Commit Graph

447 Commits

Author SHA1 Message Date
Eugen Rochko
91c71471ab Fix account delete form not accepting password, update suspended (#3745)
account before removing content for quicker feedback to end-users
2017-06-14 20:30:12 +02:00
Eugen Rochko
4a618908e8 Account deletion (#3728)
* Add form for account deletion

* If avatar or header are gone from source, remove them

* Add option to have SuspendAccountService remove user record, add tests

* Exclude suspended accounts from search
2017-06-14 18:01:27 +02:00
Eugen Rochko
dc8a6244fc Fix #2619 - When redis feed is empty, fall back to database (#3721)
* Fix #2619 - When redis feed is empty, fall back to database

* Use redis value to return feed from database only while RegenerationWorker
hasn't finished running

* Fix specs

* Replace usage of reject!
2017-06-14 13:37:03 +02:00
René Klačan
dcf0530218 Make sure email is case insensitive on all places (#3688)
When case insensitivity is enabled via devise's `config.case_insensitive_keys` then `.find_for_authentication` method needs to be used instead of `.find_by` because second mentioned returns `nil` when valid email with different cases is passed.

More info https://github.com/plataformatec/devise/wiki/How-To:-Use-case-insensitive-emails
2017-06-11 02:29:08 +02:00
Akihiko Odaki (@fn_aki@pawoo.net)
4919b89ab8 Improve default language decision and spec (#3351)
* Improve default language decision

This change allows to takes account of accepted language determined by
the user agent even if the custom default locale of the instance is
configured.

* Cover Localized more

* Fix code style
2017-06-10 09:44:02 +02:00
Matt Jankowski
2925372ff4 Move create/destroy actions for api/v1/statuses to namespace (#3678)
Each of mute, favourite, reblog has been updated to:

- Have a separate controller with just a create and destroy action
- Preserve historical route names to not break the API
- Mild refactoring to break up long methods
2017-06-10 09:39:26 +02:00
Matt Jankowski
5282ba862a Move reblogged_by and favourited_by actions out of api/v1/statuses and into unique controllers (#3646)
* Add specs for api statuses routes

* Update favourited_by and reblogged_by api routes

* Move methods into new controllers

* Use load_accounts methods to simplify index actions

* Clean up load_accounts methods

* Clean up link header generation

* Check for link headers in specs

* Remove unused actions from api/v1/statuses controller

* Remove specs for moved actions
2017-06-09 14:12:40 -04:00
Eugen Rochko
8902e265b4 Add explit admin actions to (re)subscribe/unsubscribe remote accounts (#3640)
* Add explit admin actions to (re)subscribe/unsubscribe remote accounts
and re-download avatar/header

* Improve how admin NSFW toggle looks
2017-06-08 14:58:22 +02:00
Yamagishi Kazutoshi
0a0b9a271a Improve RuboCop rules (compatibility to Code Climate) (#3636)
08f8de84eb/Gemfile.lock (L38)
Code Climate is using RuboCop v0.46.0.

Change several rules to maintain compatibility.
2017-06-08 13:24:28 +02:00
Matt Jankowski
73540ffe6b Clean up for api/base controller (#3629)
* Move ApiController to Api/BaseController

* API controllers inherit from Api::BaseController

* Add coverage for various error cases in api/base controller
2017-06-07 20:09:25 +02:00
Matt Jankowski
f0634ba876 Coverage improvement and concern extraction for rate limit headers in API controller (#3625)
* Coverage for rate limit headers

* Move rate limit headers methods to concern

* Move throttle check to condition on before_action

* Move match_data variable into method

* Move utc timestamp to separate method

* Move header setting into smaller methods

* specs cleanup
2017-06-07 17:23:26 +02:00
Eugen Rochko
722d152082 Fix #3063 - Add dynamic app manifest (#3563)
* Fix #3063 - Add dynamic app manifest

* Added short_name

* Add background_color
2017-06-06 19:29:42 +02:00
Daigo 3 Dango
2985d08951 Redirect to streaming_api_base_url (#3579)
* Redirect to streaming_api_base_url

When Rails receives a request to streaming API, it most likely
means that there is another host which is configured to respond
to it. This is to redirect clients to that host if
`STREAMING_API_BASE_URL` is set as another host.

