Commit graph

2549 commits

Author SHA1 Message Date
Claire 502cf75b16
Merge pull request from GHSA-58x8-3qxw-6hm7
* Fix insufficient permission checking for public timeline endpoints

Note that this changes unauthenticated access failure code from 401 to 422

* Add more tests for public timelines

* Require user token in `/api/v1/statuses/:id/translate` and `/api/v1/scheduled_statuses`
2024-07-04 16:26:49 +02:00
Claire 395f17ca17
Merge pull request from GHSA-vp5r-5pgw-jwqx
* Fix streaming sessions not being closed when revoking access to an app

* Add tests for GHSA-7w3c-p9j8-mq3x
2024-07-04 16:11:28 +02:00
Emelia Smith 47f0faebc9
Implement HTML ruby tags for east-asian languages (#30897) 2024-07-03 20:05:59 +00:00
David Roetzel 9be77fc0db
Revert "Add system check for missing database indexes" (#30909) 2024-07-03 13:36:42 +00:00
David Roetzel ebd8e1bbb6
Add system check for missing database indexes (#30888) 2024-07-03 07:19:54 +00:00
Matt Jankowski 836c0477ac
Use vips setting instead of env var in media processing spec (#30859) 2024-06-27 16:03:26 +00:00
David Roetzel ff08d99d4d
Catch encoding errors when creating link previews. (#30853) 2024-06-27 14:41:03 +00:00
David Roetzel 42adb6eaee
Add size limit for link preview URLs (#30854) 2024-06-27 14:40:19 +00:00
Matt Jankowski f6390c3326
Use flatware to parallelize CI specs (#30284) 2024-06-27 07:42:57 +00:00
Claire 7a84b76bb1
Drop favicon.ico generation (#30375) 2024-06-26 13:44:08 +00:00
Matt Jankowski 8ef59729a1
Ignore intermittent chrome/manifest/icon interaction failure (#30793) 2024-06-25 13:57:40 +00:00
Emelia Smith 30ae5952d2
Fix: Ensure "With Media" is highlighted from Admin Accounts page (#30812) 2024-06-25 07:46:53 +00:00
Claire 8827cd597e
Fix /admin/accounts/:account_id/statuses/:id for edited posts with media attachments (#30819) 2024-06-24 13:11:10 +00:00
Matt Jankowski 72484a194f
Remove CacheBuster default options (#30718) 2024-06-21 15:32:49 +00:00
David Roetzel 2cab1c7b09
Improve encoding detection for link cards (#30780) 2024-06-21 12:51:10 +00:00
Matt Jankowski 84a31319e9
Add match_json_values and use in AP worker specs (#30720) 2024-06-19 13:46:52 +00:00
Claire 8098d27f84
Stop calling Webpacker in full-stack tests (#30763) 2024-06-19 09:31:30 +00:00
Claire 58ace2e45e
Fix SQL error in admin measures API (#30753) 2024-06-18 16:04:58 +00:00
Matt Jankowski 38c6825eda
Remove unused Extractor#extract_cashtags_with_indices method (#30742) 2024-06-18 12:16:16 +00:00
Matt Jankowski d7b7617321
Use class_names in admin/account_moderation_notes helper (#30719) 2024-06-17 12:20:57 +00:00
Matt Jankowski f287462f76
Fix repeated Delete/Undo assertion in remove status service spec (#30715) 2024-06-17 10:21:29 +00:00
Claire 45abddb302
Fix pagination attributes not being returned in ungroupable-only pages (#30688) 2024-06-13 14:10:34 +00:00
Claire bf56e982a9
Fix notifications from limited users being outright dropped (#30559) 2024-06-12 13:50:38 +00:00
Claire 1dfd516284
Fix duplicate @context attribute in user export (#30653) 2024-06-12 07:28:28 +00:00
Matt Jankowski d818ddd687
Extract SIGN_COUNT_LIMIT constant in WebauthnCredential class (#30636) 2024-06-11 15:36:21 +00:00
Matt Jankowski 62d070c438
Check both before/after state in AccountDomainBlock spec (#30640) 2024-06-11 13:59:56 +00:00
Matt Jankowski 1622f7aeb9
Remove duplicate fabricator validity checks (#29667) 2024-06-11 07:48:42 +00:00
Matt Jankowski edf6d64eeb
Use correct params in settings/preferences/appearance spec (#30379) 2024-06-11 07:36:46 +00:00
Matt Jankowski b2496177e0
Use correct params in v1/admin/domain_allows spec (#30378) 2024-06-11 07:35:30 +00:00
Matt Jankowski cfd4823b65
Use fabricator in follow_spec (#30642) 2024-06-11 06:57:09 +00:00
Matt Jankowski 9cc4040308
Extract COMMENT_SIZE_LIMIT constant in AP::Activity::Flag class (#30637) 2024-06-10 15:23:55 +00:00
Matt Jankowski 9bf2e2eda0
Extract TEXT_LENGTH_LIMIT constant in Appeal class (#30638) 2024-06-10 15:23:17 +00:00
Matt Jankowski 3e3f3d7580
Match report validation spec to extracted constant (#30633) 2024-06-10 15:04:01 +00:00
Matt Jankowski 92b3004bf3
Reference constants from account validation specs (#30634) 2024-06-10 15:03:41 +00:00
Daniel M Brasil 28f9a8f2ec
Add Specs for Scheduled Status Model Validations (#30585) 2024-06-10 14:52:33 +00:00
Daniel M Brasil 77c2216e47
fix: Return HTTP 422 when scheduled status time is less than 5 minutes (#30584) 2024-06-10 13:33:48 +00:00
Matt Jankowski 827e36ff9e
Fix Capybara/NegationMatcher cop in spec/system (#30616) 2024-06-08 17:10:06 +00:00
Claire 1408733386
Fix Mastodon relying on ImageMagick even with MASTODON_USE_LIBVIPS (#30590) 2024-06-07 09:27:59 +00:00
Matt Jankowski 04ebbe3077
Add sidekiq_inline to appeal service spec (#30562) 2024-06-06 14:19:37 +00:00
Matt Jankowski 07cc94e05f
Use sidekiq_inline in requests/api/v1/admin/account_actions spec (#30563) 2024-06-06 14:19:22 +00:00
Matt Jankowski 9b9b0e25b6
Use sidekiq_inline in requests/api/v1/reports spec (#30564) 2024-06-06 14:14:33 +00:00
Matt Jankowski a662c6d1d8
Use sidekiq_inline in admin/account_action model spec (#30565) 2024-06-06 14:12:58 +00:00
Eugen Rochko a2505e8611
Add timeline of public posts about a trending link to REST API (#30381) 2024-06-06 08:43:04 +00:00
Emelia Smith e02d23b549
Change read:me scope to profile scope (#30357)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2024-06-06 07:30:10 +00:00
Emelia Smith 4655be0da6
Fix add validation to webpush subscription keys (#30542) 2024-06-05 19:16:47 +00:00
Eugen Rochko 5f15a892fa
Add support for libvips in addition to ImageMagick (#30090)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2024-06-05 19:15:39 +00:00
