Thibaut Girka
b00f60f1d3
Merge branch 'master' into glitch-soc/merge-upstream
2018-10-28 08:37:49 +01:00
Eugen Rochko
795f0107d2
Include preview cards in status entity in REST API ( #9120 )
...
* Include preview cards in status entity in REST API
* Display preview card in-stream
* Improve in-stream display of preview cards
2018-10-28 06:35:03 +01:00
Thibaut Girka
cd99255698
Merge branch 'master' into glitch-soc/merge-upstream
...
Conflicts:
app/controllers/oauth/authorizations_controller.rb
Just two changes being too close to one another.
Took both.
2018-09-11 16:51:26 +02:00
Eugen Rochko
2288d50a7b
Add force_login option to OAuth authorize page ( #8655 )
...
* Add force_login option to OAuth authorize page
For when a user needs to sign into an app from multiple accounts
on the same server
* When logging out from modal header, redirect back after re-login
2018-09-09 04:10:44 +02:00
Thibaut Girka
246c313d45
Merge branch 'master' into glitch-soc/merge-upstream
...
Conflicts:
app/controllers/application_controller.rb
Changed instance theme selection by instance flavour selection.
2018-08-24 15:10:34 +02:00
Eugen Rochko
2f34b747b3
Allow mods to disable login, improve message when login disabled ( #8329 )
...
* Allow moderators to disable/enable login
* Instead of rejecting login, show forbidden error when login disabled
Avoid confusion because when login is rejected, the message is that
the account is not activated, which is wrong.
* Fix tests
2018-08-23 23:26:29 +02:00
Jakub Mendyk
6cb3514d64
Add ability to change an instance default theme from the administration panel ( #7092 ) ( #8381 )
...
* Add default_settings class method to ScopedSettings
ScopedSettings was extended to use value of unscoped setting instead of
only using defaults set in config/settings.yml for selected settings.
This adds possibility for admins to set default values of users' settings,
for example default theme (as requested in #7092 ).
* Add ability to change an instance default theme
Closes #7092
2018-08-23 14:17:35 +02:00
Thibaut Girka
8b4abaa90d
Merge branch 'master' into glitch-soc/master
...
Conflicts:
config/routes.rb
Added the “endorsements” route from upstream.
2018-08-21 18:24:48 +02:00
abcang
9e75aa30cd
Unuse ActiveRecord::Base#cache_key ( #8185 )
...
* Unuse ActiveRecord::Base#cache_key
* Enable cache_versioning
* Call cache_collection
2018-08-19 15:52:38 +02:00
Thibaut Girka
659b8a12ec
Merge branch 'master' into glitch-soc/merge-upstream
...
Conflicts:
config/locales/ca.yml
config/locales/nl.yml
config/locales/oc.yml
config/locales/pt-BR.yml
Resolved conflicts by removing upstream-specific changes
2018-05-27 13:20:15 +02:00
Eugen Rochko
ebf2fef029
Catch ActionController::UnknownFormat and return HTTP 406 ( #7621 )
...
An error like that should not appear in production error log.
2018-05-26 01:09:30 +02:00
Thibaut Girka
45fce0e496
Merge branch 'master' into glitch-soc/merge
...
Conflicts:
app/controllers/invites_controller.rb
app/serializers/initial_state_serializer.rb
config/locales/ko.yml
2018-05-11 18:12:42 +02:00
ThibG
352bae8c3e
Update session activation time ( fixes #5605 ) ( #7408 )
2018-05-11 13:20:58 +02:00
Jenkins
6611100480
Merge remote-tracking branch 'tootsuite/master' into glitchsoc/master
2018-04-03 19:17:20 +00:00
Emelia Smith
2e59751823
Improve require_admin! and require_staff! filters ( #7018 )
...
Previously these returns 302 redirects instead of 403s, which meant posting links to admin pages in slack caused them to unfurl, rather than stay as a link. Additionally, require_admin! doesn't appear to be actively used, on require_staff!
2018-04-03 13:07:32 +02:00
David Yip
1b8fcd4df5
Merge remote-tracking branch 'origin/master' into merge-upstream
...
