8d0a4b7200
Admin base controller ( #1465 )
...
* Add Admin::BaseController to wrap admin area
Extracts the setting of the `admin` layout and verifying that users are admins
to a common base class for the admin/ controllers.
* Add basic coverage for admin/reports and admin/settings controllers
8 years ago
5c57f15503
Do not store last visited URL from API controllers ( #1330 )
...
Sign-in redirects you back to last visited URL, but in case of API requests,
this sometimes redirected users to an API URL that, of course, greeted them
with an {"error":"The access token is invalid"}
8 years ago
47a3702db4
Fix /api/v1/accounts/update_credentials tests ( #1357 )
8 years ago
9252133084
Use HTTP Accept-Language to detect locale ( #1166 )
...
* Use HTTP Accept-Language to detect locale
* Fix gem order to comply with codeclimate
* Sort gem to comply with rubocop
* I18n.default_locale fallback when there is no accept-language header
8 years ago
6e0b4032b3
Allow users to update their Account in the API ( #1179 )
...
* Allow users to update their Account in the API
It would be nice for API clients to be able to allow users to update
their accounts without having to wrap Mastodon in a web view. This patch
adds an API endpoint to let users submit a PATCH for their account.
Signed-off-by: David Celis <me@davidcel.is>
* Add /api/v1/accounts/update_credentials to the API docs
Signed-off-by: David Celis <me@davidcel.is>
8 years ago
41b79ae693
Clean up about page ( #1282 )
...
* Add InstancePresenter to expose site details
* Clean up about controller, use instance presenter
8 years ago
3047a8da74
Make public timelines API not require user context/app credentials ( #1291 )
...
* Make /api/v1/timelines/public and /api/v1/timelines/tag/:id public
Fix #1156 - respect query params when generating pagination links in API
* Apply pagination fix to more APIs
8 years ago
b532134503
Fix #795 , fix #704 , fix #835 - 2FA requires confirmation to be enabled ( #1278 )
...
* Fix #795 , fix #704 , fix #835 - 2FA requires confirmation to be enabled
TOTP secret is not shown again after 2FA is enabled
* Clean up
8 years ago
07f42f0824
Fix #1165 - before_action was called before protect_from_forgery
8 years ago
9bb84337a7
Allow setting of default language through config
...
Setting of locale in controller extracted to Localized concern,
the doorkeeper authorized applications controller moved under
custom namespace with inclusion of Localized, which resolves the
"it sometimes appears in a different random language" bug
8 years ago
24c77e57b2
Rewrite Atom generation from stream entries to use Ox instead of Nokogiri ( #1124 )
...
* Rewrite Atom generation from stream entries to use Ox instead of Nokogiri::Builder
StreamEntry is now limited to only statuses, which allows some optimization. Removed
extra queries on AccountsController#show. AtomSerializer instead of AtomBuilderHelper
used in AccountsController#show, StreamEntriesController#show, StreamEntryRenderer
and PubSubHubbub::DistributionWorker
PubSubHubbub::DistributionWorker moves n+1 DomainBlock query to PubSubHubbub::DeliveryWorker
instead.
All Salmon slaps that aren't based on StreamEntry still use AtomBuilderHelper and Nokogiri
* All Salmon slaps now use Ox instead of Nokogiri. No touch from status on account
8 years ago
932b0b2f1f
Remote follow improvements
...
This stores the @username@instance you provide in your session and
reuses it the next time you remote follow someone from this instance.
8 years ago
353a30810c
New admin setting: open/close registrations, with custom message, from the admin UI
8 years ago
7a56845060
Only call regeneration worker after first login after a 14 day break
8 years ago
24793cdbaa
Fix ActionController::Parameters in API issue
8 years ago
c9ffa7ab1d
Add basic logging of who resolved report
8 years ago
ceaafb22d3
When taking action on a report (silence/suspend), it dismisses all other
...
reports for that user automatically
8 years ago
6ebe31e716
Make default admin UI page reports. Add admin UI for creating a domain block
8 years ago
1ee4c6415c
Catching rack timeout from rails doesn't work
8 years ago
00e99e58db
Add proper error page for request timeouts
8 years ago
f04816f005
Fix wording "show reblogs" -> "show boosts", order reports chronologically in
...
admin UI
8 years ago
e407ed24a6
Fix landing page sign up form ignoring username field
8 years ago
244da78105
Import feature for following/blocking lists (addresses #62 , #177 , #201 , #454 )
8 years ago
96e58cf289
Add counter caches for a large performance increase on API requests
8 years ago
a4ce8b09fb
Fix #690 - Webfinger should handle new shortform profile URLs now (nice)
8 years ago
b3cb765a94
Prettier account and stream entry URLs
8 years ago
3893f75a51
New API method: /api/v1/search
...