Emelia Smith eef2cc054f
Add url validation to Web::PushSubscription endpoints (#30540) 2024-06-05 08:06:06 +00:00
Matt Jankowski 249cbc449c
Use existing config access to local_domain value (#30509) 2024-06-03 09:15:58 +00:00
Claire 974335e414
Add experimental server-side notification grouping (#29889) 2024-06-03 08:35:59 +00:00
Matt Jankowski 4d047b95ae
Use more direct attribute handling in User fabricator (#30495) 2024-05-31 09:54:11 +00:00
Claire 16249946ae
Merge pull request from GHSA-q3rg-xx5v-4mxh 2024-05-30 14:14:04 +02:00
Claire 3ea4275ae3
Merge pull request from GHSA-5fq7-3p3j-9vrf 2024-05-30 14:03:13 +02:00
Emelia Smith d20a5c3ec9
Fix: remove broken OAuth Application vacuuming & throttle OAuth Application registrations (#30316)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2024-05-29 14:00:05 +00:00
Claire 36fe8f8566
Change ids param to id in /api/v1/statuses and /api/v1/accounts for consistency (#30465) 2024-05-29 09:19:17 +00:00
Matt Jankowski c61e356475
Add Status::MEDIA_ATTACHMENTS_LIMIT configuration constant (#30433) 2024-05-27 09:49:44 +00:00
Matt Jankowski 564ebfefcf
Remove hard reference from status pin validator spec (#30432) 2024-05-27 09:20:28 +00:00
Claire 133d98fb25
Normalize language code of incoming posts (#30403) 2024-05-23 17:28:18 +00:00
Matt Jankowski 3a862439df
Remove unused account record in api/v2/admin/accounts spec (#30397) 2024-05-23 08:26:58 +00:00
Claire 32223863a5
Add coverage to /admin/accounts/:id (#30386) 2024-05-21 13:17:34 +00:00
Claire 89f89d738f
Revert "Allow unblocking email addresses from any matching account (#29305)" (#30385) 2024-05-21 08:56:08 +00:00
Matt Jankowski 0a2110b9af
Add coverage for custom filters (#30347) 2024-05-20 15:00:09 +00:00
Claire de4815afda
Add more tests for self-destruct mode (#30374) 2024-05-20 10:06:51 +00:00
Matt Jankowski def6b686ff
Fix Rails/WhereRange cop (#30343) 2024-05-20 09:37:36 +00:00
Matt Jankowski 70608f824e
Add coverage for AdminMailer#auto_close_registrations (#30349) 2024-05-20 08:03:39 +00:00
Emelia Smith 2da2a1dae9
Support multiple redirect_uris when creating OAuth 2.0 Applications (#29192) 2024-05-17 13:46:12 +00:00
Matt Jankowski 65e82211cd
Rename cache_* methods to preload_* in controller concern (#30209) 2024-05-16 08:03:46 +00:00
Emelia Smith 5fd56512de
Improve Report Notes and Account Moderation Notes (#30288) 2024-05-15 13:38:36 +00:00
Jason Punyon 85c625d319
Fix repetitive database queries from #30040 (#30259) 2024-05-15 09:38:16 +00:00
Matt Jankowski 6beead3867
Move simplecov config into rails_helper (#30302) 2024-05-15 09:33:36 +00:00
Renaud Chaput 40639510f8
Retain unconfirmed users longer (1 week) (#30285) 2024-05-15 08:27:34 +00:00
Matt Jankowski 0d397db5dd
Consolidate system specs into single directory, use rspec tags for configuration (#30206) 2024-05-10 12:36:09 +00:00
Matt Jankowski fa43a6c835
Use more accurate redirect_uri in oauth spec (#30212) 2024-05-10 09:43:59 +00:00
Claire 2fe1b8d169
Add API to get multiple accounts and statuses (#27871)
Co-authored-by: noellabo <noel.yoshiba@gmail.com>
2024-05-06 15:19:15 +00:00
Fawaz Farid bc24c4792d
Allow admins to configure instance favicon and logo (#30040) 2024-05-06 15:06:52 +00:00
Emelia Smith 116f01ec7d
Implement RFC 8414 for OAuth 2.0 server metadata (#29191) 2024-05-06 13:17:56 +00:00
Claire 30ef9fccf0
Fix hashtag matching pattern matching some link anchors (#30190) 2024-05-06 12:47:19 +00:00
Matt Jankowski dbaa4ed891
Use chewy which relaxes ES version reqs (#30157) 2024-05-06 11:50:45 +00:00
Claire e5062b7135
Fix post deletion not being deferred when those are part of an account warning (#30163) 2024-05-06 09:52:34 +00:00
Claire 253ead3aa7
Fix not being able to block a subdomain of an already-blocked domain through the API (#30119) 2024-05-02 20:56:21 +00:00
Matt Jankowski 1e7d5d2957
Update devise-two-factor to version 5.0.0 (#28325)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2024-05-02 09:31:41 +00:00
Matt Jankowski 2447497a4c
Status length validation spec updates (#30132) 2024-05-02 08:31:06 +00:00
Claire 91ca90e25b
Fix Idempotency-Key ignored when scheduling a post (#30084) 2024-04-26 13:19:02 +00:00
Claire e845594878
Fix moderator account being exposed in account moderation notification (#30082) 2024-04-26 12:42:06 +00:00
Claire 4ef0b48b95
Add in-app notifications for moderation actions/warnings (#30065) 2024-04-25 17:26:05 +00:00
Emelia Smith 049b159beb
Add read:me OAuth 2.0 scope, allowing more limited access to user data (#29087) 2024-04-23 11:47:00 +00:00
Matt Jankowski a15139bc02
Fix intermittent order based failure in UpdateStatusService spec (#30008) 2024-04-22 08:30:38 +00:00
Matt Jankowski f5d341382e
Add any_args to have_enqueued_sidekiq_job call (quiets deprecation) (#29999) 2024-04-19 19:44:59 +00:00
Matt Jankowski 11e0049b08
Use enum-generated scopes/queries for BulkImport (#29975) 2024-04-18 10:13:35 +00:00
Claire 8bece467f8
Change have_enqueued_sidekiq_job usage to always make argument expectations explicit (#29974) 2024-04-17 11:13:52 +00:00
Matt Jankowski 650c548c31
Add not_featured_by scope to Tag (#28815) 2024-04-17 10:05:38 +00:00
Matt Jankowski 9ce2db4136
Combine double subject runs and DRY up change check in bulk import service spec (#29402) 2024-04-17 08:23:25 +00:00
Matt Jankowski 6fed108703
Use Rails upsert to generate update_count! query in Counters concern (#28738)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2024-04-17 08:16:51 +00:00
Matt Jankowski 7fed4a9740
Pull out repeated setup to shared setup in statusus/show view spec (#29927) 2024-04-15 15:24:31 +00:00
Matt Jankowski 61d108f415