Conflicts:
README.md
app/controllers/follower_accounts_controller.rb
app/controllers/following_accounts_controller.rb
app/serializers/rest/instance_serializer.rb
app/views/stream_entries/_simple_status.html.haml
config/locales/simple_form.ja.yml
2018-03-02 21:46:44 -06:00
Eugen Rochko
47bdb9b33b
Fix #942 : Seamless LDAP login ( #6556 )
2018-02-28 19:04:53 +01:00
imncls
bb6988a7ac
Merge branch 'master' of https://github.com/tootsuite/mastodon
...
# Conflicts:
# app/controllers/settings/exports_controller.rb
# app/models/media_attachment.rb
# app/models/status.rb
# app/views/about/show.html.haml
# docker_entrypoint.sh
# spec/views/about/show.html.haml_spec.rb
2018-02-23 23:28:31 +09:00
Eugen Rochko
d8bc64bb09
Fix #6526 : Only store redirect location if not in JSON format ( #6528 )
2018-02-22 00:51:30 +01:00
David Yip
4c1fd9a19c
Merge remote-tracking branch 'tootsuite/master' into merge-upstream
...
Conflicts:
app/javascript/styles/mastodon/components.scss
2018-02-02 08:39:52 -06:00
Alexander
04fef7b888
pam authentication ( #5303 )
...
* add pam support, without extra column
* bugfixes for pam login
* document options
* fix code style
* fix codestyle
* fix tests
* don't call remember_me without password
* fix codestyle
* improve checks for pam usage (should fix tests)
* fix remember_me part 1
* add remember_token column because :rememberable requires either a password or this column.
* migrate db for remember_token
* move pam_authentication to the right place, fix logic bug in edit.html.haml
* fix tests
* fix pam authentication, improve username lookup, add comment
* valid? is sometimes not honored, return nil instead trying to authenticate with pam
* update devise_pam_authenticatable2 and adjust code. Fixes sideeffects observed in tests
* update devise_pam_authenticatable gem, fixes for codeconventions, fix finding user
* codeconvention fixes
* code convention fixes
* fix idention
* update dependency, explicit conflict check
* fix disabled password updates if in pam mode
* fix check password if password is present, fix templates
* block registration if account is maintained by pam
* Revert "block registration if account is maintained by pam"
This reverts commit 8e7a083d650240b6fac414926744b4b90b435f20.
* fix identation error introduced by rebase
* block usernames maintained by pam
* document pam settings better
* fix code style
2018-02-02 10:18:55 +01:00
David Yip
f7c4d4464b
Merge remote-tracking branch 'personal/merge/tootsuite/master' into gs-master
2018-01-07 13:30:52 -06:00
David Yip
70c99a9f34
Use error pack when rendering error pages. Fixes #305 .
2018-01-07 13:30:17 -06:00
Jenkins
c2e1bfd9ae
Merge remote-tracking branch 'tootsuite/master' into glitchsoc/master
2018-01-07 15:17:13 +00:00
Yamagishi Kazutoshi
1d92b90be9
Fix force_ssl conditional ( #6201 )
2018-01-07 15:19:23 +01:00
Yamagishi Kazutoshi
da809f9eec
Fix unintended cache ( #6214 )
2018-01-07 15:12:59 +01:00
David Yip
5083311d64
Merge remote-tracking branch 'ykzts/fix-unintended-cache' into gs-master
2018-01-07 00:32:24 -06:00
Yamagishi Kazutoshi
2af307bce4
Fix unintended cache
2018-01-07 14:59:12 +09:00
Jenkins
c69a23ae46
Merge remote-tracking branch 'tootsuite/master' into glitchsoc/master
2018-01-04 23:17:11 +00:00
ThibG
3bee0996c5
Make sure private toots remain private and do not end up in HTTP caches ( #6175 )
2018-01-04 14:39:38 +01:00
Eugen Rochko
c10f4bdb03
Cache JSON of immutable ActivityPub representations ( #6171 )
2018-01-04 01:21:38 +01:00
David Yip
4cca1d1e7e
Merge remote-tracking branch 'origin/master' into merge-upstream
...
