Commit graph

281 commits

Author SHA1 Message Date
Patrick Figel
15b393201e Add recovery code support for two-factor auth (#1773)
* Add recovery code support for two-factor auth

When users enable two-factor auth, the app now generates ten
single-use recovery codes. Users are encouraged to print the codes
and store them in a safe place.

The two-factor prompt during login now accepts both OTP codes and
recovery codes.

The two-factor settings UI allows users to regenerated lost
recovery codes. Users who have set up two-factor auth prior to
this feature being added can use it to generate recovery codes
for the first time.

Fixes #563 and fixes #987

* Set OTP_SECRET in test enviroment

* add missing .html to view file names
2017-04-15 13:26:03 +02:00
西小倉宏信
d91b462aa1 Remove .keep in models (#1748) 2017-04-14 12:43:29 +02:00
Matt Jankowski
22f1d9099a Admin reports controller improvements (#1714)
* Simplify admin/reports controller filtering for index

* Rename parameter to resolved

* Fix issue where reports view could not access filter_link_to

* Add coverage for admin/reports controller

* DRY up resolution of related reports for target account

* Clean up admin/reports routes

* Add Report#statuses method

* DRY up current account action taken params

* Rubocop styles
2017-04-14 11:10:28 +02:00
Matt Jankowski
26ea2f70bd Admin accounts controller cleanup (#1664)
* Remove unused account_params method in admin/accounts controller

* Introduce AccountFilter to find accounts

* Use AccountFilter in admin/accounts controller

* Use more restful routes admin silence and suspension area

* Add admin/silences and admin/suspensions controllers
2017-04-13 13:04:23 +02:00
Matt Jankowski
0a6cfca260 Settings export refactor (#1646)
* Refactor Export to take an account and know about the export types

* Use Export instance in settings/exports#show
2017-04-13 13:02:02 +02:00
Matt Jankowski
bf7306636e Allow import/export of mutes list (#1541)
* Allow export of mutes list

* Allow importing of mutes list

* Refactor to use Settings::Exports::BaseController and DRY up exports code
2017-04-12 18:20:44 +02:00
Matt Jankowski
63e46e27f0 Refactor exports controller (#1567)
* Add basic coverage for settings/exports controller

* Remove unused @account variable from settings/exports controller

* Add coverage for download export actions

* Remove deprecated `render :text` in favor of `send_data` for csv downloads

* Add model to handle exports

* Use Export class in settings/exports controller

* Simplify settings/exports controller methods

* Move settings/export to more restful routes
2017-04-11 22:00:43 +02:00
Eugen Rochko
b440b2a9ee Merge branch 'master' of https://github.com/blackle/mastodon into blackle-master 2017-04-11 20:43:56 +02:00
blackle
e7d77f4e13 Allow user to disable the boost confirm dialog in preferences 2017-04-11 10:10:16 -04:00
Eugen
e0977567e7 When avatar/header are GIF, generate static versions (#1428)
* When avatar/header are GIF, generate static versions.
Account API returns "avatar"/"avatar_static", "header"/"header_static"
Static version is the same as original for other cases
Web UI de-animates avatars in toots, lists of users

Fix #441, fix #596, prerequisite for #1064

* Fix JS test

* Add rake task to generate static avatars/headers from GIF ones, add test
2017-04-11 00:38:58 +02:00
Eugen
68f3ce7d0c API param to exclude notification types from response (#1341)
* Add exclude_types param to /api/v1/notifications

* Exclude notification types in web UI through exclude_types in the API
2017-04-10 23:45:29 +02:00
Matt Jankowski
874a240a58 Clean up generation of account webfinger string (#1477)
* Consolidate webfinger string creation under Account#to_webfinger_s

* Introduce Account#local_username_and_domain for consolidation
2017-04-10 22:58:06 +02:00
Eugen
d30a82a22f Fix #1339 - better Atom titles (#1343) 2017-04-09 20:55:54 +02:00
Matt Jankowski
641e809eaf Search cleanup (#1333)
* Clean up SQL output in Tag and Account search methods

* Add basic coverage for Tag.search_for

* Add coverage for Account.search_for

* Add coverage for Account.advanced_search_for
2017-04-09 14:45:01 +02:00
Eugen
b532134503 Fix #795, fix #704, fix #835 - 2FA requires confirmation to be enabled (#1278)
* Fix #795, fix #704, fix #835 - 2FA requires confirmation to be enabled
TOTP secret is not shown again after 2FA is enabled

* Clean up
2017-04-08 22:20:08 +02:00
Joël Quenneville
8a67fb5eca DRY up reblog vs original status check
Checking reblog vs original status was happening in multiple places
across the app. For views, this logic was encapsulated in a helper
method named `proper_status` but in the other layers of the app, the
logic was duplicated.

Because the logic is used at all layers of the app, we extracted it into
a `Status#proper` method on the model and changed all uses of the logic
to use this method. There is now a single source of truth for this
condition.

We added test coverage to untested methods that got refactored.
2017-04-07 14:18:30 -04:00
Eugen
24c77e57b2 Rewrite Atom generation from stream entries to use Ox instead of Nokogiri (#1124)
* Rewrite Atom generation from stream entries to use Ox instead of Nokogiri::Builder

StreamEntry is now limited to only statuses, which allows some optimization. Removed
extra queries on AccountsController#show. AtomSerializer instead of AtomBuilderHelper
used in AccountsController#show, StreamEntriesController#show, StreamEntryRenderer
and PubSubHubbub::DistributionWorker

PubSubHubbub::DistributionWorker moves n+1 DomainBlock query to PubSubHubbub::DeliveryWorker
instead.

