Commit graph

710 commits

Author SHA1 Message Date
Eugen Rochko
fc497420e9 Add pop-out player for audio/video in web UI (#14870)
Fix #11160
2020-09-28 13:29:43 +02:00
ThibG
187c756e16 Add unread notification markers (#14818)
* Add unread notification markers

Fixes #14804

* Allow IntersectionObserverArticle's children to be updated
2020-09-26 20:57:07 +02:00
Eugen Rochko
02c4c91faa Add option to be notified when a followed user posts (#13546)
* Add bell button

Fix #4890

* Remove duplicate type from post-deployment migration

* Fix legacy class type mappings

* Improve query performance with better index

* Fix validation

* Remove redundant index from notifications
2020-09-18 17:26:45 +02:00
Eugen Rochko
e0355b5142 Fix unreadable placeholder text color in high contrast theme in web UI (#14803)
Fix #14717
2020-09-15 09:24:24 +02:00
Takeshi Umeda
04cbd783b3 Fix direct visibility style for light theme (#14727) 2020-09-04 08:49:56 +02:00
ThibG
50d0c1e95f Add configuration option to filter replies in lists (#9205)
* Add database support for list show-reply preferences

* Add backend support to read and update list-specific show_replies settings

* Add basic UI to set list replies setting

* Add specs for list replies policy

* Switch "cycling" reply policy link to a set of radio inputs

* Capitalize replies_policy strings

* Change radio button design to be consistent with that of the directory explorer
2020-09-01 13:31:28 +02:00
Eugen Rochko
a143764c4c Change own direct-visibility statuses to be in the home feed again (#14711)
And remove highlighting in web UI

Full circle from #8940
2020-09-01 13:30:42 +02:00
santiagorodriguez96
f142983484 Add WebAuthn as an alternative 2FA method (#14466)
* feat: add possibility of adding WebAuthn security keys to use as 2FA

This adds a basic UI for enabling WebAuthn 2FA. We did a little refactor
to the Settings page for editing the 2FA methods – now it will list the
methods that are available to the user (TOTP and WebAuthn) and from
there they'll be able to add or remove any of them.
Also, it's worth mentioning that for enabling WebAuthn it's required to
have TOTP enabled, so the first time that you go to the 2FA Settings
page, you'll be asked to set it up.
This work was inspired by the one donde by Github in their platform, and
despite it could be approached in different ways, we decided to go with
this one given that we feel that this gives a great UX.

Co-authored-by: Facundo Padula <facundo.padula@cedarcode.com>

* feat: add request for WebAuthn as second factor at login if enabled

This commits adds the feature for using WebAuthn as a second factor for
login when enabled.
If users have WebAuthn enabled, now a page requesting for the use of a
WebAuthn credential for log in will appear, although a link redirecting
to the old page for logging in using a two-factor code will also be
present.

Co-authored-by: Facundo Padula <facundo.padula@cedarcode.com>

* feat: add possibility of deleting WebAuthn Credentials

Co-authored-by: Facundo Padula <facundo.padula@cedarcode.com>

* feat: disable WebAuthn when an Admin disables 2FA for a user

Co-authored-by: Facundo Padula <facundo.padula@cedarcode.com>

* feat: remove ability to disable TOTP leaving only WebAuthn as 2FA

Following examples form other platforms like Github, we decided to make
Webauthn 2FA secondary to 2FA with TOTP, so that we removed the
possibility of removing TOTP authentication only, leaving users with
just WEbAuthn as 2FA. Instead, users will have to click on 'Disable 2FA'
in order to remove second factor auth.
The reason for WebAuthn being secondary to TOPT is that in that way,
users will still be able to log in using their code from their phone's
application if they don't have their security keys with them – or maybe
even lost them.

