Commit graph

217 commits

Author SHA1 Message Date
Matt Jankowski b231c3c1bf
Drop support for ruby 3.1 (#32363) 2024-10-31 15:12:08 +00:00
David Roetzel e6cda8388c
Move OTP secret length to configuration (#32125) 2024-10-01 09:38:42 +00:00
Matt Jankowski 48379e62e4
Remove unused User#inactive_message method (#31698) 2024-09-03 08:04:00 +00:00
Matt Jankowski 02df1b4e4a
Finish email allow/deny list naming migration (#30530) 2024-08-13 07:37:32 +00:00
Matt Jankowski e881a59671
Add User.unconfirmed scope, reduce factories in scheduler/user_cleanup spec (#31063) 2024-07-25 14:18:24 +00:00
Matt Jankowski 1e7d5d2957
Update devise-two-factor to version 5.0.0 (#28325)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2024-05-02 09:31:41 +00:00
Matt Jankowski 285f63c02e
Use composable query in User.active scope (#29775) 2024-04-08 13:53:49 +00:00
Claire 38b9d31f63
Improve email address validation (#29838) 2024-04-05 07:48:45 +00:00
Claire 58376eedda
Remove obsolete admin and moderator columns from users table (#29718) 2024-03-22 16:22:36 +00:00
Matt Jankowski 19cbadfbd6
Use enum-generated scope for IpBlock in CLI (#28144) 2024-03-14 09:31:15 +00:00
HTeuMeuLeu 934cab7508
New welcome email (#28883)
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
2024-03-01 12:16:53 +00:00
Emelia Smith 68eaa804c9
Merge pull request from GHSA-7w3c-p9j8-mq3x
* Ensure destruction of OAuth Applications notifies streaming

Due to doorkeeper using a dependent: delete_all relationship, the destroy of an OAuth Application bypassed the existing AccessTokenExtension callbacks for announcing destructing of access tokens.

* Ensure password resets revoke access to Streaming API

* Improve performance of deleting OAuth tokens

---------

Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2024-02-14 15:15:34 +01:00
Emelia Smith e8b66a0525
Ignore legacy moderator and admin columns on User model (#29188) 2024-02-13 17:14:49 +00:00
Matt Jankowski 9fb9ef418a
Fix Rails/WhereExists cop in User model (#28792) 2024-01-18 13:55:44 +00:00
Claire 98b5f85f10
Rename and refactor User#confirm! to User#mark_email_as_confirmed! (#28735) 2024-01-15 18:04:58 +00:00
Claire e621c1c44c
Fix registrations not checking MX records for email domain blocks requiring approval (#28608) 2024-01-15 17:10:57 +00:00
Claire 8cb4825c8b
Fix sign-up restrictions based on email addresses not being enforced (#28732) 2024-01-15 11:06:48 +00:00
Matt Jankowski 543d7890fd
Use normalizes to prepare User values (#28650)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2024-01-10 13:36:06 +00:00
Matt Jankowski c52a593a30
Remove unused scope User.emailable (#28647) 2024-01-08 13:33:45 +00:00
Claire dfdadb92e8
Add ability to require approval when users sign up using specific email domains (#28468) 2024-01-04 09:07:05 +00:00
Matt Jankowski f70f39dd04
Add explicit dependent: nil to associations (#28169) 2023-12-01 15:52:47 +00:00
Matt Jankowski 440b80b2e7
Model concerns organization into module namespaces (#28149) 2023-12-01 11:00:41 +00:00
Claire 963354978a
Add Account#unavailable? and Account#permanently_unavailable? aliases (#28053) 2023-11-30 15:43:26 +00:00
Eugen Rochko cdc57c74b7
Fix unsupported time zone or locale preventing sign-up (#28035)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-11-22 11:38:07 +00:00
Matt Jankowski bbad5b6456
Remove false positive cop detection (#27457) 2023-11-07 10:44:15 +00:00
Matt Jankowski 12550a6a28
Use Rails.env.local? shorthand method to check env (#27519) 2023-10-26 21:20:41 +00:00
Matt Jankowski cf33028f35
Admin mailer parameterization (#25759) 2023-07-08 20:03:38 +02:00
Eugen Rochko 4c9406bdb0
Add time zone preference (#25342) 2023-06-10 03:29:37 +02:00
Matt Jankowski d902a707a3
Fix Rails/CompactBlank cop (#24690) 2023-04-30 14:07:21 +02:00
Eugen Rochko a9b5598c97
Change user settings to be stored in a more optimal way (#23630)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-03-30 14:44:00 +02:00
Claire 86f8aa2db2
Fix unconfirmed accounts being registered as active users (#23803) 2023-03-06 16:00:08 +01:00
Nick Schonning 717683d1c3
Autofix Rubocop remaining Layout rules (#23679) 2023-02-20 06:58:28 +01:00
Nick Schonning f68bb52556
Apply Rubocop Style/NegatedIfElseCondition (#23451) 2023-02-08 07:07:36 +01:00
Claire 6883fddb19
Fix account activation being triggered before email confirmation (#23245)
* Add tests

