Commit graph

365 commits

Author SHA1 Message Date
Eugen
0d83569899 Fix cross-origin integrity (#1871)
See <https://glitch.social/users/bea/updates/434>
2017-04-15 22:48:30 +02:00
Naouak
3d3e32befb Check for a custom css file to help customization of instances (#1368)
* User can create a custom.scss to customize their instance without modifying gitted files.

* Add documentation for customization.

* Forgot the helper file

* Fix Style to pass codeclimate

* Requests from maintainer.
2017-04-15 22:47:48 +02:00
Marcin Cieślak
1c8477eab2 Give SINGLE_USER a chance to register (#1820)
An attempt to open a brand new Mastodon instance configured
as SINGLE_USER_MODE=true will cause an exception.

Enable temporary registration if we have no users in the database

Fixes #1817
2017-04-15 16:46:27 +02:00
Matt Jankowski
6670e6d33f Add password reset for users from admin accounts area (#1841) 2017-04-15 16:44:59 +02:00
Matt Jankowski
3b8908c114 About page contact email (#1839)
* Correct site_contact_email typo

* Separate about more page into partials, add specs
2017-04-15 13:33:25 +02:00
Alex Dunn
0f889523e4 views/about: use Setting.site_title instead of hardcoding (#1508) 2017-04-15 13:28:09 +02:00
Patrick Figel
df4ff9a8e1 Add recovery code support for two-factor auth (#1773)
* Add recovery code support for two-factor auth

When users enable two-factor auth, the app now generates ten
single-use recovery codes. Users are encouraged to print the codes
and store them in a safe place.

The two-factor prompt during login now accepts both OTP codes and
recovery codes.

The two-factor settings UI allows users to regenerated lost
recovery codes. Users who have set up two-factor auth prior to
this feature being added can use it to generate recovery codes
for the first time.

Fixes #563 and fixes #987

* Set OTP_SECRET in test enviroment

* add missing .html to view file names
2017-04-15 13:26:03 +02:00
Matt Jankowski
cde1f37d93 Use site title on tags#show page (#1802) 2017-04-15 02:37:20 +02:00
Joachim Viide
ef879a8839 Send initial state in a <script type="application/json"> tag (#1806) 2017-04-15 02:32:42 +02:00
Matt Jankowski
8b74aa4217 Admin reports controller improvements (#1714)
* Simplify admin/reports controller filtering for index

* Rename parameter to resolved

* Fix issue where reports view could not access filter_link_to

* Add coverage for admin/reports controller

* DRY up resolution of related reports for target account

* Clean up admin/reports routes

* Add Report#statuses method

* DRY up current account action taken params

* Rubocop styles
2017-04-14 11:10:28 +02:00
maxypy
a6807201d2 Implementing Subresource Integrity (#1729)
* Add sprockets-rails to Gemfile

* Add sprockets-rails to Gemfile.lock

* Update show.html.haml

* Update index.html.haml

* Update admin.html.haml

* Update auth.html.haml

* Update embedded.html.haml

* Update public.html.haml
2017-04-14 11:09:20 +02:00
Thomas Citharel
c0c56db0fa Translate admin (#1702)
* Translate the domain_block panel

Signed-off-by: Thomas Citharel <tcit@tcit.fr>

* Translate PubSubHubbub section

Signed-off-by: Thomas Citharel <tcit@tcit.fr>

* translate account section and correct typos

* move reports translation & translate sidebar

Signed-off-by: Thomas Citharel <tcit@tcit.fr>

* normalize l18n
2017-04-13 21:49:07 +02:00
Alyssa Ross
55b56e3f95 terms: remove redundant words (#1578)
"at least X" and "X or older" have identical meanings.
Using both together feels a little jarring.
2017-04-13 19:50:19 +02:00
Isabelle Knott
447b8bc44e Do not show media attachment as og:image if it was marked as NSFW (#1693) 2017-04-13 15:59:43 +02:00
Daijiro Wachi
4f781b17cc Use input type number for Two-factor code (#1683) 2017-04-13 13:13:17 +02:00
Matt Jankowski
137100dcf3 Clean up well-known routes/controllers (#1649)
* Add request spec for host meta route returning xml

* Add routing spec for xrd routes

* Update well-known routes

* Move webfinger and host-meta actions to their own controllers
2017-04-13 13:09:07 +02:00
Matt Jankowski
3a9eb81a80 Admin accounts controller cleanup (#1664)
* Remove unused account_params method in admin/accounts controller