Returns accounts, statuses, hashtags arrays
8 years ago
b339e488fe
Export follow/block lists as CSV
8 years ago
20d91848cf
Fix wrong HTTP status codes on error pages
8 years ago
844eda88fe
Forgot to hook up API with the latest method
8 years ago
c97f817e40
Fix #525 - Add instance information API
8 years ago
6599b27b2b
Merge branch 'master' into mastodon-site-api
8 years ago
453d65e6da
Obfuscate filenames better, double rate limits
8 years ago
250beb1971
Revert earlier fix due to new bug reports
8 years ago
dea8e95d14
Performance improvement for profiles
8 years ago
42b6d5aca5
Increase max bitrate of converted webms, slightly optimized counter queries
...
(Because postgres can tell that count(*) needs no extra checks, but
counting a specific column requires them)
8 years ago
d1e1f26878
Improved /api/v1/accounts/:id/statuses with new params: only_media, exclude_replies
...
Redirect /:username to /users/:username
Redirect /:username/:id to /users/:username/updates/:id
Updated API documentation and sponsors
8 years ago
0cb5a2a0a7
Add digest e-mails
8 years ago
4554ccd5d0
Mute button progress so far. WIP, doesn't entirely work correctly.
8 years ago
b39356835b
Adds site metadata access to the API
8 years ago
a741049a77
Fix #104 - Style OAuth authorized applications page
...
Add ability to search accounts by display name
8 years ago
ff8a080d40
Add validation of media attachments, clean up mastodon-own exception classes
8 years ago
128dcdf68a
Merge branch 'fix_462' of https://github.com/rmhasan/mastodon into rmhasan-fix_462
8 years ago
5157e25aab
Add tuning documentation, add <content> tags back to most salmons,
...
make status pagination headers generation more lax about next page
existing
8 years ago
2e10c9861e
Removed try clause from create action in status controller
...
Using catch statement in api_controller.rb to catch NotPermitted
Exception, and render error message
8 years ago
008c95b3b9
revisted fix for #462
...
Moved validation to services/post_status_service.rb
8 years ago
11dc0a1cbc
Fix for issue #462
...
Modified uploadCompose action to send media ids of attached
media when sending a request. Modified create method in MediaController
to check if when posting a video, there are no other media attached
to the status by looking at the media ids sent from the uploadCompose
action.
8 years ago
3d291bcc55
Do not display non-Status stream entries anymore
8 years ago
7f9d6d0160
Add GET /api/v1/accounts/:id/statuses/media that returns only statuses with media attachments
...
Make replies default to privacy settings of the status being replied to
8 years ago
0613d66df8
Add UI to view report details, remove reported statuses, quick links to resolve/silence/suspend from report
8 years ago
6917e53fe0
Adding index overview for reports in admin UI
8 years ago
513a78d67b
Fix admin UI for accounts somewhat
8 years ago
2cc31b3194
Adding POST /api/v1/reports API, and a UI for submitting reports
8 years ago
a83dc927d8
Fix #587 - Display TOTP secret next to QR code
8 years ago
f9f8f52fe9
Stop trying to shoehorn all Salmon updates into the poor database-connected
...
StreamEntry model. Simply render Salmon slaps as they are needed
8 years ago
59c8c2b28a
Make follow requests federate
8 years ago
92a90de2af
Fix #611 - Layout setting in registrations controller
8 years ago
7037774d6e
Merge pull request #603 from evanminto/activitypub-account
...
Expose ActivityStreams 2.0 representation of accounts
8 years ago
af82038b98
Fix preferences save
8 years ago
b1f2683ecc
Add API modifiers to limit returned toots from public/hashtag timelines
...
to only those from local users; Add link to "extended information" to
getting started in the UI; Add defaults for posting privacy; Change
how publish button looks depending on posting privacy chosen
8 years ago
db7affbf5b
Reuse existing controller and route
8 years ago
e4a55302d2
Remove bios from blocked users list, filter out broken entries from API response
8 years ago
2f126b1225
Removing failed push notification API, make context loads use cache
8 years ago
e02bfd0aa2
Remove unnecessary leftover code
8 years ago
b56d24ed71
Add an account endpoint for ActivityPub and link to it on HTML profile pages
8 years ago
727d236fcc
Cleaning up format of broadcast real-time messages, removing
...
redis-backed "mentions" timeline as redundant (given notifications)
8 years ago
9327d05bf7
API for apps to register for push notifications
8 years ago
c58da52e9f
Split 2FA login into two prompts
8 years ago
557de8e24c
Update settings to re-use admin layout, one big navigation tree, improve settings forms
8 years ago
9b8670c939
Added optional two-factor authentication
8 years ago
2efefb380b
Improve infinite scroll on notifications
8 years ago
959e064186
Instead of using spoiler boolean and spoiler_text, simply check for non-blank spoiler_text
...