* We had to change a little the flow for setting up TOTP, given that now
  it's possible to setting up again if you already had TOTP, in order to
  let users modify their authenticator app – given that now it's not
  possible for them to disable TOTP and set it up again with another
  authenticator app.
  So, basically, now instead of storing the new `otp_secret` in the
  user, we store it in the session until the process of set up is
  finished.
  This was because, as it was before, when users clicked on 'Edit' in
  the new two-factor methods lists page, but then went back without
  finishing the flow, their `otp_secret` had been changed therefore
  invalidating their previous authenticator app, making them unable to
  log in again using TOTP.

Co-authored-by: Facundo Padula <facundo.padula@cedarcode.com>

* refactor: fix eslint errors

The PR build was failing given that linting returning some errors.
This commit attempts to fix them.

* refactor: normalize i18n translations

The build was failing given that i18n translations files were not
normalized.
This commits fixes that.

* refactor: avoid having the webauthn gem locked to a specific version

* refactor: use symbols for routes without '/'

* refactor: avoid sending webauthn disabled email when 2FA is disabled

When an admins disable 2FA for users, we were sending two mails
to them, one notifying that 2FA was disabled and the other to notify
that WebAuthn was disabled.
As the second one is redundant since the first email includes it, we can
remove it and send just one email to users.

* refactor: avoid creating new env variable for webauthn_origin config

* refactor: improve flash error messages for webauthn pages

Co-authored-by: Facundo Padula <facundo.padula@cedarcode.com>
2020-08-24 16:46:27 +02:00
Tdxdxoz
c950a85d9e Fix: also use custom private boost icon for detailed status (#14471)
* use custom private boost icon for detail status

* only use className
2020-08-24 14:13:44 +02:00
ThibG
22aba16386 Add HTML form validation for the registration form (#14560)
* Add HTML-level validation of username in sign-up form

* Make required fields with incorrect values more visible

* Enable HTML form validation for the registration form

* Mark agreement checkbox as required client-side

* Add minimum length to password

* Add client-side password confirmation validation
2020-08-11 23:09:13 +02:00
ThibG
bc1d925629 Fix disabled boost icon being replaced by private boost icon on hover (#14456)
Fixes #14455
2020-08-02 11:21:28 +02:00
ThibG
b5302ae87c Fix hover and normal colors for private boost icon being swapped (#14386) 2020-07-24 12:19:30 +02:00
ThibG
75ba08c2db Add custom icon for private boosts (#14380) 2020-07-23 23:54:19 +02:00
ThibG
96a89bae14 Change disabled retweet icon (#14373)
* Change disabled retweet icon

* Hide fontawesome version of boost icon in both reduce-motion and no-reduce-motion
2020-07-22 22:48:51 +02:00
ThibG
027491a518 Fix audio player controls color in mastodon-light theme (#14338)
Fixes #14337

The new audio player sets the background and foreground colors automatically
based on the thumbnail of the audio file, but the mastodon-light theme
overrides the controls' colors with a hardcoded color, which sometimes make
them unreadable.
2020-07-17 07:07:18 +02:00
Sasha Sorokin
fd3649742c Fix account note border radius (#14251) 2020-07-07 13:46:21 +02:00
Eugen Rochko
825f73c3f9 Add ability to choose media thumbnail in web UI (#14244) 2020-07-07 12:14:19 +02:00
Eugen Rochko
b6b2d8b8a3 Change design of account notes in web UI (#14208)
* Change design of account notes in web UI

* Fix `for` -> `htmlFor`
2020-07-07 01:24:03 +02:00
Eugen Rochko
8517a5fdb4 Add color extraction for audio thumbnails (#14209) 2020-07-05 18:28:25 +02:00
Ariel
eee8b314af Fix cursor type in statuses (#14185) 2020-07-01 13:52:05 +02:00
ThibG
9e14647df8 Fix lock icon not being shown when locking account in profile settings (#14190) 2020-07-01 13:51:50 +02:00
ThibG
3afc7977b1 Add user notes on accounts (#14148)
* Add UserNote model