Conflicts:
app/controllers/auth/confirmations_controller.rb
2017-12-30 17:20:07 -06:00
Eugen Rochko
38fc1b498d
Add more instance stats APIs ( #6125 )
...
* Add GET /api/v1/instance/peers API to reveal known domains
* Add GET /api/v1/instance/activity API
* Make new APIs disableable, exclude private statuses from activity stats
* Fix code style issue
* Fix week timestamps
2017-12-29 19:52:04 +01:00
kibigo!
b28cd6769c
Javascript intl8n flavour support
2017-12-10 11:08:04 -08:00
kibigo!
717b7d555c
Skins shouldn't apply to fallback flavours
2017-12-07 14:49:54 -08:00
kibigo!
061211a1e3
Fix common packs when other pack also there
2017-12-06 15:34:19 -08:00
kibigo!
bc4fa6b198
Rename themes -> flavours ? ?
2017-12-03 23:26:40 -08:00
kibigo!
541fe9b110
Skins support
2017-11-30 19:29:47 -08:00
kibigo!
bdbbd06dad
Finalized theme loading and stuff
2017-11-20 22:13:37 -08:00
kibigo!
585758a373
Themed prefetching
2017-11-16 21:37:08 -08:00
Eugen Rochko
3e90987c8b
Fix some rubocop style issues ( #5730 )
2017-11-17 10:06:26 +09:00
Eugen Rochko
7bb8b0b2fc
Add moderator role and add pundit policies for admin actions ( #5635 )
...
* Add moderator role and add pundit policies for admin actions
* Add rake task for turning user into mod and revoking it again
* Fix handling of unauthorized exception
* Deliver new report e-mails to staff, not just admins
* Add promote/demote to admin UI, hide some actions conditionally
* Fix unused i18n
2017-11-11 20:23:33 +01:00
Andrew
0401a24558
Add support for multiple themes ( #4959 )
...
* Add support for selecting a theme
* Fix codeclimate issues
* Look up site default style if current user is not available due to e.g. not being logged in
* Remove outdated comment in common.js
* Address requested changes in themes PR
* Fix codeclimate issues
* Explicitly check current_account in application controller and only check theme availability if non-nil
* codeclimate
* explicit precedence with &&
* Fix code style in application_controller according to @nightpool's suggestion, use default style in embedded.html.haml
* codeclimate: indentation + return
2017-09-19 16:36:23 +02:00
Eugen Rochko
df605f0f8b
Add "signed in as" header to some pages ( #4523 )
2017-08-05 04:24:58 +02:00
Eugen Rochko
00df69bc89
Fix #4058 - Use a long-lived cookie to keep track of user-level sessions ( #4091 )
...
* Fix #4058 - Use a long-lived cookie to keep track of user-level sessions
* Fix tests, smooth migrate from previous session-based identifier
2017-07-07 23:25:15 +02:00
Eugen Rochko
ed7dc1704d
Bind web UI access tokens to sessions ( #3940 )
...
* Add overview of active sessions
* Better display of browser/platform name
* Improve how browser information is stored and displayed for sessions overview
* Fix test
* Fix #2347 - Bind web UI access token to session
When you logout, session also destroys the access token, so it's no longer
valid. If access token is destroyed some other way, the session is also
destroyed, requiring a re-login.
Fix #1681 - Add scheduler to remove revoked access tokens and grants
* Fix test
2017-06-25 23:51:32 +02:00
Yamagishi Kazutoshi
676ba50601
Show error message to suspended user ( #3281 )
2017-05-24 16:39:09 +02:00
Yamagishi Kazutoshi
73e4468ff3
Change "Account.any?" to "Account.exists?" ( #3217 )
2017-05-22 15:02:30 +02:00
Akihiko Odaki
aa662cecad
single_user_mode? always returns boolean ( #3215 )
...
This change also adds a specification for the method.
2017-05-22 06:00:06 +02:00
Matt Jankowski
7bffd16024
Error responses cleanup ( #2692 )
...
* Use respond_with_error for forbidden errors
* Wrap up common error code into single method
2017-05-01 22:24:36 +02:00