Commit Graph

1060 Commits

Author SHA1 Message Date
1c113fd72d Add relationship manager UI (#10268) 2019-03-16 11:23:22 +01:00
ba84b6d4d7 Add visibility param to reblog REST API (#9851)
Use async worker for creating reblog notification to improve performance
2019-03-15 04:36:41 +01:00
d94e21f933 Add a preferences API so apps can share basic behaviours (#10109) 2019-03-15 02:39:20 +01:00
51e154f5e8 Admission-based registrations mode (#10250)
Fix #6856
Fix #6951
2019-03-14 05:28:30 +01:00
06663fcf87 Fix tagged param not being normalized before querying tags (#10249) 2019-03-13 13:02:13 +01:00
65fffeac3f Redesign landing page (#10232) 2019-03-12 17:34:00 +01:00
5506b9406d Avoid race conditions when creating backups (#10234)
Under load, multiple backups for a single user could be planned, which
is very expensive.
2019-03-11 00:50:31 +01:00
230a012f00 Add polls (#10111)
* Add polls

Fix #1629

* Add tests

* Fixes

* Change API for creating polls

* Use name instead of content for votes

* Remove poll validation for remote polls

* Add polls to public pages

* When updating the poll, update options just in case they were changed

* Fix public pages showing both poll and other media
2019-03-03 22:18:23 +01:00
d8498b3983 Give the replies collection an identifier and enable pagination (#10128) 2019-02-28 18:16:34 +01:00
a5e7ada62f Improve account media query (#10121) 2019-02-26 15:23:24 +01:00
e7f20cc43f Add type, limit, offset, min_id, max_id, account_id to search API (#10091)
* Add type, limit, offset, min_id, max_id, account_id to search API

Fix #8939

* Make the offset work on accounts and hashtags search as well

* Assure brakeman we are not doing mass assignment here

* Do not allow paginating unless a type is chosen

* Fix search query and index id field on statuses instead of created_at
2019-02-26 15:21:36 +01:00
d7ad42a888 Randomize emoji filename (#10090) 2019-02-22 16:52:04 +01:00
738c034213 Do not error out when performing admin actions on no statuses (#10094)
Same as #8220 but for reports
2019-02-21 19:36:48 +01:00
6840a77711 Add domain search/filter to the "Federation" (/admin/instances) page (#10071) 2019-02-18 14:59:19 +01:00
cc84a407f4 Add vapid_key to the application entity in the REST API (#10058)
Fix #8785
2019-02-16 05:27:05 +01:00
67215692fc Save IP address used for sign-up, not only sign-in (#10026)
Fixes #9995
2019-02-12 22:24:14 +01:00
5bffb53a76 Fix it as tagged_request of accounts_controller is not addressable_uri (#9976) 2019-02-05 15:11:11 +01:00
2557cb2f95 Fix pinned statuses being shown in a featured hashtag (#9971) 2019-02-05 00:27:18 +01:00
88f35f339d Fix authorized applications list page design (#9969) 2019-02-04 22:25:42 +01:00
364f2ff9aa Add featured hashtags to profiles (#9755)
* Add hashtag filter to profiles

GET /@:username/tagged/:hashtag
GET /api/v1/accounts/:id/statuses?tagged=:hashtag

* Display featured hashtags on public profile

* Use separate model for featured tags

* Update featured hashtag counters on-write

* Limit featured tags to 10
2019-02-04 04:25:59 +01:00
ed30110618 Make displaying application used to toot opt-in (#9897)
* Make storing and displaying application used to toot opt-in

* Revert to storing application info, and display it to the author via API
2019-02-02 19:18:15 +01:00
6b91da97bb Fix directory showing tags that have no currently eligible accounts (#9872) 2019-01-20 12:56:53 +01:00
32daecffef Fix REST API showing non-public reblogs for a given status (#9850) 2019-01-18 20:58:00 +01:00
bc642ac24b Redesign public hashtag page to use a masonry layout (#9822) 2019-01-16 19:47:46 +01:00
1c6588accc Redesign admin instances area (#9645) 2019-01-08 13:39:49 +01:00
28b482874a Improvements to signature verification (#9667)
* Refactor signature verification a bit

* Rescue signature verification if recorded public key is invalid

Fixes #8822

* Always re-fetch AP signing key when HTTP Signature verification fails

But when the account is not marked as stale, avoid fetching collections and
media, and avoid webfinger round-trip.