* Introduce AccountFilter to find accounts

* Use AccountFilter in admin/accounts controller

* Use more restful routes admin silence and suspension area

* Add admin/silences and admin/suspensions controllers
2017-04-13 13:04:23 +02:00
Matt Jankowski
0e39cc6a35 Settings export refactor (#1646)
* Refactor Export to take an account and know about the export types

* Use Export instance in settings/exports#show
2017-04-13 13:02:02 +02:00
Knut Erik
e1264bbd92 Added norwegian version of terms of service and privacy policy (#1625) 2017-04-12 20:28:56 +02:00
Ben Roberts
0254ee9795 significant improvement in microformats markup (#1063)
* significant improvement in microformats markup

This is a huge improvement and I believe will close #965.

Had these microformats reviewed by others in the community to help
ensure they are at least correct, if not complete.

I did not want to change the structure of the page, and so there it does
not fully mark up the entire ancestry chain, or reply chain, only the
direct decendants and direct ancestors are correctly associated, but
this is likely fine as the most important bit is to have access to the
urls for those toots which are now correctly fetchable.

* improve code climate

* trying to pass code climate tests

* code climate

* fix p-summary for content warning posts

* fix error introduced when merging via github
2017-04-12 20:04:33 +02:00
David Libeau
c2a31b8032 Fix target blank on "open_in_web" link (#1612)
When you render the "embed" view in an iframe, this link bugs when clicked, due to missing target blank.
2017-04-12 13:09:58 -04:00
Matt Jankowski
c44a700252 Quick best practice cleanup of views/helpers (#1546)
* Remove trailing whitespace

* Use query methods instead of explicit .blank? checks
2017-04-12 18:24:18 +02:00
Matt Jankowski
7f0a865b05 Allow import/export of mutes list (#1541)
* Allow export of mutes list

* Allow importing of mutes list

* Refactor to use Settings::Exports::BaseController and DRY up exports code
2017-04-12 18:20:44 +02:00
Thomas Citharel
d90d23699c Make Reporting admin section translatable (#1549)
* Make Reporting admin section translatable

And translate it into english and french

Signed-off-by: Thomas Citharel <tcit@tcit.fr>

* Make subject of emails translatable and improve french translation

Signed-off-by: Thomas Citharel <tcit@tcit.fr>

* Make error pages translatable and translate them in english and french

Signed-off-by: Thomas Citharel <tcit@tcit.fr>

* Translate site setting section

* Insert instance in registration emails and improve them a bit

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2017-04-12 17:11:49 +02:00
Matt Jankowski
dd1ae3b109 Simplify the way the embed view is created (#1590)
* Add coverage for embedded status view

* Refactor embed view to eliminate @external_links variable
2017-04-12 16:12:42 +02:00
Matt Jankowski
3ddd936b03 Refactor exports controller (#1567)
* Add basic coverage for settings/exports controller

* Remove unused @account variable from settings/exports controller

* Add coverage for download export actions

* Remove deprecated `render :text` in favor of `send_data` for csv downloads

* Add model to handle exports

* Use Export class in settings/exports controller

* Simplify settings/exports controller methods

* Move settings/export to more restful routes
2017-04-11 22:00:43 +02:00
lindwurm
fc47c1d00e [about] Moving docs link to tootsuite/documentation (#1573)
related: 1236529e39

Signed-off-by: lindwurm <lindwurm.q@gmail.com>
2017-04-11 21:57:05 +02:00
pinfort
6f5268b02d Add Japanese translation (#1552)
* add device.ja.yml

* update device.ja.yml

* add file simple_form.ja.yml

* 👍Added doorkeeper.ja.yml

* add ja.yml

* Update doorkeeper.ja.yml

fixed url to uri

* update ja.yml

* fix some translations

* fix japanese grammar of a translate

* fix some translates

* fix ja.yml

* add ja.jsx

* add Japanese user mail views

* Added japanese translate locales

* Added :ja to available_locales

こっちも

* Added "日本語" to HUMAN_LOCALES

* Imported/Added ja to addLocaleData

* update ja.jsx
2017-04-11 21:52:09 +02:00
Eugen Rochko
2a7602cad4 Merge branch 'master' of https://github.com/blackle/mastodon into blackle-master 2017-04-11 20:43:56 +02:00
blackle
06444bf050 Allow user to disable the boost confirm dialog in preferences 2017-04-11 10:10:16 -04:00
Matt Jankowski
4ada50985a Pagination improvements (#1445)
* Replace will_paginate with kaminari