Federate spoiler_text using warning attribute on <content /> instead of a <category term="spoiler" />
Clean up schema file from accidental development migrations
8 years ago
c7778752e3
Merge branch 'master' into master
8 years ago
ea8b548ee9
Make blocks create entries and unfollows instantly, but do the clean up
...
in the background instead. Should fix delay where blocked person
can interact with blocker for a short time before background job
gets processed
8 years ago
b4ec84067a
API now respects ?limit param as long as it's within 2x default limit
8 years ago
e25fc71c2c
Implement a click-to-view spoiler system
8 years ago
98660a76d9
Move merging/unmerging of timelines into background. Move blocking into
...
background as well since it's a computationally expensive
8 years ago
4d39cc7bf9
Add /api/v1/notifications/clear, non-existing link cards for statuses will
...
now return empty hash instead of throwing a 404 error. When following,
merge into timeline will filter statuses
8 years ago
55d6cd41e6
Fix a couple unhandled exceptions
8 years ago
4cbca05197
Potentially fix notifications issue
8 years ago
20cb576da1
Fix inflection
8 years ago
2c29cc400e
Improve error page layouting. 500 page has to stay static because it's
...
used from nginx when Rails fails.
8 years ago
280348f1e0
Merge branch 'fix/error-pages' of https://github.com/ineffyble/mastodon into ineffyble-fix/error-pages
8 years ago
f4836b9077
Method to fetch a single notification
8 years ago
f748a91ec7
Fix #463 - Fetch and display previews of URLs using OpenGraph tags
8 years ago
a88f9a5ca9
Don't show loading bar when re-loading already loaded status. Don't even try to fetch ancestors from DB when in_reply_to_id is nil
8 years ago
f4d7f4c687
Fix #238 - Add "favourites" column
8 years ago
80f186cdf0
Add nice error page for CSRF errors/cookie issue, and fix error page handling altogether
8 years ago
8e0c1914fb
Add tracking of OAuth app that posted a status, extend OAuth apps to have optional website field, add application details to API, show application name and website on detailed status views. Resolves #11
8 years ago
f2667139ad
Adding about/more page with extended information that can be set up by an admin
8 years ago
533448be42
Add extended about page stub
8 years ago
6d98465db2
Extend rails-settings-cached to merge db-saved hash values with defaults
8 years ago
7e7c2bbb0f
Migrate from ledermann/rails-settings to rails-settings-cached which allows global settings
...
with YAML-defined defaults. Add admin page for editing global settings. Add "site_description"
setting that would show as a paragraph on the frontpage
8 years ago
c8bcd413e2
Home column filters
8 years ago
4293e132d1
Persist UI settings, add missing localizations for German
8 years ago
0df070596e
Fix #416 - Generate random unique 14-byte (19 characters) shortcodes
...
for local attachments, use them in URLs. Check status privacy
before redirecting to actual file.
8 years ago
800f6cf6a3
Fix #390 - fix redirect after sign-up (to login page instead of homepage)
8 years ago
6ef2b5d1c7
Fix admin UI not loading JS, make sure to strip "acct:" out of remote account's usernames when authorizing follow
8 years ago
3e6b5d67dd
Fix uri expansion during remote follow
8 years ago
df2f14d2dd
Adding remote follow button
8 years ago
6a20c13009
Add API for retrieving favourites
8 years ago
2bc6e7c96e
Add API for retrieving blocked accounts
8 years ago
4030321d95
Support remote follow request providing URL instead of acct
8 years ago
57f6f80838
Add ability to use remote follow function on other sites
8 years ago
fde1917a54
Add preferences for follow request notification e-mails
8 years ago
cef68b9b1c
Follow requests send e-mail notifications, but are excluded from notifications API
...
Better initial state for unlisted/nsfw toggles
8 years ago
6a54df90c8
Replacing follow requests in the settings area with in-UI column
8 years ago
ef9e827c54
Adding follow requests API
8 years ago
d253b0dec6
Fix #86 - resolve layout breaking on zoom-out on accounts grid
8 years ago
302051ffcb
Add page for authorizing/rejecting follow requests
8 years ago
77cd58545d
Re-enable Webfinger for locked accounts but don't handle "follow" events
...
coming in via Salmon.
