* Add coverage for admin/confirmations controller
* Coverage for statuses controller show action
* Add coverage for admin/domain_blocks controller
* Add coverage for settings/profiles#update
* fix(video): Position of play icon
#2601
* fix(overlay-button): Positioning
* fix(expand): Bottom align expand icon
* feat(video): Fit landscape videos into preview area
Follow-up to #2599. When a domain block with `reject_media` is
added or `rake mastodon:media:remove_remote` is invoked, mastodon
deletes the locally cached attachments and avatars but does not
reflect that change in the database, causing the `file` fields to
still have values. This change persists the deletion in the
database and sets the attachment type to unknown.
This also introduces a one-off rake task that sets all attachments
without a local file to the "unknown" type. The upgrade notes for
the next release should contain a post-upgrade step with
`rake mastodon:media:set_unknown`.
In #2110, a new attachment type "unknown" was introduced for
attachments that were rejected due to a domain being blocked using
reject_media. However, the "type" field was never set to "unknown"
because a default value of "0" (image) is set for that column,
causing the `type.blank?` expression to always equal false.
This version uses type_changed? instead, causing the type to be set
to "unknown" unless a type has been explicitly set. This introduces
a small change in behaviour causing the type to be set to unknown
before paperclip calls `before_post_process`. Presumably this
behaviour is more appropriate than the current one because the
attachment type has not been determined by that point.
Included are new tests for `ProcessFeedService` and
`UpdateRemoteProfileService` which now check that remote media is
downloaded for non-blocked domains and is rejected for others.
* Minor updates to zh-CN JS translation
* removed "!" from "toot" per #2549 (it's a privacy indicator)
* ellipsis work (from ... to some U+2026 horizontal ellipsis unicode stuff)
* Spillcheck for zh-CN js translations (squash this)
部 [份→分]
* Add render_views in more places
* Delegate methods from account to user with allow nil true, so that admin accounts show view renders when missing a user
* Use actual account instances in authorize follow controller spec
* Add rough outline of coverage needed for public timeline
* Specs for visibility, replies, boosts
* Specs for silenced account
* Specs for local_only option
* Specs for blocks and mutes
* Add tentative spec around including other silenced account statuses
* Add with_public_visibility scope
* Add simple coverage for tag_timeline
* Tag timeline includes replies
* Replace tag.statuses with a tagged_with scope in tag timeline method
* Use with_public_visibility in tag timeline
* Extract common scope between public and tag timelines to method
* Extract local domain check to local_only scope
* Extract local_only check to starting scope method
* Move list of excluded from timeline account ids to account model
* Simplify excluded accounts list on account model
* Only join accounts when needed
* Rename method for account specific filtering
* Extract method for account exclusions
* Fix bug where silenced accounts were not including statuses from other silenced accounts
* DRY up filter application from account or no account
* timeline_scope can be private
* Add spec showing that account can find its excluded accounts ids
* Add spec which fails if local_only does not have a left outer join
* rubocop
In #2505, the authorize_follow views were renamed to
authorize_follows. This change was not applied in the show view
of admin/reports, which causes a 500 when reports are viewed.
* Instead of parsing shared status contents verbatim, make roundtrip
to purported original URL. Confirm that the "original" URL is from the
same domain as the author it claims to be from.
* Fix obvious typo, add comment
* Use URI look-up first
* Add test, update Goldfinger dependency to make less useless HTTP requests per Webfinger lookup
* OEmbed support for PreviewCard
* Improve ProviderDiscovery code failure treatment
* Do not crawl links if there is a content warning, since those
don't display a link card anyway
* Reset db schema
* Fresh migrate
* Fix rubocop style issues
Fix#1681 - return existing access token when applicable instead of creating new
* Fix test
* Extract http client to helper
* Improve oembed controller
* Fix syntax error
* Remove two_factor_auth.warning (appears obsolete)
* Add missing strings in ru.yml
A lot of new strings translated, especially for the newly added admin section
* Update Russian translation
* Fix merge conflicts
Redid Works by @rkarabut
* Add coverage for domain block service with silence
* Get rid of warning about find_each and order
* Move domain_block to attr_reader
* Move optional clear_media into silence_accounts method
* Use blocked_domain method to reduce passed vars
* Extract blocked_domain_accounts method to find accounts on the domain
* Extract media_from_blocked_domain method to find relevant attachments
* Separate destruction of account images and account attachments
* Fixes#1985
- add migration AddMediaAttachmentMeta, which add meta field to media_attachments
- before saving attachment, set file meta if needed
- add meta in api
* add spec
* align the “size” format for image and video
* fix code climate
* fixes media_attachment_spec.rb
Closestootsuite/mastodon#1349
This is my first PR and I’m only checking in the source JSX file.
Please let me know if it should be checked in after being built also.
* Stricter whitelist rules
* Linting
* Added spec for blacklisting
* Test subdomain blacklist on domain whitelist
* No need to split
* Change spec name
Set status action bar to have display flex and center align items so dropdown icon appears center aligned with other icons. Make styles alpha organized.
Add hover state to boost icon - lighten color on hover.
This PR fixes I18n.locale for rake middlewares. Mastodon uses Devise that depends on Warden.
Warden::Manager can be found in rake middleware. It is outside of the controller.
In the case of authentication failed, warden calls throw(:warden). At the time Warden::Manager
delegates request to failure_app to generate response and flash[:alert] after catching it.