Extract header_tags method in statuses/show view spec (#29907) 2024-04-12 09:50:46 +00:00
Matt Jankowski da6b9238f5
Expand coverage for admin/metrics/measure/* classes (#29914) 2024-04-12 09:38:24 +00:00
Matt Jankowski ec5a0e0f5e
Expand coverage for admin/metrics/dimension/* classes (#29913) 2024-04-12 09:18:35 +00:00
Matt Jankowski 449f99e168
Fix repeated concat output buffer duplicating layout markup (#29918) 2024-04-11 23:37:07 +00:00
Matt Jankowski 576554b19b
Use fabrication sequence in domain values (#29895) 2024-04-11 08:59:01 +00:00
Matt Jankowski 285f63c02e
Use composable query in User.active scope (#29775) 2024-04-08 13:53:49 +00:00
Claire babbf6017d
Remove caching in cache_collection (#29862) 2024-04-08 13:46:13 +00:00
Claire e73cf356d2
Move OAuth flow tests from feature tests to system tests (#29837) 2024-04-05 16:52:05 +00:00
Matt Jankowski b61ae28f8d
Separate methods for theme style and meta color tags (#29802) 2024-04-05 09:52:43 +00:00
Matt Jankowski 59da591d13
Improve spec for dimension/languages admin metric (#29842) 2024-04-05 08:54:11 +00:00
Claire 38b9d31f63
Improve email address validation (#29838) 2024-04-05 07:48:45 +00:00
Claire 1f11aa5f04
Add stub for trending tags in user mailer spec (#29850) 2024-04-05 07:48:07 +00:00
Matt Jankowski 191bf5876e
Add coverage for sanitize failure path in api/web/embeds spec (#29851) 2024-04-04 16:07:16 +00:00
Matt Jankowski f87959ab50
Fix RSpec/LetSetup cop in api/v1/timelines/public spec (#28972) 2024-04-02 14:05:02 +00:00
Matt Jankowski 34489591ec
Add max_pinned_statuses to instances serializer and api response (#29441) 2024-04-02 13:54:11 +00:00
Renaud Chaput b4d991adaa
Use integers and not numbers in notification policy API counters (#29810) 2024-04-02 10:06:26 +00:00
renovate[bot] 589e34d00c
Update dependency selenium-webdriver to v4.19.0 (#29776)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2024-04-02 08:53:44 +00:00
Claire 9c24f2d6b1
Undo notification permissions on individual and domain blocks (#29570) 2024-03-26 14:46:38 +00:00
Claire 81a04ac25c
Improve specs for severed relationships (#29688) 2024-03-22 16:25:36 +00:00
Matt Jankowski 34f293475e
Fix results/query in api/v1/featured_tags/suggestions (#29597) 2024-03-22 15:08:27 +00:00
Claire 05eda8d193
Remove severed relationship notifications for single account suspensions (#29700) 2024-03-21 21:53:24 +00:00
Claire 814a48517f
Add some more tests for notification policies (#29698) 2024-03-21 16:46:38 +00:00
Claire 7434c9c276
Fix the relationships controller spec, since it requires an extra model now (#29671) 2024-03-21 08:28:37 +00:00
Claire 44bf7b8128
Add notifications of severed relationships (#27511) 2024-03-20 15:37:21 +00:00
Claire 8a1423a474
Allow unblocking email addresses from any matching account (#29305) 2024-03-20 14:38:00 +00:00
Matt Jankowski 6d2986017e
Remove unused active_nav_class helper method (#29617) 2024-03-18 13:24:59 +00:00
Claire d5063072c3
Revert friends-of-friends follow recommendation query to using a CTE (#29619) 2024-03-18 12:57:21 +00:00
Matt Jankowski 92855948a0
Remove unused show_landing_strip? helper method (#29618) 2024-03-18 08:55:54 +00:00
Matt Jankowski ecdbf15ebe
Remove unused link_to_older and link_to_newer helper methods (#29620) 2024-03-18 08:54:46 +00:00
Matt Jankowski 4f4132f1a1
Add diagnostic message for failure during CLI search deploy (#29462) 2024-03-15 14:26:23 +00:00
Matt Jankowski 2e91a9bd34
Add include_pagination_headers matcher to check Link header in api specs (#29596) 2024-03-15 10:17:45 +00:00
Matt Jankowski e75b55a6d7
Extract target account on list method in bulk import row service spec (#29601) 2024-03-15 09:31:25 +00:00
Matt Jankowski 974c7672e5
Extract shared behavior methods in oauth feature spec (#28360) 2024-03-14 13:42:59 +00:00
Matt Jankowski 0bc17a3d48
Use enum-generated public_visibility scope on Status (#28156) 2024-03-14 09:31:57 +00:00
Matt Jankowski 681a89f684
Readability clean up in ImportVacuum spec (#28955) 2024-03-14 09:24:00 +00:00
Matt Jankowski f9100743ec
Add Api::ErrorHandling concern for api/base controller (#29574) 2024-03-14 09:09:47 +00:00
Matt Jankowski 42875fee52
Add coverage for bad args/options in CLI::Domains#purge (#29578) 2024-03-14 08:58:53 +00:00
Matt Jankowski 71e5f0f48c
Add coverage for suspended instance actor scenario (#29571) 2024-03-13 15:43:40 +00:00
Matt Jankowski 6262ceeb70
Fix RSpec/DescribedClass cop (#29472) 2024-03-13 15:42:39 +00:00
Matt Jankowski c09b8a7164
Add Account.without_internal scope (#29559)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2024-03-13 14:11:23 +00:00
Matt Jankowski 46e902f1f3
Merge api/v1/accounts/credentials controller spec into existing request spec (#29006) 2024-03-13 09:22:43 +00:00
Matt Jankowski 01b624c4a0
Use normalizes on CustomFilter#context value (#27602) 2024-03-13 08:50:21 +00:00
Matt Jankowski 71eecbfa1f
Move api/v2/filters/* to request spec (#28956) 2024-03-13 08:47:09 +00:00
Matt Jankowski 8349b45d60
Accept extra args that we wont verify in ap/activity/add_spec (#29005) 2024-03-13 08:46:11 +00:00
Matt Jankowski 469028b6d3
Remove unneeded type: :service from spec/services files (#29304) 2024-03-13 08:39:26 +00:00
Matt Jankowski 3eaac3af73
Use before_all block to setup requests/cache_spec data (#29437) 2024-03-13 08:38:57 +00:00
Matt Jankowski 19f0590795
Add basic coverage for TagSearchService class (#29319) 2024-03-13 08:33:03 +00:00
Matt Jankowski 96013cd576
Reduce RSpec/ExampleLength in CSP request spec (#29104) 2024-03-13 08:22:32 +00:00
Matt Jankowski 216cea1e27
Fix incorrect frequency value in FriendsOfFriendsSource data (#29550) 2024-03-12 08:38:32 +00:00
Matt Jankowski 24319836de