* Use the new Ruby 1.9 hash syntax
2017-06-05 12:09:29 +02:00
Naoki Kosaka
e014bf8ed0 Fix limit_param in favourites_controller.rb (#3553) 2017-06-04 14:52:26 +02:00
takayamaki
3eedad2737 change sidekiq queueing to bulk push (#3536) 2017-06-04 00:11:15 +02:00
ThibG
d567a382e3 Ensure well_known controllers use WEB_DOMAIN by including RoutingHelper (#2388)
This fixes #2375.
2017-06-02 22:21:36 +02:00
Akihiko Odaki (@fn_aki@pawoo.net)
10768aa204 Spec response for forgery (#3248)
Remove protect_from_forgery in ApiController, which is disabled by the
following skip_before_action, as well.
2017-06-01 20:56:55 +02:00
Matt Jankowski
5c63523972 Spec coverage and refactor for the api/v1/accounts controllers (#3451) 2017-05-31 21:36:24 +02:00
Matt Jankowski
de4681b2be Move admin/pubsubhubbub controller to admin/subscriptions (#3442) 2017-05-31 20:39:35 +02:00
Matt Jankowski
a132332b86 Add Instance class to list admin records (#3443) 2017-05-31 20:38:44 +02:00
Matt Jankowski
5236a62861 Improve spec coverage and clean up api/v1/blocks controller (#3464) 2017-05-31 20:34:51 +02:00
Matt Jankowski
0f155829b7 Improve spec coverage and clean up api/v1/follow_requests controller (#3465) 2017-05-31 20:32:11 +02:00
Matt Jankowski
84dda45df9 Improve spec coverage and clean up api/v1/domain_blocks controller (#3466) 2017-05-31 20:31:14 +02:00
Matt Jankowski
9c7505489f Refactor api/v1/notifications controller (#3470) 2017-05-31 20:30:55 +02:00
Matt Jankowski
75cad1d9d6 Improve spec coverage and clean up api/v1/favourites controller (#3472) 2017-05-31 20:30:39 +02:00
Matt Jankowski
bf811e4d4a Improve spec coverage and clean up api/v1/mutes controller (#3481) 2017-05-31 20:27:34 +02:00
Matt Jankowski
d6774d2ca3 Refactor and spec coverage for api/v1/timelines actions (#3482) 2017-05-31 20:27:17 +02:00
Matt Jankowski
79335e46fd Refactor api/v1/apps controller (#3471) 2017-05-30 21:16:28 -04:00
Matt Jankowski
7c6e02aaf3 Refactor api/v1/reports controller (#3469) 2017-05-30 21:13:31 -04:00
Matt Jankowski
7f55430652 Refactor api/v1/search controller (#3468) 2017-05-30 21:11:54 -04:00
Matt Jankowski
8235623362 Improve spec coverage and clean up api/v1/media controller (#3467) 2017-05-30 21:11:29 -04:00
Matt Jankowski
83435c49ea Clean up api/subscriptions controller (#3448) 2017-05-31 02:15:09 +02:00
Jack Jennings
33f669a5f8 Add status destroy authorization to policy (#3453)
* Add status destroy authorization to policy

* Create explicit unreblog status authorization
2017-05-30 22:56:31 +02:00
Matt Jankowski
3576fa0d59 Improve api oembed controller (#3450)
* Add StreamEntryFinder class to parse URLs

* Use StreamEntryFinder and clean up api/oembed controller
2017-05-30 16:30:06 -04:00
Matt Jankowski
1dcfb90202 Clean up api/salmon controller (#3449) 2017-05-30 16:28:58 -04:00
Matt Jankowski
0ebe7d6d23 Remove exports/base controller in favor of shared concern (#3444) 2017-05-30 19:06:01 +02:00
Jack Jennings
3a2003ba86 Extract authorization policy for viewing statuses (#3150) 2017-05-29 18:22:22 +02:00
Akihiko Odaki
922fb74197 Remove methods from ObfuscateFilename and spec (#3347)
* Remove methods from ObfuscateFilename

* Spec ObfuscateFilename
2017-05-29 18:14:16 +02:00
Atsushi Yamamoto
402c19a924 Add preference setting for delete toot modal (#3368)
* Set delete_modal preference to true by default
* Does not show confirmation modal if delete_modal is false
* Add ja translation for preference setting page
2017-05-29 17:56:13 +02:00
unarist
ecef03bb15 Fix empty flash message on the settings page (#3345) 2017-05-27 13:04:28 +02:00
Akihiko Odaki
860e257a68 Remove redundant call of recent scope in AccountsController (#3330)
recent is included in paginate_by_max_id.
2017-05-26 16:35:25 +02:00
Akinori MUSHA
f6a93fc150 Go to root after login in single user mode (#3289)
In single user mode, visitors are redirected to the single user's
profile page.  So, if you are the owner without a session, you start
from that page, click the login button and authenticate yourself
expecting you'll soon get started with the home page, but in reality
you'll get redirected back to where you started from -- your own
profile page.

This fixes the behavior by redirecting you home after login if you
have started from your own profile page.
2017-05-26 14:14:03 +02:00
unarist
cf4fe6cab8 More use of next link header on account (media) timelines (#3311)
This will reduce requests on who have only few statuses.

- Use next link header to detect more items from first request
- Omit next link header if result items are fewer than requested count
(It had omit it only if result was empty before)
2017-05-25 17:09:13 +02:00
Yamagishi Kazutoshi
676ba50601 Show error message to suspended user (#3281) 2017-05-24 16:39:09 +02:00
unarist
3ce9ca4c99 Fix following/followers API to return correct link headers (#3268)
Link headers in following/followers API should include follow_id as max_id/since_id.

However, these API use current_user's account_id instead of follow_id from #3167.
This causes irrelevant result on loading more users.
2017-05-23 23:26:23 +02:00
Eugen Rochko
2ca1f0737a Fix Devise destroy method being available to delete user record (#3266)
(You may think that we need account deletions, but this way would've just orphaned the db records)
2017-05-23 21:32:42 +02:00
alpaca-tc
7ee5fc5d68 Toggle sensitive from admin page (#3261) 2017-05-23 19:45:43 +02:00
Matt Jankowski
4289ed1d13 Refactor of API timeline actions (#3263)
- Increase coverage to exercise all parts of each action
- Move into namespace to share common code
- Misc refactor of each action for smaller methods, simpler code
2017-05-23 18:11:39 +02:00
Akihiko Odaki
ea2ef16ea4 Cover StreamEntriesController more and remove redundant instructions (#3257)
* Cover StreamEntriesController more

* Remove redundant instructions in StreamEntriesController
2017-05-23 15:04:23 +02:00
Akihiko Odaki
bf575a1f5e Introduce recent to Follow (#3247)
Introduce recent to Follow, as Account and other models have.
This change also adds specs for the scope and the dependents.
2017-05-23 13:12:19 +02:00