Unfortunately, I18n.locale is already reset then because I18n.with_locale is enabled only
inside the controller. If we used I18n.locale=, Devise::FailureApp could get the current locale.
* Change ActivityPub paging to match spec. Clean up ActivityPub outbox changes.
* Fix code style and test failures for OutboxController.
* Attempt to fix CI errors.
duplicates. Web UI regenerates UUID for that header every time the compose
form is changed or successfully submitted
Also, fix Farsi i18n overwriting the English one
* Fix#2119 - Whenever about to send a HTTP request, normalize the URI
* Add test for IDN request in FetchLinkCardService
* Perform IDN normalization on domains before they are stored in the DB
* fix(upload): Only show upload modal when drag even contains files
* fix(firefox): Close drag window ondragend also
Do not only end drag styles on drag leave, but also on drag end. Fixes firefox bug. #687
* fix(drag-modal): Remove drag modal trigger cruft
* fix(upload-modal): Allow close with escape button
* Add failing spec for oauth/authorized_applications controller
* Use explicit reference to flashes partial from admin layout
Because some of the controllers which use the admin layout do not inherit from
application controller, this partial is not in their view path.
* Expose media attachments on reported statuses directly
* Comment out unused bulk report checkbox. Add title to report comment for viewing full comment. Add 'contents' column, with icons and numerical indicators to show the number of referenced statuses and media attachments in the report
* Link account name on authorize_follow card back to account
* Add localisation string for report_contents
* Show new admin accounts card partial on report view. Apply simple_format to report comment so newlines are preserved.
* Add new admin accounts card partial, for display quick useful admin stats (e.g. report history, moderation status).
* Fix localized variable
* Make private toots get PuSHed to subscription URLs that belong to domains where you have approved followers
* Authorized followers controller, stub for bulk action
* Soft block in the background
* Add simple test for new controller
* Rename Settings::FollowersController to Settings::FollowerDomainsController, paginate results,
rename "private" post setting to "followers-only", fix pagination style, improve post privacy
preferences style, improve warning style
* Extract compose form warnings into own container, show warning when posting to followers-only with unlocked account
Float detailed status display avatar left. Only apply display block to display names in status info, not in detailed status. Thanks to @nightpool for finding those. Make star icon in notification show up as gold. Add anchor selector back to status__content__spoiler-link in order to override default anchor style elsewhere.
Add an ID to the CW spoiler input field to give aria-controls a handle on it. Pass that id to the CW trigger button. Modify text icon button component to accept aria controls id value. Add aria-expanded value to text icon button to indicate when it is expanded.
* Add failing spec showing that human_locales does not match what i18n knows about
* Add missing `ar` key for arabic to human locales
* Remove duplicate `id` key from available locales
* Sort keys in human locales list
* Add spec for human_locale helper
This provides a hotfix for outbound salmon requests to other Mastodon instances
as they currently will try to resovle user@WEB_DOMAIN instead of user@LOCAL_DOMAIN
(see #2012 and #20312).
Furthermore, this should ease transition from users switching from
LOCAL_DOMAIN = WEB_DOMAIN to another LOCAL_DOMAIN when WEB_DOMAIN does not change.
Put Column Slim Back Button classnames in order so it is positioned right and top. Add icon button style back to privacy dropdown and upload buttons so they are positioned correctly and do not wiggle. Remove abstracted style from CSS. Add missed class for the upload form thumbnail. Add the missed styles for upload form thumnail. Alphabetize styles for column-back-button. Fix fontSize typo for media-spoiler-video-play-icon.
The two methods `StreamEntriesHelper#stream_link_target` and
`StreamEntriesHelper#acct` are based on checking whether we are running
in an embedded view.
This adds some test helper code to make the testing easier. We extracted
some "magic strings" to constants to lower the coupling in the specs.
The code that generates CSS is based on a lot of boolean conditions.
The possible combinations of these grows exponentially as we add more
conditions.
Since most of the code is conditional on a single boolean, we tested the
following:
1. All `false`
2. All `true`
3. Each individual flag set to `true`
The methods tested are:
* `StreamEntriesHelper#style_classes`
* `StreamEntriesHelper#microformats_classes`
* `StreamEntriesHelper#microformats_h_class`
* Made tooltip for boosting depend on visibility
* Removed spaces that were added in merge conflict resolution
* Try again :P
* Added missing bracket
* Changed 'toot' to 'status'
* Clean up collapsible components
* Expose user Outboxes and AS2 representations of statuses
* Save work thus far.
* Fix bad merge.
* Save my work
* Clean up pagination.
* First test working.
* Add tests.
* Add Forbidden error template.
* Revert yarn.lock changes.
* Fix code style deviations and use localized instead of hardcoded English text.
* Shows confirmed status in list.
* Adds ability to confirm users in admin UI.
* Added new english translations.
* Addresses feedback from #2245.
* More feedback.
- Deleting a toot
- Muting, blocking someone
- Clearing notifications
Remove source map generation from development environment, as it is a huge
performance sink hole with little gains
The previous translation for NSFW, "不適切" means "impertinent". This change
suggests "閲覧注意", which means the content requires precaution, instead.
However, "閲覧注意" was also a translation for CW. CW is now translated as
"警告", which simply means "warnings".