Convert request-based setup into factory setup in push/subscriptions request spec (#29489) 2024-03-11 15:46:25 +00:00
Matt Jankowski a38e424185
Use unchanging github links in docs/comments (#29545) 2024-03-11 15:14:55 +00:00
Eugen Rochko c10bbf5fe3
Add notification policies and notification requests in web UI (#29433) 2024-03-11 15:02:21 +00:00
Jeong Arm 4a6ddbc9c0
Normalize idna domain before account unblock domain (#29530) 2024-03-11 09:28:08 +00:00
Matt Jankowski a7284690fc
Add coverage for admin/metrics base classes, simplify subclass generation (#29527) 2024-03-11 09:16:19 +00:00
Matt Jankowski 98ef38e34e
Ensure unique values in fabricators (#29515) 2024-03-11 08:53:24 +00:00
Eugen Rochko 50b17f7e10
Add notification policies and notification requests (#29366) 2024-03-07 14:53:37 +00:00
Claire ee8d0b9447
Fix follow suggestions potentially including silenced or blocked accounts (#29306) 2024-03-04 06:35:20 +00:00
Matt Jankowski 18945f62e0
Convert more API specs from controller->request style (#29004) 2024-03-01 16:24:45 +00:00
Daniel M Brasil a25014de8f
Improve IpBlock model test coverage (#29460) 2024-03-01 16:17:40 +00:00
Matt Jankowski 3389c41b58
Move nobody position in UserRole magic number to constant (#29465) 2024-03-01 11:05:24 +00:00
Matt Jankowski eb1b8f69de
Allow pagination Link headers on API accounts/statuses when pinned true (#29442) 2024-02-29 14:21:56 +00:00
Matt Jankowski 6675bf574a
Extract parsed_uri_query_values helper in ap/replies controller spec (#29410) 2024-02-29 13:47:38 +00:00
Matt Jankowski 14c65180df
Use sequence in software_update fabricator to allow multiple (#29438) 2024-02-29 10:51:11 +00:00
Matt Jankowski 8f3c91fc3c
Add change block expectation to admin/invites#deactivate_all spec (#29412) 2024-02-27 16:25:58 +00:00
Claire 6f7615ba86
Add basic end-to-end test for admin moderation interface (#29424) 2024-02-27 15:18:06 +00:00
Matt Jankowski 9e78129e6e
Use "cacheable response" shared example in more places (#29419) 2024-02-27 11:50:21 +00:00
Matt Jankowski 8156113d58
Use response_vary_headers method in requests/cache_spec (#29411) 2024-02-26 16:27:07 +00:00
Damien Mathieu 1540f42522
Better tests for auth/registrations#update (#29303) 2024-02-26 16:09:56 +00:00
Wolfgang Fournès d51c3ac087
Add a missing spec to SessionsController#webauthn_options (#29277) 2024-02-26 16:09:40 +00:00
Matt Jankowski b0064ddda7
Add basic coverage for MoveService class (#29301) 2024-02-23 09:59:29 +00:00
Matt Jankowski a6ed148769
Use heredoc on the HTML blocks in verify link spec (#29365) 2024-02-22 21:26:48 +00:00
Claire 9d8dfeb5fb
Fix processing of Link objects in Image objects (#29335) 2024-02-22 22:27:24 +01:00
Claire 5152dd869e
Fix link verifications when page size exceeds 1MB (#29358) 2024-02-22 17:31:50 +00:00
Claire b71904816a
Change registrations to be disabled by default for new servers (#29280) 2024-02-22 13:28:19 +00:00
Matt Jankowski e9b0f0c314
Add basic coverage for RemoveDomainsFromFollowersService class (#29327) 2024-02-22 10:53:38 +00:00
Matt Jankowski 7c7dfe7de3
Add basic coverage for RemoveFeaturedTagService class (#29328) 2024-02-22 10:51:04 +00:00
Matt Jankowski 6342ddd698
Add basic coverage for UnfavouriteService class (#29329) 2024-02-22 10:48:42 +00:00
Matt Jankowski f70905f127
Add basic coverage for UnmuteService class (#29330) 2024-02-22 10:48:09 +00:00
Matt Jankowski a69fe534e3
Add basic coverage for WebhookService class (#29331) 2024-02-22 10:46:20 +00:00
Matt Jankowski d1602c017d
Add basic coverage for ApproveAppealService class (#29333) 2024-02-22 10:40:07 +00:00
Matt Jankowski ab2ef63a03
Add basic coverage for VoteService class (#29334) 2024-02-22 10:39:18 +00:00
Claire 2751acb6cd
Automatically switch from open to approved registrations in absence of moderators (#29318) 2024-02-21 17:45:06 +00:00
Matt Jankowski 08342ad40c
Add basic coverage for AfterUnallowDomainService class (#29324) 2024-02-21 17:13:11 +00:00
Matt Jankowski 8f61e32569
Add basic coverage for AppealService class (#29322) 2024-02-21 17:12:31 +00:00
Matt Jankowski b73932461f
Add basic coverage for CreateFeaturedTagService class (#29321) 2024-02-21 16:58:19 +00:00
Matt Jankowski 5f19e7e799
Add basic coverage for ProcessHashtagsService class (#29320) 2024-02-21 16:57:45 +00:00
Matt Jankowski 1f648fdf1a
Remove erroneous service type on TagFeed model spec (#29302) 2024-02-21 11:25:33 +00:00
Matt Jankowski 64f9939e39
Use capture_emails helper to improve email assertions in specs (#29245) 2024-02-19 15:57:47 +00:00
Wolfgang Fournès 86627ea2e4
Add a missing thread example to the statuses spec (#29278) 2024-02-19 13:35:58 +00:00
Matt Jankowski 245064bb98
Move "everyone" role and "instance actor" account magic number IDs to constants (#29260) 2024-02-19 11:09:43 +00:00
Claire 96ddf1d482
Fix flaky end-to-end OCR test (#29244) 2024-02-16 16:57:23 +00:00
Matt Jankowski 1946e171e6
Reduce round trips in admin/disputes/appeals spec (#29234) 2024-02-16 13:46:28 +00:00
Matt Jankowski 3454fcbd71
Reduce round trips in auth/sessions spec (#29233) 2024-02-16 13:38:49 +00:00
Matt Jankowski a316c0e38d
Reduce round trips in disputes/appeals spec (#29232) 2024-02-16 13:01:15 +00:00
Matt Jankowski 117b507df5
Extract subject from User#mark_email_as_confirmed! spec (#29231) 2024-02-16 13:01:04 +00:00
Matt Jankowski 1690fb39e6
Reduce RSpec/MultipleExpectations in instance_actors_controller spec (#29229) 2024-02-16 13:00:11 +00:00
Matt Jankowski bba488c189
Reduce RSpec/MultipleExpectations in media_attachment spec (#29228) 2024-02-16 13:00:09 +00:00
Claire 9fee5e8526
Merge pull request from GHSA-jhrq-qvrm-qr36
* Fix insufficient Content-Type checking of fetched ActivityStreams objects

