Thibaut Girka
249991c498
Merge branch 'master' into glitch-soc/merge-upstream
...
Conflicts:
- Gemfile.lock
- app/controllers/accounts_controller.rb
- app/controllers/admin/dashboard_controller.rb
- app/controllers/follower_accounts_controller.rb
- app/controllers/following_accounts_controller.rb
- app/controllers/remote_follow_controller.rb
- app/controllers/stream_entries_controller.rb
- app/controllers/tags_controller.rb
- app/javascript/packs/public.js
- app/lib/sanitize_config.rb
- app/models/account.rb
- app/models/form/admin_settings.rb
- app/models/media_attachment.rb
- app/models/stream_entry.rb
- app/models/user.rb
- app/serializers/initial_state_serializer.rb
- app/services/batched_remove_status_service.rb
- app/services/post_status_service.rb
- app/services/process_mentions_service.rb
- app/services/reblog_service.rb
- app/services/remove_status_service.rb
- app/views/admin/settings/edit.html.haml
- config/locales/simple_form.pl.yml
- config/settings.yml
- docker-compose.yml
2019-07-19 18:26:49 +02:00
ThibG
730c4053d6
Add ActivityPub actor representing the entire server ( #11321 )
...
* Add support for an instance actor
* Skip username validation for local Application accounts
* Add migration script to create instance actor
* Make Codeclimate happy
* Switch to id -99 for instance actor
* Remove unused `icon` and `image` attributes from instance actor
* Use if/elsif/else instead of return + ternary operator
* Add instance actor to fresh installs
* Use instance actor as instance representative
Use instance actor for forwarding reports, relay operations, and spam
auto-reporting.
* Seed database in test environment
* Fix single-user mode
* Fix tests
* Fix specs to accomodate for an extra `Account`
* Auto-reject follows on instance actor
Following an instance actor might make sense, but we are not handling that
right now, so auto-reject.
* Fix webfinger lookup and serialization for instance actor
* Rename instance actor
* Make it clear in the HTML view that the instance actor should not be blocked
* Raise cache time for instance actor as there's no dynamic content
* Re-use /about/more with a flash message for instance actor profile
2019-07-19 01:44:42 +02:00
ThibG
15ddabf95a
Fix caching headers in ActivityPub endpoints ( #11331 )
...
* Fix reverse-proxy caching in public fetch mode
* Fix caching in ActivityPub-specific controllers
2019-07-17 00:00:39 +02:00
Eugen Rochko
5bf67ca913
Add ActivityPub secure mode ( #11269 )
...
* Add HTTP signature requirement for served ActivityPub resources
* Change `SECURE_MODE` to `AUTHORIZED_FETCH`
* Add 'Signature' to 'Vary' header and improve code style
* Improve code style by adding `public_fetch_mode?` method
2019-07-11 20:11:09 +02:00
Eugen Rochko
63c7fe8e48
Refactor controllers for statuses, accounts, and more ( #11249 )
2019-07-08 12:03:45 +02:00
Thibaut Girka
aaec64a500
Merge branch 'master' into glitch-soc/merge-upstream
...
Conflicts:
- app/controllers/settings/preferences_controller.rb
- app/lib/user_settings_decorator.rb
- app/models/user.rb
- config/locales/simple_form.en.yml
2019-06-26 23:19:22 +02:00
Eugen Rochko
6836587117
Fix unnecessary SQL query performed on unauthenticated requests ( #11179 )
2019-06-25 20:18:15 +02:00
Thibaut Girka
34b8346e7f
Merge branch 'master' into glitch-soc/merge-upstream
...
Conflicts:
- app/controllers/statuses_controller.rb
- app/controllers/stream_entries_controller.rb
2019-06-07 17:00:36 +02:00
ThibG
cac9110533
Cleanup various controllers ( #10972 )
...
* Remove skip_session! as it is not supported in Rails 5
* Minor cleanup in StreamEntriesController
* Remove redundant mark_cacheable! calls
2019-06-05 14:02:59 +02:00
Thibaut Girka
291012ec0c
Merge branch 'master' into glitch-soc/merge-upstream
...
Conflicts:
- app/controllers/accounts_controller.rb
- app/controllers/follower_accounts_controller.rb
- app/controllers/statuses_controller.rb
All conflicts caused by the additional `use_pack` used for glitch-soc's theming
system.
2019-03-18 18:03:27 +01:00
Ben Lubar
c3d1594576
Reduce server load caused by anonymous viewing. ( #9059 )
...
Do not start a session if the current user is not logged in for public-facing pages.
Mark pages that don't care about sessions as publicly cacheable.
Keep the max age as 0 so proxies and browsers will still try to retrieve an updated version but can still fall back to the stale version if the site is down or too slow.
Fixes #9035 .