* Apply stoplight to key/account update as well as initial key retrieval
2019-01-07 21:45:13 +01:00
5654535728 Change remote interaction dialog to use specific actions (#9743)
* Change remote interaction dialog to use specific actions

Instead of just "interact", use different strings based on whether
it's a reply, reblog or favourite. Add explanation why the step
is necessary in the first place

* Remove obsolete strings
2019-01-07 15:36:26 +01:00
43c61bca60 Add locale param to sign-up API (#9747)
Fix #9627
2019-01-07 14:50:20 +01:00
5dbe186585 Add cache to custom emojis API (#9732)
Fix #9729
2019-01-06 23:52:58 +01:00
a49d43d112 Add scheduled statuses (#9706)
Fix #340
2019-01-05 12:43:28 +01:00
6f9a7bd02c Add quick links to the admin interface in the WebUI (#8545)
* Allow to show a specific status in the admin interface

* Let the front-end know the current account is a moderator

* Add admin links to status and account menus

If the current logged-in user is an admin, add quick links to the admin
interface in account and toot dropdown menu. Suggestion by @ashkitten

* Use @statuses.first instead of @statuses[0]
2019-01-04 13:10:43 +01:00
82ef5c0461 Fix list of local followers showing remote followers in admin UI (#9700) 2019-01-03 06:40:16 +01:00
7fc7437d05 Add CSV export for lists and domain blocks (#9677)
Fix #6893
Fix #9268
2019-01-01 13:44:04 +01:00
6e49907ecf Improve admin UI for account view (#9643) 2018-12-28 03:38:41 +01:00
c3465f699e Add local followers page to admin account UI (#9610)
* Add local followers page to admin account UI

For moderation, I often find myself wondering who, locally, is following
a remote user. Currently, to see this, I have to go back to the web UI,
paste in their full handle, click their profile, and go to the
"Followers" tab (plus, this information is incidental, and if mastodon
ever decides to resolve all of the follower information, there will be
no place local followers are shown). This PR adds a new page which is
accessible via the "following" count on the admin's account view
page, which shows the local followers. (It has filter parameters for
account location to indicate that only local followers are shown, and
leave room for expansion if mastodon ever decides to store the entire
remote follow list).

* Normalize en.yml
2018-12-27 13:15:39 +01:00
ee1ba59692 Add exclude_reblogs option to account statuses API (#9640)
Fix #9606
2018-12-27 03:42:35 +01:00
9b8c7a9aad Redirect to reports overview instead of report after account action (#9639) 2018-12-27 03:42:29 +01:00
4423999609 Fix account unsilencing and unsuspension (#9637)
Fix regression from 3c033c4352
2018-12-26 19:16:15 +01:00
17cd91c777 Fix signature verification stoplight triggering on non-timeout errors (#9617) 2018-12-26 19:15:43 +01:00
bf70e5cfda Add error message with invalid email confirmation (#9625) 2018-12-25 19:35:26 +01:00
5d2fc6de32 Add REST API for creating an account (#9572)
* Add REST API for creating an account

The method is available to apps with a token obtained via the client
credentials grant. It creates a user and account records, as well as
an access token for the app that initiated the request. The user is
unconfirmed, and an e-mail is sent as usual.

The method returns the access token, which the app should save for
later. The REST API is not available to users with unconfirmed
accounts, so the app must be smart to wait for the user to click a
link in their e-mail inbox.

The method is rate-limited by IP to 5 requests per 30 minutes.

* Redirect users back to app from confirmation if they were created with an app

* Add tests

* Return 403 on the method if registrations are not open

* Require agreement param to be true in the API when creating an account
2018-12-24 19:12:38 +01:00
e25947db4a Sanitize and sandbox toot embeds (#9552) 2018-12-23 02:16:35 +01:00
59e333385b Show 40 profiles per directory page instead of 30 (#9609)
To better align with the list of hashtags
2018-12-22 23:31:23 +01:00
3c033c4352 Add moderation warnings (#9519)
* Add moderation warnings

Replace individual routes for disabling, silencing, and suspending
a user, as well as the report update route, with a unified account
action controller that allows you to select an action (none,
disable, silence, suspend) as well as whether it should generate an
e-mail notification with optional custom text. That notification,
with the optional custom text, is saved as a warning.

Additionally, there are warning presets you can configure to save
time when performing the above.

* Use Account#local_username_and_domain
2018-12-22 20:02:09 +01:00
108b2139cd Allow unauthenticated REST API access to GET /api/v1/accounts/:id/statuses (#9573)
Fix #7087

The same data is available over the ActivityPub outbox, RSS, and Atom, so
there is little benefit to keeping it limited in this method.
2018-12-20 01:30:43 +01:00
2c1a6f746f fix CSP / X-Frame-Options for media embeds (#9558) 2018-12-18 16:40:30 +01:00
3281df0df1 Move #set_user to Admin::BaseController (#9470)
* Move #set_user to Admin::BaseController

* Rename Admin::TwoFactorAuthenticationsController

from `#set_user` to `#set_target_user` .
2018-12-17 11:40:51 +01:00
087e118971 Remove "most popular" tab from profile directory, add responsive design (#9539)
* Remove "most popular" tab from profile directory, add responsive design

* Remove unused translations
2018-12-17 03:14:28 +01:00
b048926e67 Create Settings::BaseController (#9507)
Define `Settings::BaseController#set_body_classes` so that sub classes
inherit `Settings::BaseController` don't need to define
`#set_body_classes` agein.
2018-12-12 22:32:13 +01:00
cf6ee4ff24 Add admin ability to remove an user's header image (#9495)
* Fix markup in admin/accounts/:id table for avatar

* Add admin ability to remove an user's header image
2018-12-11 19:28:03 +01:00