* Allow JSON-LD documents with multiple profiles
2024-02-16 11:56:12 +01:00
Matt Jankowski a9f9b0097b
Reduce RSpec/MultipleExpectations in captcha feature spec (#29226) 2024-02-16 07:52:57 +00:00
Matt Jankowski 4b7f04e3ea
Reduce RSpec/MultipleExpectations in post_status_service spec (#29225) 2024-02-16 07:52:29 +00:00
Matt Jankowski ed4939296a
Reduce RSpec/MultipleExpectations in ap/activity/create spec (#29224) 2024-02-16 07:43:00 +00:00
Matt Jankowski 1df2ffc3ee
Use subject in blacklist email validator spec (#29211) 2024-02-16 07:42:03 +00:00
Matt Jankowski fc4f823464
Avoid local block var assignment in ap/process_status_update_service spec (#29210) 2024-02-16 07:41:25 +00:00
Claire d4d0565b0f
Fix user creation failure handling in OAuth paths (#29207) 2024-02-14 21:49:45 +00:00
Claire bbbbf00084
Fix OmniAuth tests (#29201) 2024-02-14 14:57:49 +00:00
Claire b31af34c97
Merge pull request from GHSA-vm39-j3vx-pch3
* Prevent different identities from a same SSO provider from accessing a same account