* fix(classnames): Status icon style classnames
Take out inline css and put into classnames for the following components: account, avatar, icon button, status action bar, notification.
* fix(status): Move styles from inline to classes for statuses
Move styles to classnames in components.scss for the following components:
display name
media gallery
status
status content
video player
* fix(classnames): Add classnames to rest of components
Take out inline styles and apply them to classnames in the sass for the following components:
button
column back button
slim column back button
collapsable column
dropdown menu
loading indicator
status list
* fix(classnames): Remove all non-dynamic inline styles
Components affected:
autosuggested
permalink
action bar
header
character counter
compose form
emoji dropdown
privacy dropdown
reply indicator
upload form
account auth
followers
getting started
column settings
mutes
settings
reblogs
status checkbox
report
action bar
status
card
boost modal
media modal
video modal
* fix(permalink): Do not lose classname
* fix(tests): Add space back in display name
* fix(status__wrapper): Remove duplicate css name
Remove incorrect style attribute. Remove style attribute all together. Cursor defaults to "auto" when not specified as 'default'.
* fix(nl): do not lose translations
The force_ssl method from controllers does not add all of the options that the
sitewide configuration in a config block does. For example, HSTS enforcement is
not added by the controller method, but is added by this style.
* feat(aria): Add aria-labels to underlabelled tab nav items
The drawer tabs which control primary navigation are only labelled by a title which is not available to many screenreaders. Add an aria-label attribute to each link to improve readability with screenreaders. Organize link attributes so link target is first followed by classname.
Issue #1349
* feat(aria): Replace abstract aria role of section with region
Abstract aria roles such as section should not be used in content. Use non-abstract 'region' aria role instead. That role expects an aria-labelledby attribute with an id. Pass an ID to the column header. Remove the aria-label attribute on the ColumnHeader because the same value is output in plaintext as its child.
Issue #1349
* fix(aria): Remove aria-controls attribute until solution is found
Columns do not have wrappers, so these icons can't point to a column wrapper which it controls. Instead these icons function as triggers to show or hide individual columns.
#1349
* fix(typo): Remove type of aria-labelledby instead of aria-label
* Add spec coverage for settings/two_factor_auth area
* extract setup method for qr code
* Move otp required check to before action
* Merge method only used once
* Remove duplicate view
* Consolidate creation of @codes for backup
* Move settings/2fq#recovery_codes to settings/recovery_codes#create
* Rename settings/two_factor_auth#disable to #destroy
* Add coverage for the otp required path on 2fa#show
* Clean up the recovery codes list styles
* Move settings/two_factor_auth to settings/two_factor_authentication
* Reorganize the settings two factor auth area
Updated to use a flow like:
- settings/two_factor_authentication goes to a #show view which has a button
either enable or disable 2fa on the account
- the disable button turns off the otp requirement for the user
- the enable button cycles the user secret and redirects to a confirmation page
- the confirmation page is a #new view which shows the QR code for user
- that page posts to #create which verifies the code, and creates the recovery
codes
- that create action shares a view with a recovery codes controller which can be
used separately to reset codes if needed
* Fix#1057 (close#1819) - Move HTML-formatted bio from <poco:note /> to <summary type="html" />
* Ensure <poco:note /> is plaintext for remote accounts, also, by stripping out HTML
* add Indonesian (Bahasa Indonesia) translation
add id.jsx
add translations on email views
add devise.id.yml
add doorkeeper.id.yml
add id.yml
add simple_form.id.yml
update id locale on mastodon.jsx, index.jsx, settings_helper.rb, and
application.rb
* add Indonesian (Bahasa Indonesia) translation
add id.jsx
add translations on email views
add devise.id.yml
add doorkeeper.id.yml
add id.yml
add simple_form.id.yml
update id locale on mastodon.jsx, index.jsx, settings_helper.rb, and
application.rb
* fix InvalidLocaleData on a string
* fix InvalidLocaleData on a string
* Fix language keys in Indonesian ruby locale (id)
Use "id" instead of "en" as object keys.
* Removed obsoleted translation (id)
For the 'time ago' value of stream entry simple statuses and the timestamp value
of detailed statuses - output their UTC value and use the browser timezone to
convert locally.
This commit fixes hashtag_html so it correctly handles matches with multiple hash-signs.
Bug located by @over9001, initial fix suggested by @nightpool.
Fix#2199 and minifying assets file.
jQuery v1.x is supports legacy browsers.
But, Mastodon does not support legacy browsers.
I think jQuery v1.x is unnecessary.
* A bit of more explanation
* Update nl.yml
* That's more elegant
* More consistent and adding missing translation
* Update
* Update
* Added Dutch onboarding modal strings
* Repair most egregious mistakes
The deployed changes broke the pedagogy and curriculum built into the design of the onboarding modals, which had been reviewed and approved by various other contributors. While the changed layouts of the pages make some of the original decisions impossible to re-implement without substantial work, these changes should at least make the modals not outright terrible.
The empty confusing description of Mastodon was replaced with an actual basic explanation of federation. The language was modified to be friendly and conversational again. Grammatical errors were fixed. The explanations of local and federated timelines were re-ordered to be in the direct that the menus go, top to bottom, and the sentence was re-added which explains that they are what "public timelines" refers to (since this phrasing is used elsewhere in the UI) and suggests the user use them to discover who to follow. A figure of the profile picture that lives above the compose box was padded to page two to serve as a landmark for less technically literate users to easily find the compose box and understand that the next page is moving upwards, so that they can find the search bar.