Currently no way to prevent remote follows, but they will only receive public
and unlisted posts
8 years ago
238233440f
Follow call on locked account creates follow request instead
...
Reflect "requested" relationship in API and UI
Reflect inability of private posts to be reblogged in the UI
Disable Webfinger for locked accounts
8 years ago
09a477c782
Add "locked" flag to accounts, prevent blocked users from following, force-unfollow blocked users
8 years ago
d417da7d3a
Private visibility on statuses prevents non-followers from seeing those
...
Filters out hidden stream entries from Atom feed
Blocks now generate hidden stream entries, can be used to federate blocks
Private statuses cannot be reblogged (generates generic 422 error for now)
POST /api/v1/statuses now takes visibility=(public|unlisted|private) param instead of unlisted boolean
Statuses JSON now contains visibility=(public|unlisted|private) field
8 years ago
090e3a245d
Fix #249 - use window.location hack to let people login from sandboxed iOS homescreen
8 years ago
b2945b025f
Make unfavouriting async to prevent timeout errors from leaving orphaned records behind
8 years ago
346aae50b0
Adjusting public display of statuses to look similar to logged-in UI,
...
fix #361 with rich OEmbed display via iframe, fix #237 by hiding sensitive
content behind a spoiler on public pages
8 years ago
6d7f3be2f6
Add OEmbed iframe HTML, convert emojis on public pages, increase size of attachment thumbnails
8 years ago
66e08d880c
Improved admin UI
8 years ago
88218c83d5
Add suspend account functionality to admin UI
8 years ago
7752662f97
Add filters for suspended accounts
8 years ago
5522606989
Add single user mode
8 years ago
ca0757a6cf
Add account suspension
8 years ago
68586258ca
Adding more to admin accounts UI
8 years ago
7c81e7e9c7
Fix public tags page
8 years ago
b506010b4f
Add "next" pagination to public profiles
8 years ago
fb61dd14c5
Admin accounts page lists accounts
8 years ago
2d4ce8a867
Fix #248 - Reload all accounts when fetching from cache
8 years ago
8260628fc8
Fix pt translations, improve pre-cache queries, removing will_paginate
...
from accounts/tags because it's a terribly inefficient way to paginate
large sets of data
8 years ago
a8814a19dc
Add basic OEmbed provider API, fix #247
8 years ago
8d4ef0b6c3
Per-status control for unlisted mode, also federation for unlisted mode
...
Fix #233 , fix #268
8 years ago
1bb1ec3b8d
Further abstract caching for includes
8 years ago
329b2a326d
Normalize localizations, add stub for admin/accounts
8 years ago
015cd99f41
Make User#current_sign_in_at actually track when user was last active,
...
by updating it at least every 24h if the user visits the site
8 years ago
bee7aeaea5
Unify collection caching code
8 years ago
d26b8f3cce
Delete statuses asynchronously but provide instant feedback in the API
8 years ago
02da8fdcbe
Fix setting of confirmed=true on successful confirmation
8 years ago
f37efe8e56
Add simple admin overview of PuSH subscriptions
8 years ago
b5ad0eb4ea
Adding embedded PuSH server
8 years ago
abeccf6eb2
X-RateLimit-Reset formatted with iso8601
8 years ago
666eda7256
Remove stale entries from cache results
8 years ago
ea0846645a
Fix #65 - Options to block notifications from people you don't follow/who don't follow you
8 years ago
30f9e9e624
Remove Neo4J
8 years ago
8ab2fcbb2c
Mini Profiler not working well, remove it
8 years ago
cb06801b21
Extract filename obfuscation into module
8 years ago
66a20701b7
Rename media to avoid exposing filename ( fixes #207 )
8 years ago
d78962c1ed
Cache accounts/:id/statuses and single statuses too
8 years ago
65d6191147
Adding sensitive marker to statuses in API
8 years ago
c60df460af
Rename "publish" to "toot" in english locale, fix lightbox showing old image
...