* Lock auth provider changes behind `ALLOW_UNSAFE_AUTH_PROVIDER_REATTACH=true`

* Rename methods to avoid confusion between OAuth and OmniAuth
2024-02-14 15:16:07 +01:00
Emelia Smith 68eaa804c9
Merge pull request from GHSA-7w3c-p9j8-mq3x
* Ensure destruction of OAuth Applications notifies streaming

Due to doorkeeper using a dependent: delete_all relationship, the destroy of an OAuth Application bypassed the existing AccessTokenExtension callbacks for announcing destructing of access tokens.

* Ensure password resets revoke access to Streaming API

* Improve performance of deleting OAuth tokens

---------

Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2024-02-14 15:15:34 +01:00
Emelia Smith 46142cdbdd
Disable administrative doorkeeper routes (#29187) 2024-02-13 18:11:47 +00:00
Claire ca8fbda5d0
Add end-to-end test for OCR in media uploads (#29148) 2024-02-08 19:13:44 +00:00
Matt Jankowski a9e91eb955
Add common stub setup for resolv dns in email mx validator spec (#29140) 2024-02-08 14:26:45 +00:00
Matt Jankowski 15437e4ad9
Add context and before to lengthy tag manager spec examples (#29129) 2024-02-08 10:03:04 +00:00
Matt Jankowski 5271131658
Extract helper method for repeated form fill in admin/domain_blocks feature spec (#29128) 2024-02-08 10:02:53 +00:00
Claire eff447a455
Rewrite signature verification using regexps and StringScanner (#29133) 2024-02-07 17:24:42 +00:00
Matt Jankowski 95da28d201
Add common ThreadingHelper module for specs (#29116) 2024-02-07 14:53:29 +00:00
Claire 7efc33b909
Move HTTP Signature parsing code to its own class (#28932) 2024-02-07 13:35:37 +00:00
Matt Jankowski da50217b88
Combine repeated requests in admin/accounts controller spec (#29119) 2024-02-07 10:59:32 +00:00
Claire 7ee93b7431
Change source attribute of Suggestion entity in /api/v2/suggestions back to a string (#29108) 2024-02-06 17:10:17 +00:00
Matt Jankowski 0df86d77fd
Reduce RSpec/ExampleLength in PostStatusService spec example (#29105) 2024-02-06 14:36:04 +00:00
Matt Jankowski 2d6ab44556
Reduce request/response round-trips in ap/collections controller spec (#29102) 2024-02-06 13:10:00 +00:00
Matt Jankowski 978fdc71ca
Reduce expectation count in example from ProcessAccountService spec (#29100) 2024-02-06 13:04:02 +00:00
Matt Jankowski 577520b637
Replace deprecated Sidekiq::Testing block style (#29097) 2024-02-06 12:49:48 +00:00
Matt Jankowski df7acdcee5
Update markers API spec for error case (#29096) 2024-02-06 12:47:04 +00:00
Emelia Smith 4fb7f611de
Return domain block digests from admin domain blocks API (#29092) 2024-02-06 12:38:14 +00:00
Matt Jankowski 4cf07ed78c
Add missing action logging to api/v1/admin/reports#update (#29044) 2024-02-06 11:34:11 +00:00
Claire 66dda7c762
Fix already-invalid reports failing to resolve (#29027) 2024-02-06 09:35:27 +00:00
Claire 1726085db5
Merge pull request from GHSA-3fjr-858r-92rw
* Fix insufficient origin validation

