Commit Graph

4483 Commits

Author SHA1 Message Date
32987004c9 status: preserve visibility attribute when reblogging (infoleak fix) (#5789)
this should fix *all* remaining visibility-related mastodon ostatus infoleaks.
thanks to @csaurus@gnusocial.de for pointing out the infoleak.
2017-11-25 01:36:08 +01:00
31ac5f0e00 Display list column (#5750) 2017-11-25 00:35:37 +01:00
269a445c0b Fix unnecessary order (#5807) 2017-11-24 18:41:07 +01:00
2b51b4094c Don't remove originals of boosted toots from timeline (#5479)
* Don't remove originals of boosted toots from timeline

* Remove unused argument to updateTimeline
2017-11-24 14:43:53 +01:00
5a551b530a Do not require onClose property in NavigationBar (#5802)
NavigationBar can be used as mock as it is in OnboardingModal. In such a
case, onClose property is not required.
2017-11-24 13:13:17 +01:00
e84fecb7e9 Add logging of admin actions (#5757)
* Add logging of admin actions

* Update brakeman whitelist

* Log creates, updates and destroys with history of changes

* i18n: Update Polish translation (#5782)

Signed-off-by: Marcin Mikołajczak <me@m4sk.in>

* Split admin navigation into moderation and administration

* Redesign audit log page

* 🇵🇱 (#5795)

* Add color coding to audit log

* Change dismiss->resolve, log all outcomes of report as resolve

* Update terminology (e-mail blacklist) (#5796)

* Update terminology (e-mail blacklist)

imho looks better

* Update en.yml

* Fix code style issues

* i18n-tasks normalize
2017-11-24 02:05:53 +01:00
53b7b81b43 Update and fix Catalan translation (#5773)
* Update activerecord.ca.yml

* Update ca.yml

* Update devise.ca.yml

* Update doorkeeper.ca.yml

* Update simple_form.ca.yml

* fix syntax error for ca translation

* fix syntax errors in ca translations

Signed-off-by: Marcin Mikołajczak <me@m4sk.in>
2017-11-21 23:17:28 +09:00
3dce6cbbd7 Fixed duplicating URL of photo type of oEmbed (#5763) 2017-11-20 20:45:54 +01:00
2bcc81700c Fix NoMethodError at ActivityPub::FetchRemoteStatusService (#5753) 2017-11-19 15:33:15 +01:00
53e95c4efc Fix N+1 at notification (#5752) 2017-11-19 15:32:48 +01:00
bfdcf76a64 Add “staff” badge to admin user pages (#5735)
* Allow staff badge to change from setting to hidden

* i18n: Update Polish translation
2017-11-19 04:13:57 +01:00
58cede4808 Profile redirect notes (#5746)
* Serialize moved accounts into REST and ActivityPub APIs

* Parse federated moved accounts from ActivityPub

* Add note about moved accounts to public profiles

* Add moved account message to web UI

* Fix code style issues
2017-11-18 19:39:02 +01:00
6be72a3ec6 Updating Chinese (Simplified) translations (#5725)
* i18n: (zh-CN) Improve translations

* i18n: (zh-CN) Change `静音` to `隐藏`

* i18n: (zh-CN) Add translations for #5087 & #5669

* i18n: (zh-CN) Improve translations

* i18n: (zh-CN) Improve translations

* i18n: (zh-CN) Improve translations

* i18n: (zh-CN) Improve translations

* i18n: (zh-CN) Add missing translation for #5728
2017-11-18 14:35:11 +09:00
24cafd73a2 Lists (#5703)
* Add structure for lists

* Add list timeline streaming API

* Add list APIs, bind list-account relation to follow relation

* Add API for adding/removing accounts from lists

* Add pagination to lists API

* Add pagination to list accounts API

* Adjust scopes for new APIs

- Creating and modifying lists merely requires "write" scope
- Fetching information about lists merely requires "read" scope

