
Eugen Rochko
f3966223bd
Fix error on trending mailer due to missing constant ( #17072 )
3 years ago
Jeong Arm
cb22372cd7
Fix server graph on admin/tags/:id ( #17066 )
3 years ago
Jeong Arm
5ac17e3a77
Fix admin statuses order( #16937 ) ( #16969 )
...
* Fix #16937
* Add test for statuses order
3 years ago
Claire
5305dada6c
Fix searching for additional hashtags in hashtag column ( #17054 )
3 years ago
Claire
986391cd19
Fix color of hashtag column settings inputs ( #17058 )
...
Fixes #17057
3 years ago
Claire
ad3668eb5f
Fix opening wrong profile when clicking on username of boosting user in WebUI ( #17060 )
...
Fixes #16799
3 years ago
Eugen Rochko
4375813ea7
Remove Keybase integration ( #17045 )
3 years ago
Eugen Rochko
6c1d78b277
Fix error on trending hashtags/links pages in admin UI due to missing constant ( #17044 )
3 years ago
Claire
202862753a
Fix handling of recursive toots in WebUI ( #17041 )
3 years ago
Claire
be1c45d252
Fix filtering DMs from non-followed users ( #17042 )
3 years ago
Eugen Rochko
ad73becf3e
Add trending links ( #16917 )
...
* Add trending links
* Add overriding specific links trendability
* Add link type to preview cards and only trend articles
Change trends review notifications from being sent every 5 minutes to being sent every 2 hours
Change threshold from 5 unique accounts to 15 unique accounts
* Fix tests
3 years ago
Claire
5d2ed78074
Fix error when suspending user with an already-existing canonical email block ( #17036 )
...
* Fix error when suspending user with an already-existing canonical email block
Fixes #17033
While attempting to create a `CanonicalEmailBlock` with an existing hash would
raise an `ActiveRecord::RecordNotUnique` error, this being done within a
transaction would cancel the whole transaction. For this reason, checking for
uniqueness in Rails would query the database within the transaction and avoid
invalidating the whole transaction for this reason.
A race condition is still possible, where multiple accounts sharing a canonical
email would be blocked in concurrent transactions, in which only one would
succeed, but that is way less likely to happen that the current issue, and can
always be retried after the first failure, unlike the current situation.
* Add tests
3 years ago
Claire
199022cf9d
Fix overflow of long profile fields in admin view ( #17010 )
3 years ago
Claire
3d8a884f06
Fix background-color of emoji-mart selector ( #17011 )
...
Reverts part of #16907 to fix hardcoded color
3 years ago
Takeshi Umeda
869faf5f87
Bump chewy from 5.2.0 to 7.2.3 (supports Elasticsearch 7.x) ( #16915 )
...
* Bump chewy from 5.2.0 to 7.2.2
* fix style (codeclimate)
* fix style
* fix style
* Bump chewy from 7.2.2 to 7.2.3
3 years ago
Mashiro
3cb518dcb4
Add lazy load to emoji-mart ( #16907 )
...
* perf: lazyload emoji-mart!
* Bump lazyload
3 years ago
Claire
701472d1fc
Fix confusing error when webfinger request returns empty document ( #16986 )
...
For some reason, some misconfigured servers return an empty document when
queried over webfinger. Since an empty document does not lead to a parse
error, the error is not caught properly and triggers uncaught exceptions
later on.
This PR fixes that by immediately erroring out with `Webfinger::Error` on
getting an empty response.
3 years ago
Eugen Rochko
1bf6ec3325
Fix no link previews being generated for pages with invalid structured data ( #16979 )
...
Fix #16955
3 years ago
Claire
fdfcc4fcb7
Fix OpenGraph/LinkedData embeds having incorrectly-generated iframes ( #16978 )
3 years ago
Claire
9e122d774d
Fix reviving revoked sessions and invalidating login ( #16943 )
...
Up until now, we have used Devise's Rememberable mechanism to re-log users
after the end of their browser sessions. This mechanism relies on a signed
cookie containing a token. That token was stored on the user's record,
meaning it was shared across all logged in browsers, meaning truly revoking
a browser's ability to auto-log-in involves revoking the token itself, and
revoking access from *all* logged-in browsers.
We had a session mechanism that dynamically checks whether a user's session
has been disabled, and would log out the user if so. However, this would only
clear a session being actively used, and a new one could be respawned with
the `remember_user_token` cookie.
In practice, this caused two issues:
- sessions could be revived after being closed from /auth/edit (security issue)
- auto-log-in would be disabled for *all* browsers after logging out from one
of them
This PR removes the `remember_token` mechanism and treats the `_session_id`
cookie/token as a browser-specific `remember_token`, fixing both issues.
3 years ago