* Bump version to 4.3.0-alpha.1
2024-02-01 15:56:46 +01:00
Matt Jankowski 8b7b0ee598
Configure selenium to use Chrome version 120 (#29038) 2024-02-01 09:46:31 +00:00
Matt Jankowski 86fbde7b46
Fix Style/NumericLiterals cop in ProfileStories support module (#28971) 2024-01-30 15:38:33 +00:00
Matt Jankowski f91acba70a
Combine repeated requests in account controller concern spec (#28957) 2024-01-30 15:32:20 +00:00
Matt Jankowski ff8937aa2c
Move api/v1/statuses/* to request spec (#28954) 2024-01-26 17:45:54 +00:00
Matt Jankowski 44f6d285af
Combine repeated subject in ap fetch remote actor service spec (#28953) 2024-01-26 17:44:12 +00:00
Matt Jankowski 239244e2ed
Combine repeated subject in ap fetch remote account service spec (#28952) 2024-01-26 17:43:08 +00:00
Matt Jankowski 5119fbc9b7
Move api/v1/admin/trends/links/preview_card_providers to request spec (#28951) 2024-01-26 17:41:39 +00:00
Matt Jankowski b6baab447d
Move api/v2/admin/accounts to request spec (#28950) 2024-01-26 17:41:13 +00:00
Matt Jankowski 7adcc0aae3
Move api/v1/trends/* to request specs (#28949) 2024-01-26 17:40:39 +00:00
Matt Jankowski 0b0ca6f3b8
Move api/v1/timelines/list to request spec (#28948) 2024-01-26 17:40:15 +00:00
Matt Jankowski e519f113e8
Combine repeated subject in cacheable response shared example (#28945) 2024-01-26 16:37:05 +00:00
Matt Jankowski d791bca11b
Combine double subject in well_known/webfinger shared example (#28944) 2024-01-26 16:36:21 +00:00
Matt Jankowski 09a3493fca
Combine double subject in api/v1/media shared example (#28943) 2024-01-26 16:35:49 +00:00
Matt Jankowski 5fbdb2055b
Combine repeated subject in cli/accounts spec shared example (#28942) 2024-01-26 16:35:19 +00:00
Matt Jankowski 1a30a517d6
Combine repeated subjects in link details extractor spec (#28941) 2024-01-26 16:31:07 +00:00
Matt Jankowski 685eaa04d4
Combine double subject in admin/statuses controller shared example (#28940) 2024-01-26 16:30:30 +00:00
Matt Jankowski beb74fd71c
Combine double subjects in instance actors controller shared example (#28939) 2024-01-26 16:28:50 +00:00
Matt Jankowski beaef4b672
Combine double subjects in application controller shared example (#28938) 2024-01-26 16:23:12 +00:00
Matt Jankowski 6d35a77c92
Combine repeated subjects in models/user spec (#28937) 2024-01-26 16:22:44 +00:00
Matt Jankowski 2f8656334d
Combine double subjects in admin/accounts controller spec (#28936) 2024-01-26 16:21:31 +00:00
Matt Jankowski 9cc1817bb4
Fix intmermittent failure in api/v1/accounts/statuses controller spec (#28931) 2024-01-26 14:10:26 +00:00
Matt Jankowski 0e0a94f483
Handle CLI failure exit status at the top-level script (#28322) 2024-01-26 08:53:44 +00:00
Eugen Rochko 6936e5aa69
Change design of compose form in web UI (#28119)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2024-01-25 15:41:31 +00:00
Matt Jankowski 42ab855b23
Add specs for Instance model scopes and add with_domain_follows scope (#28767) 2024-01-25 15:28:27 +00:00
Matt Jankowski 2866106ec1
Reduce factory creation in spec/models/account_statuses_cleanup_policy (#28361) 2024-01-25 13:37:25 +00:00
Matt Jankowski 6b6586f5d0
Add CustomFilterKeyword#to_regex method (#28893) 2024-01-25 13:00:34 +00:00
Matt Jankowski 7c9c6c7f80
Fix remaining Rails/WhereExists cop violations, regenerate todo (#28892) 2024-01-25 12:37:07 +00:00
Claire 087415d0fe
Add tests for processing statuses using bearcap URIs (#28904) 2024-01-25 11:13:36 +00:00
Claire 0471a78055
Add tests for redirect confirmations (#28903) 2024-01-25 11:13:33 +00:00
Matt Jankowski a11a2fb052
Add error classes to api/base errors coverage (#28864) 2024-01-24 10:31:31 +00:00
Matt Jankowski b0207d7757
Add coverage for Tag.recently_used scope (#28850) 2024-01-23 09:10:11 +00:00
Claire e2d9635074
Add notification email on invalid second authenticator (#28822) 2024-01-22 13:55:43 +00:00
Matt Jankowski 18004bf227
Add Account.matches_uri_prefix scope and use in activitypub/followers_synchronizations controller (#28820) 2024-01-22 13:55:37 +00:00
Matt Jankowski 7ecf7f5403
Move controller->request specs for api/v1/statuses/* (#28818) 2024-01-22 11:58:54 +00:00
Claire cf2a2ed71c
Fix processing of compacted single-item JSON-LD collections (#28816) 2024-01-19 12:43:10 +00:00
Claire 3593ee2e36
Add rate-limit of TOTP authentication attempts at controller level (#28801) 2024-01-19 12:19:49 +00:00
Matt Jankowski 329911b0a3
Migrate controller->request spec for api/v1/follow* (#28811) 2024-01-19 09:32:41 +00:00
Matt Jankowski 1480573c83
Add Account.auditable scope, fix N+1 in admin/action_logs#index (#28812) 2024-01-19 01:39:30 +00:00
Matt Jankowski d0b3bc23d7
Remove unused matches_domain scopes on Account, DomainAllow, DomainBlock (#28803) 2024-01-18 16:11:04 +00:00
Matt Jankowski 0b853678a4
Add coverage for api/v1/peers/search endpoint and extract controller query to Instance scope (#28796) 2024-01-18 15:57:10 +00:00