* Add test for wrong user context on list timeline

* Clean up tests
2017-11-18 00:16:48 +01:00
4a2fc2d444 Increase contrast of Admin badges (#5740)
To comply WCAG 2.0 guidelines on contrast ratio.
2017-11-17 19:59:53 +01:00
e1ebf36352 Fix regression #5467: fixes emoji copy (#5739) 2017-11-17 18:22:31 +01:00
e28b33c89c Move "Permissions" row into main table in /admin/accounts/:id (#5734) 2017-11-17 15:18:20 +01:00
9dd5e329ab Remove empty strings (#5732) 2017-11-17 10:52:30 +09:00
3e90987c8b Fix some rubocop style issues (#5730) 2017-11-17 10:06:26 +09:00
2151fd3150 Display moderator badge (green), admin badge changed to red (#5728) 2017-11-17 01:22:38 +01:00
ad207456d6 Improve language filter (#5724)
* Scrub text of html before detecting language.

* Detect language on statuses coming from activitypub.

* Fix rubocop comments.

* Remove custom emoji from text before language detection
2017-11-16 13:51:38 +01:00
9e3d24a150 Fix AccountFinderConcern::AccountFinder#with_usernames (#5722) 2017-11-16 12:13:03 +01:00
19e8b861a2 Delegate some methods of User to @settings (#5706)
* Move some tests of User into Settings::ScopedSettings

* Add a test for User@settings
2017-11-15 16:05:20 +01:00
c73a1fb537 reusable-streaming (#5709) 2017-11-15 16:04:15 +01:00
031a5a8f92 Optional notification muting (#5087)
* Add a hide_notifications column to mutes

* Add muting_notifications? and a notifications argument to mute!

* block notifications in notify_service from hard muted accounts

* Add specs for how mute! interacts with muting_notifications?

* specs testing that hide_notifications in mutes actually hides notifications

* Add support for muting notifications in MuteService

* API support for muting notifications (and specs)

* Less gross passing of notifications flag

* Break out a separate mute modal with a hide-notifications checkbox.

* Convert profile header mute to use mute modal

* Satisfy eslint.

* specs for MuteService notifications params

* add trailing newlines to files for Pork :)

* Put the label for the hide notifications checkbox in a label element.

* Add a /api/v1/mutes/details route that just returns the array of mutes.

* Define a serializer for /api/v1/mutes/details

* Add more specs for the /api/v1/mutes/details endpoint

* Expose whether a mute hides notifications in the api/v1/relationships endpoint

* Show whether muted users' notifications are muted in account lists

* Allow modifying the hide_notifications of a mute with the /api/v1/accounts/:id/mute endpoint

* make the hide/unhide notifications buttons work

* satisfy eslint

* In probably dead code, replace a dispatch of muteAccount that was skipping the modal with launching the mute modal.

* fix a missing import

* add an explanatory comment to AccountInteractions

* Refactor handling of default params for muting to make code cleaner

* minor code style fixes oops

* Fixed a typo that was breaking the account mute API endpoint

* Apply white-space: nowrap to account relationships icons

* Fix code style issues

* Remove superfluous blank line

* Rename /api/v1/mutes/details -> /api/v2/mutes

* Don't serialize "account" in MuteSerializer

Doing so is somewhat unnecessary since it's always the current user's account.

* Fix wrong variable name in api/v2/mutes

* Use Toggle in place of checkbox in the mute modal.

* Make the Toggle in the mute modal look better

* Code style changes in specs and removed an extra space

* Code review suggestions from akihikodaki

Also fixed a syntax error in tests for AccountInteractions.

* Make AddHideNotificationsToMute Concurrent

It's not clear how much this will benefit instances in practice, as the
number of mutes tends to be pretty small, but this should prevent any
blocking migrations nonetheless.

* Fix up migration things

* Remove /api/v2/mutes
2017-11-15 03:56:41 +01:00
58bca7b1e4 Filter searched toots to be consistent with blocking behaviors (#5383) 2017-11-15 01:53:33 +01:00
1c25853842 Use already-known remote user data if resolving temporarily fails in mentions (#5702) 2017-11-15 01:06:49 +01:00
fbef909c2a Add option to block direct messages from people you don't follow (#5669)
* Add option to block direct messages from people you don't follow

Fix #5326

* If the DM responds to a toot by recipient, allow it through

* i18n: Update Polish translation (for #5669) (#5673)
2017-11-14 21:12:57 +01:00
c3ec1e87b8 Updating Chinese (Simplified) translations (#5643)
* i18n: (zh-CN) Bug fix for note-counter.

