Commit graph

2484 commits

Author SHA1 Message Date
Matt Jankowski 155fb84141
Improve spec coverage for collection of workers/ classes (#27874) 2023-11-16 14:36:59 +00:00
Matt Jankowski 8a285413f7
Reduce expectations for RSpec/MultipleExpectations cop in MoveWorker spec (#27880) 2023-11-16 10:03:51 +00:00
Matt Jankowski 3f0c1566c3
Reduce expectations for RSpec/MultipleExpectations cop in api/v1/accounts/relationships spec (#27879) 2023-11-16 09:55:50 +00:00
Matt Jankowski c1f93def40
Reduce expectations for RSpec/MultipleExpectations cop in controllers/statuses spec (#27875) 2023-11-16 09:54:51 +00:00
Matt Jankowski 04121bd020
Disable simplecov enable_coverage_for_eval option, move to standalone file (#27869) 2023-11-15 23:09:31 +00:00
Matt Jankowski 3de9145613
Move controller specs for well-known endpoints to request specs (#27855) 2023-11-15 19:12:02 +00:00
Matt Jankowski 12a5b7391d
Add spec for well known change password endpoint (#27856) 2023-11-15 13:21:18 +00:00
Matt Jankowski fe58ac8d9f
Improve spec coverage for api/web/push_subscriptions controller (#27858)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-11-15 13:14:51 +00:00
Matt Jankowski 7c72944661
Use Lcov simplecov formatter on CI and HTML elsewhere (#27859) 2023-11-15 09:11:02 +00:00
Nick Schonning 36d7d1781f
Add CodeCov for Ruby coverage reports (#23868) 2023-11-14 16:53:38 +00:00
Matt Jankowski b2c5b20ef2
Fix RSpec/AnyInstance cop (#27810) 2023-11-14 14:52:59 +00:00
Matt Jankowski d562fb8459
Specs for minimal CSP policy in Api:: controllers (#27845) 2023-11-14 14:34:30 +00:00
Matt Jankowski 5e2ecc736d
Remove double subject in api/v1/accounts/relationships spec (#27839) 2023-11-14 10:29:33 +00:00
Matt Jankowski b7807f3d84
Use normalizes to prepare Webhook#events value (#27605) 2023-11-13 22:47:44 +00:00
Matt Jankowski 49ba5a9f94
Use hash_including to check AccountFilter setup in admin/accounts controller spec (#27838) 2023-11-13 16:01:24 +00:00
Matt Jankowski a36b59be8a
Spec coverage for api/v1/trends controllers (#27837) 2023-11-13 14:32:36 +00:00
Claire 07a4059901
Add support for invite codes in the registration API (#27805) 2023-11-13 13:27:00 +00:00
Eugen Rochko 0d14fcebae
Change link previews to keep original URL from the status (#27312) 2023-11-13 09:58:28 +00:00
Matt Jankowski 9dc3ce878b
Speed-up in Settings:: controllers specs (#27808) 2023-11-10 15:13:42 +00:00
Matt Jankowski e79bf1b1e7
Minor speed improvement on controllers/accounts spec (#27679) 2023-11-09 16:21:11 +00:00
Claire c451bbe249
Allow viewing and severing relationships with suspended accounts (#27667) 2023-11-09 14:50:25 +00:00
Matt Jankowski 548bb30b2a
Consolidate html page title output logic into helper (#27563) 2023-11-09 13:05:57 +00:00
Matt Jankowski 63c9102f8a
Fix RSpec/MessageChain cop (#27776) 2023-11-09 12:57:23 +00:00
Matt Jankowski c9204b792c
Fix Rails/I18nLocaleTexts cop (#27779) 2023-11-09 09:46:39 +00:00
Matt Jankowski 69d00e2721
Fix RSpec/InstanceVariable cop (#27766) 2023-11-08 15:42:30 +00:00
Matt Jankowski 4329616c53
Ignore block result of send method and remove rubocop:disable in deepl spec (#27741) 2023-11-08 14:43:17 +00:00
Matt Jankowski b05575e242
Move RSpec config for streaming/search managers to be near classes (#27761) 2023-11-08 13:04:17 +00:00
Matt Jankowski ce91d14d48
Fix Style/WordArray cop (#27770) 2023-11-08 13:03:44 +00:00
Matt Jankowski c03bd2a238
Don't stub SUT in FollowLimitValidator spec (#27760) 2023-11-08 12:49:46 +00:00
Matt Jankowski 9b7b4d748f
Simplify request cache spec shared examples (#27673) 2023-11-08 12:37:29 +00:00
Claire 23e32a4b30
Fix format-dependent redirects being cached regardless of requested format (#27632) 2023-11-08 10:31:05 +00:00
Matt Jankowski e545978076
Use framework helpers instead of i-vars in controller specs (#27767) 2023-11-08 08:17:43 +00:00
Matt Jankowski ee57bb4b44
Account statuses filter spec speedup (#27674) 2023-11-07 15:47:01 +00:00
Matt Jankowski ae7c20b00c
Move search and streaming spec manager classes to separate support files (#27727) 2023-11-07 15:25:49 +00:00
Matt Jankowski 370802ce48
Add coverage for CLI::Maintenance#fix_duplicates command (#25252) 2023-11-07 15:21:58 +00:00
Matt Jankowski 1d51e10510
Consolidate JSON parsing in serializers specs (#27693) 2023-11-07 15:20:24 +00:00
Matt Jankowski a688a9ed20
Use strings instead of numeric literals and remove rubocop:disable in cache spec (#27742) 2023-11-07 15:20:00 +00:00
Matt Jankowski dc0bf87090
Remove unused before block from settings/branding spec (#27759) 2023-11-07 15:19:17 +00:00
Matt Jankowski 45770c9306
Fix Performance/MapMethodChain cop (#27744) 2023-11-07 13:01:09 +00:00
Matt Jankowski 49e2772064
Fix RSpec/MessageSpies cop (#27751) 2023-11-07 09:46:28 +00:00
Matt Jankowski 2862ad701f
Stub controller methods and remove rubocop:disable in captcha feature spec (#27743) 2023-11-07 09:15:30 +00:00
Matt Jankowski cfa14ec6d1
Fix Lint/EmptyBlock cop (#27748) 2023-11-07 09:11:04 +00:00
Matt Jankowski b06284c572
Fix RSpec/HookArgument cop (#27747) 2023-11-07 09:10:36 +00:00
Matt Jankowski d6f50839e1
Fix RSpec/SpecFilePathFormat cops (#27730) 2023-11-06 16:25:40 +00:00
Matt Jankowski fe26f33e0a
Fix Rails/RedundantActiveRecordAllMethod cop (#26885) 2023-11-06 15:51:52 +00:00
Matt Jankowski 949f5eb860
Fix RSpec/MetadataStyle cop in spec/ (#27729) 2023-11-06 14:28:20 +00:00
Claire c0989b78f8
Fix incoming status creation date not being restricted to standard ISO8601 (#27655) 2023-11-06 09:28:14 +00:00
Renaud Chaput 6712bf86cd
Fixes website not loading for unlogged users (#27698) 2023-11-04 21:52:56 +00:00
Claire 0337df3a42
Fix posts from threads received out-of-order sometimes not being inserted into timelines (#27653) 2023-11-02 14:58:37 +00:00
Claire d649bbf28f
Add some more tests and clean up domain block controller (#27469) 2023-10-31 09:40:30 +00:00
Matt Jankowski beee9ea991
Fix RSpec/LetSetup cop in spec/controllers/admin area (#27619) 2023-10-31 08:22:19 +00:00
Matt Jankowski eae5c7334a
Extract class from CSP configuration/initialization (#26905) 2023-10-27 16:20:40 +00:00
Matt Jankowski 2e6bf60f15
Use deliveries.size in mailer-related examples in controller specs (#27589) 2023-10-27 15:33:52 +00:00
Claire 93e4cdc31b
Fix hashtag matching pattern matching some URLs (#27584) 2023-10-27 14:04:51 +00:00
Matt Jankowski 1f5187e2e2
Misc spec/refactor to user mailer and user mailer spec (#27486) 2023-10-27 09:57:16 +00:00
Claire bbf46cc418
Fix error and incorrect URLs in /api/v1/accounts/:id/featured_tags for remote accounts (#27459) 2023-10-27 08:35:21 +00:00
Jeong Arm 8f998cd96a
Handle featured collections without items (#27581) 2023-10-27 02:36:22 +00:00
Claire 49b8433c56
Fix confusing screen when visiting a confirmation link for an already-confirmed email (#27368) 2023-10-25 21:33:44 +00:00
Matt Jankowski e93a75f1a1
Rails 7.1 update (#25963) 2023-10-23 17:58:29 +00:00
Daniel M Brasil 26d2a2a0cc
Migrate to request specs in /api/v1/media (#25543) 2023-10-23 15:46:21 +00:00
Claire bcae744275
Fix some link anchors being recognized as hashtags (#27271) 2023-10-23 14:19:38 +02:00
Matt Jankowski b0213472df
Validate allowed schemes on preview card URLs (#27485) 2023-10-23 09:50:02 +02:00
Matt Jankowski ab0fb81479
Configure brakeman to ignore url safe preview card urls (#25883) 2023-10-20 15:32:16 +02:00
Claire 13688539bc
Fix processing LDSigned activities from actors with unknown public keys (#27474) 2023-10-20 10:45:46 +02:00
Matt Jankowski 9f218c9924
Refactor appeal partial to avoid brakeman XSS warning (#25880) 2023-10-19 17:25:54 +02:00
Matt Jankowski bcd0171e5e
Fix Lint/UselessAssignment cop (#27472) 2023-10-19 16:55:06 +02:00
Daniel M Brasil 7bc8f03162
Add test coverage for Mastodon::CLI::Accounts#migrate (#25284) 2023-10-19 16:11:15 +02:00
Matt Jankowski a1b27d8b61
Fix Naming/VariableNumber cop (#27447) 2023-10-18 14:26:22 +02:00
Emelia Smith 7c3fea7275
Feature: Allow token introspection without read scope (#27142) 2023-10-18 14:10:07 +02:00
Daniel M Brasil 091a21e1bc
Add test coverage for Mastodon::CLI::Accounts#prune (#25204) 2023-10-18 10:20:50 +02:00
Claire e9dc30cdba
Fix duplicate github annotations for rspec failures (#27450) 2023-10-18 10:18:34 +02:00
Nick Schonning 5ef26d8fd5
Add RSpec GitHub annotations gem (#24040) 2023-10-17 18:28:09 +02:00
Matt Jankowski 71447ab19f
Fix Capybara/ClickLinkOrButtonStyle cop in spec/features/admin area (#27445) 2023-10-17 16:57:19 +02:00
Matt Jankowski 2528a0721f
Update rubocop-capybara to version 2.19.0 (#26982) 2023-10-17 16:10:50 +02:00
Claire b34a2b1b33
Fix errors in CLI specs (#27399) 2023-10-17 15:30:12 +02:00
Victor Lee c4bddc9855
Add spec for poll model (#23399)
Co-authored-by: Nick Schonning <nschonni@gmail.com>
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-10-17 14:56:24 +02:00
Matt Jankowski 12bb7be8b5
Spec speed ups on AccountsController spec (#25391) 2023-10-17 13:32:10 +02:00
Matt Jankowski d54fec24e5
Add coverage for CLI::PreviewCards#remove command (#27441) 2023-10-17 13:06:16 +02:00
Matt Jankowski 19900f647e
Add coverage for UnreservedUsernameValidator (#25590) 2023-10-17 13:05:28 +02:00
Matt Jankowski fc9ab61448
Expand spec coverage of CLI::Media (#27437) 2023-10-16 18:20:58 +02:00
Matt Jankowski 893b2f33fd
Extract shared example for cacheable response in specs (#25388) 2023-10-16 17:52:06 +02:00
Matt Jankowski 708299bb0d
Misc coverage improvements for Admin:: and Settings:: controllers (#25346) 2023-10-16 17:20:28 +02:00
Daniel M Brasil e0ed0f8c7c
Migrate to request specs in /api/v1/notifications (#25553) 2023-10-16 17:15:24 +02:00
Daniel M Brasil cafdaec6cf
Migrate to request specs in /api/v1/lists/:id/accounts (#25468) 2023-10-16 16:03:48 +02:00
Daniel M Brasil 8e6116503d
Migrate to request specs in /api/v1/blocks (#25517) 2023-10-16 16:03:35 +02:00
Daniel M Brasil d9caa6ed24
Migrate to request specs in /api/v1/admin/accounts (#25563) 2023-10-16 15:49:12 +02:00
Matt Jankowski f5bc1f20e2
Add coverage for ExistingUsernameValidator (#25592)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-10-16 15:41:23 +02:00
Matt Jankowski f8afa0f614
Remove unused stub json ld context (#25454) 2023-10-16 15:38:27 +02:00
Matt Jankowski 00e92b4038
Add coverage for CLI::Statuses command (#25321) 2023-10-16 15:37:22 +02:00
Claire 299aa71c8f
Fix handling of inLanguage attribute in preview card processing (#27423) 2023-10-16 15:24:14 +02:00
Daniel M Brasil 82beeb2f7e
Migrate to request specs in /api/v1/admin/trends/links (#25739) 2023-10-13 16:23:16 +02:00
Matt Jankowski 1b195ce115
Speed-up on Rack::Attack spec (#25542) 2023-10-13 16:14:23 +02:00
Claire 71cfdd7865
Fix duplicate tests (#27395) 2023-10-13 16:10:43 +02:00
Matt Jankowski cad8cc90ba
Speed-up on MoveWorker spec (#25528) 2023-10-13 15:50:46 +02:00
Daniel M Brasil 058f73a4f5
Add request specs for /api/v1/reports (#25475) 2023-10-13 15:30:40 +02:00
Matt Jankowski abf0e1fa39
Move SignedReqestHelpers rspec config to separate file (#25453) 2023-10-13 15:19:40 +02:00
Daniel M Brasil bc6cd27d9e
Migrate to request specs in /api/v1/followed_tags (#25472) 2023-10-13 14:43:50 +02:00
Matt Jankowski fd9dea21d0
DB speedup in API:: controller/request specs (#25516) 2023-10-13 14:42:09 +02:00
Daniel M Brasil ecdb31d479
Migrate to request specs in /api/v1/favourites (#25518) 2023-10-13 14:19:12 +02:00
Daniel M Brasil 7664e3b692
Migrate to request specs in /api/v1/statuses/:status_id/source (#25634) 2023-10-13 14:08:21 +02:00
Daniel M Brasil 4230d1ee0a
Migrate to request specs in /api/v1/timelines/tag/:hashtag (#25797) 2023-10-13 14:04:37 +02:00
KMY(雪あすか) 45bdd60f3c
Fix when unfollow a tag, my post also disappears from the home timeline (#27391) 2023-10-13 11:15:47 +02:00
Matt Jankowski 133f218a4d
Add system specs for admin area batch actions (#25027) 2023-10-13 10:42:59 +02:00
Claire 27e84c0691
Fix duplicate reports being sent when reporting some remote posts (#27355) 2023-10-10 16:00:50 +02:00
Claire 3262d1f1b6
Fix incorrect serialization of regional languages in contentMap (#27207) 2023-10-06 17:46:04 +02:00
Claire 340c390849
Fix crash when filtering for “dormant” relationships (#27306) 2023-10-06 12:58:16 +02:00
Claire 40ba6e119b
Fix Vary headers not being set on some redirects (#27272) 2023-10-05 09:50:08 +02:00
Matt Jankowski 72cec47c13
Silence deprecation warning in CacheBuster spec (#27264) 2023-10-04 10:17:36 +02:00
gunchleoc 68ec1d180a
Fix language sorting in settings (#27158) 2023-10-04 09:23:50 +02:00
Matt Jankowski c676bc91e9
Dont match mention in url query string (#25656)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-10-03 17:01:45 +02:00
Claire ceb365c419
Fix boosts of local users being filtered in account timelines (#27204) 2023-10-03 12:21:42 +02:00
Claire 828eebad48
Add hide_collections, discoverable and indexable attributes to credentials API (#26998) 2023-09-20 18:25:16 +02:00
Claire 94893cf24f
Merge pull request from GHSA-hcqf-fw2r-52g4
* Revert "Fix request URL normalisation for bare domain and 8-bit characters (#26285)"

This reverts commit 8891d8945d.