Ideally, the elephant artwork should be either removed or replaced with something less depressing. Room should be made to point users at the notifications column's settings icon because "how do I turn off the notification noise" is one of the most asked questions of new users and those icons are not easily noticeable. This last part may be made obsolete if the settings UI is later re-worked.
* Change copy
This commit addresses copy change suggestions made in the PR discussion
* Add periods to ends of sentences missing periods
* Made "Home" "Federated" "Local" and "Notifications" lowercase
* Separate explanation of "connecting" and the word "instance" into two sentences, to make the sentence less dense.
* Alphabetically order translation keys
* Fix some missing gender neutral translations in french
* Add a comment to remind contributors to order translations by key
* Add render_views for admin/settings spec
* Add coverage for admin/settings#update
* Add coverage for admin/settings typecasting open_registrations setting
* Simplify how admin/settings finds the value for updating
* Rely on activerecord to not update a value that hasnt changed
* Add coverage for non-existent setting
* Use a constant for boolean settings
* Fix#2108 - Fix gif uploads
Add specs for media attachment gifv conversion
* Add ffmpeg to travis
* Make travis install ffmpeg, not libav
* Switch travis to trusty
* Add meta tags for OGP to following & follow page
* simplify render helper
* Follow up #2133
* og:type is only accounts/show
* revert accounts/{following,followers}
* enable to scroll the setting's page sidebar
add scroll:auto and use margin instead of padding for the bottom
* Update admin.scss
* Update admin.scss
* Update admin.scss
* Add routing specs for accounts followers and following actions
* Use more restful route naming for public account follow pages
Moves two actions:
- accounts#followers to accounts/follower_accounts#index
- accounts#following to accounts/following_accounts#index
Adds routing spec to ensure prior URLs are preserved.
* Extract detect_language to separate class
* Use default locale, not just en
* Add spec to confirm that whatlanguage cant identify empty string
* Allow account locale to override default in language detector
* PostStatusService supplies an account to detect language
* Polish zh-cn js translation
* fixes for problems pointed out by gumblex in #2044
* more effectively differentiate between following/follower
* Fix missing period (zh-cn js)
Maybe squash this commit?
* Fix duplicate word (zh-cn js)
* Add a ReportFilter class
* Add reports and targeted_reports relationships to Account
* Use ReportFilter from admin/reports controller
* Link to admin/reports filtered views from admin account show view
* Add indexes to reports.account_id and reports.target_account_id
* Added oc.yml
* Added `config/locales/oc.yml`.
Translated in General Occitan (Quent-in).
* Added oc.jsx (Occitan translation)
* Written in General Occitan (lengadocian)
* Added `app/assets/javascripts/components/locales/oc.js`
* Added doorkeeper.oc.yml
* Added `config/locales/doorkeeper.oc.yml` (Quent-in)
* Added simple_form.oc.yml
* Added `config/locales/simple_form.oc.yml` (Quent-in).
* Merge en.yml changes into oc.yml
Added new strings for translations
* Fix typo in oc.yml
* Update javascript locale support (oc)
* Update ruby locale list (oc)
* Fix oc.yml
* Remove obsoleted translations
* Moved old translation of `reports` to `admin.reports`
* Remove unused method #set_counters_maps from api controller
* Remove unused method #set_account_counters_maps from api controller
* Remove unused method Account#followers_domains
* Remove unused User.prolific scope
* Add mastodon:users:admins task to list all admin emails
* Use interpolated query style in Account.triadic_closures
* Coverage for Account.triadic_closures
* Add FR locale for the onboarding modal component
* Slightly increase the max-width and max-height of the onboarding modal
This is done so it doesn't break with locales whose strings would be
too long
* Update FR locales for onboarding upon PR comments
This single-file commit, heavily based on the zh-hk version as of
ec9999c, fixes the missing js locale. Intentional, significant
departures from current zh-cn yml localizations have been marked with
rationales given.
* Move site title helper to instance helper (name change only)
* Remove newline in <title> tag
* Add site_hostname helper method to wrap up local_domain value
* Use site_hostname helper in places that need local_domain value
* Fixed some words
* Improved and more consistent
* Fixes and a bit less 'je'
* Improved and more consistent
* Another round of improvements and consistency
* More improvements and less 'je'
* Update
* Updated with admin strings
* More improvements and additions - not complete yet, but most is there
* This is what we call in Dutch 'the English disease' :-)
* fix comma
* admin.reportsi
* not needed
* hopefully now fixed
This change includes:
- Improve the spec coverage for incoming request to the webfinger action
- For requests without an accept header (ie, what a browser might look like),
return a JSON response.
- For requests with an explicit format of xml or json, return that format.
- For requests using an accept header, return that format.
Also adds failing spec showing webfinger does not return xml, which covers the
issue described in: https://github.com/tootsuite/mastodon/issues/1983
Un utiliser mal expérimenté pourrait comprendre "retirer les erreurs".
Ici il s'agit d'une suppression pure et simple, pas une épuration/nettoyage.
clear would be translated "remove" instead of "cleaning" Cleaning can be unterstood "keep but clean"
This introduces a new per-user preference called
"Auto-play animated GIFs", which is enabled by default. When a
user disables this setting, gifs in toots become click-to-play.