* i18n: (zh-CN) Improve translations

* i18n: (zh-CN) Improve translations

* i18n: (zh-CN) Add missing translations

* i18n: (zh-CN) Improve translations

* i18n: (zh-CN) Add support.array key for better wording

* Revert "i18n: (zh-CN) Add support.array key for better wording"

This reverts commit 27bf9a946e886213e827cd985d4f62419db57534.
Looks like this commit can't get pass the checks, revert it for now.

* i18n: (zh-CN) Change `客户端` to `应用`

* i18n: (zh-CN) Improve translations

* i18n: (zh-CN) Add missing translations (#5635)

* i18n: (zh-CN) Change `两步验证` to `双重认证`

* i18n: (zh-CN) Improve translations
2017-11-14 20:44:42 +01:00
20150659e6 Add uniqueness to block email domains (#5692) 2017-11-14 20:37:17 +01:00
8087aa83d4 i18n: Update Polish translation (#5699)
Signed-off-by: Marcin Mikołajczak <me@m4sk.in>
2017-11-14 20:36:11 +01:00
0e6c4cb796 l10n: PT-BR translation updated (#5681)
* Improved e-mail messages; delted repeated words

* pt-BR.json translations updated

* Revert "pt-BR.json translations updated"

This reverts commit 108c460531196fed6e6d14f93e8d8d047c835ffd.

* Updated pt-BR.json

* pt-BR.yml updated
2017-11-14 11:07:38 +09:00
cf7e840990 Update model annotations to use BIGINT for IDs (#5461)
All the migrations have been updated to use BIGINTs for ID fields in the DB, but ActiveRecord needs to be told to treat those values as BIGINT as well. This PR does that.
2017-11-12 16:18:50 +01:00
07f7192bc3 Fix #5632 - Reset column loading status after fetch fail (#5659) 2017-11-12 12:51:07 +09:00
7bb8b0b2fc Add moderator role and add pundit policies for admin actions (#5635)
* Add moderator role and add pundit policies for admin actions

* Add rake task for turning user into mod and revoking it again

* Fix handling of unauthorized exception

* Deliver new report e-mails to staff, not just admins

* Add promote/demote to admin UI, hide some actions conditionally

* Fix unused i18n
2017-11-11 20:23:33 +01:00
2b1190065c Retry thread resolving (#5599)
Thread resolving is one of the few tasks that isn't retried on failure.
One common cause for failure of this task is a well-connected user replying to
a toot from a little-connected user on a small instance: the small instance
will get many requests at once, and will often fail to answer requests within
the 10 seconds timeout used by Mastodon.

This changes makes the ThreadResolveWorker retry a few times, with a
rapidly-increasing time before retries and large random contribution in order
to spread the load over time.
2017-11-11 16:49:04 +01:00
f9e7336296 Fix focused background color of direct toots (#5642) 2017-11-09 19:40:34 +01:00
54b42901df Add and Remove tests for FollowRequest (#5622)
* Add a test for FollowRequest#authorize!

* Remove tests

There is no need to test
ActiveModel::Validations::ClassMethods#validates.

* Make an alias of destroy! as reject!

Instead of defining the method,
make an alias of destroy! as reject! because of reducing test.
2017-11-09 14:36:52 +01:00
49a285ce15 Show confirmation dialog on leaving WebUI while composing (#5616)
* Show confirmation dialog on leaving WebUI while composing

Currently, Back button and Back hotkey can cause leaving from WebUI, as well as browser's back button. Users may hit those buttons accidentally, and their composing text will be lost.

So this prevents it by showing confirmation dialog from `onbeforeunload` event.