* Revert "Do not normalize URL before fetching it (#26219)"

This reverts commit fd284311e7.
2023-09-19 16:52:52 +02:00
Claire 6273416292
Fix post edits not being forwarded as expected (#26936) 2023-09-15 19:54:32 +02:00
Robert R George 20666482ef
Added admin api for managing tags (#26872) 2023-09-13 11:22:53 +02:00
jsgoldstein 4d9186a48c
Add search tests (#26703) 2023-09-08 16:17:55 +02:00
Eugen Rochko 3a679844e4
Fix account_id, max_id and min_id params not working in search (#26847) 2023-09-08 14:25:00 +02:00
Claire 81caafbe84
Fix performances of profile directory (#26842) 2023-09-07 18:55:25 +02:00
Claire 355e3fb529
Simplify Account.by_recent_status and Account.by_recent_sign_in scopes (#26840) 2023-09-07 15:38:11 +02:00
Claire 1f99d86287
Fix blocked domain appears from account feed (#26823)
Co-authored-by: Jeong Arm <kjwonmail@gmail.com>
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
2023-09-06 21:04:48 +02:00
Claire b83e487502
Fix moderator rights inconsistencies (#26729) 2023-09-06 16:40:19 +02:00
Eugen Rochko ece1ff77d6
Add in:library syntax to search (#26760)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-09-04 17:20:35 +02:00
Christian Schmidt ea31929776
Fix invalid Content-Type header for WebP images (#26773) 2023-09-04 09:46:33 +02:00
Claire 16681e0f20
Add admin notifications for new Mastodon versions (#26582) 2023-09-01 17:47:07 +02:00
Eugen Rochko e754083e8a
Fix unmatched quotes and prefixes causing search to fail (#26701) 2023-09-01 09:43:12 +02:00
Daniel M Brasil ccca542db1
Fix /api/v1/timelines/tag/:hashtag allowing for unauthenticated access when public preview is disabled (#26237) 2023-08-31 13:53:24 +02:00
Tyler Deitz 336ec503c2
Add avatar image to webfinger responses (#26558) 2023-08-31 13:46:27 +02:00
Eugen Rochko 2304cc6456
Fix bad search type heuristic (#26673) 2023-08-28 17:08:37 +02:00
Claire e3825a13c1
Add PublicStatusesCheck to Elasticsearch index check on admin dashboard (#26650) 2023-08-25 12:01:55 +02:00
jsgoldstein 30c191aaa0
Add new public status index (#26344)
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-08-24 16:40:04 +02:00
Daniel M Brasil f337008819
Fix timeout on invalid set of exclusionary parameters in /api/v1/timelines/public (#26239) 2023-08-23 15:50:23 +02:00
Nick Schonning b970ed6098
Update rubocop and rubocop-rspec (#26329) 2023-08-22 09:31:40 +02:00
Claire ac0eb0533e
Add Elasticsearch cluster health check and indexes mismatch check to dashboard (#26448) 2023-08-21 16:50:22 +02:00
Claire 191d302b7f
Refactor Api::V1::ProfilesController into two separate controllers (#26573) 2023-08-21 15:47:09 +02:00
Daniel M Brasil d24a87ce4f
Add ability to delete avatar or header picture via the API (#25124)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-08-21 08:44:35 +02:00
Renaud Chaput b95867ad1f
Allow setting a custom HTTP method in CacheBuster (#26528)
Co-authored-by: Jorijn Schrijvershof <jorijn@jorijn.com>
2023-08-18 08:18:40 +02:00
Claire 60b9fa641d
Fix cached posts including stale stats (#26409) 2023-08-17 16:11:48 +02:00
Matt Jankowski d9a9323968
Avoid connecting to a running ES instance in ES search check spec (#26413) 2023-08-09 13:15:04 +02:00
Matt Jankowski 2c88364222
Restore console behavior in test env (#26401) 2023-08-09 11:26:56 +02:00
Claire b12d75ef4f
Fix blocking subdomains of an already-blocked domain (#26392) 2023-08-09 09:39:36 +02:00
Claire 30c64bf616
Fix list import concurrently creating lists of the same name (#26372) 2023-08-07 17:59:20 +02:00
Matt Jankowski c363978782
Spec media attachment speedups (#25416) 2023-08-07 17:58:12 +02:00
Christian Schmidt 8da99ffb0d
Add alt text for preview card thumbnails (#26184) 2023-08-03 15:41:51 +02:00
Daniel M Brasil 3a4d3e9d4b
Add GET /api/v1/instance/languages to REST API (#24443)
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-08-03 11:25:47 +02:00
Emelia Smith e258b4cb64
Refactor: replace whitelist_mode mentions with limited_federation_mode (#26252) 2023-08-02 19:32:48 +02:00
Christian Schmidt 8891d8945d
Fix request URL normalisation for bare domain and 8-bit characters (#26285) 2023-08-02 19:32:29 +02:00
Christian Schmidt ca342d4838
Add List-Unsubscribe email header (#26085) 2023-08-01 19:34:40 +02:00
Christian Schmidt f2257069b2
Fix AVIF attachments (#26264) 2023-08-01 19:34:11 +02:00
Christian Schmidt fd284311e7
Do not normalize URL before fetching it (#26219) 2023-07-31 23:17:37 +02:00
Matt Jankowski 7581b1ff96
Profiling tools configuration improvement (#25383) 2023-07-28 23:16:23 +02:00
Matt Jankowski 6f1fa1364f
Fix RSpec/EmptyExampleGroup cop (#24735) 2023-07-28 23:15:33 +02:00
Matt Jankowski 660993b415
Add coverage for URLValidator (#25591) 2023-07-28 23:12:25 +02:00
Matt Jankowski 6602edf064
Add coverage for LanguageValidator (#25593) 2023-07-28 23:12:09 +02:00
Renaud Chaput 4d1b67f664
Add end-to-end (system) tests (#25461) 2023-07-28 23:09:49 +02:00
Christian Schmidt f96e4b3047
Use original URL in preview if it redirects to 4xx page (#26200) 2023-07-28 23:02:08 +02:00
Claire 6c3c5bbbc3
Fix crash when processing Flag activity with no status (#26189) 2023-07-27 16:11:56 +02:00
Claire b4e739ff0f
Change interaction modal in web UI (#26075)
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
2023-07-27 16:11:17 +02:00
Daniel M Brasil 812a84ff5f
Migrate to request specs in /api/v2/filters (#25721) 2023-07-27 14:58:20 +02:00
Matt Jankowski f48d345de1
Use correct naming on controller concern specs (#26197) 2023-07-27 14:27:21 +02:00
Matt Jankowski 2d9808f648
Reformat large key values in service specs (#26181) 2023-07-26 09:45:50 +02:00
Matt Jankowski 7d62e3b198
Reformat large text arg in FetchLinkCardService spec (#26183) 2023-07-26 09:44:51 +02:00
Matt Jankowski 50ff3d3342
Coverage for Auth::OmniauthCallbacks controller (#26147) 2023-07-25 09:46:57 +02:00
Claire 5b457961fc
Fix linting issue (#26106) 2023-07-21 14:21:10 +02:00
Claire e5f1000ad1
Fix CSP headers being unintendedly wide (#26105) 2023-07-21 13:34:15 +02:00
Claire 144a406d33
Clean up unused application records (#24871) 2023-07-21 13:13:16 +02:00
Claire 1e3b19230a
Add stricter protocol fields validation for accounts (#25937) 2023-07-20 18:23:48 +02:00
Matt Jankowski 1cceb62afd
Fix Lint/Void cop (#25922) 2023-07-20 17:31:34 +02:00
Matt Jankowski 285a3df56c
Move localized subject mailer shared example to separate file (#25889) 2023-07-20 15:50:50 +02:00
Christian Schmidt 4c18928a93
Wrong count in response when removing favourite/reblog (#24365)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-07-19 09:02:30 +02:00
Matt Jankowski 6edd404482
Cleanup unused portions of statuses/status partial (#26045) 2023-07-19 08:44:16 +02:00
Daniel M Brasil 59b38f9ee4
Migrate to request specs in /api/v1/mutes (#25622) 2023-07-18 13:05:19 +02:00
Daniel M Brasil 58bfe8c43a
Migrate to request specs in /api/v1/bookmarks (#25520) 2023-07-18 09:15:50 +02:00
Daniel M Brasil 5a7c6c6597
Migrate to request specs in /api/v1/timelines/public (#25746)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-07-18 09:15:18 +02:00
Daniel M Brasil 19208aa422
Migrate to request specs in /api/v1/statuses/:status_id/favourite (#25626) 2023-07-17 16:53:57 +02:00
Daniel M Brasil 6fb4a756ff
Migrate to request specs in /api/v1/statuses/:status_id/bookmark (#25624) 2023-07-17 16:51:49 +02:00
Daniel M Brasil 4859958a0c
Migrate to request specs in /api/v1/polls (#25596) 2023-07-17 16:50:00 +02:00
Daniel M Brasil 1aea938d3d
Migrate to request specs in /api/v1/statuses/:status_id/pin (#25635) 2023-07-17 16:24:05 +02:00
Daniel M Brasil 6cdc8408a9
Migrate to request specs in /api/v1/emails/confirmations (#25686) 2023-07-17 16:22:33 +02:00
Daniel M Brasil 8a1aabaac1
Migrate to request specs in /api/v1/timelines/home (#25743) 2023-07-17 16:20:11 +02:00
Claire 943f27f437
Remove unfollowed hashtag posts from home feed (#26028) 2023-07-17 13:56:28 +02:00
Claire f18618d7f9
Fix some incorrect tests (#26035) 2023-07-17 13:13:43 +02:00
Claire 41f65edb21
Fix embed dropdown menu item for unauthenticated users (#25964) 2023-07-13 15:53:03 +02:00
Matt Jankowski 6c5a2233a8
Fix RSpec/StubbedMock cop (#25552)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-07-12 10:20:10 +02:00
Matt Jankowski 658742b3cd
Fix Lint/AmbiguousBlockAssociation cop (#25921) 2023-07-12 10:02:41 +02:00
Matt Jankowski 74806deb2c
Fix RSpec/SubjectStub cop (#25550)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-07-12 10:02:19 +02:00
Matt Jankowski 7824df0eca
Exclude lib/linter from simplecov report (#25916) 2023-07-12 09:51:59 +02:00
Matt Jankowski c75df62ccc
Fix RSpec/SubjectDeclaration cop (#25312) 2023-07-12 09:49:33 +02:00
Nick Schonning 1d557305d2
Enable Rubocop Style/FrozenStringLiteralComment (#23793) 2023-07-12 09:47:08 +02:00
jsgoldstein 99be47f8b9
Change searching with # to include account index (#25638) 2023-07-10 20:58:13 +02:00
Claire c27b82a437
Add forward_to_domains parameter to POST /api/v1/reports (#25866) 2023-07-10 18:26:56 +02:00
Matt Jankowski f3fca78756
Refactor NotificationMailer to use parameterization (#25718) 2023-07-10 03:06:22 +02:00
Matt Jankowski d6b387a0c4
Remove unused NotificationMailer#digest preview (#25719) 2023-07-08 20:04:21 +02:00
Matt Jankowski cf33028f35
Admin mailer parameterization (#25759) 2023-07-08 20:03:38 +02:00
Eugen Rochko 93e8a15415
Add forwarding of reported replies to servers being replied to (#25341) 2023-07-08 20:00:02 +02:00
Claire 94fbac77e7
Fix processing of media files with unusual names (#25788) 2023-07-07 13:35:22 +02:00
Claire dc8f1fbd97
Merge pull request from GHSA-9928-3cp5-93fm
* Fix attachments getting processed despite failing content-type validation