* Use #page instead of #paginate in controllers

* Replace will_paginate.page_gap with pagination.truncate in i18n

* Customize kaminari views to match prior styles

* Set kaminari options to match prior behavior

* Replace will_paginate with paginate in views
2017-04-11 01:11:41 +02:00
Eugen
12f72e1740 When avatar/header are GIF, generate static versions (#1428)
* When avatar/header are GIF, generate static versions.
Account API returns "avatar"/"avatar_static", "header"/"header_static"
Static version is the same as original for other cases
Web UI de-animates avatars in toots, lists of users

Fix #441, fix #596, prerequisite for #1064

* Fix JS test

* Add rake task to generate static avatars/headers from GIF ones, add test
2017-04-11 00:38:58 +02:00
Matt Jankowski
d2f6d9b9fb Fix issue with missing emojify class in views (#1455)
* Add missing emojify class to landing strip

* Add missing emojify class to simple_status partial
2017-04-10 21:27:52 +02:00
Olivier Humbert
082bef3027 French translation update (#1271)
* Update confirmation_instructions.fr.html.erb

consistency across the French translation

* Update 

consistency across the French translation

* Update fr.yml

a bunch of consistency across the French translation + a few typos

* Update doorkeeper.fr.yml

consistency across the French translation (punctuation)
2017-04-09 14:55:58 +02:00
Matt Jankowski
e5282e4ec0 Clean up about page (#1282)
* Add InstancePresenter to expose site details

* Clean up about controller, use instance presenter
2017-04-09 14:47:25 +02:00
Eugen
9acdb166e8 Fix #795, fix #704, fix #835 - 2FA requires confirmation to be enabled (#1278)
* Fix #795, fix #704, fix #835 - 2FA requires confirmation to be enabled
TOTP secret is not shown again after 2FA is enabled

* Clean up
2017-04-08 22:20:08 +02:00
Thomas Citharel
41f8fde83e Update french translation (#1148)
Add french translation for emails sent

Signed-off-by: Thomas Citharel <tcit@tcit.fr>

Add non-breaking spaces

Signed-off-by: Thomas Citharel <tcit@tcit.fr>

changes and fixes to the nbsps

Signed-off-by: Thomas Citharel <tcit@tcit.fr>

French update

a few fixes

Signed-off-by: Thomas Citharel <tcit@tcit.fr>

fixes

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2017-04-08 13:11:16 +02:00
Matt Jankowski
ca44c13455 Use Setting.site_title value for og:site_name occurrences (#1194)
* Add helper method to return Setting.site_title

* Use site_title helper in application layout

* Use site_title value for og:site_name
2017-04-08 12:15:40 +02:00
Joël Quenneville
d4c94fa004 DRY up reblog vs original status check
Checking reblog vs original status was happening in multiple places
across the app. For views, this logic was encapsulated in a helper
method named `proper_status` but in the other layers of the app, the
logic was duplicated.

Because the logic is used at all layers of the app, we extracted it into
a `Status#proper` method on the model and changed all uses of the logic
to use this method. There is now a single source of truth for this
condition.

We added test coverage to untested methods that got refactored.
2017-04-07 14:18:30 -04:00
Eugen
0adee18d73 Merge branch 'master' into feature-customized-default-locale 2017-04-07 13:07:03 +02:00
Jantso Porali
786e6f94b9 Update Finnish translations, add sample Minio config (#954) 2017-04-07 12:58:12 +02:00
Eugen Rochko
e3a3422a65 Allow setting of default language through config
Setting of locale in controller extracted to Localized concern,
the doorkeeper authorized applications controller moved under
custom namespace with inclusion of Localized, which resolves the
"it sometimes appears in a different random language" bug
2017-04-07 12:40:26 +02:00
Eugen
1c351709bc Force UTF8 encoding on generated XML (#1140) 2017-04-07 11:09:14 +02:00
Eugen
6d6a429af8 Rewrite Atom generation from stream entries to use Ox instead of Nokogiri (#1124)
* Rewrite Atom generation from stream entries to use Ox instead of Nokogiri::Builder

StreamEntry is now limited to only statuses, which allows some optimization. Removed
extra queries on AccountsController#show. AtomSerializer instead of AtomBuilderHelper
used in AccountsController#show, StreamEntriesController#show, StreamEntryRenderer
and PubSubHubbub::DistributionWorker

PubSubHubbub::DistributionWorker moves n+1 DomainBlock query to PubSubHubbub::DeliveryWorker
instead.