* Fix message and comments
2017-11-09 14:34:41 +01:00
eb97bd8af6 i10n OC: Memorial (#5615) + #5467 (#5623)
* Changed ĩ => ï

* Changed ĩ => ï

* Add ability to disable login and mark accounts as memorial (#5615)
2017-11-08 15:19:49 +01:00
889ada5ee2 Fix process mentions for local users, as local users are considered to use OStatus (#5618) 2017-11-07 22:15:15 +01:00
3f16caaa50 Eliminate space around emoji (#5474)
* Eliminate space around emoji

* More improve emoji style

* Make more compatible with Twemoji

* Make scss-lint happy

* Make not modify normal emoji's behavior

* Decrease status__action-bar's margin-top to 5px

* Make the test be passed

* Revert "Make the test be passed"

This reverts commit 54a8c60e5907ef20a5ceb5ab2c86a933e06f3ece.

* Revert "Make not modify normal emoji's behavior"

This reverts commit 6a5bdf0c11df16ebd190cb3ab9d2e8f1349f435a.
2017-11-07 19:09:53 +01:00
5d5c0f4f43 Twidere mention workaround (#5552)
* Work around Twidere and Tootdon bug

Tootdon and Twidere construct @user@domain handles from mentions in toots based
solely on the mention text and account URI's domain without performing any
webfinger call or retrieving account info from the Mastodon server.

As a result, when a remote user has WEB_DOMAIN ≠ LOCAL_DOMAIN, Twidere and
Tootdon will construct the mention as @user@WEB_DOMAIN. Now, this will usually
resolve to the correct account (since the recommended configuration is to have
WEB_DOMAIN perform webfinger redirections to LOCAL_DOMAIN) when processing
mentions, but won't do so when displaying them (as it does not go through the
whole account resolution at that time).

This change rewrites mentions to the resolved account, so that displaying the
mentions will work.

* Use lookbehind instead of non-capturing group in MENTION_RE

Indeed, substitutions with the previous regexp would erroneously eat any
preceding whitespace, which would lead to concatenated mentions in the
previous commit.

Note that users will “lose” up to one character space per mention for their
toots, as that regexp is also used to remove the domain-part of mentioned
users for character counting purposes, and it also erroneously removed the
preceding character if it was a space.
2017-11-07 19:08:14 +01:00
1032f3994f Add ability to disable login and mark accounts as memorial (#5615)
Fix #5597
2017-11-07 19:06:44 +01:00
e618edf85a fix: slang to adequate word (#5453) 2017-11-07 14:49:50 +01:00
b6e2e999bd Show the local couterpart of emoji when it exists in /admin/custom_emojis (#5467)
* Show the local couterpart of emoji when it exists in admin/custom_emojis

* Fix indentation

* Fix error

* Add class table-action-link to Overwrite link

* Make it enable to overwrite emojis

* Make Code Climate happy
2017-11-07 14:49:32 +01:00
782224c991 Avoid emojifying on invisible text (#5558) 2017-11-07 14:48:13 +01:00
84cfee2488 Do not process undeliverable mentions (#5598)
* Resolve remote accounts when mentioned even if they are already known

This commit reduces the risk of not having up-to-date public key or protocol
information for a remote account, which is required to deliver toots
(especially direct messages).

* Do not add mentions in private messages for remote users we cannot deliver to

Mastodon does not deliver private and direct toots to OStatus users, as there
is no guarantee the remote software understands the toot's privacy. However,
users currently do not get any feedback on it (Mastodon won't attempt delivery,
but the toot will be displayed exactly the same way to the user).

This change introduces *some* feedback by not processing mentions that are
not going to be delivered. A long-term solution is still needed to have
delivery receipts or at least some better indication of what is going on, but
at least an user can see *something* is up.
2017-11-07 14:47:39 +01:00
7bea1530f4 Resolve remote accounts when mentioned even if they are already known (#5539)
This commit reduces the risk of not having up-to-date public key or protocol
information for a remote account, which is required to deliver toots
(especially direct messages).
2017-11-07 14:31:57 +01:00
864c4d869f Make fullscreen video in detailed status plays in fullscreen (Partly Fix #5160) (#5611)
* Make fullscreen video in detailed status plays in fullscreen (Fix #5160)

* Directly assign the initial state
2017-11-07 14:24:55 +01:00