2019-03-17 15:39:25 +01:00
Thibaut Girka
f8e07ca5cd
Merge branch 'master' into glitch-soc/merge-upstream
...
Conflicts:
- app/models/status.rb
Resolved by taking both changes (not a real conflict, just changes too close
to each other).
2018-11-27 13:23:02 +01:00
Eugen Rochko
8069fd636b
Remove intermediary arrays when creating hash maps from results ( #9291 )
2018-11-16 15:02:18 +01:00
Thibaut Girka
b00f60f1d3
Merge branch 'master' into glitch-soc/merge-upstream
2018-10-28 08:37:49 +01:00
Eugen Rochko
795f0107d2
Include preview cards in status entity in REST API ( #9120 )
...
* Include preview cards in status entity in REST API
* Display preview card in-stream
* Improve in-stream display of preview cards
2018-10-28 06:35:03 +01:00
Thibaut Girka
cd99255698
Merge branch 'master' into glitch-soc/merge-upstream
...
Conflicts:
app/controllers/oauth/authorizations_controller.rb
Just two changes being too close to one another.
Took both.
2018-09-11 16:51:26 +02:00
Eugen Rochko
2288d50a7b
Add force_login option to OAuth authorize page ( #8655 )
...
* Add force_login option to OAuth authorize page
For when a user needs to sign into an app from multiple accounts
on the same server
* When logging out from modal header, redirect back after re-login
2018-09-09 04:10:44 +02:00
Thibaut Girka
246c313d45
Merge branch 'master' into glitch-soc/merge-upstream
...
Conflicts:
app/controllers/application_controller.rb
Changed instance theme selection by instance flavour selection.
2018-08-24 15:10:34 +02:00
Eugen Rochko
2f34b747b3
Allow mods to disable login, improve message when login disabled ( #8329 )
...
* Allow moderators to disable/enable login
* Instead of rejecting login, show forbidden error when login disabled
Avoid confusion because when login is rejected, the message is that
the account is not activated, which is wrong.
* Fix tests
2018-08-23 23:26:29 +02:00
Jakub Mendyk
6cb3514d64
Add ability to change an instance default theme from the administration panel ( #7092 ) ( #8381 )
...
* Add default_settings class method to ScopedSettings
ScopedSettings was extended to use value of unscoped setting instead of
only using defaults set in config/settings.yml for selected settings.
This adds possibility for admins to set default values of users' settings,
for example default theme (as requested in #7092 ).
* Add ability to change an instance default theme
Closes #7092
2018-08-23 14:17:35 +02:00
Thibaut Girka
8b4abaa90d
Merge branch 'master' into glitch-soc/master
...
Conflicts:
config/routes.rb
Added the “endorsements” route from upstream.
2018-08-21 18:24:48 +02:00
abcang
9e75aa30cd
Unuse ActiveRecord::Base#cache_key ( #8185 )
...
* Unuse ActiveRecord::Base#cache_key
* Enable cache_versioning
* Call cache_collection
2018-08-19 15:52:38 +02:00
Thibaut Girka
659b8a12ec
Merge branch 'master' into glitch-soc/merge-upstream
...
Conflicts:
config/locales/ca.yml
config/locales/nl.yml
config/locales/oc.yml
config/locales/pt-BR.yml
Resolved conflicts by removing upstream-specific changes
2018-05-27 13:20:15 +02:00
Eugen Rochko
ebf2fef029
Catch ActionController::UnknownFormat and return HTTP 406 ( #7621 )
...
An error like that should not appear in production error log.
2018-05-26 01:09:30 +02:00
Thibaut Girka
45fce0e496
Merge branch 'master' into glitch-soc/merge
...
Conflicts:
app/controllers/invites_controller.rb
app/serializers/initial_state_serializer.rb
config/locales/ko.yml
2018-05-11 18:12:42 +02:00
ThibG
352bae8c3e
Update session activation time ( fixes #5605 ) ( #7408 )
2018-05-11 13:20:58 +02:00
Jenkins
6611100480
Merge remote-tracking branch 'tootsuite/master' into glitchsoc/master
2018-04-03 19:17:20 +00:00
Emelia Smith
2e59751823
Improve require_admin! and require_staff! filters ( #7018 )
...
Previously these returns 302 redirects instead of 403s, which meant posting links to admin pages in slack caused them to unfurl, rather than stay as a link. Additionally, require_admin! doesn't appear to be actively used, on require_staff!
2018-04-03 13:07:32 +02:00
David Yip
1b8fcd4df5
Merge remote-tracking branch 'origin/master' into merge-upstream
...