All Salmon slaps that aren't based on StreamEntry still use AtomBuilderHelper and Nokogiri

* All Salmon slaps now use Ox instead of Nokogiri. No touch from status on account
2017-04-07 05:56:56 +02:00
Eugen Rochko
5f54981846 New admin setting: open/close registrations, with custom message, from the admin UI 2017-04-04 15:28:12 +02:00
Eugen Rochko
68f829e11c Add basic logging of who resolved report 2017-04-03 19:35:00 +02:00
Eugen Rochko
71458dc6df When taking action on a report (silence/suspend), it dismisses all other
reports for that user automatically
2017-04-03 19:19:54 +02:00
Eugen Rochko
b7c1b12367 Make default admin UI page reports. Add admin UI for creating a domain block 2017-04-03 18:55:06 +02:00
Eugen Rochko
2d07cb5771 Catching rack timeout from rails doesn't work 2017-04-02 21:12:18 +02:00
Eugen Rochko
5b12624847 Add proper error page for request timeouts 2017-04-02 19:43:44 +02:00
Eugen Rochko
433cb198fa Fix landing page sign up form ignoring username field 2017-04-02 04:13:22 +02:00
Eugen Rochko
bde5c0eaf9 Fix some views still not using counter caches 2017-03-31 14:02:07 +02:00
Eugen Rochko
5e26295e06 Fix #700 - hide spoilers on static pages 2017-03-31 13:54:36 +02:00
Eugen Rochko
e8875c6046 Import feature for following/blocking lists (addresses #62, #177, #201, #454) 2017-03-30 19:42:33 +02:00
Eugen Rochko
de22c202f5 Add counter caches for a large performance increase on API requests 2017-03-30 15:06:59 +02:00
Eugen Rochko
1c6b02f936 Fix #690 - Webfinger should handle new shortform profile URLs now (nice) 2017-03-28 11:25:43 +02:00
Eugen Rochko
f864fee116 Fix up some localizations 2017-03-26 13:22:38 +02:00
Eugen Rochko
99ca63a543 Fix public profile pagination links 2017-03-25 19:16:17 +01:00
Eugen Rochko
9bf4c34919 Fix #675 - return created_at in notifications API 2017-03-24 03:55:45 +01:00
Eugen Rochko
d6ed2eb512 Prettier account and stream entry URLs 2017-03-22 19:55:14 +01:00
Eugen Rochko
88f32708c3 Web UI support for the new omnisearch 2017-03-22 04:09:28 +01:00
Eugen Rochko
05cf086766 New API method: /api/v1/search
Returns accounts, statuses, hashtags arrays
2017-03-22 02:32:27 +01:00
Eugen Rochko
98571b0ce4 Don't list "direct" under default post privacy settings 2017-03-21 19:45:25 +01:00
Eugen Rochko
8803ca9efe Improved landing page 2017-03-21 19:18:37 +01:00
Eugen Rochko
6b1db5c2b2 Add landing strip 2017-03-20 03:36:29 +01:00
Eugen Rochko
56d998cbdb Export follow/block lists as CSV 2017-03-19 20:29:41 +01:00
Eugen Rochko
ac406a31b0 Start page links a bit more readable 2017-03-17 20:49:34 +01:00
shel
38dceb3bf7 Promote Apps (#670)
"Various apps are available" is now a hyperlink
2017-03-17 16:16:39 +01:00
Eugen Rochko
6be7bde243 Fix #525 - Add instance information API 2017-03-15 23:12:48 +01:00
Eugen
e245115f47 Merge branch 'master' into mastodon-site-api 2017-03-15 22:55:22 +01:00
Eugen Rochko
caf5b8e975 Fix #431 - convert gif to webm during upload. Web UI treats them like it did
before. In the API, attachments now can be either image, video or gifv. Gifv
is to be treated like images in terms of behaviour, but are videos by file
type.
2017-03-04 23:02:24 +01:00
Eugen Rochko
6b81d10030 Add digest e-mails 2017-03-04 00:00:48 +01:00
Kit Redgrave
442fdbfc53 Mute button progress so far. WIP, doesn't entirely work correctly. 2017-03-01 22:31:21 -06:00
Eugen Rochko