* Add a restrictive ImageMagick security policy tailored for Mastodon

* Fix misdetection of MP3 files with large cover art

* Reject unprocessable audio/video files instead of keeping them unchanged
2023-07-06 15:05:05 +02:00
Daniel M Brasil 383c00819c
Fix /api/v2/search not working with following query param (#25681) 2023-07-03 18:06:57 +02:00
Daniel M Brasil 4fe2d7cb59
Fix HTTP 500 in /api/v1/emails/check_confirmation (#25595) 2023-07-02 00:05:44 +02:00
Matt Jankowski 683ba5ecb1
Fix rails rewhere deprecation warning in directories api controller (#25625) 2023-07-01 21:48:16 +02:00
Claire a209d1e683
Fix ResolveURLService not resolving local URLs for remote content (#25637) 2023-06-29 14:48:54 +02:00
jsgoldstein 4581a528f7
Change account search to match by text when opted-in (#25599)
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
2023-06-29 13:05:21 +02:00
Claire c7c6f02ae6
Fix suspending an already-limited domain (#25603) 2023-06-27 12:32:51 +02:00
Claire a5b6f6da80
Change /api/v1/statuses/:id/history to always return at least one item (#25510) 2023-06-22 14:56:14 +02:00
Matt Jankowski 05f9e39b32
Fix RSpec/VerifiedDoubles cop (#25469) 2023-06-22 14:55:22 +02:00
Matt Jankowski 38433ccd0b
Reduce Admin::Reports::Actions spec db activity (#25465) 2023-06-22 14:53:13 +02:00
Claire 602c458ab6
Add finer permission requirements for managing webhooks (#25463) 2023-06-22 14:52:25 +02:00
Matt Jankowski 63d15d5330
Speed-up on StatusesController spec (#25549) 2023-06-22 14:51:53 +02:00
Matt Jankowski 0b39b9abee
Speed-up on BackupService spec (#25527) 2023-06-22 11:53:28 +02:00
Daniel M Brasil 6ac271c2a0
Migrate to request specs in /api/v1/suggestions (#25540) 2023-06-22 11:49:35 +02:00
Claire 37a9c2258a
Add per-test timeouts to AutoStatusesCleanupScheduler tests (#24841) 2023-06-20 18:54:05 +02:00
Claire ebfeaebedb
Fix /api/v1/conversations sometimes returning empty accounts (#25499) 2023-06-20 18:32:26 +02:00
Daniel M Brasil e53eb38a8d
Migrate to request specs in /api/v1/admin/account_actions (#25514) 2023-06-20 18:16:48 +02:00
Claire fd23f50243
Fix wrong view being displayed when a webhook fails validation (#25464) 2023-06-20 18:15:35 +02:00
Claire c78280a8ce
Add translate="no" to outgoing mentions and links (#25524) 2023-06-20 18:10:19 +02:00
Claire dd07393e75
Fix user settings not getting validated (#25508) 2023-06-19 14:06:06 +01:00
Matt Jankowski e1c9d52e91
Reduce sleep time in request pool spec (#25470) 2023-06-19 13:48:25 +02:00
Matt Jankowski 3a65fb044f
Add coverage for UserMailer methods (#25484) 2023-06-19 09:50:35 +02:00
Matt Jankowski e835198b26
Combine assertions in api/v1/notifications spec (#25486) 2023-06-19 09:05:42 +02:00
Daniel M Brasil b9bc9d0bda
Fix incorrect pagination headers in /api/v2/admin/accounts (#25477) 2023-06-19 08:53:05 +02:00
Daniel M Brasil 0a0a1f1495
Migrate to request specs in /api/v1/tags (#25439) 2023-06-19 08:51:40 +02:00
Matt Jankowski b276b3bb83
Remove Ruby GC config from spec helper (#25455) 2023-06-15 22:14:46 +01:00
Daniel M Brasil b10c05e702
Migrate to request specs in /api/v1/lists (#25443) 2023-06-15 10:19:51 +02:00
Matt Jankowski 4c5aa0e470
Update rubocop-rspec to version 2.22.0, fix RSpec/IndexedLet cop (#24698) 2023-06-14 16:44:37 +02:00
Daniel M Brasil 24015ef0cc
Migrate to request specs in /api/v1/domain_blocks (#25414) 2023-06-14 16:08:53 +02:00
Daniel M Brasil 87aff5aad8
Migrate to request specs in /api/v1/follow_requests (#25411) 2023-06-14 15:43:50 +02:00
Daniel M Brasil d9c6f70cc6
Fix ArgumentError in /api/v1/admin/accounts/:id/action (#25386) 2023-06-14 15:21:36 +02:00
Matt Jankowski ae9f5379d1
Reduce factory data created in spec/models/trends/statuses spec (#25410) 2023-06-14 09:57:06 +02:00
Matt Jankowski 31d5bc89d1
Speed improvement for AccountsStatusesCleanupScheduler spec (#25406) 2023-06-14 09:56:11 +02:00
Daniel M Brasil a5b62e56d0
Migrate to request specs in /api/v1/apps/verify_credentials (#25404) 2023-06-14 09:48:57 +02:00
Daniel M Brasil a6407aa662
Migrate to request specs in /api/v1/apps (#25401) 2023-06-14 09:48:48 +02:00
Matt Jankowski 4c5f62de99
Extract shared examples from api specs (#25387) 2023-06-14 09:34:01 +02:00
Claire ec59166844
Fix ArgumentError when loading newer Private Mentions (#25399) 2023-06-14 08:54:52 +02:00
Matt Jankowski 10746af82f
Remove unused shared examples for scoped settings (#25389) 2023-06-13 14:59:04 +02:00
Matt Jankowski 25c66fa640
Enable paperclip for account attachment examples (#25381) 2023-06-12 17:37:43 +02:00
Matt Jankowski 62c996b52d
Reduce RSpec/MultipleExpectations cop max to 8 (#25313) 2023-06-10 18:38:22 +02:00
Matt Jankowski b5675e265e
Add coverage for CLI::Feeds command (#25319) 2023-06-10 18:37:36 +02:00
Matt Jankowski 07933db788
Add coverage for CLI::Cache command (#25238) 2023-06-10 18:36:09 +02:00
fusagiko / takayamaki b19a695608
migrate test for GET /api/v1/accounts/{account_id} to request spec (#25322) 2023-06-10 18:33:24 +02:00
Daniel M Brasil 99216e34e5
Migrate to request specs in /api/v1/admin/canonical_email_blocks (#25330) 2023-06-10 18:33:02 +02:00
Daniel M Brasil b4e19f9610
Migrate to request specs in /api/v1/admin/ip_blocks (#25331) 2023-06-10 18:32:46 +02:00
Daniel M Brasil 4301d8cbb3
Migrate to request specs in /api/v1/admin/domain_allows (#25333) 2023-06-10 18:32:26 +02:00
Daniel M Brasil 841c220c40
Migrate to request specs in /api/v1/admin/domain_blocks (#25335) 2023-06-10 18:32:07 +02:00
Daniel M Brasil 0e200d4e2f
Migrate to request specs in /api/v1/admin/reports (#25355) 2023-06-10 18:30:43 +02:00
Matt Jankowski 3a2a15c6ea
Use build where possible in fabricators (#25360) 2023-06-10 18:29:01 +02:00
Matt Jankowski c94bb9ba9a
Disable paperclip processing in specs (#25359) 2023-06-10 18:27:35 +02:00
Daniel M Brasil 4aff1d2974
Migrate to request specs in /api/v1/admin/email_domain_blocks (#25337) 2023-06-09 14:00:14 +02:00
Matt Jankowski 6c0e3f490a
Fix RSpec/MissingExampleGroupArgument cop (#25310) 2023-06-06 15:51:42 +02:00
Matt Jankowski b74c3cd708
Fix RSpec/DescribedClass cop missed items (#25309) 2023-06-06 14:51:03 +02:00
Matt Jankowski c42591356d
Fix RSpec/DescribedClass cop (#25104) 2023-06-06 13:58:33 +02:00
Matt Jankowski 1e243e2df7
Misc spec coverage for Admin:: area controllers (#25282) 2023-06-06 13:57:00 +02:00
Daniel M Brasil eb6f8181e1
Add test coverage for Mastodon::CLI::Accounts#reset_relationships (#25194) 2023-06-06 13:37:09 +02:00
Matt Jankowski b22bfae4f9
Add coverage for DomainBlock#public_domain method (#25283) 2023-06-06 13:34:04 +02:00
Eugen Rochko 4eda233e09
Add webhook templating (#23289)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-06-06 10:42:47 +02:00
Matt Jankowski af135bddd0
Update Admin::Metrics::Measure classes for Rails 7 (#25236) 2023-06-05 20:46:04 +02:00
Matt Jankowski 3b21c13dcc
Rails 7 compatibility fix for Admin::Metrics::Dimension classes (#25277) 2023-06-05 16:52:33 +02:00
Daniel M Brasil 70cd2d6000
Add test coverage for Mastodon::CLI::Accounts#cull (#25250) 2023-06-05 14:51:25 +02:00
Darius Kazemi bacb674921
Add exclusive lists (#22048)
Co-authored-by: Liam Cooke <liam@liamcooke.com>
Co-authored-by: John Holdun <john@johnholdun.com>
Co-authored-by: Effy Elden <effy@effy.space>
Co-authored-by: Lina Reyne <git@lina.pizza>
Co-authored-by: Lina <20880695+necropolina@users.noreply.github.com>
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-06-05 09:37:02 +02:00
Matt Jankowski 5c87c66504
Add coverage for CLI::CanonicalEmailBlocks command (#25239) 2023-06-05 08:20:18 +02:00
Daniel M Brasil 03a707f6a6
Add test coverage for Mastodon::CLI::Accounts#merge (#25199) 2023-06-05 08:16:12 +02:00
Renaud Chaput b0780cfeed
Fix /share and cleanup and reorganize frontend locale loading (#25240) 2023-06-02 15:00:27 +02:00
Claire 8884d1ece0
Add support for importing lists (#25203) 2023-06-01 14:47:31 +02:00
Daniel M Brasil 2a353200ad
Add test coverage for Mastodon::CLI::Accounts#rotate (#25212) 2023-06-01 14:29:29 +02:00
Renaud Chaput 942d850b0a
Allow carets in URL search params (#25216) 2023-06-01 12:14:49 +02:00
Daniel M Brasil f906e21a4f
Add test coverage for Mastodon::CLI::Accounts#refresh (#25196) 2023-06-01 10:01:09 +02:00
Matt Jankowski f84037ae2b
Remove unused #hash_to_object method in SettingsHelper (#25213) 2023-06-01 09:47:05 +02:00
Claire e9385e93e9
Add a confirmation screen when suspending a domain (#25144) 2023-06-01 09:37:38 +02:00
Claire b922ad7a1b
Fix crash when S3_ALIAS_HOST or S3_CLOUDFRONT_HOST have a path component (#25018) 2023-06-01 09:23:28 +02:00
Christian Schmidt 69057467cb
Translate CW, poll options and media descriptions (#24175)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-06-01 00:10:21 +02:00
Matt Jankowski b0104e4c33
Silence output to stdout during cli specs (#25211) 2023-05-31 20:01:11 +02:00
Daniel M Brasil 3c41547f49
Add test coverage for Mastodon::CLI::Accounts#backup (#25163) 2023-05-31 15:32:37 +02:00
Matt Jankowski 8b1bfaed3e
Add specs for admin/webhooks CRUD actions (#25133) 2023-05-31 15:23:49 +02:00
Matt Jankowski 665bb237a8
Increase spec coverage for controllers - admin/ip_blocks, admin/relays, admin/rules (#25192) 2023-05-31 10:23:32 +02:00
Daniel M Brasil bf9a7ce8e8
Add test coverage for Mastodon::CLI::Accounts#unfollow (#25162) 2023-05-31 09:33:57 +02:00
Daniel M Brasil dbc44be0ca
Add test coverage for Mastodon::CLI::Accounts#follow (#25161) 2023-05-30 16:13:29 +02:00
Daniel M Brasil 3d253b9830
Add test coverage for Mastodon::CLI::Accounts#approve (#25160) 2023-05-30 15:00:21 +02:00
Daniel M Brasil bbbcdc083f
Add test coverage for Mastodon::CLI::Accounts#delete (#25146) 2023-05-30 11:59:17 +02:00
Daniel M Brasil bdc7548652
Add test coverage for Mastodon::CLI::Accounts#modify (#25145) 2023-05-29 15:31:59 +02:00
Daniel M Brasil 11b8336418
Add test coverage for Mastodon::CLI::Accounts#create (#25143) 2023-05-29 11:43:19 +02:00
Matt Jankowski 0f2c16ac4b
Fix RSpec/NoExpectationExample cop (#25103) 2023-05-26 09:41:12 +02:00
Matt Jankowski 384345b0de
Add CLI Base class for command line code (#25106) 2023-05-24 11:55:40 +02:00
Matt Jankowski d2e5430d4a
Fix RSpec/ExpectChange cop (#25101) 2023-05-24 11:23:40 +02:00
Matt Jankowski b896b16cb3
Fix RSpec/PredicateMatcher cop (#25102) 2023-05-23 16:49:11 +02:00
Matt Jankowski 778e4a7bf7
Fix RSpec/ExpectInHook cop (#25100) 2023-05-23 16:40:21 +02:00
Matt Jankowski b6b4ea4ca5
Move the mastodon/*_cli files to mastodon/cli/* (#24139) 2023-05-23 16:08:26 +02:00
Matt Jankowski c9f980b268
Add request spec for backups download (#25099) 2023-05-23 15:44:11 +02:00
Matt Jankowski e387175fc9
Fix RSpec/RepeatedExample cop (#24849) 2023-05-23 10:49:23 +02:00
Matt Jankowski 9f5deb310b
Fix Performance/MapCompact cop (#24797)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-05-23 10:49:12 +02:00
Matt Jankowski 2877c80dbc
Add specs for admin/announcements CRUD actions (#25077) 2023-05-23 10:03:51 +02:00
Daniel M Brasil b473df9a14
Improve test coverage for /api/v1/featured_tags (#25076) 2023-05-23 09:01:11 +02:00
Claire 2a61f14753
Fix account confirmation flow not returning to app after captcha validation (#25057) 2023-05-22 17:38:05 +02:00
Daniel M Brasil 4a22e72b9b
Improve test coverage for /api/v1/admin/canonical_email_blocks (#24985) 2023-05-22 15:27:35 +02:00
Daniel M Brasil ce8b5899ae
Fix POST /api/v1/admin/domain_allows returning 200 when no domain is specified (#24958) 2023-05-22 13:44:49 +02:00
Matt Jankowski e328ab7e5a
Implement pending specs for StatusesController (#23969) 2023-05-22 13:43:05 +02:00
Daniel M Brasil f3feb4c891
Improve test coverage for /api/v1/admin/email_domain_blocks (#25017) 2023-05-22 13:28:11 +02:00
Emelia Smith 19f9098551
Allow reports with long comments from remote instances, but truncate (#25028) 2023-05-22 13:15:21 +02:00
Daniel M Brasil d51464283c
Improve test coverage for /api/v1/admin/ip_blocks_controller (#25031) 2023-05-22 12:50:44 +02:00
Nick Schonning 99e2e9b81f
Fix minor typos in comments and spec names (#21831) 2023-05-19 17:13:29 +02:00
Claire b805b7f021
Add tests for avatar/header in backup service (#25037) 2023-05-19 12:04:18 +02:00
Matt Jankowski d34d94d08f
Add spec for migration warning module (#25033) 2023-05-19 10:53:50 +02:00
Claire e60414792d
Add polling and automatic redirection to /start on email confirmation (#25013) 2023-05-16 18:03:52 +02:00
Claire 3ed3d54bf3
Fix reports not being closed when performing batch suspensions (#24988) 2023-05-16 14:56:49 +02:00
Matt Jankowski 604e1c2b11
Remove usage of random sample values in specs (#24869) 2023-05-15 20:20:13 +02:00
Matt Jankowski b84bc2de5d
Replace i18n view spec with helper spec (#24966) 2023-05-15 17:25:04 +02:00
Matt Jankowski 679aca46da
I18n pluralization errors (#24963) 2023-05-12 18:53:30 +02:00
Daniel M Brasil 433ab0c9a3
Fix uncaught NoMethodError error in /api/v1/admin/canonical_email_blocks/test (#24947)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-05-12 13:46:16 +02:00
Claire 9015c2d646
Change profile updates to be sent to recently-mentioned servers (#24852) 2023-05-12 13:13:04 +02:00
Matt Jankowski 2c2d924942
Fix RSpec/RepeatedExampleGroupDescription cop (#24850)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-05-12 12:25:32 +02:00
Matt Jankowski bf3ebeb42f
Fix RSpec/SharedContext cop (#24847) 2023-05-12 09:25:43 +02:00
Matt Jankowski a610a02d4f
Fix RSpec/ScatteredSetup cop (#24848) 2023-05-11 10:32:09 +02:00
Daniel M Brasil 9cbda99941
Add test coverage for Mastodon::IpBlocksCLI (#24935) 2023-05-11 10:19:24 +02:00
Claire 6b0942d107
Change AccessTokensVacuum to also delete expired tokens (#24868) 2023-05-11 04:40:03 +02:00
Daniel M Brasil c9210af3ee
Add test coverage for Mastodon::SettingsCLI (#24856) 2023-05-04 20:37:42 +02:00
Claire c3c7d59072
Fix infinite loop in AccountsStatusesCleanupScheduler (#24840) 2023-05-04 10:13:00 +02:00
Nick Schonning da3bd913ae
Autofix Rubocop Style/HashSyntax (#23754) 2023-05-04 05:54:26 +02:00
Nick Schonning 1fe04f740a
Enable Rubocop Rails/FilePath (#23854) 2023-05-04 05:50:40 +02:00
Matt Jankowski c97b611b6b
Fix RSpec/InferredSpecType cop (#24736) 2023-05-04 05:49:53 +02:00
Matt Jankowski 710745e16b
Fix RSpec/ContextWording cop (#24739) 2023-05-04 05:49:08 +02:00
Matt Jankowski cf18cc2891
Fix RSpec/MultipleSubjects cop (#24738) 2023-05-04 05:48:35 +02:00
Matt Jankowski bdcd8a9e88
Misc spec cleanup (#24822) 2023-05-04 05:47:52 +02:00
Matt Jankowski 08fb9d300a
Spec coverage for settings/preferences/* controllers (#24825) 2023-05-04 05:44:27 +02:00