* Fix account activation being triggered before email confirmation

Fixes #23098
2023-01-24 19:40:21 +01:00
Alexander Ivanov 8eb29741b4
Add webhook account.approved (#22938)
* Webhook `account.approved` when preparing new user

* Update Webhook.EVENTS
2023-01-05 13:29:49 +01:00
Francis Murillo 5fb1c3e934
Revoke all authorized applications on password reset (#21325)
* Clear sessions on password change

* Rename User::clear_sessions to revoke_access for a clearer meaning

* Add reset paassword controller test

* Use User.find instead of User.find_for_authentication for reset password test

* Use redirect and render for better test meaning in reset password

Co-authored-by: Effy Elden <effy@effy.space>
2022-12-15 15:47:06 +01:00
Claire ed07f10ca8
Fix failure when “Require a reason to join” is set with open registrations (#22127) 2022-12-07 16:39:58 +01:00
Claire 00b2720ef0
Change automatic post deletion configuration to be accessible to redirected users (#20774)
Fixes #20550
2022-11-17 10:55:23 +01:00
Eugen Rochko 839f893168
Change public accounts pages to mount the web UI (#19319)
* Change public accounts pages to mount the web UI

* Fix handling of remote usernames in routes

- When logged in, serve web app
- When logged out, redirect to permalink
- Fix `app-body` class not being set sometimes due to name conflict

* Fix missing `multiColumn` prop

* Fix failing test

* Use `discoverable` attribute to control indexing directives

* Fix `<ColumnLoading />` not using `multiColumn`

* Add `noindex` to accounts in REST API

* Change noindex directive to not be rendered by default before a route is mounted

* Add loading indicator for detailed status in web UI

* Fix missing indicator appearing while account is loading in web UI
2022-10-20 14:35:29 +02:00
Eugen Rochko 0d0f3c15d3
Fix language dropdown sometimes not appearing in web UI (#19246)
When user has no locale preference saved (such as never changing it
from the default), the preferred posting language is nil, and
the dropdown is not visible
2022-09-28 01:02:15 +02:00
Eugen Rochko 0b3e4fd5de
Remove digest e-mails (#17985)
* Remove digest e-mails

* Remove digest-related code
2022-08-25 23:38:22 +02:00
Eugen Rochko 0396acf39e
Add audit log entries for user roles (#19040)
* Refactor audit log schema

* Add audit log entries for user roles
2022-08-25 20:39:40 +02:00
Claire 03241d884e
Add option for EMAIL_DOMAIN_DENYLIST/EMAIL_DOMAIN_ALLOWLIST to apply after confirmation (#18642)
Fixes #18620
2022-08-25 04:31:10 +02:00
Eugen Rochko 44b2ee3485
Add customizable user roles (#18641)
* Add customizable user roles

* Various fixes and improvements

* Add migration for old settings and fix tootctl role management
2022-07-05 02:41:40 +02:00
Eugen Rochko a2871cd747
Add administrative webhooks (#18510)
* Add administrative webhooks

* Fix error when webhook is deleted before delivery worker runs
2022-06-09 21:57:36 +02:00
Claire e34dd3644c
Remove unused filtered_languages column (#18533)
* Remove unused `filtered_languages` column

Fixes #18522

* Fix tests
2022-05-27 20:05:22 +02:00
Eugen Rochko 6c699b1723
Fix preferred posting language returning unusable value in REST API (#18428) 2022-05-16 19:13:36 +02:00
Eugen Rochko 3917353645
Fix single Redis connection being used across all threads (#18135)
* Fix single Redis connection being used across all Sidekiq threads

* Fix tests
2022-04-28 17:47:34 +02:00
Eugen Rochko 8e20e16cf0
Change e-mail notifications to only be sent when recipient is offline (#17984)
* Change e-mail notifications to only be sent when recipient is offline

Change the default for follow and mention notifications back on

* Add preference to always send e-mail notifications

* Change wording
2022-04-08 18:03:31 +02:00
Eugen Rochko 6221b36b27
Remove sign-in token authentication, instead send e-mail about new sign-in (#17970) 2022-04-06 20:58:12 +02:00