* Check to make sure usernames with '.' cannot be created
* Add test for instance actor account name conflicts
This makes sure that migration 20190715164535_add_instance_actor
won't fail if there's already an account that is named the same
as the domain (minus the .)
* Put the test into the correct context...
* Add another test to split this into two validations
* Don't delete periods when validating username uniqueness (#11392)
The 20190715164535_add_instance_actor migration fails if there's
already a username similar to the domain name, e.g. if you are
'vulpine.club' and have a user named 'vulpineclub', validation
fails.
Upon further review, usernames with periods are dropped by the
regular expression in the Account class, so we don't need to
worry about it here.
Fixes#11392
Allow access to account settings, 2FA, authorized applications, and
account deletions to unconfirmed and pending users, as well as
users who had their accounts disabled. Suspended users cannot update
their e-mail or password or delete their account.
Display account status on account settings page, for example, when
an account is frozen, limited, unconfirmed or pending review.
After sign up, login users straight away and show a simple page that
tells them the status of their account with links to account settings
and logout, to reduce onboarding friction and allow users to correct
wrongly typed e-mail addresses.
Move the final sign-up step of SSO integrations to be the same
as above to reduce code duplication.
* Add support for an instance actor
* Skip username validation for local Application accounts
* Add migration script to create instance actor
* Make Codeclimate happy
* Switch to id -99 for instance actor
* Remove unused `icon` and `image` attributes from instance actor
* Use if/elsif/else instead of return + ternary operator
* Add instance actor to fresh installs
* Use instance actor as instance representative
Use instance actor for forwarding reports, relay operations, and spam
auto-reporting.
* Seed database in test environment
* Fix single-user mode
* Fix tests
* Fix specs to accomodate for an extra `Account`
* Auto-reject follows on instance actor
Following an instance actor might make sense, but we are not handling that
right now, so auto-reject.
* Fix webfinger lookup and serialization for instance actor
* Rename instance actor
* Make it clear in the HTML view that the instance actor should not be blocked
* Raise cache time for instance actor as there's no dynamic content
* Re-use /about/more with a flash message for instance actor profile
Conflicts:
- app/models/media_attachment.rb
Upstream added audio attachment support
- app/serializers/initial_state_serializer.rb
Upstream added audio attachment support and how mimetypes are returned
- app/serializers/rest/instance_serializer.rb
Upstream added a few fields
- config/application.rb
Upstream added a different paperclip transcoder
* Change domain blocks to automatically support subdomains
If a more authoritative domain is blocked (example.com), then the
same block will be applied to a subdomain (foo.example.com)
* Match subdomains of existing accounts when blocking/unblocking domains
* Improve code style
* Change note_length validator from 160 to 500
* Change input maxlength from 160 to 500
* update bio test from 160 to 500
* Multiply a string 30 times instead of 10
* Record account suspend/silence time and keep track of domain blocks
* Also unblock users who were suspended/silenced before dates were recorded
* Add tests
* Keep track of suspending date for users suspended through the CLI
* Show accurate number of accounts that would be affected by unsuspending an instance
* Change migration to set silenced_at and suspended_at
* Revert "Also unblock users who were suspended/silenced before dates were recorded"
This reverts commit a015c65d2d.
* Switch from using suspended and silenced to suspended_at and silenced_at
* Add post-deployment migration script to remove `suspended` and `silenced` columns
* Use Account#silence! and Account#suspend! instead of updating the underlying property
* Add silenced_at and suspended_at migration to post-migration
* Change account fabricator to translate suspended and silenced attributes
* Minor fixes
* Make unblocking domains always retroactive
* When trying to block an already-blocked domain, provide a link to the block
* Fix styling for links in flash messages
* Allow blocks to be upgraded but not downgraded
Conflicts:
- app/views/admin/pending_accounts/index.html.haml
No real conflict, upstream changes too close to glitch-specific
theming system changes.
- config/navigation.rb
Upstream redesigned the settings navigation, took those changes
and re-inserted the flavours menu.