Claire a2a22bad23
Fix various edge cases with local moves (#24812) 2023-05-03 19:19:25 +02:00
Claire 1e75eb690d
Fix own posts not getting delivered to own lists (#24810) 2023-05-03 19:17:40 +02:00
Claire c98b012583
Change Move handler to also move list memberships (#24808) 2023-05-03 14:03:38 +02:00
Matt Jankowski 3df665fd23
Fix Lint/ConstantDefinitionInBlock cop (#24763) 2023-05-03 10:32:30 +02:00
Claire 8b636a29c6
Improve automatic post cleanup worker performances (#24785) 2023-05-03 10:31:40 +02:00
Matt Jankowski a0c9f2447e
Fix Performance/MethodObjectAsBlock cop (#24798) 2023-05-03 10:30:54 +02:00
Matt Jankowski 97385f27bd
Fix Performance/RedundantEqualityComparisonBlock cop (#24799) 2023-05-03 10:30:10 +02:00
Matt Jankowski 05e3abe9d9
Fix Lint/EmptyClass cop (#24795) 2023-05-02 21:06:51 +02:00
Matt Jankowski a7df578f97
ApplicationHelper spec coverage, unused removal, tiny refactor (#24762) 2023-05-02 18:10:39 +02:00
Matt Jankowski 570079f8ce
Fix Performance/TimesMap cop (#24789) 2023-05-02 18:07:16 +02:00
Claire 9189e90ff2
Add fallback redirection when getting a webfinger query LOCAL_DOMAIN@LOCAL_DOMAIN (#23600)
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
2023-05-02 17:42:42 +02:00
Claire b233da5996
Optimize archive export service and export zip files instead of gzipped tar files (#23360) 2023-05-02 15:09:43 +02:00
Claire 6693a4fe7c
Change lists to be able to include accounts with pending follow requests (#19727) 2023-05-02 14:40:36 +02:00
Claire 1eb51bd749
Add request specs for caching behavior (#24592) 2023-05-02 13:58:29 +02:00
Claire 32a030dd74
Rewrite import feature (#21054) 2023-05-02 12:08:48 +02:00
Matt Jankowski d00e45a7d3
Fix Rails/I18nLocaleAssignment cop (#24693) 2023-04-30 14:07:03 +02:00
Mark Roszko c23d285b16
Remove the u in Favorite for non-gb english (#24667)
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
2023-04-30 16:33:37 +09:00
João Pedro Marques 8f6e290c7a
Adds new follower/following routes (#24601) 2023-04-30 09:01:42 +02:00
Matt Jankowski bdc74086e6
Fix Rails/ContentTag cop (#24691) 2023-04-30 06:47:15 +02:00
Matt Jankowski 8dcfb6e0ea
Fix Rails/HttpPositionalArguments cop (#24699) 2023-04-30 06:43:28 +02:00
Matt Jankowski 274d561430
Enable local account key generation spec (#24728) 2023-04-30 02:28:52 +02:00
Matt Jankowski 4cfe52635c
Add pending spec for User.those_who_can (#24724) 2023-04-29 22:03:36 +02:00
Nick Schonning 5841f1af8c
Autofix Rubocop RSpec/MatchArray (#24675) 2023-04-26 21:29:36 +02:00
Nick Schonning a3393d0d07
Autofix Rubocop RSpec/MatchArray (#24050) 2023-04-26 20:21:54 +02:00
Matt Jankowski 91a8cd21d8
React component helper specs (#24072) 2023-04-26 18:21:32 +02:00
Nick Schonning 90beba57d8
Autofix Rubocop Rails/ResponseParsedBody (#24051) 2023-04-26 17:25:07 +02:00
Claire 276c39361b
Fix anonymous visitors getting a session cookie on first visit (#24584) 2023-04-25 16:51:38 +02:00
Claire f45961aa98
Add feature test for OAuth access grant (#24624) 2023-04-24 19:06:58 +02:00
Matt Jankowski 0a5f0a8b20
Remove instance variables from helper usage (#24203) 2023-04-23 22:35:54 +02:00
Claire 58a1b2e330
Fix caching logic with regards to Accept-Language, Cookie, and Signature (#24604) 2023-04-23 22:27:24 +02:00
Claire 5dc3173ef8
Fix AccountsStatusesCleanupScheduler not spreading deletes across accounts correctly (#24607) 2023-04-23 22:25:40 +02:00
Eugen Rochko e98c86050a
Refactor Cache-Control and Vary definitions (#24347) 2023-04-19 16:07:29 +02:00
Robert R George 4db8230194
Add trend management to admin API (#24257) 2023-04-18 11:33:30 +02:00
Heitor de Melo Cardozo bc75e62ca6
Change moderation search an account using the username with @ (#24242) 2023-04-17 14:16:36 +02:00
Heitor de Melo Cardozo 4601e0dcbb
Add user handle to notification mail recipient address (#24240)
Co-authored-by: luccamps <luccamps@users.noreply.github.com>
Co-authored-by: Leonardo Negreiros de Oliveira <negreirosleo12@gmail.com>
Co-authored-by: Marcio Flavio <mflaviof1995@gmail.com>
Co-authored-by: Gabriel Quaresma <j.quaresmasantos_98@hotmail.com>
2023-04-17 11:06:06 +02:00
Matt Jankowski 10f0de4212
Refactor race condition reblog service spec (#24526) 2023-04-14 14:42:10 +02:00
Claire f53d009778
Refactor Status._insert_record slightly and tighten the test around reblogs of discarded statuses (#24516) 2023-04-12 12:47:05 +02:00
Matt Jankowski 36eeb70d53
Spec coverage on Settings/ controllers specs (#24221) 2023-04-11 11:35:39 +02:00
Matt Jankowski a2a66300d9
Clean up the post deployment migration generator (#24233) 2023-04-11 11:25:29 +02:00
Matt Jankowski 9d39b111f1
Expand coverage for "system checks" (#24216) 2023-04-07 14:39:34 +02:00
Christian Schmidt b4f38edf74
Wrong type for user setting when default is defined by lambda (#24321) 2023-03-31 07:33:17 +02:00
Eugen Rochko a9b5598c97
Change user settings to be stored in a more optimal way (#23630)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-03-30 14:44:00 +02:00
Christian Schmidt eb38e9df31
Requeue expiration notification (#24311) 2023-03-29 10:52:40 +02:00
Eugen Rochko 9bda933740
Change media upload limits and remove client-side resizing (#23726) 2023-03-25 10:00:03 +01:00
Matt Jankowski b179ff84c7
Add specs for Chewy importers (#24204) 2023-03-22 14:06:26 +01:00
Christian Schmidt bd047acc35
Replace Status#translatable? with language matrix in separate endpoint (#24037) 2023-03-16 11:07:24 +01:00
Nick Schonning a38f67c1c3
Autofix Rubocop Style/PreferredHashMethods (#23851) 2023-03-16 01:36:37 +01:00
Claire a232a1feb8
Fix misleading error code when receiving invalid WebAuthn credentials (#23568) 2023-03-15 04:15:20 +01:00
Matt Jankowski a471e1c48f
Add spec for the CLI version task (#23978) 2023-03-15 03:56:09 +01:00
Matt Jankowski 1ed12d5e2f
Add basic search specs for chewy indexes (#24065) 2023-03-10 19:31:10 +01:00
Matt Jankowski 688287c59d
Coverage improvement round-out following up previous work (#23987) 2023-03-10 13:33:30 +01:00
Matt Jankowski 56bddfbfa3
Serializers spec coverage (#24017) 2023-03-10 12:12:51 +01:00
Matt Jankowski 2f7a663b0b
Explicitly set github repo in instance presenter spec (#24036) 2023-03-09 14:27:48 +01:00
Christian Schmidt 684a970b3c
Unescape HTML entities (#24019) 2023-03-08 19:56:41 +01:00
Matt Jankowski c599e289d8
Fix spec for api/v1/statuses/translations (#23956) 2023-03-04 23:17:46 +01:00
Matt Jankowski 2d1ccb3d8b
Restore missing fabricators (#23951) 2023-03-04 18:31:13 +01:00
Matt Jankowski 506b16cf59
Pending example models minimal coverage (#23912) 2023-03-04 17:16:45 +01:00
Matt Jankowski 7f4412eeeb
User mailer spec coverage improvements (#23905) 2023-03-04 17:16:11 +01:00
Matt Jankowski 42ddc45133
Admin controllers specs (#23917) 2023-03-04 17:13:28 +01:00
Matt Jankowski ad585fb195
Specs api v1 controllers (#23930) 2023-03-04 17:12:54 +01:00
Matt Jankowski cd99fa8ceb
Fabricator specs (#23925) 2023-03-04 17:12:09 +01:00
Matt Jankowski c40d5e5a8f
Misc coverage improvements for validators (#23928) 2023-03-04 17:00:00 +01:00
Matt Jankowski 2f606ba122
Helpers specs coverage improvement (#23937) 2023-03-04 16:58:11 +01:00
Matt Jankowski 00eb2269b6
Policies specs (#23924) 2023-03-04 16:57:22 +01:00
Matt Jankowski 6a57c42316
Settings controllers specs (#23915) 2023-03-04 16:56:43 +01:00
Matt Jankowski 39e7525c96
Add basic coverage for some worker jobs (#23943) 2023-03-04 16:56:09 +01:00
Matt Jankowski f9c2213ae5
Models specs coverage (#23940) 2023-03-04 16:43:47 +01:00
Christian Schmidt 5a8c651e8f
Only offer translation for supported languages (#23879) 2023-03-03 21:06:31 +01:00
Claire 3f52e717fa
Add tests for moderation actions without custom text (#23184) 2023-03-03 20:50:46 +01:00
Claire c2a046ded1
Fix “Remove all followers from the selected domains” being more destructive than it claims (#23805) 2023-03-03 20:25:15 +01:00
Claire 3a6451c867
Add support for incoming rich text (#23913) 2023-03-03 20:19:29 +01:00
Matt Jankowski af578e8ce0
Fix deprecation warning about merging conditions (#23618) 2023-03-02 16:21:04 +01:00
Matt Jankowski 9da52ac044
Update rspec-rails to version 6.0.1 (#23908) 2023-03-02 15:55:37 +01:00
Matt Jankowski 35dff48edf
Add spec coverage for Admin::Trends::StatusesHelper (#23898) 2023-03-02 15:30:40 +01:00
Stanislav Dobrovolschii d9271126ce
Add rspecs for FollowRecommendationsScheduler (#23890) 2023-03-02 10:05:05 +01:00
Matt Jankowski b6602f68eb
Spec coverage for HomeHelper (#23907) 2023-03-02 10:04:14 +01:00
Matt Jankowski 6185efbc3c
Admin mailer spec coverage improvement (#23863) 2023-02-28 22:33:34 +09:00
Matt Jankowski 9ee83a9f3b
Add policies and serializers groups to simplecov output (#23897) 2023-02-27 16:35:47 +01:00
Matt Jankowski 4bb39ac3c3
Fix single-record invalid condition on PollVote (#23810) 2023-02-27 09:31:15 +01:00
Nick Schonning 19614ba247
Rename ActivityPub Serializer Specs (#23844) 2023-02-23 23:17:48 +01:00
Claire 20b80c62ff
Change auto-deletion throttling constants to better scale with server size (#23320) 2023-02-23 16:52:40 +01:00
Nick Schonning 6bd7003799
Fix mispelled spec filenames (#23834) 2023-02-23 11:28:56 +01:00
Claire 3ed1b9ebb6
Fix rack:attack flaky tests and test end of throttle period (#23799) 2023-02-22 10:28:52 +01:00
Nick Schonning 8fd3fc404d
Autofix Rubocop Rails/RootPathnameMethods (#23760) 2023-02-22 09:57:15 +09:00
Nick Schonning 84cc805cae
Enable Style/FrozenStringLiteralComment for specs (#23790) 2023-02-22 09:55:31 +09:00
Nick Schonning 0cfdd1a401
Enable Rubocop Style/StringConcatenation defaults (#23792) 2023-02-22 09:54:36 +09:00
Nick Schonning 35d032500b
Autofix Rubocop Security/IoMethods (#23757) 2023-02-21 03:21:19 +09:00
Nick Schonning 2c3c734bcc
Autofix Rubocop Style/SymbolProc (#23742) 2023-02-20 07:58:46 +01:00
Nick Schonning 717683d1c3
Autofix Rubocop remaining Layout rules (#23679) 2023-02-20 06:58:28 +01:00
Nick Schonning 5116347eb7
Autofix Rubocop RSpec/BeEq (#23740) 2023-02-20 06:14:50 +01:00
Nick Schonning bf785df9fe
Audofix Rubocop Style/WordArray (#23739) 2023-02-20 06:14:10 +01:00
Nick Schonning 4552685f6b
Autofix Rubocop RSpec/LeadingSubject (#23670) 2023-02-20 13:24:14 +09:00
Nick Schonning 4ea1e0fceb
Enable Rubocop RSpec/ExpectActual (#23720) 2023-02-20 05:00:59 +01:00
Nick Schonning 38a1d8bb85
Autofix Rubocop RSpec/ImplicitSubject (#23721) 2023-02-20 05:00:48 +01:00
Nick Schonning 5179c47087
Autofix Rubocops RSpec/ScatteredLet (#23725) 2023-02-20 11:17:41 +09:00
Nick Schonning aef0051fd0
Enable Rubocop HTTP status rules (#23717) 2023-02-20 11:16:40 +09:00
Nick Schonning bd1d57c230
Autofix Rubocop RSpec/EmptyLineAfterSubject (#23719) 2023-02-20 02:46:00 +01:00
Nick Schonning dbc6d7b276
Autofix Rubocop Lint/UnusedBlockArgument (#23712) 2023-02-20 02:45:50 +01:00
Nick Schonning 65ba0d92ef
Enable Rubocop RSpec/NotToNot (#23723) 2023-02-20 02:33:27 +01:00
Nick Schonning a2fdb388eb
Autofix Rubocop RSpec/ReturnFromStub (#23724) 2023-02-20 02:32:10 +01:00
Nick Schonning 21bf326356
Autofix Rubocop Rails/Pluck (#23730) 2023-02-20 02:28:40 +01:00
Nick Schonning e0e63b73ee
Autofix Rubocop RSpec/EmptyLineAfterHook (#23718) 2023-02-19 14:54:34 +09:00
Nick Schonning 81ad6c2e39
Autofix Rubocop Style/StringLiterals (#23695) 2023-02-19 07:38:14 +09:00
Nick Schonning ac3561098e
Autofix Rubocop RSpec/LetBeforeExamples (#23671) 2023-02-19 07:17:59 +09:00
Nick Schonning 1a02101100
Autofix Rubocop Style/EmptyLambdaParameter (#23705) 2023-02-19 07:12:06 +09:00
Nick Schonning 3680e032b4
Autofix Rubocop RSpec/EmptyLineAfterFinalLet (#23707) 2023-02-19 07:10:19 +09:00
Nick Schonning 167709f6b0
Autofix Rubocop Style/BlockDelimiters (#23706) 2023-02-19 07:00:17 +09:00
Nick Schonning c0d7c855b3
Autofix Rubocop RSpec/Capybara/FeatureMethods (#23708) 2023-02-19 06:59:00 +09:00
Nick Schonning 08289a38fa
Autofix Rubocop Style/TrailingCommaInArrayLiteral (#23692) 2023-02-19 06:54:30 +09:00
Nick Schonning 5069769cbe
Autofix Rubocop Style/TrailingCommaInHashLiteral (#23693) 2023-02-18 23:33:41 +09:00
Nick Schonning b4cbfff3eb
Autofix Rubocop RSpec/ExcessiveDocstringSpacing (#23666) 2023-02-18 12:47:37 +01:00
Nick Schonning c38bd17657
Autofix Rubocop Style/TrailingCommaInArguments (#23694) 2023-02-18 12:39:58 +01:00
Nick Schonning e2a3ebb271
Autofix Rubocop Style/IfUnlessModifier (#23697) 2023-02-18 12:37:47 +01:00
Nick Schonning d65b2c1924
Apply Rubocop Style/RedundantConstantBase (#23463) 2023-02-18 04:30:03 +01:00
Nick Schonning a7db0b41cd
Autofix Rubocop Lint/ParenthesesAsGroupedExpression (#23682) 2023-02-18 04:00:05 +01:00
Nick Schonning e5cf23cf3a
Enable Rubocop RSpec/HooksBeforeExamples (#23668) 2023-02-18 03:59:57 +01:00
Nick Schonning efd424506a
Autofix Rubocop Style/RedundantPercentQ (#23651) 2023-02-18 03:32:57 +01:00
Nick Schonning c0a645f647
Autofix Rubocop RSpec/ExampleWording (#23667) 2023-02-18 03:26:20 +01:00
Nick Schonning 7a3d4c3d4b
Enable Rubocop RSpec/MultipleDescribes (#23672) 2023-02-18 03:25:47 +01:00
Nick Schonning 54318dcd6d
Autofix Rubocop RSpec/ClassCheck (#23685) 2023-02-18 03:24:16 +01:00
Nick Schonning 634368c491
Autofix Rubocop Lint/SymbolConversion (#23683) 2023-02-18 03:23:49 +01:00
Nick Schonning 6d42820e5d
Autofix Rubocop Lint/AmbiguousOperator (#23680) 2023-02-18 03:22:01 +01:00
Nick Schonning ac59d6f19f
Enable Rubocop Style/NumericLiterals (#23647) 2023-02-18 11:05:57 +09:00
Nick Schonning 669f6d2c0a
Run rubocop formatting except line length (#23632) 2023-02-18 06:56:20 +09:00
Nick Schonning 6ed6c41724
Autofix Rubocop RSpec/EmptyLineAfterExample (#23661) 2023-02-17 21:46:00 +09:00
Nick Schonning 68b1071f86
Autofix Rubocop RSpec/BeNil (#23653) 2023-02-17 21:45:27 +09:00
Nick Schonning 936204b9ea
Autofix Rubocop Style/NestedParenthesizedCalls (#23646) 2023-02-17 21:43:10 +09:00
Nick Schonning 37914c8757
Autofix Rubocop Style/MethodCallWithoutArgsParentheses (#23645) 2023-02-17 21:36:14 +09:00
Claire 66f715550e
Add memorial attribute to REST API (#23591) 2023-02-14 13:50:55 +01:00
Claire d6930b3847
Add API parameter to safeguard unexpect mentions in new posts (#18350) 2023-02-13 16:36:29 +01:00
Varun Sharma 45e2936c89
Add tests to indicate inclusion of self replies in statuses endpoint (#23266) 2023-02-13 16:04:26 +01:00
Claire c55568c75a
Add tests for REST::AccountSerializer (#23319) 2023-02-13 13:23:59 +01:00
Claire 0c9eac80d8
Fix unbounded recursion in post discovery (#23506)
* Add a limit to how many posts can get fetched as a result of a single request