Previews of animated gifs were changed to display the video play
button so that users can distinguish them from regular images.
This setting also affects account avatars in the detailed account
view, which was changed to use the same hover-to-play mechanism
that is used for animated avatars in timelines.
Fixes#1652
* Remove overflow because it blocks scrolling on mobile safari.
* Add “-webkit-overflow-scrolling: touch;” to enable smooth scroll on mobile safari and other webkit browsers.
* Use radio buttons in user setting page.
Because select tags with long text are not fit in the width of mobile devices.
* Add flex property to fit labels to devise width.
* Change font size of select.
It causes auto zooming on mobile safari.
* reduce unneed query when post without attachements.
This commit reduce following query:
```
MediaAttachment Load (0.9ms) SELECT "media_attachments".* FROM "media_attachments" WHERE "media_attachments"."status
_id" IS NULL AND 1=0 ORDER BY id asc
```
* fixed for more simple changes.
* Add language detection via WhatLanguage and (de)serialization of it through Atom
* Fix default language in ProcessFeedService
* Re-add newline before 'react-rails' Gem to fix groupings
Fixes Code Climate issue
* Basic onboarding modal that's shown to users once
* Lay out pages 2 through 5, add images, style modals (#1509)
* Lay out pages 2 through 5
Added images and laid out pages 2 through 5 in the jsx file. SCSS will
come, still working on just seeing if this works at all.
* Fix jsx errors, add images to modal pages, style modal pages
* Add animations to onboarding pager changes, improve wording and styling
* Finishing touches on the onboarding
* Add missing propTypes
* Update wording
* Rename admin.domain_block to admin.domain_blocks in prep for i18n improvement
* Use implicit controller/action path for i18n in admin/domain_blocks
* Add DomainBlock#accounts has_many
* Avoid i18n health warning for `en` locale by using symbol scope with :count
* Remove unused i18n key: plaintext_secret_html
* Remove unused i18n key two_factor_auth.warning
* Remove final will_paginate i18n keys
* Remove unused key two_factor_auth.recovery_codes
* Remove unused key: admin.reports.comment.none
* Remove unused reports. i18n namespace (moved to admin.reports)
* Ignore keys from locales which override activemodel and activerecord errors
* Revert "Remove unused key: admin.reports.comment.none"
This reverts commit 350ef2685fadc069e619bb6d1066190de195d942.
* Update i18n key reference to match moved location
* Add missing `en` keys to i18n
* Tell i18n-tasks to ignore missing attributes that dont need overwriting
* Add i18n-tasks unused to travis
The <link rel="mentioned" /> tag refers to accounts by href. So we were
matching the DB by the url attribute, and falling back to HTTP look-up.
However, GS and Mastodon use profile URLs as URIs, too, and the match
for that was missing. This could potentially alleviate some extra network
requests
Create MediaAttachment but without actual file download when domain is blocked with reject_media set to true
Clean up old media files when creating a new domain block with reject_media set to true
Return remote_url in media attachments API if local file is not present
Undo domain block action in admin UI
Ability to enable reject_media from admin UI
* User can create a custom.scss to customize their instance without modifying gitted files.
* Add documentation for customization.
* Forgot the helper file
* Fix Style to pass codeclimate
* Requests from maintainer.
An attempt to open a brand new Mastodon instance configured
as SINGLE_USER_MODE=true will cause an exception.
Enable temporary registration if we have no users in the database
Fixes#1817
* Add eslint-plugin-jsx-a11y.
* Fix npm script.
* Adjust npm scripts so test also runs lint.
* Fix existing lint errors.
* Don't break on a11y issues.
* Add role and tabIndex.
* Add vim and Mac files to .gitignore and .dockerignore.
* Handle htmlFor (partially), a that's actually a button.
* Fix missing tabIndex.
* Add cursor:pointer to load-more
* Revert change to load_more.
* Fixes based on review.
* Update yarn.lock.
* Don't try to install fsevents on Linux (hides warning noise).
* Add recovery code support for two-factor auth
When users enable two-factor auth, the app now generates ten
single-use recovery codes. Users are encouraged to print the codes
and store them in a safe place.
The two-factor prompt during login now accepts both OTP codes and
recovery codes.
The two-factor settings UI allows users to regenerated lost
recovery codes. Users who have set up two-factor auth prior to
this feature being added can use it to generate recovery codes
for the first time.
Fixes#563 and fixes#987
* Set OTP_SECRET in test enviroment
* add missing .html to view file names
* Begin coverage for account search service
* Coverage for hashtag query
* Coverage for calling local vs remote find based on domain presence
* Spec to check that exact matches are not duped
* Coverage of resolve option
* Coverage for account being provided
* Start to refactor account search service
* Isolate query username and domain methods
* Isolate exact_match method
* Extract methods for local and remote results
* Simplify local vs remote and account isoliation
* Extract methods for local and remote results
* Simplify de-dupe of exact match
* Simplify logic to check for non exact remotes
* Cache some methods
* Remove nil from exact_match from results array
* Return exact matches first
* Use find_remote even with no domain
Account.find_local is just an alias for Account.find_remote(user, nil) - so we
can not bother with the conditional here, and call find_remote directly.