d180aaa2a7 Fix #186 - Add RTL support to the compose form textarea and statuses output 2017-02-28 01:52:31 +01:00
Kibigo
620f70e42c Adds site metadata access to the API 2017-02-27 04:06:25 -08:00
Eugen Rochko
175a9b9caa Fix #104 - Style OAuth authorized applications page
Add ability to search accounts by display name
2017-02-27 00:15:00 +01:00
Eugen Rochko
f2931af61e Quick fix for avatars with the same URL not being perceived as updated and in need of re-download 2017-02-17 01:50:01 +01:00
Eugen Rochko
d0f087db2d Add UI to view report details, remove reported statuses, quick links to resolve/silence/suspend from report 2017-02-17 00:42:52 +01:00
Eugen Rochko
24ba7c9762 Adding index overview for reports in admin UI 2017-02-16 02:28:10 +01:00
Eugen Rochko
5426f06ac2 Fix admin UI for accounts somewhat 2017-02-15 00:22:58 +01:00
Eugen Rochko
3b81baaaaf Adding POST /api/v1/reports API, and a UI for submitting reports 2017-02-14 20:59:26 +01:00
Eugen Rochko
63886bdc59 Fix #587 - Display TOTP secret next to QR code 2017-02-13 20:56:03 +01:00
Eugen Rochko
2d8a4c4390 Add "next" link to Atom feeds 2017-02-13 15:38:45 +01:00
Eugen Rochko
0518492158 Stop trying to shoehorn all Salmon updates into the poor database-connected
StreamEntry model. Simply render Salmon slaps as they are needed
2017-02-12 01:19:14 +01:00
Eugen Rochko
d551e43a9b Improve public tag page 2017-02-10 23:21:01 +01:00
Eugen Rochko
d2619e0b53 Site title is now a setting 2017-02-10 22:37:11 +01:00
shel
3f1f3d0827 Add link to other instances list
This should help federation
2017-02-10 13:06:38 -05:00
Eugen
9d5fb49cd8 Merge pull request #603 from evanminto/activitypub-account
Expose ActivityStreams 2.0 representation of accounts
2017-02-07 02:08:40 +01:00
Evan Minto
28cbb6dc21 Add AS2 format to RABL files 2017-02-06 17:00:55 -08:00
Eugen Rochko
347a153b3d Add API modifiers to limit returned toots from public/hashtag timelines
to only those from local users; Add link to "extended information" to
getting started in the UI; Add defaults for posting privacy; Change
how publish button looks depending on posting privacy chosen
2017-02-06 23:16:20 +01:00
Evan Minto
53234e5947 Add trailing newline 2017-02-06 12:15:47 -08:00
Evan Minto
3fa5d05997 Simplify RABL 2017-02-06 11:39:08 -08:00
Evan Minto
94e213c6c1 Reuse existing controller and route 2017-02-06 01:19:26 -08:00
Eugen Rochko
87830f99e7 Fix #552 - Replace image links with image icons in status text in the UI 2017-02-05 15:25:55 +01:00
Eugen Rochko
21972bb398 No replies filter on home timeline no longer hides self-replies 2017-02-05 02:02:46 +01:00
Evan Minto
e2fbf8bc74 Add an account endpoint for ActivityPub and link to it on HTML profile pages 2017-02-04 14:46:23 -08:00
hoodie
d4d3a10c25 untested!! spoiler hotfix for replies
untested, my vagrant is bugged again, submitted at gargron's request
2017-02-04 17:33:46 -05:00
Eugen Rochko
ccb8ac8573 Make the streaming API also handle websockets (because trying to get the browser EventSource interface to
work flawlessly was a nightmare). WARNING: This commit makes the web UI connect to the streaming API instead
of ActionCable like before. This means that if you are upgrading, you should set that up beforehand.
2017-02-04 00:34:31 +01:00
Eugen Rochko
c2fbd144cf Add "open in web" link to detailed public status pages 2017-01-30 23:01:37 +01:00
Eugen Rochko
23b997ae55 Split 2FA login into two prompts 2017-01-28 20:43:38 +01:00