* Add tests

* Always pass `request_id` when processing `Announce` activities

---------

Co-authored-by: nametoolong <nametoolong@users.noreply.github.com>
2023-02-10 22:16:37 +01:00
Nick Schonning 0592937264
Apply Rubocop Rails/WhereNot (#23448)
* Apply Rubocop Rails/WhereNot

* Update spec for where.not
2023-02-08 10:39:57 +01:00
Nick Schonning 1487fcde93
Apply Rubocop Style/ExpandPathArguments (#23450) 2023-02-08 07:06:20 +01:00
Nick Schonning ed570050c6
Autofix Rails/EagerEvaluationLogMessage (#23429)
* Autofix Rails/EagerEvaluationLogMessage

* Update spec for debug block syntax
2023-02-07 03:44:36 +01:00
Claire 9edefc779f
Fix UserCleanupScheduler crash when an unconfirmed account has a moderation note (#23318)
* Fix `UserCleanupScheduler` crash when an unconfirmed account has a moderation note

* Add tests
2023-02-07 01:14:44 +01:00
Claire 20a479ff7c
Change POST /settings/applications/:id to regenerate token on scopes change (#23359)
Fixes #23096
2023-02-02 12:03:49 +01:00
Claire 13a2abacc8
Add roles attribute to Account entities in REST API (#23255) 2023-01-25 19:55:40 +01:00
Claire a5a00d7f7a
Fix email with empty domain name labels passing validation (#23246)
* Fix email with empty domain name labels passing validation

`EmailMxValidator` would allow empty labels because `Resolv::DNS` is
particularly lenient about them, but the email would be invalid and
unusable.

* Add tests
2023-01-24 20:18:41 +01:00
Claire 6883fddb19
Fix account activation being triggered before email confirmation (#23245)
* Add tests

* Fix account activation being triggered before email confirmation

Fixes #23098
2023-01-24 19:40:21 +01:00
Markus Unterwaditzer f2a6e71bb6
Suppress AddressFamilyError in link verification (#23204)
* Suppress AddressFamilyError

* clarify comment
2023-01-23 13:05:54 +01:00
Claire 448be26b34
Add missing policy attribute to WebPushSubscriptionSerializer (#23210)
* Add missing `policy` attribute to `WebPushSubscriptionSerializer`

Fixes #23145

* Add tests
2023-01-23 13:05:30 +01:00
Claire 68dcbcb7bf
Add more specific error messages to HTTP signature verification (#21617)
* Return specific error on failure to parse Date header

* Add error message when preferredUsername is not set

* Change error report to be JSON and include more details

* Change error report to differentiate unknown account and failed refresh

* Add tests
2023-01-18 16:47:56 +01:00
Claire 343e1fe8e9
Add confirmation screen when handling reports (#22375)
* Add confirmation screen on moderation actions

* Add flash notice when a report has been processed

* Refactor tests

* Add tests
2023-01-18 16:40:09 +01:00
Claire 4b92e59f4f
Add support for editing media description and focus point of already-posted statuses (#20878)
* Add backend support for editing media attachments of existing posts

* Allow editing media attachments of already-posted toots

* Add tests
2023-01-18 16:33:55 +01:00
Claire fcc4c9b34a
Change domain block CSV parsing to be more robust and handle more lists (#21470)
* Change domain block CSV parsing to be more robust and handle more lists

* Add some tests

* Improve domain block import validation and reporting
2023-01-18 16:20:52 +01:00
Claire 21a1a8ee88
Fix crash when marking statuses as sensitive while some statuses are deleted (#22134)
* Do not offer to mark statuses as sensitive if there is no undeleted status with media attachments

* Fix crash when marking statuses as sensitive while some statuses are deleted

Fixes #21910

* Fix multiple strikes being created for a single report when selecting “Mark as sensitive”

* Add tests
2023-01-13 10:46:52 +01:00
Claire 15b88a83ab
Fix sanitizer parsing link text as HTML when stripping unsupported links (#22558) 2023-01-11 22:21:10 +01:00
Markus Unterwaditzer 0c689b9d01
fix: allow verification when page size exceeds 1MB (using HTML5 parser) (#22879)
* fix: allow verification when page size exceeds 1MB
Truncates the page after 1MB instead

Closes #15316

* switch to HTML5 parser, fix rubocop errors

* undo rubocop fixes

Co-authored-by: Chris Zubak-Skees <chriszs@gmail.com>
2023-01-11 21:59:13 +01:00
Claire 18fb01ef7c
Fix possible race conditions when suspending/unsuspending accounts (#22363)
* Fix possible race conditions when suspending/unsuspending accounts

* Fix tests

Tests were assuming SuspensionWorker and UnsuspensionWorker would do the
suspending/unsuspending themselves, but this has changed.
2023-01-05 13:47:21 +01:00
Jeong Arm fdd1facba1
Fix home TL could contain post from who blocked me (#22849)
* Fix home tl contains post from who blocked me

* Add test

* Fix feed_manager's build_crutches

blocked_by was not includes status' owner

* Add test for status from I blocked

* Fix typo
2023-01-05 13:30:38 +01:00
Partho Ghosh 115ab2869b
Fix ・ detection in hashtag regex to construct hashtag correctly (#22888)
* Fix ・ detection in hashtag regex to construct hashtag correctly

* Fixed rubocop liniting issues

* More rubocop linting fix
2023-01-04 02:12:48 +01:00
Claire 70415714f1
Add follow request banner on account header (#20785)
* Add requested_by to relationship maps

* Display whether an account has requested to follow you on their profile
2022-12-15 18:50:11 +01:00
Claire 8556a649d5
Fix changing domain block severity not undoing individual account effects (#22135)
* Fix changing domain block severity not undoing individual account effects

Fixes #22133

* Add tests
2022-12-15 17:45:02 +01:00
Jeong Arm d412147d02
Save avatar or header correctly even if other one fails (#18465)
* Save avatar or header correctly if other one fails

* Fix test
2022-12-15 17:11:14 +01:00
Neil Matatall 1f5740e65c
Use Rails tag API to build RSS feed for spoilers and polls (#20163)
* Use Rails tag API to build RSS feed for spoilers and polls

While the previous method did not contain a bug or a potential issue,
the tag API can be very resilient against future problems and reduces the
amount of manual management of the escape status of the content.

I've added tests to ensure that the formatting is broken and still
escapes control characters correctly.

* this seems cleaner and passes

* Incorporate feedback by moving the br to its own line and using the tag helper over the string constant for the br tag itself

* whoops, tag helper doesn't use a self-closing tag
2022-12-15 16:39:41 +01:00
Ikko Ashimine baecdf2882
Fix typo in application_helper_spec.rb (#20981)
enviroment -> environment
2022-12-15 16:20:55 +01:00
Francis Murillo 5fb1c3e934
Revoke all authorized applications on password reset (#21325)
* Clear sessions on password change

* Rename User::clear_sessions to revoke_access for a clearer meaning

* Add reset paassword controller test

* Use User.find instead of User.find_for_authentication for reset password test

* Use redirect and render for better test meaning in reset password

Co-authored-by: Effy Elden <effy@effy.space>
2022-12-15 15:47:06 +01:00
Meisam 6cdbc345f4
Validate nodeinfo response by schema (#21395)
* add json-schema to :test in Gemfile

* Create node_info_2.0_schema.json

* test match_response_schema

* Create match_response_schema.rb

* Update nodeinfo_controller_spec.rb

* Rename spec/support/node_info_2.0_schema.json to spec/support/schema/node_info_2.0_schema.json

* Update match_response_schema.rb

* cleanup

* additionally validate the json schema itself

disable throwing errors

test the schema matcher

* rename nodeinfo schema to nodeinfo_2.0

* use Rails.root.join to construct the path

* prettify json

* sync Gemfile.lock
2022-12-15 15:43:05 +01:00
Claire b59fb28e90
Fix 500 error when trying to migrate to an invalid address (#21462)
* Fix 500 error when trying to migrate to an invalid address

* Add tests
2022-12-07 02:35:39 +01:00
Francis Murillo f6492a7c4d
Log admin approve and reject account (#22088)
* Log admin approve and reject account

* Add unit tests for approve and reject logging
2022-12-07 00:25:18 +01:00
Claire c8849d6cee
Fix unbounded recursion in account discovery (#22025)
* Fix trying to fetch posts from other users when fetching featured posts

* Rate-limit discovery of new subdomains

* Put a limit on recursively discovering new accounts
2022-12-07 00:15:24 +01:00
Claire 69137f4a90
Fix irreversible and whole_word parameters handling in /api/v1/filters (#21988)
Fixes #21965
2022-12-07 00:10:53 +01:00
Claire 625216d8e1
Fix attachments of edited statuses not being fetched (#21565)
* Fix attachments of edited statuses not being fetched

* Fix tests
2022-11-27 20:39:05 +01:00
Claire 51a33ce77a
Fix not being able to follow more than one hashtag (#21285)
Fixes regression from #20860
2022-11-21 10:35:09 +01:00
David Leadbeater 69378eac99
Don't allow URLs that contain non-normalized paths to be verified (#20999)
* Don't allow URLs that contain non-normalized paths to be verified

This stops things like https://example.com/otheruser/../realuser where
"/otheruser" appears to be the verified URL, but the actual URL being
verified is "/realuser" due to the "/../".

Also fix a test to use 'https', so it is testing the right thing, now
that since #20304 https is required.

* missing do
2022-11-20 19:28:13 +01:00
Rose 4f15fd0ba1
Fix style for hashes (#20518)
* Fix style for hashes

Make the style for hashes consistent.

* New style

More consistency
2022-11-17 11:05:39 +01:00
lenore gilbert c373148b3d
Support for import/export of instance-level domain blocks/allows for 4.x w/ additional fixes (#20597)
* Allow import/export of instance-level domain blocks/allows (#1754)

* Allow import/export of instance-level domain blocks/allows.
Fixes #15095

* Pacify circleci

* Address simple code review feedback

* Add headers to exported CSV

* Extract common import/export functionality to
AdminExportControllerConcern

* Add additional fields to instance-blocked domain export

* Address review feedback

* Split instance domain block/allow import/export into separate pages/controllers

* Address code review feedback

* Pacify DeepSource

* Work around Paperclip::HasAttachmentFile for Rails 6

* Fix deprecated API warning in export tests

* Remove after_commit workaround

(cherry picked from commit 94e98864e3)

* Add confirmation page when importing blocked domains (#1773)

* Move glitch-soc-specific strings to glitch-soc-specific locale files

* Add confirmation page when importing blocked domains

(cherry picked from commit b91196f4b7)

* Fix authorization check in domain blocks controller

(cherry picked from commit 7527937758)

* Fix error strings for domain blocks and email-domain blocks

Corrected issue with non-error message used for Mastodon:NotPermittedError in Domain Blocks
Corrected issue Domain Blocks using the Email Domain Blocks message on ActionContoller::ParameterMissing
Corrected issue with Email Domain Blocks using the not_permitted string from "custom emojii's"

* Ran i18n-tasks normalize to address test failure

* Removed unused admin.export_domain_blocks.not_permitted string

Removing unused string as indicated by Check i18n

* Fix tests

(cherry picked from commit 9094c2f52c)

* Fix domain block export not exporting blocks with only media rejection

(cherry picked from commit 26ff48ee48)

* Fix various issues with domain block import

- stop using Paperclip for processing domain allow/block imports
- stop leaving temporary files
- better error handling
- assume CSV files are UTF-8-encoded

(cherry picked from commit cad824d8f501b95377e4f0a957e5a00d517a1902)

Co-authored-by: Levi Bard <taktaktaktaktaktaktaktaktaktak@gmail.com>
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2022-11-17 11:05:09 +01:00
Joshua Wood daf6f3453e
Handle links with no href in VerifyLinkService (#20741)
Before this change, the following error would cause VerifyAccountLinksWorker to fail:

NoMethodError: undefined method `downcase' for nil:NilClass
  [PROJECT_ROOT]/app/services/verify_link_service.rb:31 :in `block in link_back_present?`
2022-11-17 10:59:35 +01:00
Eugen Rochko 21fd25a269
Fix rate limiting for paths with formats (#20675) 2022-11-14 20:26:31 +01:00
trwnh b59ce0a60f
Move V2 Filter methods under /api/v2 prefix (#20622)
* Move V2 Filter methods under /api/v2 prefix

* move over the tests too
2022-11-14 08:34:07 +01:00
Eugen Rochko 552d69ad96
Fix error when invalid domain name is submitted (#19474)
Fix #19175
2022-11-14 08:07:14 +01:00
Eugen Rochko b31afc6294
Fix error when passing unknown filter param in REST API (#20626)
Fix #19156
2022-11-14 08:06:06 +01:00
Hampton Lintorn-Catlin 147d8bd8fc
Support UTF-8 Characters in Domains During CSV Import (#20592)
* Support UTF-8 Characters in Domains During Import

* Update Changelong
2022-11-14 05:52:13 +01:00
Emily Strickland c2231539c7
Test blank account field verifiability (#20458)
* Test blank account field verifiability

This change tests the need for #20428, which ensures that we guard against a situation in which `at_xpath` returns `nil`.