Conflicts:
README.md
app/controllers/follower_accounts_controller.rb
app/controllers/following_accounts_controller.rb
app/serializers/rest/instance_serializer.rb
app/views/stream_entries/_simple_status.html.haml
config/locales/simple_form.ja.yml
2018-03-02 21:46:44 -06:00
Eugen Rochko
47bdb9b33b
Fix #942 : Seamless LDAP login ( #6556 )
2018-02-28 19:04:53 +01:00
imncls
bb6988a7ac
Merge branch 'master' of https://github.com/tootsuite/mastodon
...
# Conflicts:
# app/controllers/settings/exports_controller.rb
# app/models/media_attachment.rb
# app/models/status.rb
# app/views/about/show.html.haml
# docker_entrypoint.sh
# spec/views/about/show.html.haml_spec.rb
2018-02-23 23:28:31 +09:00
Eugen Rochko
d8bc64bb09
Fix #6526 : Only store redirect location if not in JSON format ( #6528 )
2018-02-22 00:51:30 +01:00
David Yip
4c1fd9a19c
Merge remote-tracking branch 'tootsuite/master' into merge-upstream
...
Conflicts:
app/javascript/styles/mastodon/components.scss
2018-02-02 08:39:52 -06:00
Alexander
04fef7b888
pam authentication ( #5303 )
...
* add pam support, without extra column
* bugfixes for pam login
* document options
* fix code style
* fix codestyle
* fix tests
* don't call remember_me without password
* fix codestyle
* improve checks for pam usage (should fix tests)
* fix remember_me part 1
* add remember_token column because :rememberable requires either a password or this column.
* migrate db for remember_token
* move pam_authentication to the right place, fix logic bug in edit.html.haml
* fix tests
* fix pam authentication, improve username lookup, add comment
* valid? is sometimes not honored, return nil instead trying to authenticate with pam
* update devise_pam_authenticatable2 and adjust code. Fixes sideeffects observed in tests
* update devise_pam_authenticatable gem, fixes for codeconventions, fix finding user
* codeconvention fixes
* code convention fixes
* fix idention
* update dependency, explicit conflict check
* fix disabled password updates if in pam mode
* fix check password if password is present, fix templates
* block registration if account is maintained by pam
* Revert "block registration if account is maintained by pam"
This reverts commit 8e7a083d650240b6fac414926744b4b90b435f20.
* fix identation error introduced by rebase
* block usernames maintained by pam
* document pam settings better
* fix code style
2018-02-02 10:18:55 +01:00
David Yip
f7c4d4464b
Merge remote-tracking branch 'personal/merge/tootsuite/master' into gs-master
2018-01-07 13:30:52 -06:00
David Yip
70c99a9f34
Use error pack when rendering error pages. Fixes #305 .
2018-01-07 13:30:17 -06:00
Jenkins
c2e1bfd9ae
Merge remote-tracking branch 'tootsuite/master' into glitchsoc/master
2018-01-07 15:17:13 +00:00
Yamagishi Kazutoshi
1d92b90be9
Fix force_ssl conditional ( #6201 )
2018-01-07 15:19:23 +01:00
Yamagishi Kazutoshi
da809f9eec
Fix unintended cache ( #6214 )
2018-01-07 15:12:59 +01:00
David Yip
5083311d64
Merge remote-tracking branch 'ykzts/fix-unintended-cache' into gs-master
2018-01-07 00:32:24 -06:00
Yamagishi Kazutoshi
2af307bce4
Fix unintended cache
2018-01-07 14:59:12 +09:00
Jenkins
c69a23ae46
Merge remote-tracking branch 'tootsuite/master' into glitchsoc/master
2018-01-04 23:17:11 +00:00
ThibG
3bee0996c5
Make sure private toots remain private and do not end up in HTTP caches ( #6175 )
2018-01-04 14:39:38 +01:00
Eugen Rochko
c10f4bdb03
Cache JSON of immutable ActivityPub representations ( #6171 )
2018-01-04 01:21:38 +01:00
David Yip
4cca1d1e7e
Merge remote-tracking branch 'origin/master' into merge-upstream
...
Conflicts:
app/controllers/auth/confirmations_controller.rb
2017-12-30 17:20:07 -06:00
Eugen Rochko
38fc1b498d
Add more instance stats APIs ( #6125 )
...
* Add GET /api/v1/instance/peers API to reveal known domains
* Add GET /api/v1/instance/activity API
* Make new APIs disableable, exclude private statuses from activity stats
* Fix code style issue
* Fix week timestamps
2017-12-29 19:52:04 +01:00
kibigo!
b28cd6769c
Javascript intl8n flavour support
2017-12-10 11:08:04 -08:00
kibigo!
717b7d555c
Skins shouldn't apply to fallback flavours
2017-12-07 14:49:54 -08:00
kibigo!
061211a1e3
Fix common packs when other pack also there
2017-12-06 15:34:19 -08:00
kibigo!
bc4fa6b198
Rename themes -> flavours ? ?
2017-12-03 23:26:40 -08:00