* Add UI for user notes

* Put comment in relationships entity

* Add API to create user notes

* Copy user notes to new account when receiving a Move activity

* Address some of the review remarks

* Replace modal by inline edition

* Please CodeClimate

* Button design changes

* Change design again

* Cancel note edition when pressing Escape

* Fixes

* Tweak design again

* Move “Add note” item, and allow users to add notes to themselves

* Rename UserNote into AccountNote, rename “comment” Relationship attribute to “note”
2020-06-30 19:19:50 +02:00
trwnh
41acf83cdf Fix padding on account header (#14179) 2020-06-29 13:57:44 +02:00
ThibG
c92278aa1c Change sensitive preview cards to not blur text (#14143)
Also only require click-through for interactive embeds.
2020-06-26 14:31:13 +02:00
Mélanie Chauvel
2fca9d3715 Improve appearence consistency of settings pages (#13938)
* Fix header button changing header size in settings pages

* Make form buttons look more like a part of the form in settings pages

- Put buttons closer, using same distance as between inputs
- Make buton font size a bit smaller to blend a bit more
- Add the class button to button tags for consisent styling
2020-06-26 00:36:30 +02:00
Takeshi Umeda
1aed75c2d0 Add a visibility icon to status (#14123)
* Add a visibility icon to status

* Change to using the icon element

* Fix RTL

* Add a public globe
2020-06-25 22:43:59 +02:00
ThibG
907fe2996c Fix design issues with sensitive preview cards (#14126)
* Fix design issues with sensitive preview cards

* Center “sensitive” label on preview image for interactive cards

* Add “button” role to sensitive preview card text
2020-06-25 22:42:01 +02:00
ThibG
528c103fc6 Fix avatar size in public page detailed status (#14140)
Regression from the inline-CSS changes
2020-06-25 22:41:12 +02:00
Eugen Rochko
12ac904a33 Fix various issues around OpenGraph representation of media (#14133)
- Fix audio attachments not being represented in OpenGraph tags
- Fix audio being represented as "1 image" in OpenGraph descriptions
- Fix video metadata being overwritten by paperclip-av-transcoder
- Fix embedded player not using Mastodon's UI
- Fix audio/video progress bars not moving smoothly
- Fix audio/video buffered bars not displaying correctly
2020-06-25 01:33:01 +02:00
Eugen Rochko
d0dc37eadb Fix audio/video/images/cards not reacting to window resizes in web UI (#14130)
* Fix audio/video/images/cards not reacting to window resizes in web UI

* Update app/javascript/mastodon/features/audio/index.js

Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>

Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
2020-06-24 10:25:32 +02:00
ThibG
90445230cd Fix very wide media attachments resulting in too thin a thumbnail (#14127)
Fixes #14094
2020-06-23 17:24:29 +02:00
Eugen Rochko
ce34c13aff Change volume control and download buttons in web UI (#14122)
* Fix audio download button not starting download in web UI

* Fix volume controls on audio and video players in web UI

* Remove download button from video player in web UI
2020-06-23 12:20:14 +02:00
Eugen Rochko
563a77d0b4 Change design of audio players in web UI (#14095) 2020-06-21 02:27:19 +02:00
fuyu
88cbcb5804 Fix unnecessary gap under of video modal (#14098) 2020-06-20 13:30:27 +02:00
Eugen Rochko
32b7d341b7 Add hints about incomplete remote content to web UI (#14031) 2020-06-14 22:29:40 +02:00
ThibG
f55fe1a5ee Improve rendering of emoji which do not contrast with background (#13772)
* Refactor list of emoji requiring added outlines so that it can be theme-specific

* Split inaccessible emoji to emoji requiring an outline and ones that can be inverted

* Drop the “silouhettes” from black emoji as they seem to have changed color

* Add inaccessible emojis list for the light theme

* Use bordered emoji variant instead of unreliable CSS
2020-06-09 10:28:23 +02:00
ThibG
eda9bb35f1 Hide sensitive preview cards with blurhash (#13985)
* Use preview card blurhash in WebUI

* Handle sensitive preview cards
2020-06-06 17:41:56 +02:00
Christopher Choi
2b1a6e7597 Adjust flash alert contrast for better readability (#13892) 2020-05-31 20:35:18 +02:00
Eugen Rochko
bb9edd6321 Fix regression in sparkline style in web UI (#13753) 2020-05-14 09:01:23 +02:00
ThibG
e93c08ab96 Fix some account avatars on public pages having incorrect size (#13692)
* Fix some account avatars on public pages having incorrect size