* Test verifiability of blank fields for remote account profiles

This adds a counterpart test for remote account profiles' fields' verifiability when those fields are blank. I previously added the same test for local accounts.
2022-11-13 21:02:09 +01:00
F d4f973227c
Test the native_locale_name of a non-standard locale (#20284)
`:en` is English for both `standard_locale_name` and
`native_locale_name`, and so makes for a poor test candidate for
differentiating between them.
2022-11-11 00:06:18 +01:00
Eugen Rochko 9965a23b04
Change link verification to ignore IDN domains (#20295)
Fix #3833
2022-11-10 06:27:45 +01:00
Eugen Rochko e98833748e
Fix being able to spoof link verification (#20217)
- Change verification to happen in `default` queue
- Change verification worker to only be queued if there's something to do
- Add `link` tags from metadata fields to page header of profiles
2022-11-09 08:24:21 +01:00
luzpaz 6ba52306f9
Fix typos (#19849)
Found via `codespell -q 3 -S ./yarn.lock,./CHANGELOG.md,./AUTHORS.md,./config/locales,./app/javascript/mastodon/locales -L ba,followings,keypair,medias,pattens,pixelx,rememberable,ro,te`
2022-11-08 17:32:03 +01:00
Roni Laukkarinen 36b0ff57b7
Fix grammar (#20106) 2022-11-08 16:35:42 +01:00
Claire bbf74498f5
Fix validation error in SynchronizeFeaturedTagsCollectionWorker (#20018)
* Fix followers count not being updated when migrating follows

Fixes #19900

* Fix validation error in SynchronizeFeaturedTagsCollectionWorker

Also saves remote user's chosen case for hashtags

* Limit remote featured tags before validation
2022-11-07 22:35:53 +01:00
Claire 3114c826a7
Fix filter handling in status cache hydration (#19963) 2022-11-07 19:47:48 +01:00
Claire 5925a31b78
Fix followers count not being updated when migrating follows (#19998)
Fixes #19900
2022-11-07 15:38:55 +01:00
Claire bb89f83cc0
Fix additional issues with status cache hydration (#19747)
* Spare one SQL query when hydrating polls

* Improve tests

* Fix more discrepancies

* Fix possible crash when the status has no application set
2022-11-04 20:01:33 +01:00
Claire 03b991de6c
Fix various issues with store hydration (#19746)
- Improve tests
- Fix possible crash when application of a reblogged post isn't set
- Fix discrepancies around favourited and reblogged attributes
- Fix discrepancies around pinned attribute
- Fix polls not being hydrated
2022-11-04 19:33:16 +01:00
Eugen Rochko 5f9e47be34
Add caching for payload serialization during fan-out (#19642) 2022-11-04 13:21:06 +01:00
Claire 4fb0aae636
Change mentions of blocked users to not be processed (#19725)
Fixes #19698
2022-11-04 13:19:12 +01:00
Claire 9387beb3b3
Change flaky AccountSearchService test (#19650) 2022-11-03 23:12:08 +01:00
Claire 1dca08b76f
Fix admin action logs page (#19649)
* Add tests

* Fix crash when trying to display orphaned action logs

* Add migration for older admin action logs
2022-11-03 16:06:42 +01:00
pea-sys c68e6b52d9
png optimization(loss less) (#19630) 2022-11-01 15:06:52 +01:00
Eugen Rochko d0ba77047e
Change max. thumbnail dimensions to 640x360px (360p) (#19619) 2022-11-01 13:01:39 +01:00
Eugen Rochko 40c7f3e830
Fix account action type validation (#19476)
* Fix account action type validation

Fix #19143

* Fix #19145

* Fix code style issues
2022-10-30 02:44:32 +02:00
Eugen Rochko f8ca3bb2a1
Add ability to view previous edits of a status in admin UI (#19462)
* Add ability to view previous edits of a status in admin UI

* Change moderator access to posts to be controlled by a separate policy
2022-10-26 13:42:29 +02:00
Eugen Rochko bf0ab3e0fa
Fix vacuum scheduler missing lock, locks never expiring (#19458)
Remove vacuuming of orphaned preview cards
2022-10-26 12:10:48 +02:00
Eugen Rochko 1ae508bf2f
Change unauthenticated search to not support pagination in REST API (#19326)
- Only exact search matches for queries with < 5 characters
- Do not support queries with `offset` (pagination)
- Return HTTP 401 on truthy `resolve` instead of overriding to false
2022-10-26 12:10:02 +02:00
Eugen Rochko 7c152acb2c
Change settings area to be separated into categories in admin UI (#19407)
And update all descriptions
2022-10-22 11:44:41 +02:00
Yamagishi Kazutoshi 94feb2b93f
Fix FetchFeaturedCollectionService spec (#19401)
Regression from #19380
2022-10-21 11:48:22 +02:00
Eugen Rochko 839f893168
Change public accounts pages to mount the web UI (#19319)
* Change public accounts pages to mount the web UI

* Fix handling of remote usernames in routes

- When logged in, serve web app
- When logged out, redirect to permalink
- Fix `app-body` class not being set sometimes due to name conflict

* Fix missing `multiColumn` prop

* Fix failing test

* Use `discoverable` attribute to control indexing directives

* Fix `<ColumnLoading />` not using `multiColumn`

* Add `noindex` to accounts in REST API

* Change noindex directive to not be rendered by default before a route is mounted

* Add loading indicator for detailed status in web UI

* Fix missing indicator appearing while account is loading in web UI
2022-10-20 14:35:29 +02:00
Eugen Rochko 1bd00036c2
Change about page to be mounted in the web UI (#19345) 2022-10-13 14:42:37 +02:00
Eugen Rochko b04633a961
Add image processing and generate blurhash for server thumbnail (#19348)
Remove separate server hero setting
2022-10-13 11:29:19 +02:00
Yamagishi Kazutoshi 7afc6a630c
Redirect non-logged-in user to owner statuses on single user mode (#19333) 2022-10-12 21:07:30 +02:00
Eugen Rochko 45ebdb72ca
Add support for language preferences for trending statuses and links (#18288) 2022-10-08 16:45:40 +02:00
Eugen Rochko 93f340a4bf
Remove setting that disables account deletes (#17683) 2022-10-06 10:16:47 +02:00
Eugen Rochko 62782babd0
Change public statuses pages to mount the web UI (#19301) 2022-10-06 02:26:34 +02:00
Eugen Rochko 58d5b28cb0
Remove previous landing page (#19300) 2022-10-06 02:19:45 +02:00
Eugen Rochko 9f65909f42
Change public timelines to be filtered by current locale by default (#19291)
In the absence of an opt-in to multiple specific languages in the
preferences, it makes more sense to filter by the user's presumed
language only (interface language or `lang` override)
2022-10-05 03:48:06 +02:00
Eugen Rochko d2528b26b6
Add server banner to web app, add GET /api/v2/instance to REST API (#19294) 2022-10-05 03:47:56 +02:00
Eugen Rochko 02ba9cfa35
Remove code for rendering public and hashtag timelines outside the web UI (#19257) 2022-10-04 20:13:46 +02:00
Eugen Rochko 36f4c32a38
Change path of privacy policy page (#19249) 2022-09-29 06:22:12 +02:00
Eugen Rochko 43b5d5e38d
Add logged-out access to the web UI (#18961) 2022-09-29 04:39:33 +02:00
Eugen Rochko 5c9abdeff1
Add retention policy for cached content and media (#19232) 2022-09-27 03:08:19 +02:00
Claire 7165e89362
Add tests to ActivityPub::FetchRemoteKeyService (#19226) 2022-09-24 08:33:27 +02:00
Claire 26c51cfa07
Fix various rspec warnings in ReportService tests (#19189)
* Fix various rspec warnings in ReportService tests

* Add tests to ReportService
2022-09-21 22:46:35 +02:00
Claire 8cf7006d4e
Refactor ActivityPub handling to prepare for non-Account actors (#19212)
* Move ActivityPub::FetchRemoteAccountService to ActivityPub::FetchRemoteActorService

ActivityPub::FetchRemoteAccountService is kept as a wrapper for when the actor is
specifically required to be an Account

* Refactor SignatureVerification to allow non-Account actors

* fixup! Move ActivityPub::FetchRemoteAccountService to ActivityPub::FetchRemoteActorService

* Refactor ActivityPub::FetchRemoteKeyService to potentially return non-Account actors

* Refactor inbound ActivityPub payload processing to accept non-Account actors

* Refactor inbound ActivityPub processing to accept activities relayed through non-Account

* Refactor how Account key URIs are built

* Refactor Request and drop unused key_id_format parameter

* Rename ActivityPub::Dereferencer `signature_account` to `signature_actor`
2022-09-21 22:45:57 +02:00
Eugen Rochko 50948b46aa
Add ability to filter followed accounts' posts by language (#19095) 2022-09-20 23:51:21 +02:00
Claire 1145dbd327
Improve error reporting and logging when processing remote accounts (#15605)
* Add a more descriptive PrivateNetworkAddressError exception class

* Remove unnecessary exception class to rescue clause

* Remove unnecessary include to JsonLdHelper

* Give more neutral error message when too many webfinger redirects

* Remove unnecessary guard condition

* Rework how “ActivityPub::FetchRemoteAccountService” handles errors

Add “suppress_errors” keyword argument to avoid raising errors in
ActivityPub::FetchRemoteAccountService#call (default/previous behavior).

* Rework how “ActivityPub::FetchRemoteKeyService” handles errors

Add “suppress_errors” keyword argument to avoid raising errors in
ActivityPub::FetchRemoteKeyService#call (default/previous behavior).

* Fix Webfinger::RedirectError not being a subclass of Webfinger::Error

* Add suppress_errors option to ResolveAccountService

Defaults to true (to preserve previous behavior). If set to false,
errors will be raised instead of caught, allowing the caller to be
informed of what went wrong.

* Return more precise error when failing to fetch account signing AP payloads

* Add tests

* Fixes

* Refactor error handling a bit

* Fix various issues

* Add specific error when provided Digest is not 256 bits of base64-encoded data

* Please CodeClimate

* Improve webfinger error reporting
2022-09-20 23:30:26 +02:00
luzpaz 4aa3b9bd01
Fix typos (#18604)
* Fix typos

Found via `codespell -q 3 -S ./CHANGELOG.md,./AUTHORS.md,./config/locales,./app/javascript/mastodon/locales -L ba,keypair,medias,pixelx,ro`

* Follow-up typo fix
2022-08-28 17:44:34 +02:00
Eugen Rochko 0b3e4fd5de
Remove digest e-mails (#17985)
* Remove digest e-mails

* Remove digest-related code
2022-08-25 23:38:22 +02:00
Eugen Rochko 0396acf39e
Add audit log entries for user roles (#19040)
* Refactor audit log schema

* Add audit log entries for user roles
2022-08-25 20:39:40 +02:00
Claire 50487db122
Add ability to filter individual posts (#18945)
* Add database table for status-specific filters

* Add REST endpoints, entities and attributes

* Show status filters in /filters interface

* Perform server-side filtering for individual posts filters

* Fix filtering on context mismatch

* Refactor `toServerSideType` by moving it to its own module

* Move loupe and delete icons to their own module

* Add ability to filter individual posts from WebUI

* Replace keyword list by warnings (expired, context mismatch)

* Refactor server-side filtering code

* Add tests
2022-08-25 04:27:47 +02:00
Eugen Rochko 0412a4d03e
Change e-mail domain blocks to match subdomains of blocked domains (#18979) 2022-08-24 19:00:55 +02:00
Eugen Rochko d83faa1a89
Add ability to block sign-ups from IP (#19037) 2022-08-24 19:00:37 +02:00
Claire 461239db5d
Fix backend compatibility with OpenSSL 3.0 (#18449)
* Update webpush to fork with OpenSSL 3 compatibility

* Fix tests with OpenSSL 3.0

* Update webauthn gem to latest release and update dependencies
2022-08-17 22:06:48 +01:00
Eugen Rochko c3f0621a59
Add ability to follow hashtags (#18809) 2022-07-17 13:49:29 +02:00
Eugen Rochko e7aa2be828
Change how hashtags are normalized (#18795)
* Change how hashtags are normalized

* Fix tests
2022-07-13 15:03:28 +02:00
Eugen Rochko 44b2ee3485
Add customizable user roles (#18641)
* Add customizable user roles

* Various fixes and improvements

* Add migration for old settings and fix tootctl role management
2022-07-05 02:41:40 +02:00
Claire 1b4054256f
Fix crash when a remote Flag activity mentions a private post (#18760)
* Add tests

* Fix crash when a remote Flag activity mentions a private post
2022-07-04 11:08:30 +02:00
Claire 02851848e9
Revamp post filtering system (#18058)
* Add model for custom filter keywords

* Use CustomFilterKeyword internally

Does not change the API

* Fix /filters/edit and /filters/new

* Add migration tests

* Remove whole_word column from custom_filters (covered by custom_filter_keywords)

* Redesign /filters

Instead of a list, present a card that displays more information and handles
multiple keywords per filter.

* Redesign /filters/new and /filters/edit to add and remove keywords

This adds a new gem dependency: cocoon, as well as a npm dependency:
cocoon-js-vanilla. Those are used to easily populate and remove form fields
from the user interface when manipulating multiple keyword filters at once.

* Add /api/v2/filters to edit filter with multiple keywords

Entities:
- `Filter`: `id`, `title`, `filter_action` (either `hide` or `warn`), `context`
  `keywords`
- `FilterKeyword`: `id`, `keyword`, `whole_word`

API endpoits:
- `GET /api/v2/filters` to list filters (including keywords)
- `POST /api/v2/filters` to create a new filter
  `keywords_attributes` can also be passed to create keywords in one request
- `GET /api/v2/filters/:id` to read a particular filter
- `PUT /api/v2/filters/:id` to update a new filter
  `keywords_attributes` can also be passed to edit, delete or add keywords in
   one request
- `DELETE /api/v2/filters/:id` to delete a particular filter
- `GET /api/v2/filters/:id/keywords` to list keywords for a filter
- `POST /api/v2/filters/:filter_id/keywords/:id` to add a new keyword to a
   filter
- `GET /api/v2/filter_keywords/:id` to read a particular keyword
- `PUT /api/v2/filter_keywords/:id` to edit a particular keyword
- `DELETE /api/v2/filter_keywords/:id` to delete a particular keyword

* Change from `irreversible` boolean to `action` enum

* Remove irrelevent `irreversible_must_be_within_context` check

* Fix /filters/new and /filters/edit with update for filter_action

* Fix Rubocop/Codeclimate complaining about task names

* Refactor FeedManager#phrase_filtered?

This moves regexp building and filter caching to the `CustomFilter` class.

This does not change the functional behavior yet, but this changes how the
cache is built, doing per-custom_filter regexps so that filters can be matched
independently, while still offering caching.