* Add "why do you want to join" field to invite requests
Fix#10512
* Remove unused translations
* Fix broken registrations when no invite request text is submitted
* Refactor imports
* Export show_reblogs when exporting list of followed users
* Add support for importing show_reblogs with following collection
* Fix tests
Conflicts:
- app/controllers/following_accounts_controller.rb
Conflicts were due to glitch-soc's theming system.
- app/javascript/packs/public.js
Some code has been change upstream, but it has been
moved to app/javascript/core/settings.js in glitch-soc.
Applied the changes there.
* Squish username before validation (#10101)
Fix#10101
* Move before_validation hook to a private method
Also add Unicode wite-spaces to the spec to support the use of squish
over strip.
* Add polls
Fix#1629
* Add tests
* Fixes
* Change API for creating polls
* Use name instead of content for votes
* Remove poll validation for remote polls
* Add polls to public pages
* When updating the poll, update options just in case they were changed
* Fix public pages showing both poll and other media
Conflicts:
- app/controllers/oauth/authorized_applications_controller.rb
Two changes too close to each other
- app/controllers/settings/sessions_controller.rb
- app/lib/user_settings_decorator.rb
Two changes too close to each other
- app/models/media_attachment.rb
New changes too close to glitch-soc only changes.
- app/models/user.rb
Two changes too close to each other.
- app/services/remove_status_service.rb
Kept direct timeline code which had been removed upstream.
- app/views/settings/preferences/show.html.haml
Two changes too close to each other.
- config/locales/en.yml
Introduction of a new string too close to glitch-soc-only's “flavour”
- config/locales/ja.yml
Introduction of a new string too close to glitch-soc-only's “flavour”
- config/locales/pl.yml
Introduction of a new string too close to glitch-soc-only's “flavour”
- config/locales/simple_form.en.yml
Introduction of a new string too close to glitch-soc-only's “skin”
- config/locales/simple_form.pl.yml
Introduction of a new string too close to glitch-soc-only's “skin”
- config/settings.yml
Reverted upstream's decision of enabling posting application by default.
* Add hashtag filter to profiles
GET /@:username/tagged/:hashtag
GET /api/v1/accounts/:id/statuses?tagged=:hashtag
* Display featured hashtags on public profile
* Use separate model for featured tags
* Update featured hashtag counters on-write
* Limit featured tags to 10
Conflicts:
- .eslintrc.yml
Removed, as upstream removed it.
- app/controllers/admin/statuses_controller.rb
Minor code cleanup when porting one of our features.
- app/models/account.rb
Note length validation has changed upstream.
We now use upstream's validation (dropped legacy glitch-soc
account metadata stuff) but with configurable limit.
- app/services/post_status_service.rb
Upstream has added support for scheduled toots, refactoring
the code a bit. Adapted our changes to this refactoring.
- app/views/stream_entries/_detailed_status.html.haml
Not a real conflict, changes too close.
- app/views/stream_entries/_simple_status.html.haml
Not a real conflict, changes too close.
* Add REST API for creating an account
The method is available to apps with a token obtained via the client
credentials grant. It creates a user and account records, as well as
an access token for the app that initiated the request. The user is
unconfirmed, and an e-mail is sent as usual.
The method returns the access token, which the app should save for
later. The REST API is not available to users with unconfirmed
accounts, so the app must be smart to wait for the user to click a
link in their e-mail inbox.
The method is rate-limited by IP to 5 requests per 30 minutes.
* Redirect users back to app from confirmation if they were created with an app
* Add tests
* Return 403 on the method if registrations are not open
* Require agreement param to be true in the API when creating an account
* Add moderation warnings
Replace individual routes for disabling, silencing, and suspending
a user, as well as the report update route, with a unified account
action controller that allows you to select an action (none,
disable, silence, suspend) as well as whether it should generate an
e-mail notification with optional custom text. That notification,
with the optional custom text, is saved as a warning.
Additionally, there are warning presets you can configure to save
time when performing the above.
* Use Account#local_username_and_domain
* Make custom emoji domains case sensitive #9351
* Fixup style in downcase_domain to comply with codeclimate.
* switch if! to unless
* Don't use transactions, operate in batches.
Also revert spurious schema change.