* Remove outdated and overridden width and height attributes

* Remove more hardcoded width/height attributes
2020-05-13 21:20:34 +02:00
ThibG
20ffc12cda Fix use of inline CSS in public pages (#13576)
Change `account_link_to` to use an image tag rather than some
inline CSS. Dropped the `size` parameter in the process, but it wasn't
used for anything except the default value of 36px.

Dropped CSS rules that were always overriden, and defaulted to 36px width
and height instead.
2020-05-03 22:04:18 +02:00
ThibG
a30829deee Fix admin-facing uses of inline CSS (#13575)
* Move .back-button inline styles to CSS file

All occurrences of the back-button CSS class used the same inline
CSS rules, so moved them over to the CSS file

* Fix “Add new domain block” button using inline CSS

* Replace common pattern of inline-styled button boxes by a CSS class

In particular, switching from `float: left/right` to a flexbox with
`justify-content: space-between`. This implied changing the order of
a few HTML tags and adding an empty `div` in one case.

Also removed a `margin-bottom` rule that wasn't needed due to the
margins of surrounding elements.

* Move account admin view inline CSS to CSS file
2020-04-28 19:39:16 +02:00
ThibG
3b7373ed4c Fix end-user-facing uses of inline CSS (#13438)
* Move some inline styles to CSS files

* Move default_account_display_name span to fix useless tags with duplicate id

* Change handling of public pages spoiler text from inline CSS to dataset attribute

* Use the `dir` HTML attribute instead of inline CSS

* Move status action bar inline CSS to CSS file

* Hide logo resources from CSS file, not inline CSS

Fixes #11601

* Move translation prompt styling from inline CSS to CSS file

* Move “invited by” styling on registration form from inline to CSS file

* Use the progress tag to display poll results in JS fallback

* Fix poll results JS-less fallback when the user has voted for an option

* Change account public page “moved” notice to use img tags instead of inline CSS

* Move OTP hint inline CSS to SCSS file

* Hide JS-less fallback vote progressbars from accessibility tools

Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
2020-04-28 10:16:55 +02:00
ThibG
f53bd1bef6 Fix messed up z-index when NoScript blocks media/previews (#13449)
Fixes #13444
2020-04-28 09:44:17 +02:00
Irie Aoi
cf1bf9dda9 Set max-width and max-height to gif video (#13533) 2020-04-23 15:49:33 +02:00
ThibG
ffd6f3fa8a Add explanation as to why unlocked accounts may have follow requests (#13385)
* Add explanation as to why unlocked accounts may have follow requests

* Change wording to avoid “silenced”
2020-04-04 19:02:10 +02:00
Eugen Rochko
6932e0e2af Add ability to filter audit log in admin UI (#13381) 2020-04-03 13:06:34 +02:00
Sasha Sorokin
abbc0c6a87 Improve polls: option lengths & redesign (#13257)
This commit redesign the polls and increases characters limit for the
options from 25 to 50 characters, giving pollsters more freedom.

Summarizing, the redesign is making the polls more adaptive for upcoming
changes to the options characters limit: the bar, or a "chart", is now
displayed separately from the option itself; vote check mark is moved
next to the option text, making the percentages take less space. Option
lengths are taken into account and text is wrapped to multiple lines
if necessary to avoid overflow.
2020-04-02 17:10:55 +02:00
Mélanie Chauvel (ariasuni)
899ff914da Improve toot clicking areas (#13327)
* Make the area to the left “Show Thread” also expand the toot in Web UI

* Clicking the left part of a conversation with the avatars now opens it in Web UI
2020-03-31 19:40:23 +02:00
Mélanie Chauvel (ariasuni)
5a211c478d Fix wrong color for ellipsis in boost confirmation dialog in Web UI (#13355) 2020-03-31 12:39:50 +02:00