* Perform server-side filtering and output result in REST API

* Fix numerous filters_changed events being sent when editing multiple keywords at once

* Add some tests

* Use the new API in the WebUI

- use client-side logic for filters we have fetched rules for.
  This is so that filter changes can be retroactively applied without
  reloading the UI.
- use server-side logic for filters we haven't fetched rules for yet
  (e.g. network error, or initial timeline loading)

* Minor optimizations and refactoring

* Perform server-side filtering on the streaming server

* Change the wording of filter action labels

* Fix issues pointed out by linter

* Change design of “Show anyway” link in accordence to review comments

* Drop “irreversible” filtering behavior

* Move /api/v2/filter_keywords to /api/v1/filters/keywords

* Rename `filter_results` attribute to `filtered`

* Rename REST::LegacyFilterSerializer to REST::V1::FilterSerializer

* Fix systemChannelId value in streaming server

* Simplify code by removing client-side filtering code

The simplifcation comes at a cost though: filters aren't retroactively
applied anymore.
2022-06-28 09:42:13 +02:00
Claire 35588d09e2
Add /api/v1/admin/domain_allows (#18668)
- `GET /api/v1/admin/domain_allows` lists allowed domains
- `GET /api/v1/admin/domain_allows/:id` shows one by ID
- `DELETE /api/v1/admin/domain_allows/:id` deletes a given domain from the list
  of allowed domains
- `POST /api/v1/admin/domain_allows` to allow a new domain:
  if that domain is already allowed, the existing DomainAllow will be returned
2022-06-23 23:12:01 +02:00
Claire 327eed0076
Fix suspicious sign-in mails never being sent (#18599)
* Add tests

* Fix suspicious sign-in mails never being sent
2022-06-21 15:16:22 +02:00
Eugen Rochko 45aa5781ce
Change brand color and logotypes (#18592)
- Add rake task for generating Apple/Android icons and favicons from SVG
- Add rake task for generating PNG icons and logos for e-mails from SVG
- Remove obsolete Microsoft icons and configuration
- Remove PWA shortcut icons
2022-06-09 22:25:23 +02:00
Eugen Rochko a2871cd747
Add administrative webhooks (#18510)
* Add administrative webhooks

* Fix error when webhook is deleted before delivery worker runs
2022-06-09 21:57:36 +02:00
Claire 3f14260574
Add StatusRelationshipsPresenter specs (#18588) 2022-06-01 19:09:37 +02:00
Claire 28329ba62f
Add /api/v1/admin/domain_blocks (#18247)
* Add /api/v1/admin/domain_blocks

Fixes #18140

- `GET /api/v1/admin/domain_blocks` lists domain blocks
- `GET /api/v1/admin/domain_blocks/:id` shows one by ID
- `DELETE /api/v1/admin/domain_blocks/:id` deletes a given domain block
- `POST /api/v1/admin/domain_blocks` to create a new domain block:
  if it conflicts with an existing one, returns an error with
  an attribute `existing_domain_block` with the rendered domain block

* Simplify conflict handling as suggested in review
2022-06-01 17:31:36 +02:00
Claire e34dd3644c
Remove unused filtered_languages column (#18533)
* Remove unused `filtered_languages` column

Fixes #18522

* Fix tests
2022-05-27 20:05:22 +02:00
Claire 440eb71310
Change unapproved and unconfirmed account to not be accessible in the REST API (#17530)
* Change unapproved and unconfirmed account to not be accessible in the REST API

* Change Account#searchable? to reject unconfirmed and unapproved users

* Disable search for unapproved and unconfirmed users in Account.search_for

* Disable search for unapproved and unconfirmed users in Account.advanced_search_for

* Remove unconfirmed and unapproved accounts from Account.searchable scope

* Prevent mentions to unapproved/unconfirmed accounts

* Fix some old tests for Account.advanced_search_for

* Add some Account.advanced_search_for tests for existing behaviors

* Add some tests for Account.search_for

* Add Account.advanced_search_for tests unconfirmed and unapproved accounts

* Add Account.searchable tests

* Fix Account.without_unapproved scope potentially messing with previously-applied scopes

* Allow lookup of unconfirmed/unapproved accounts through /api/v1/accounts/lookup

This is so that the API can still be used to check whether an username is free
to use.
2022-05-26 15:50:33 +02:00
Claire e0bdaeab65
Fix NoMethodError when resolving a link that redirects to a local post (#18314)
* Fix NoMethodError when resolving a link that redirects to a local post

* Fix tests
2022-05-17 14:52:26 +02:00
luzpaz 898fe2fa8e
Fix typo in source setted->set (#18385)
Found via `codespell -q 3 -S ./CHANGELOG.md,./AUTHORS.md,./config/locales,./app/javascript/mastodon/locales -L ba,keypair,medias,ro`
2022-05-10 04:58:04 +02:00
Eugen Rochko 2b8dc58b7f
Change RSS feeds (#18356)
* Change RSS feeds

- Use date and time for titles instead of ellipsized text
- Use full content in body, even when there is a content warning
- Use media extensions

* Change feed icons and add width and height attributes to custom emojis

* Fix custom emoji animate on hover breaking

* Fix tests
2022-05-09 07:43:08 +02:00
Claire 71d02ffcf3
Fix compatibility with Friendica regarding pinned posts (#18254)
* Fix multiple database queries when fetching pinned posts for remote account

* Fix compatibility with Friendica regarding pinned posts

Fixes #18066

* Add tests
2022-05-02 17:41:01 +02:00
Eugen Rochko f6d35ed57d
Remove IP matching from e-mail domain blocks (#18190)
Clear out e-mail domain blocks created from automatically resolved DNS records
2022-04-29 23:27:03 +02:00
Eugen Rochko 7b0fe4aef9
Fix opening and closing Redis connections instead of using a pool (#18171)
* Fix opening and closing Redis connections instead of using a pool

* Fix Redis connections not being returned to the pool in CLI commands
2022-04-29 22:43:07 +02:00
Claire 84d991988e
Fix temporary network/remote server error prevent from interactions with remote accounts (#18161)
* Fix temporary network/remote server error prevent from interactions with remote accounts

* Fix and add tests
2022-04-28 20:19:10 +02:00
Eugen Rochko 3917353645
Fix single Redis connection being used across all threads (#18135)
* Fix single Redis connection being used across all Sidekiq threads

* Fix tests
2022-04-28 17:47:34 +02:00
Claire 0360135d4d
Fix PeerTube videos appearing with an erroneous “Edited at” marker (#18100)
* Fix PeerTube videos appearing with an erroneous “Edited at” marker

PeerTube videos have an `updated` field equal to `published`.
When processing an incoming activity that has the same value for `updated` and
`published`, assume this doesn't represent an actual edit.

* Please CodeClimate
2022-04-26 21:25:26 +02:00
Claire ce9dcbea32
Fix failure when sending warning emails with custom text (#17983)
* Add tests

* Fix failure when sending warning emails with custom text
2022-04-07 14:47:30 +02:00
Claire 8f91e304a5
Fix spurious edits and require incoming edits to be explicitly marked as such (#17918)
* Change post text edit to not be considered significant if it's identical after reformatting

* We don't need to clear previous change information anymore

* Require status edits to be explicit, except for poll tallies

* Fix tests

* Add some tests

* Add poll-related tests

* Add HTML-formatting related tests
2022-04-06 21:01:02 +02:00
Eugen Rochko 6221b36b27
Remove sign-in token authentication, instead send e-mail about new sign-in (#17970) 2022-04-06 20:58:12 +02:00
Eugen Rochko bbc7afa2a2
Fix being able to post URLs longer than 4096 characters (#17908) 2022-03-30 14:46:03 +02:00
Claire 894956e20c
Fix /api/v1/admin/accounts (#17887)
* Fix /api/v1/admin/accounts

Compatibility was broken since #17009 which changed the underlying filter class
without changing the controller.

This commits restore support for the old parameters.

* Add /api/v2/admin/accounts with the new parameters

* Add tests

* Add missing filter for `silenced` status

Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>

Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
2022-03-28 23:57:38 +02:00
Claire 30658924a8
Fix test-related issues (#17888)
* Remove obsolete RSS::Serializer test

Since #17828, RSS::Serializer no longer has specific code for deleted statuses,
but it is never called on deleted statuses anyway.

* Rename erroneously-named test files

* Fix failing test

* Fix test deprecation warnings

* Update CircleCI Ruby orb

1.4.0 has a bug that does not match all the test files due to incorrect
globbing
2022-03-28 12:43:58 +02:00
Eugen Rochko cefa526c6d
Refactor formatter (#17828)
* Refactor formatter

* Move custom emoji pre-rendering logic to view helpers

* Move more methods out of Formatter

* Fix code style issues

* Remove Formatter

* Add inline poll options to RSS feeds

* Remove unused helper method

* Fix code style issues

* Various fixes and improvements

* Fix test
2022-03-26 02:53:34 +01:00
Eugen Rochko 71f2b95106
Fix edits with no actual changes being allowed (#17843)
* Fix edits with no actual changes being allowed locally

* Fix edits with no actual changes being allowed through ActivityPub

* Fix false positive changes caused by description processing in model

* Fix not recording poll expiration update

* Fix test

* Revert changes to ProcessStatusUpdateService

* Various fixes and improvements

* Fix code style issues

* Various changes and improvements

* Add guard clause
2022-03-26 00:38:44 +01:00
Eugen Rochko b58db8f12e
Add workaround for YouTube Shorts links (#17869)
* Add workaround for YouTube Shorts links

* Update link_details_extractor_spec.rb
2022-03-25 19:31:35 +01:00
Eugen Rochko e6ffbfb5e7
Add types param to GET /api/v1/notifications in REST API (#17767)
* Add `types` param to `GET /api/v1/notifications` in REST API

* Improve tests
2022-03-15 04:11:29 +01:00
Claire 92a86b958e
Fix issues with processing toot edits (#17748)
* Fix searching for an already-known status by URL not working

* Fix Update processing from statuses prior to 20220302232632

`ordered_media_attachment_ids_changed?` would return `true` when going from
`nil` to anything (including `[]`).

* Add tests
2022-03-12 19:33:10 +01:00
Eugen Rochko ddbe906c25
Fix not updating a status when newer version is fetched manually (#17745) 2022-03-12 09:11:36 +01:00
Eugen Rochko bc320d6cec
Fix POST /api/v1/emails/confirmations not being available after sign-up (#17743) 2022-03-12 04:14:25 +01:00
Claire 5ccd6cbfda
Add test for reblog race condition fix (#17732)
Follow-up to #17693
2022-03-10 00:11:49 +01:00
Claire 63c9d2bc28
Add tests for CVE-2022-24307 (#17733)
Follow-up to #17426
2022-03-10 00:11:40 +01:00
Eugen Rochko d17fb70131
Change how changes to media attachments are stored for edits (#17696)
* Change how changes to media attachments are stored for edits

Fix not being able to re-order media attachments

* Fix not broadcasting updates when polls/media is changed through ActivityPub

* Various fixes and improvements

* Update app/models/report.rb

Co-authored-by: Claire <claire.github-309c@sitedethib.com>

* Add tracking of media attachment description changes

* Change poll in status edit to have a structure closer to the real one

Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2022-03-09 09:06:17 +01:00
Eugen Rochko bd53dd5210
Change design of federation pages in admin UI (#17704)
* Change design of federation pages in admin UI

* Fix query performance in instance media attachments measure

* Fix reblogs being included in instance languages dimension
2022-03-09 08:52:32 +01:00
Eugen Rochko 8f6c67bfde
Fix performance of account timelines (#17709)
* Fix performance of account timelines

* Various fixes and improvements

* Fix duplicate results being returned

Co-authored-by: Claire <claire.github-309c@sitedethib.com>

* Fix grouping for pinned statuses scope

Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2022-03-08 09:14:39 +01:00
Eugen Rochko edf09ec747
Add /api/v1/accounts/familiar_followers to REST API (#17700)
* Add `/api/v1/accounts/familiar_followers` to REST API

* Change hide network preference to be stored consistently for local and remote accounts

* Add dummy classes to migration

* Apply suggestions from code review

Co-authored-by: Claire <claire.github-309c@sitedethib.com>

Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2022-03-07 09:36:47 +01:00
Josh Soref b5329e0035
Spelling (#17705)
* spelling: account

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: affiliated

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: appearance

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: autosuggest

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: cacheable

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: component

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: conversations

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: domain.example

Clarify what's distinct and use RFC friendly domain space.

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: environment

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: exceeds

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: functional

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: inefficiency

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: not

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: notifications

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: occurring

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: position

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: progress

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: promotable

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: reblogging

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: repetitive

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: resolve

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: saturated

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: similar

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: strategies

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: success

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: targeting

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: thumbnails

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: unauthorized

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: unsensitizes

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: validations

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: various

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

Co-authored-by: Josh Soref <jsoref@users.noreply.github.com>
2022-03-06 22:51:40 +01:00
Claire 6d3fa7828e
Redesign /about when already logged in (#17348)
* Redesign /about when already logged in

* Fix sign up form still showing when OMNIAUTH_ONLY is set

* Fix tests

* Change wording based on suggestions

Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>

Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
2022-03-03 16:14:44 +01:00
Eugen Rochko 02b8d63fce
Fix report category not being saved in REST API (#17682) 2022-03-02 18:57:08 +01:00
Eugen Rochko 50ea54b3ed
Change authorized applications page (#17656)
* Change authorized applications page

* Hide revoke button for superapps and suspended accounts

* Clean up db/schema.rb
2022-03-01 16:48:58 +01:00
Eugen Rochko 27965ce5ed
Add trending statuses (#17431)
* Add trending statuses

* Fix dangling items with stale scores in localized sets

* Various fixes and improvements

- Change approve_all/reject_all to approve_accounts/reject_accounts
- Change Trends::Query methods to not mutate the original query
- Change Trends::Query#skip to offset
- Change follow recommendations to be refreshed in a transaction

* Add tests for trending statuses filtering behaviour

* Fix not applying filtering scope in controller
2022-02-25 00:34:14 +01:00
Eugen Rochko a29a982eaa
Change e-mail domain blocks to block IPs dynamically (#17635)
* Change e-mail domain blocks to block IPs dynamically

* Update app/workers/scheduler/email_domain_block_refresh_scheduler.rb

Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>

* Update app/workers/scheduler/email_domain_block_refresh_scheduler.rb

Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>

Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
2022-02-24 17:28:23 +01:00
Sumak 91cc8d1e63
fix #17601 change :keys to :attribute_names (#17637) 2022-02-24 14:46:21 +01:00
luzpaz 73f5e4a1d9
Fix various typos (#17621)
Found via `codespell -q 3 -S ./CHANGELOG.md,./AUTHORS.md,./config/locales,./app/javascript/mastodon/locales -L ba,keypair,medias,ro`
2022-02-22 20:14:17 +01:00
Claire 8f537a1168
Change relays handling to not record boosts (#17571)
* Change relays handling to not record boosts

* Update tests
2022-02-16 14:36:44 +01:00
Jeong Arm 2fd2666eea
Add test for user matching ip (#17572) 2022-02-16 13:14:53 +01:00
Eugen Rochko 564efd0651
Add appeals (#17364)
* Add appeals

* Add ability to reject appeals and ability to browse pending appeals in admin UI

* Add strikes to account page in settings

* Various fixes and improvements

- Add separate notification setting for appeals, separate from reports
- Fix style of links in report/strike header
- Change approving an appeal to not restore statuses (due to federation complexities)
- Change style of successfully appealed strikes on account settings page
- Change account settings page to only show unappealed or recently appealed strikes

* Change appealed_at to overruled_at

* Fix missing method error
2022-02-14 21:27:53 +01:00
Claire d4e6774a0c
Fix Undo Announce sometimes inlining the originally Announced status (#17516)
* Change tests to have more specific expectations on sent ActivityPub payloads

* Check that payload doesn't actually contain the contents of the boosted toot

* Fix Undo Announce sometimes inlining the originally Announced status
2022-02-11 14:52:07 +01:00
Claire 472bc89611
Fix some flaky tests that randomly failed because of item ordering (#17509) 2022-02-10 22:00:10 +01:00
Claire 2af03164cb
Improve tests involving push_bulk (#17508)
sidekiq-bulk's push_bulk can either accept arguments directly or run them
through a block.