All Salmon slaps that aren't based on StreamEntry still use AtomBuilderHelper and Nokogiri

* All Salmon slaps now use Ox instead of Nokogiri. No touch from status on account
2017-04-07 05:56:56 +02:00
Brad Urani
522410589e Eliminate unnecessary queries and query clauses with none and all 2017-04-05 06:02:58 +00:00
Samy KACIMI
06424fd912 fix rubocop issues 2017-04-05 00:47:17 +02:00
Samy KACIMI
9f80b2dd4e add more tests to models 2017-04-05 00:29:56 +02:00
Eugen Rochko
7a56845060 Only call regeneration worker after first login after a 14 day break 2017-04-04 02:00:10 +02:00
Eugen Rochko
24793cdbaa Fix ActionController::Parameters in API issue 2017-04-04 01:33:34 +02:00
Eugen Rochko
c9ffa7ab1d Add basic logging of who resolved report 2017-04-03 19:35:00 +02:00
Eugen Rochko
d1f8bd2673 Paperclip will complain on its own if this variable is missing 2017-04-01 22:16:26 +02:00
Eugen Rochko
244da78105 Import feature for following/blocking lists (addresses #62, #177, #201, #454) 2017-03-30 19:42:33 +02:00
Eugen Rochko
96e58cf289 Add counter caches for a large performance increase on API requests 2017-03-30 15:06:59 +02:00
Eugen Rochko
1b4583ca91 Fix full-text search query quotation, improve tag search performance with an index,
add ability to open status by URL from search (fix #53)
2017-03-22 17:36:34 +01:00
Eugen Rochko
bee385a81f Merge branch 'master' into feature-omnisearch
this merge is necessary,
2017-03-22 03:34:58 +01:00
Eugen Rochko
afd53467eb More efficient single account retrieval (0.9ms vs 50ms before) 2017-03-22 03:21:38 +01:00
Eugen Rochko
3893f75a51 New API method: /api/v1/search
Returns accounts, statuses, hashtags arrays
2017-03-22 02:32:27 +01:00
Eugen Rochko
a19062b726 Federate header images, fix open-uri http->https redirection error 2017-03-18 22:51:20 +01:00
Eugen Rochko
64be072702 Make account search blazing fast and rank followers/followees higher in the results 2017-03-17 20:48:14 +01:00
Eugen Rochko
8e2146ab50 Add method for retrieving triadic closures 2017-03-16 20:10:51 +01:00
Eugen Rochko
f1b9644cfd Add "direct" visibility level in the backend. Web UI is not yet
adjusted to allow choosing it, yet
2017-03-15 22:55:45 +01:00
Eugen Rochko
dea8e95d14 Performance improvement for profiles 2017-03-06 01:50:35 +01:00
Eugen Rochko
8bc70e6a16 Use more widely supported MP4 format for gifv's 2017-03-06 00:30:03 +01:00
Eugen Rochko
42b6d5aca5 Increase max bitrate of converted webms, slightly optimized counter queries
(Because postgres can tell that count(*) needs no extra checks, but
counting a specific column requires them)
2017-03-05 23:43:58 +01:00
Eugen Rochko
354eb3b757 Add vsync -cfr option when converting gif to webm 2017-03-05 23:27:25 +01:00
Eugen Rochko
671d1d8a26 Higher quality webms? Might improve conversation of some types of gifs 2017-03-05 23:13:21 +01:00
Eugen Rochko
c911ade272 Detect videos with no sound, handle them like gifv 2017-03-05 22:55:24 +01:00
Eugen Rochko
9adf6e8736 Fix wrongful matching of last period in extended usernames
Fix anchor tags in some wikipedia URLs being matches as a hashtag
2017-03-05 18:08:19 +01:00
Eugen Rochko
d1e1f26878 Improved /api/v1/accounts/:id/statuses with new params: only_media, exclude_replies
Redirect /:username to /users/:username
Redirect /:username/:id to /users/:username/updates/:id
Updated API documentation and sponsors
2017-03-05 17:27:17 +01:00
Eugen Rochko
4b93cf88e5 Fix #431 - convert gif to webm during upload. Web UI treats them like it did
before. In the API, attachments now can be either image, video or gifv. Gifv
is to be treated like images in terms of behaviour, but are videos by file
type.
2017-03-04 23:02:24 +01:00
Eugen Rochko
0cb5a2a0a7 Add digest e-mails 2017-03-04 00:00:48 +01:00
Eugen Rochko
9989890e2e Fix #231 - Muting 2017-03-02 18:49:32 +01:00
Kit Redgrave
4554ccd5d0 Mute button progress so far. WIP, doesn't entirely work correctly. 2017-03-01 22:31:21 -06:00
Eugen Rochko
a741049a77 Fix #104 - Style OAuth authorized applications page
Add ability to search accounts by display name
2017-02-27 00:15:00 +01:00
Eugen Rochko
b734ae3029 Skip remote media URLs that don't have a hostname 2017-02-22 19:55:14 +01:00
Eugen Rochko
c7427bf3c9 Split public timeline into "public timeline" which is local, and
"whole known network" which is what public timeline used to be

Only domain blocks with suspend severity will block PuSH subscriptions
Silenced accounts should not appear in conversations unless followed
2017-02-19 20:25:54 +01:00
Eugen Rochko
3d291bcc55 Do not display non-Status stream entries anymore 2017-02-17 02:20:52 +01:00