* Refresh local info for remote accounts when webfinger returns new values
It only refreshes account info if one of the URLs or the public-key changes,
in which cases it refreshes the full info, re-downloading the feeds from that
user.
Some special handling should probably be done when the public key changes,
but I have been unable to find any use for it in Mastodon yet.
* Re-fetch remote users we aren't subscribed to.
This might induce performance issues, we might want to only do that for users
we explicitly attempted to subscribe but failed to.
* Refactor changes
* Do not refresh existing remote account details more than once a day
* Avoid re-fetching webfinger info in tests unless otherwise specified
* Working translation for Norwegian.
* Fixes to Norwegian translation.
* Further adjustments to Norwegian translation.
* Further adjustments to Norwegian translation.
* Yet more improvements to the Norwegian translation.
* More Norwegian translations. Better terminology.
* Allow running mastodon on a different domain as the one used for identifying users
* Alter documentation of WEB_DOMAIN to make clear it shouldn't be used unless the admin knows what they are doing
* Compare to web_domain instead of local_domain when dealing with feeds/API
* Correctly identify mentions to local accounts
Mentions URLs point to the person's web profile, i.e., the user page served on WEB_DOMAIN.
* Add locale spec with failing locale plus region check
* Use a more accurate locale when supplied by browser headers
Previously we were using a matching option which would use the first locale
available which matched the locale portion, even if a region was specified.
This changes to first try to find an exact match, and then fall back to the
region, and then fall back to the default.
* Clean up default_locale method
* Simplify admin/reports controller filtering for index
* Rename parameter to resolved
* Fix issue where reports view could not access filter_link_to
* Add coverage for admin/reports controller
* DRY up resolution of related reports for target account
* Clean up admin/reports routes
* Add Report#statuses method
* DRY up current account action taken params
* Rubocop styles
When transmitting data in a HTML-encoded element like <content type="html" />,
relying on newlines being preserved is not wise, since HTML by itself
does not care for newlines - it cares for <p> and <br>
Additional fix: reset NSFW toggle after sending toot
* Add translation files and declarations for Bulgarian
* Add a bunch of translations to bg.jsx
* Add rest of translations to bg.jsx
* Add devise translations
* Fix devise translations
* Add request spec for host meta route returning xml
* Add routing spec for xrd routes
* Update well-known routes
* Move webfinger and host-meta actions to their own controllers
* Remove unused account_params method in admin/accounts controller
* Introduce AccountFilter to find accounts
* Use AccountFilter in admin/accounts controller
* Use more restful routes admin silence and suspension area
* Add admin/silences and admin/suspensions controllers
* Reorder javascript English locale file
* Reorder translation string in order of the locale key.
* Add javascript English locale missing language keys
* Search all javascript language keys by command:
`grep -REho '<FormattedMessage .*\/>' ./app/assets/javascripts/.`
* Add all the missing language keys and their values to `en.jsx`.
* Add javascript English locale missing language keys (2)
* Find all `defineMessages` calls with this command:
`grep -Rl 'defineMessages({.*' ./app/assets/javascripts/.`
* Open all these files. Find the language key (`id`) in these
statements.
* Add all the missing language keys and their values to `en.jsx`.
* Remove javascript English locale obsoleted language keys
* Find all language keys that no longer exists in the source code
and remove them. The removed keys include:
* "compose_form.private"
* "compose_form.unlisted"
* "getting_started.about_addressing"
* "getting_started.about_shortcuts"
* "notification.mention"
* "search.account"
* "search.hashtag"
* "tabs_bar.mentions"
* "tabs_bar.public"
* Javascript English locale file add note
* Add notes to contributors about the English translation files.
Hope that will make translation process smoother.
* Update javascript locale defaultValue in code
* Update the defaultValue in code according to the relevant
translation in English locale file.
* Working translation for Norwegian.
* Fixes to Norwegian translation.
* Further adjustments to Norwegian translation.
* Further adjustments to Norwegian translation.
* significant improvement in microformats markup
This is a huge improvement and I believe will close#965.
Had these microformats reviewed by others in the community to help
ensure they are at least correct, if not complete.
I did not want to change the structure of the page, and so there it does
not fully mark up the entire ancestry chain, or reply chain, only the
direct decendants and direct ancestors are correctly associated, but
this is likely fine as the most important bit is to have access to the
urls for those toots which are now correctly fetchable.
* improve code climate
* trying to pass code climate tests
* code climate
* fix p-summary for content warning posts
* fix error introduced when merging via github
* Added missing Spanish translations strings
* fix bad translation
* resolve conflict with tootsuite/master
* agreements from spanish community
* Add some missing strings
* Make Reporting admin section translatable
And translate it into english and french
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
* Make subject of emails translatable and improve french translation
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
* Make error pages translatable and translate them in english and french
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
* Translate site setting section
* Insert instance in registration emails and improve them a bit
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
* Added Chinese Traditional Hong Kong (zh-HK) for Ruby
* Added translations for Ruby.
* Added Chinese Traditional Hong Kong (zh-HK) for JS
* Added translations for javascript code.
* Rearrange language references in mastodon.jsx
* Break `addLocaleData` into multiple lines. Make future commit more readable.
* Roughly re-sort the languages in alphabetical orders
(only manually put English on top because it is default).
* Sort application.rb locale with alphabetical order
With exception that English (default language) goes first.
Improve code readability.