Setting expectations on the result of evaluating the blocks allows testing
more code (the block itself) and the test is moved closer to the *interface*
of the tested code than its precise implementation.
2022-02-10 19:42:45 +01:00
Claire da91b18a8b
Fix NoMethodError in StatusUpdateDistributionWorker (#17499)
* Add tests

* Fix NoMethodError in StatusUpdateDistributionWorker

* Fix tests
2022-02-10 14:57:10 +01:00
Claire 63854bee6c
Fix poll votes not being properly reset on poll change (#17498)
* Fix poll votes not being properly reset on poll change

* Fix and add tests

* Fix poll update handling when the number of options changes
2022-02-10 14:26:54 +01:00
Eugen Rochko 63002cde03
Add editing for published statuses (#17320)
* Add editing for published statuses

* Fix change of multiple-choice boolean in poll not resetting votes

* Remove the ability to update existing media attachments for now
2022-02-10 00:15:30 +01:00
Eugen Rochko 3aebe711fd
Change languages to be listed under standard instead of native name in admin UI (#17485) 2022-02-09 04:15:38 +01:00
Eugen Rochko b6d7726ecb
Remove language detection through cld3 (#17478)
* Remove language detection through cld3

* Update app/helpers/languages_helper.rb

Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>

Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
2022-02-08 02:41:17 +01:00
Eugen Rochko f1f6ddd536
Fix structured data parsing from links choking on bad data (#17403)
* Fix structured data parsing from links choking on bad data

- Fix og:url meta tag being prioritized over canonical link tag
- Fix structured data parsing choking on commented-out CDATA declarations
- Fix HTML entities in title, description, provider_name, author_name
- Change structured data parsing to attempt every JSON-LD script tag

* Remove unnecessary slash escapes from CDATA regex pattern
2022-02-07 18:16:31 +01:00
Claire 73a782391c
Fix replies collection incorrectly looping (#17462)
* Refactor tests

* Add tests

* Fix replies collection incorrectly looping
2022-02-07 17:06:43 +01:00
Claire 92658f0fb0
Fix instance actor not being dereferenceable (#17457)
* Add tests

* Fix instance actor not being dereferenceable

* Fix tests

* Fix tests for real
2022-02-06 15:31:03 +01:00
Claire c8b1e72a4f
Fix compacted JSON-LD possibly causing compatibility issues on forwarding (#17428) 2022-02-03 14:09:04 +01:00
Claire f5639e1cbe
Change public profile pages to be disabled for unconfirmed users (#17385)
Fixes #17382

Note that unconfirmed and unapproved accounts can still be searched for
and their (empty) account retrieved using the REST API.
2022-01-28 14:24:37 +01:00
Claire e38fc319dc
Refactor and improve tests (#17386)
* Change account and user fabricators to simplify and improve tests

- `Fabricate(:account)` implicitly fabricates an associated `user` if
  no `domain` attribute is given (an account with `domain: nil` is
  considered a local account, but no user record was created), unless
  `user: nil` is passed
- `Fabricate(:account, user: Fabricate(:user))` should still be possible
  but is discouraged.

* Fix and refactor tests

- avoid passing unneeded attributes to `Fabricate(:user)` or
  `Fabricate(:account)`
- avoid embedding `Fabricate(:user)` into a `Fabricate(:account)` or the other
  way around
- prefer `Fabricate(:user, account_attributes: …)` to
  `Fabricate(:user, account: Fabricate(:account, …)`
- also, some tests were using remote accounts with local user records, which is
  not representative of production code.
2022-01-28 00:46:42 +01:00
Eugen Rochko 6505b39e5d
Fix poll updates being saved as status edits (#17373)
Fix #17344
2022-01-26 18:05:39 +01:00
Claire 0a120d86d2
Fix error-prone SQL queries (#15828)
* Fix error-prone SQL queries in Account search

While this code seems to not present an actual vulnerability, one could
easily be introduced by mistake due to how the query is built.

This PR parameterises the `to_tsquery` input to make the query more robust.

* Harden code for Status#tagged_with_all and Status#tagged_with_none

Those two scopes aren't used in a way that could be vulnerable to an SQL
injection, but keeping them unchanged might be a hazard.

* Remove unneeded spaces surrounding tsquery term

* Please CodeClimate

* Move advanced_search_for SQL template to its own function

This avoids one level of indentation while making clearer that the SQL template
isn't build from all the dynamic parameters of advanced_search_for.

* Add tests covering tagged_with, tagged_with_all and tagged_with_none

* Rewrite tagged_with_none to avoid multiple joins and make it more robust

* Remove obsolete brakeman warnings

* Revert "Remove unneeded spaces surrounding tsquery term"

The two queries are not strictly equivalent.

This reverts commit 86f16c537e.
2022-01-23 18:10:10 +01:00
Eugen Rochko 1060666c58
Add support for editing for published statuses (#16697)
* Add support for editing for published statuses

* Fix references to stripped-out code

* Various fixes and improvements

* Further fixes and improvements

* Fix updates being potentially sent to unauthorized recipients

* Various fixes and improvements

* Fix wrong words in test

* Fix notifying accounts that were tagged but were not in the audience

* Fix mistake
2022-01-19 22:37:27 +01:00
Eugen Rochko 14f436c457
Add notifications for statuses deleted by moderators (#17204) 2022-01-17 09:41:33 +01:00
Claire d5c9feb7b7
Add support for private pinned posts (#16954)
* Add support for private pinned toots

* Allow local user to pin private toots

* Change wording to avoid "direct message"
2022-01-17 00:49:55 +01:00
Eugen Rochko 8e84ebf0cb
Remove IP tracking columns from users table (#16409) 2022-01-16 13:23:50 +01:00
Claire 76761d5fc0
Add ability for admins to delete canonical email blocks (#16644)
* Add admin option to remove canonical email blocks from a deleted account

* Add tootctl canonical_email_blocks to inspect and remove canonical email blocks
2021-12-17 23:02:14 +01:00
Claire 7f803c41e2
Add ability to purge undeliverable domains from admin interface (#16686)
* Add ability to purge undeliverable domains from admin interface

* Add tests
2021-12-17 23:01:21 +01:00
Eugen Rochko 0fb9536d38
Add batch suspend for accounts in admin UI (#17009) 2021-12-05 21:48:39 +01:00
Jeong Arm 1c826471e7
Fix admin statuses order(#16937) (#16969)
* Fix #16937

* Add test for statuses order
2021-11-26 22:12:27 +01:00
Eugen Rochko 7de0ee7aba
Remove Keybase integration (#17045) 2021-11-26 05:58:18 +01:00
Claire 013bee6afb
Fix filtering DMs from non-followed users (#17042) 2021-11-25 23:46:30 +01:00
Eugen Rochko 6e50134a42
Add trending links (#16917)
* Add trending links

* Add overriding specific links trendability

* Add link type to preview cards and only trend articles

Change trends review notifications from being sent every 5 minutes to being sent every 2 hours

Change threshold from 5 unique accounts to 15 unique accounts

* Fix tests
2021-11-25 13:07:38 +01:00
Claire 02a87431cf
Fix error when suspending user with an already-existing canonical email block (#17036)
* Fix error when suspending user with an already-existing canonical email block

Fixes #17033

While attempting to create a `CanonicalEmailBlock` with an existing hash would
raise an `ActiveRecord::RecordNotUnique` error, this being done within a
transaction would cancel the whole transaction. For this reason, checking for
uniqueness in Rails would query the database within the transaction and avoid
invalidating the whole transaction for this reason.

A race condition is still possible, where multiple accounts sharing a canonical
email would be blocked in concurrent transactions, in which only one would
succeed, but that is way less likely to happen that the current issue, and can
always be retried after the first failure, unlike the current situation.

* Add tests
2021-11-24 17:41:03 +01:00
Claire 87085a5152
Fix AccountNote not having a maximum length (#16942) 2021-11-06 00:12:25 +01:00
Eugen Rochko 39cdf61ab7
Add support for structured data and more OpenGraph tags to link cards (#16938)
Save preview cards under their canonical URL

Increase max redirects to follow from 2 to 3
2021-11-05 23:23:05 +01:00
Claire 989c67d29d
Fix handling announcements with links (#16941)
Broken since #15827
2021-11-05 21:14:35 +01:00
Claire ec059317fa
Fix some link previews being incorrectly generated from other prior links (#16885)
* Add tests

* Fix some link previews being incorrectly generated from different prior links

PR #12403 added a cache to avoid redundant queries when the OEmbed endpoint can
be guessed from the URL. This caching mechanism is not perfectly correct as
there is no guarantee that all pages from a given domain share the same
OEmbed provider endpoint.

This PR prevents the FetchOEmbedService from caching OEmbed endpoint that
cannot be generalized by replacing a fully-qualified URL from the endpoint's
parameters, greatly reducing the number of incorrect cached generalizations.
2021-10-21 20:39:35 +02:00
Claire 3f9b28ce26
Add support for fetching Create and Announce activities by URI (#16383)
* Add support for fetching Create and Announce activities by URI

This should improve compatibility with ZAP and offer a way to fetch boosts,
which is currently not possible.

* Add tests
2021-10-21 01:14:04 +02:00
Takeshi Umeda 17f4e457b3
Add remove from followers api (#16864)
* Add followed_by? to account_interactions

* Add RemoveFromFollowersService

* Fix AccountBatch to use RemoveFromFollowersService

* Add remove from followers API
2021-10-18 12:02:35 +02:00
Jeong Arm f4081d1564
Allow keeping only 1 boosts/favs on auto deleting posts (#16653)
* Allow keeping 1 boosts/favs on auto deleting posts

* Fix tests
2021-10-14 21:11:14 +02:00
Claire 216570ad98
Fix scheduled statuses decreasing statuses counts (#16791)
* Add tests

* Fix scheduled statuses decreasing statuses counts

Fixes #16774
2021-10-14 19:59:21 +02:00
Claire 5159ba26e4
Fix error when rendering public pages with media attachments (#16763)
* Add tests

* Fix error when rendering public pages with media attachments

* Add tests

* Fix tests

* Please CodeClimate
2021-10-13 15:27:19 +02:00
Claire 84ceebe1c4
Fix media attachment size validation not correctly accounting for file type (#16819)
* Fix media attachment size validation not correctly accounting for file type

Fixes a regression introduced in #16724 caused by the fact that kt-paperclip
now correctly runs validations before processing, meaning that file size
verification could not rely on our before_post_processing hook.

Moved the `before_post_processing` hooks to `before_validate` to make sure
the media attachment type is set correctly before the file gets validated.

* Add tests
2021-10-06 14:49:32 +01:00
Claire 24f9ea7818
Fix webauthn secure key authentication (#16792)
* Add tests

* Fix webauthn secure key authentication

Fixes #16769
2021-09-30 05:26:29 +02:00
Claire fc3ae1343d
Switch from unmaintained paperclip to kt-paperclip (#16724)
* Switch from unmaintained paperclip to kt-paperclip

* Drop some compatibility monkey-patches not required by kt-paperclip

* Drop media spoof check monkey-patching

It's broken with kt-paperclip and hopefully it won't be needed anymore

* Fix regression introduced by paperclip 6.1.0

* Do not rely on pathname to call FastImage

* Add test for ogg vorbis file with cover art

* Add audio/vorbis to the accepted content-types

This seems erroneous as this would be the content-type for a vorbis stream
without an ogg container, but that's what the `marcel` gem outputs, so…

* Restore missing for_as_default method

* Refactor Attachmentable concern and delay Paperclip's content-type spoof check

Check for content-type spoofing *after* setting the extension ourselves, this
fixes a regression with kt-paperclip's validations being more strict than
paperclip 6.0.0 and rejecting some Pleroma uploads because of unknown
extensions.

* Please CodeClimate

* Add audio/vorbis to the unreliable set

It doesn't correspond to a file format and thus has no extension associated.
2021-09-29 23:52:36 +02:00
Eugen Rochko 52e5c07948
Change routing paths to use usernames in web UI (#16171) 2021-09-26 05:46:13 +02:00
Claire e0af97164a
Fix followers synchronization mechanism not working when URI has empty path (#16744)
Follow-up to #16510, forgot the controller exposing the actual followers…
2021-09-15 18:51:16 +02:00
Claire db57bff11d
Stop setting a shortcode to newly-created media attachments (#16730)
* Stop setting a shortcode to newly-created media attachments

The WebUI has stopped using the “short media URL” in ages. This isn't used
anywhere except for mail notifications.

Deprecating it would allow us to eventually get rid of at least a database
column and corruption-prone index, as well as a controller.

* Fix tests
2021-09-13 18:59:37 +02:00
Claire 12cd097e7c
Fix addressing of remote groups' followers (#16700)
Fixes #16699
2021-09-08 23:33:23 +02:00
Claire 2b18f7a943
Fix processing mentions to domains with non-ascii TLDs (#16689)
Fixes #16602
2021-09-01 22:06:40 +02:00
Claire 94bcf45321
Fix authentication failures after going halfway through a sign-in attempt (#16607)
* Add tests

* Add security-related tests

My first (unpublished) attempt at fixing the issues introduced (extremely
hard-to-exploit) security vulnerabilities, addressing them in a test.

* Fix authentication failures after going halfway through a sign-in attempt

* Refactor `authenticate_with_sign_in_token` and `authenticate_with_two_factor` to make the two authentication steps more obvious
2021-08-25 22:52:41 +02:00
Claire 6702148472
Add tests for SuspendAccountService and UnsuspendAccountService (#16627)
* Add tests for SuspendAccountService

* Add tests for UnsuspendAccountService
2021-08-20 10:53:33 +01:00
Claire 5efb1ff337
Fix followers synchronization mechanism not working when URI has empty path (#16510)
* Fix followers synchronization mechanism not working when URI has empty path

To my knowledge, there is no current implementation on the fediverse
that can use bare domains (e.g., actor is at https://example.org instead of
something like https://example.org/actor) that also plans to support the
followers synchronization mechanism. However, Mastodon's current implementation
would exclude such accounts from followers list.

Also adds tests and rename them to reflect the proper method names.

* Move url prefix regexp to its own constant
2021-08-11 17:48:42 +02:00
Claire 13b08610a0
Fix crash when encountering invalid account fields (#16598)
* Add test

* Fix crash when encountering invalid account fields
2021-08-11 16:40:55 +02:00
Claire 4ac78e2a06
Add feature to automatically delete old toots (#16529)
* Add account statuses cleanup policy model

* Record last inspected toot to delete to speed up successive calls to statuses_to_delete

* Add service to cleanup a given account's statuses within a budget

* Add worker to go through account policies and delete old toots

* Fix last inspected status id logic

All existing statuses older or equal to last inspected status id must be
kept by the current policy. This is an invariant that must be kept so that
resuming deletion from the last inspected status remains sound.

* Add tests

* Refactor scheduler and add tests

* Add user interface

* Add support for discriminating based on boosts/favs

* Add UI support for min_reblogs and min_favs, rework UI

* Address first round of review comments

* Replace Snowflake#id_at_start with with_random parameter

* Add tests

* Add tests for StatusesCleanupController

* Rework settings page

* Adjust load-avoiding mechanisms

* Please CodeClimate
2021-08-09 23:11:50 +02:00
Claire 763ab0c7eb
Fix owned account notes not being deleted when an account is deleted (#16579)
* Add account_notes relationship

* Add tests

* Fix owned account notes not being deleted when an account is deleted

* Add post-migration to clean up orphaned account notes
2021-08-08 15:29:57 +02:00
Claire 30ce6e395c
Fix user email address being banned on self-deletion (#16503)
* Add tests

* Fix user email address being banned on self-deletion

Fixes #16498
2021-07-14 05:35:49 +02:00
Claire 5a1e072517
Change references to tootsuite/mastodon to mastodon/mastodon (#16491)
* Change references to tootsuite/mastodon to mastodon/mastodon

* Remove obsolete test fixture

* Replace occurrences of tootsuite/mastodon with mastodon/mastodon in CHANGELOG

And a few other places
2021-07-13 15:46:20 +02:00
Eugen Rochko 771c9d4ba8
Add ability to skip sign-in token authentication for specific users (#16427)
Remove "active within last two weeks" exception for sign in token requirement

Change admin reset password to lock access until the password is reset
2021-07-08 05:31:28 +02:00