Matt Jankowski 3d82040b26
Reduced repeated setup in UnallowDomainService spec (#28785) 2024-01-18 10:11:10 +00:00
Matt Jankowski 6c5a2d51bc
Reduced repeated setup in PurgeDomainService spec (#28786) 2024-01-18 10:07:49 +00:00
Matt Jankowski 07e10e3747
Combine assertions about same setup in Account#suspend! spec (#28787) 2024-01-18 09:36:59 +00:00
Matt Jankowski 9a475ea8b3
Finish up the CLI spec area pattern adoption for CLI::Accounts#refresh specs (#28764) 2024-01-17 13:38:37 +00:00
Matt Jankowski 1b0cb3b54d
Announcement reactions query spec improvement and refactor (#28768) 2024-01-17 09:18:13 +00:00
Matt Jankowski b4c332104a
Use top-level warn in JS errors check (#28745) 2024-01-15 21:26:11 +00:00
Claire 98b5f85f10
Rename and refactor User#confirm! to User#mark_email_as_confirmed! (#28735) 2024-01-15 18:04:58 +00:00
Claire e621c1c44c
Fix registrations not checking MX records for email domain blocks requiring approval (#28608) 2024-01-15 17:10:57 +00:00
Matt Jankowski a2f02a0775
Disable Rails/SkipsModelValidations cop (#28712) 2024-01-15 13:46:47 +00:00
Matt Jankowski e72676e83a
Improve api/v1/markers#create performance against simultaneous requests (#28718) 2024-01-15 09:47:25 +00:00
MitarashiDango 2c05b8a60d
Fix Undo Announce activity is not sent, when not followed by the reblogged post author (#18482)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2024-01-12 15:58:28 +00:00
Matt Jankowski a90696011e
Add coverage/bugfix for invalid appeal submission (#28703) 2024-01-12 09:21:00 +00:00
Matt Jankowski 7801db7ba4
Spec coverage for custom css endpoint (#28706) 2024-01-12 09:19:25 +00:00
Matt Jankowski df9e220364
Add JS console errors check (#28682) 2024-01-12 09:12:31 +00:00
Matt Jankowski cd37048439
Move followable_by coverage to suggestions (#28697) 2024-01-12 09:11:34 +00:00
Matt Jankowski 32eeca9c7b
Refresh instance counts in spec (fixes intermittent failure) (#28698) 2024-01-12 09:10:37 +00:00
Matt Jankowski 8b26614fa7
Combine results include check in spec/models/account (#28471) 2024-01-11 16:17:45 +00:00
Matt Jankowski 185c806d69
Extract spec helper for verifing to/from public AP collection namespace (#28472) 2024-01-11 16:17:21 +00:00
Matt Jankowski 2954279e9c
Remove double subject call in api/v1/admin/trends/links/links spec (#28695) 2024-01-11 15:13:11 +00:00
Matt Jankowski 95bd46d32a
Remove double subject call in api/v1/admin/ip_blocks spec (#28696) 2024-01-11 15:11:57 +00:00
Matt Jankowski 4e08a4892f
Move streaming around config into manager class (#28684) 2024-01-11 10:54:42 +00:00
Matt Jankowski 87097a227c
Clean up settings/featured_tags/index view (#28688) 2024-01-11 10:45:26 +00:00
Matt Jankowski 55802242ce
Refactor login activity partial (remove inline ruby) (#28687) 2024-01-11 10:36:27 +00:00
Matt Jankowski 0a7cff53c2
Add coverage for Account.followable_by scope (#28689) 2024-01-11 09:30:29 +00:00
Claire d7e13e2483
Fix potential redirection loop of streaming endpoint (#28665) 2024-01-10 15:05:46 +00:00
Matt Jankowski 8422b8ded0
Extract capybara config and improve headless_chrome driver config (#28681) 2024-01-10 14:54:11 +00:00
Matt Jankowski 543d7890fd
Use normalizes to prepare User values (#28650)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2024-01-10 13:36:06 +00:00
Matt Jankowski 00341c70ff
Use Sidekiq fake! instead of inline! in specs (#25369) 2024-01-10 11:06:58 +00:00
Matt Jankowski 742d8d30e2
Add coverage for --days option to CLI media refresh command (#28669) 2024-01-10 09:36:12 +00:00
Renaud Chaput 63d0b52cf3
Add a system spec for the /share endpoint (#28672) 2024-01-09 21:58:19 +00:00
Claire 10203bd57a
Clean up Setting model and remove dead code (#28661) 2024-01-09 14:01:53 +00:00
Jean Boussier 1781849884
Inline what remains of the rails-settings-cached gem (#28618)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2024-01-09 11:50:21 +00:00
Matt Jankowski 5dc634796a
Misc coverage improvements re: sidekiq/inline (#28651) 2024-01-09 09:40:08 +00:00
Matt Jankowski e677eb164c
Remove unused Announcement#time_range? (#28648) 2024-01-08 15:26:30 +00:00
Matt Jankowski 3e43cd095c
Remove unused scope Announcement.without_muted (#28645) 2024-01-08 15:26:14 +00:00
Claire 157fc69954
Make request_pool_spec tests more robust (#28610) 2024-01-08 12:29:05 +00:00
Matt Jankowski aa6d07dbd9
Use normalizes to prepare CustomEmoji domain value (#28624) 2024-01-08 11:20:59 +00:00
Matt Jankowski 832b92ac3e
Add attachment check to spec/service/suspend_account_service spec (#28619) 2024-01-08 11:05:10 +00:00
Matt Jankowski 12bed81187
Add validation specs to CustomFilter model (#28600) 2024-01-05 15:13:59 +00:00
Claire 6ad0fb5a77
Fix NULL MX handling and tighten DNS resolving specs (#28607) 2024-01-05 11:07:57 +00:00
Claire 5f4643b895
Add PAPERCLIP_ROOT_URL to Content-Security-Policy when used (#28561) 2024-01-05 10:45:36 +00:00