* Resort language selection box alphabetically
Sort HUMAN_LOCALES in the alphabetical order of display name
(except English, the default language, come first).
Improve usability.
* Add basic coverage for settings/exports controller
* Remove unused @account variable from settings/exports controller
* Add coverage for download export actions
* Remove deprecated `render :text` in favor of `send_data` for csv downloads
* Add model to handle exports
* Use Export class in settings/exports controller
* Simplify settings/exports controller methods
* Move settings/export to more restful routes
* Update devise.fr.yml fixing minor typos
* add missing strings
* Fix a translation and add translation for devise part
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
- details a background for contrast
- add 5px padding to the top of the `details-counters` children to line them up with the bio to the right (Which has a 5px padding on the top)
* Replace will_paginate with kaminari
* Use #page instead of #paginate in controllers
* Replace will_paginate.page_gap with pagination.truncate in i18n
* Customize kaminari views to match prior styles
* Set kaminari options to match prior behavior
* Replace will_paginate with paginate in views
* When avatar/header are GIF, generate static versions.
Account API returns "avatar"/"avatar_static", "header"/"header_static"
Static version is the same as original for other cases
Web UI de-animates avatars in toots, lists of users
Fix#441, fix#596, prerequisite for #1064
* Fix JS test
* Add rake task to generate static avatars/headers from GIF ones, add test
The `Status` class has a default order on it, so when this query gets built and
gets all the way to `find_in_batches` there is an order already there.
When `find_in_batches` is run it discards any existing order on the query, and
emits a warning to the logs if there is one there.
This change removes the order prior calling `find_in_batches`, which will stop
the logged warning from occurring as well.
This patch stops disabling the toot text field when an image is uploading. Instead, you can type to your heart's content and when the image uploads it'll append the image URL, and restore the position of your cursor to wherever it was in the toot text just prior. Effectively, the image URL is appended to the toot, and typing is not interrupted at all! ✨
* Add Admin::BaseController to wrap admin area
Extracts the setting of the `admin` layout and verifying that users are admins
to a common base class for the admin/ controllers.
* Add basic coverage for admin/reports and admin/settings controllers
Addresses #1451 which notes the emoji picker is too light. I agree, so I submit this adjustment.
Changes:
Changed the background to a darkened version of another system color
* Replace column margin with padding
This improves horizontal scrolling behaviour significantly; scrolled flex elements are... a little weird.
* Move clear column button styling to css
Sign-in redirects you back to last visited URL, but in case of API requests,
this sometimes redirected users to an API URL that, of course, greeted them
with an {"error":"The access token is invalid"}
The goal of this change is to enhance Mastodon's handling of remote domains
for which the APIs reside on a different host (see issue #1032).
Indeed, when a remote user unknown to Mastodon is mentionned, only its profile
URL (e.g. https://social.example.org/users/User) is known, and Mastodon has to
build a @username@domain handle for it. To do so, Mastodon fetches the user's
atom feed (e.g., https://social.example.org/users/User.atom) and uses its
content to get the username part of the handle, and the URL's host part to
build the domain (e.g., @User@social.example.org). This handle is then used
for a Webfinger request.
In the case where example.org serves the Webfinger info for @User@example.org
and all feeds and APIs are hosted at social.example.org, Mastodon will still
build @User@social.example.org and fail at resolving the account's details
through Webfinger.
This patch changes this behaviour by using the author's email address from
the atom feed to build the handle. In Mastodon-generated atom feeds, the
email address is always the handle it expects for federation.
* Use HTTP Accept-Language to detect locale
* Fix gem order to comply with codeclimate
* Sort gem to comply with rubocop
* I18n.default_locale fallback when there is no accept-language header
* Allow users to update their Account in the API
It would be nice for API clients to be able to allow users to update
their accounts without having to wrap Mastodon in a web view. This patch
adds an API endpoint to let users submit a PATCH for their account.
Signed-off-by: David Celis <me@davidcel.is>
* Add /api/v1/accounts/update_credentials to the API docs
Signed-off-by: David Celis <me@davidcel.is>
* Update confirmation_instructions.fr.html.erb
consistency across the French translation
* Update
consistency across the French translation
* Update fr.yml
a bunch of consistency across the French translation + a few typos
* Update doorkeeper.fr.yml
consistency across the French translation (punctuation)
* Clean up SQL output in Tag and Account search methods
* Add basic coverage for Tag.search_for
* Add coverage for Account.search_for
* Add coverage for Account.advanced_search_for
* Make /api/v1/timelines/public and /api/v1/timelines/tag/:id public
Fix#1156 - respect query params when generating pagination links in API
* Apply pagination fix to more APIs
* Fix#1141, fix#1126 - Work through UpdateRemoteProfileService for both <feed> and <entry> top-level tags
* Improve code quality, remove line unrelated to fix
Add french translation for emails sent
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
Add non-breaking spaces
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
changes and fixes to the nbsps
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
French update
a few fixes
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
fixes
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
Checking reblog vs original status was happening in multiple places
across the app. For views, this logic was encapsulated in a helper
method named `proper_status` but in the other layers of the app, the
logic was duplicated.
Because the logic is used at all layers of the app, we extracted it into
a `Status#proper` method on the model and changed all uses of the logic
to use this method. There is now a single source of truth for this
condition.
We added test coverage to untested methods that got refactored.