before loading new one, cache notifications API, fix missing follow button
on public profiles
8 years ago
dda6354c76
Implement includes caching for timelines APIs
8 years ago
f6a975af8b
More query optimizations
8 years ago
30010a6dbd
Moving some counter queries out of subqueries in the API
8 years ago
f07b0dc82f
Remove unneeded indices, improve error handling in background workers, don't needlessly reload reblogged status, send Devise e-mails asynchronously
8 years ago
74df3ba1d7
Local accounts can control "silenced" attribute which removes them from public timeline
8 years ago
0aeae195cb
Better error message in doorkeeper json response
8 years ago
0a68464995
Performance improvement for notifications API
8 years ago
4d100a1b36
Remove some n+1 queries from notifications API
8 years ago
83cdfefa7d
Remove orphaned notifications, add scopes param to app create API
8 years ago
80d58c6c04
Desktop notifications
8 years ago
38025dfea3
Adding unified streamable notifications
8 years ago
fbaddca49e
Move Salmon processing to background as well as PuSH
8 years ago
b8e6ca45e5
Add user locale setting
8 years ago
0e956910c3
Adding some localizations
8 years ago
c6f5eb8aa7
Fix #144 - Filter statuses from blocked users out of ancestors/descendants results
8 years ago
e71b152d89
Fix rubocop issues, introduce usage of frozen literal to improve performance
8 years ago
a7332acba3
Delegate processing of incoming PuSH data to background workers
8 years ago
19ea717b3c
Fix wrong link header on followers API, wrong link in tabs component, order
...
account results
8 years ago
6206f75837
Add limit to search results
8 years ago
cbfa28b9cc
Use full-text search for autosuggestions
8 years ago
6d9f8ee11e
Improve filtering of public/hashtag timelines, both in backlog and real-time
8 years ago
a6667f7f58
Replace setting custom CORS headers with rack-cors, set it on /oauth/token endpoint
8 years ago
beb36e24fe
API pagination for all collections using Link header
8 years ago
d98b43cf56
Move timelines API from statuses to its own controller, add a check for
...
resources that require a user context vs those that don't (such as public timeline)
/api/v1/statuses/public -> /api/v1/timelines/public
/api/v1/statuses/home -> /api/v1/timelines/home
/api/v1/statuses/mentions -> /api/v1/timelines/mentions
/api/v1/statuses/tag/:tag -> /api/v1/timelines/tag/:tag
8 years ago
814907e870
Fix linking of remote hashtags in UI, add public view of hashtags
8 years ago
cb22dce970
Adding hashtags
8 years ago
082e57fc13
Adding hashtag model
8 years ago
4c3885b952
Allow @username@domain/@username in follow form, prevent duplicate accounts
...
created via remote look-up when domains differ but point to the same resource
8 years ago
7a527c947d
Fix reblogged/favourited caching; add API endpoints for who favd/reblogged status
8 years ago
695f62e49e
Need to disable caching again due to bug in Rabl
8 years ago
e7035a4d39
Make cookies https-only if LOCAL_HTTPS is true, set X-Frame-Options to DENY,
...
add permissive CORS to API controllers
8 years ago
36470feeb2
Fix follow icon changing plus to minus, add terms page stub
8 years ago
95e65d883a
Limit returned followees/followers by API to 40 for now
8 years ago
38cacac4b0
Adding common followers API, fixing fallback query again
8 years ago
cab1211ef7
Fix OAuth authorization redirect
8 years ago
6657414266
Adding OAuth access scopes, fixing OAuth authorization UI, adding rate limiting
...
to the API
8 years ago
4470966cd9
Fix #100 - Add "back" button to certain views
...
Also fix reloading of timelines after merge-type events
8 years ago
be98addccc
Improving all forms
8 years ago
683c42724f
Added e-mail edit field to settings, proper format default for webfinger
8 years ago
02613aef3b
Adding application/jrd+json webfinger resource
8 years ago
41aae40927
Fix #16 - Optimize n+1 queries when checking reblogged/favourited values for status lists in API
8 years ago
5860094354
Adding sync of follow relationships to Neo4J, accounts/suggestions API
8 years ago
588cb77e9f
E-mail preferences page
8 years ago
84495615b4
Shorten rendered links (strip protocol and www, truncate to 30 chars), redirect
...
to sign in page after sign up instead of root path which redirects to /about
8 years ago
405f7f0541
No-op for Salmons without body, fail fast if Webfinger does not contain
...
all required resource links (profile page, salmon, atom feed, magic key)
8 years ago
ad2a5cc79f
Stop logging incoming Atom
8 years ago
4f406d89b1
Log incoming Atom from PuSH
8 years ago
102eab0ac9
Public timeline to exclude users you blocked
8 years ago
9bf5a73968
Adding domain blocks
8 years ago
c3f5dfeabb
Adding public timeline
8 years ago
93aa4085a2
Fix #73 - Click on in-UI profile avatar/name to open public profile
8 years ago
Matt Jankowski
Eugen
David Authier
David Celis
Drew DeVault
Kit Redgrave
Kibigo
Rakib Hasan
Evan Minto
blackle
Effy Elden
Alyssa Ross
Andrea Faulds