Setting of locale in controller extracted to Localized concern,
the doorkeeper authorized applications controller moved under
custom namespace with inclusion of Localized, which resolves the
"it sometimes appears in a different random language" bug
* Rewrite Atom generation from stream entries to use Ox instead of Nokogiri::Builder
StreamEntry is now limited to only statuses, which allows some optimization. Removed
extra queries on AccountsController#show. AtomSerializer instead of AtomBuilderHelper
used in AccountsController#show, StreamEntriesController#show, StreamEntryRenderer
and PubSubHubbub::DistributionWorker
PubSubHubbub::DistributionWorker moves n+1 DomainBlock query to PubSubHubbub::DeliveryWorker
instead.
All Salmon slaps that aren't based on StreamEntry still use AtomBuilderHelper and Nokogiri
* All Salmon slaps now use Ox instead of Nokogiri. No touch from status on account
must be added to the Sidekiq invokation in your systemd file
The pull queue will handle link crawling, thread resolving, and OStatus
processing. Such tasks are more likely to hang for a longer time (due to
network requests) so it is more sensible to not make the "in-house" tasks
wait for them.
The Mastodon mascot was previously anchored to the bottom, and that was since broken. This restores that behaviour!
It also disables the double-scrollbar behaviour that was caused by this area allowing overflow-y in addition to its parent doing so.
word-break:break-all is a surefire way to break things. It should be set
to normal.
This merge just set it back to what it should be.
Tested on Firefox 52.0.2 and Chrome 56.0.2924.87 with no detected
errors.
Technically the check for iOS from components is a side effect, because it's
neither in state nor props, but the user agent does not change, so I think
that's okay.
before. In the API, attachments now can be either image, video or gifv. Gifv
is to be treated like images in terms of behaviour, but are videos by file
type.
loaded status; do not preload submitted statuses into community/public
timelines, unless those timelines have already been loaded; do not
close streaming API connections for community/public timelines, once
they have been established (most users navigate back to them eventually)
"whole known network" which is what public timeline used to be
Only domain blocks with suspend severity will block PuSH subscriptions
Silenced accounts should not appear in conversations unless followed
Modified uploadCompose action to send media ids of attached
media when sending a request. Modified create method in MediaController
to check if when posting a video, there are no other media attached
to the status by looking at the media ids sent from the uploadCompose
action.
This makes so clicking the link to the github opens in a new tab or windows.
I just keep getting frustrated clicking the link to github and then losing my place in my home timeline >_> that's all
I haven't had a chance to test this, because I don't currently have a fully functioning computer I can set up a dev-environment on, but this *should* make it so when a user toggles a post to be private, a disclaimer appears clarifying what "private" really means.
to only those from local users; Add link to "extended information" to
getting started in the UI; Add defaults for posting privacy; Change
how publish button looks depending on posting privacy chosen
work flawlessly was a nightmare). WARNING: This commit makes the web UI connect to the streaming API instead
of ActionCable like before. This means that if you are upgrading, you should set that up beforehand.
they have been loaded and favourited/reblogged from another source
Since the status JSON returned from public/hashtag streams does not
contain favourited/reblogged attributes, merging them should not
override existing ones.
FanOutOnWriteService. The only recipient-specific part on them
is reblogged/favourited. But since only newly created statuses
appear on them, it is safe to assume that both attributes would
be false
Changing the way the background image is positioned and the box is sized should fix problems with the text overlapping the image on mobile browsers and Edge.
Currently we have the problem where the follow request button is missing
from the Follow request tab. This means that when you visit that tab you
either have to press the back button in the browser or re-enter the home
page, which breaks the app flow.
This will resolve that issue by adding a new back button to that tab,
in the same way that the public timeline, and favourites have.
fix ProcessFeedService pushing status into distribution if called a second time
while the first is still running (i.e. when a PuSH comes after a Salmon slap),
fix not running escape on spoiler text before emojify
Currently we have two problems that are resolved by this change.
The first is that we have a dependency on Google Fonts, which means
that should it ever go down, or it have issues we would also have
issues. This will resolve this by moving the dependencies we load from
there to the local server.
The second issue is that Google Fonts is currently returning the
`local()` css font source. This causes a problem where the users browser
fails to fallback to a missing glyph, resulting in many unusual
characters displaying the failure glyph. This will resolve this by
creating a font-family definition that does not use the `local()`
source.
I did not update the error pages with local fonts, they still use the
remote google fonts api, so they're a self contained page that does not
use the asset pipeline.
This resolvestootsuite/mastodon#531 and tootsuite/mastodon#12
Currently, the getting started text fails WCAG standards for color contrast by a lot. Especially on the part overlapping with the elephant graphic which is nearly unreadable even for users with 20|20 vision. This change doesn't fix the elephant overlap but at least makes the text meet AAA WCAG Small Text color contrast standards, making it easier to read.
Federate spoiler_text using warning attribute on <content /> instead of a <category term="spoiler" />
Clean up schema file from accidental development migrations
This was broken in c3e9ba6a, which added an onBlur to hide the
suggestions when the textarea loses focus. Unfortunately, this fired
even when the textarea lost focus to its own suggestions box, and that
meant that onSuggestionClick is never called.
Setting a short window in which onSuggestionClick can still happen
before hiding the suggestion area ensures that clicking still works,
while still hiding the suggestions if the user clicks on something else.