Unfloyded/Legamunt
0
0
Fork 0
Code Activity

Merge remote-tracking branch 'upstream/main'

Browse source
This commit is contained in:
ASTRO:? 2025-03-14 20:25:34 +09:00
commit d564483d30
No known key found for this signature in database
GPG key ID: 2938B9B314D8EF8B
1796 changed files with 48111 additions and 29322 deletions
Download patch file Download diff file Expand all files Collapse all files

2
app/controllers/activitypub/collections_controller.rb
View file

@ -49,7 +49,7 @@ class ActivityPub::CollectionsController < ActivityPub::BaseController
def collection_presenter
ActivityPub::CollectionPresenter.new(
id: account_collection_url(@account, params[:id]),
id: ActivityPub::TagManager.instance.collection_uri_for(@account, params[:id]),
type: @type,
size: @size,
items: @items

8
app/controllers/activitypub/outboxes_controller.rb
View file

@ -41,12 +41,8 @@ class ActivityPub::OutboxesController < ActivityPub::BaseController
end
end
def outbox_url(**kwargs)
if params[:account_username].present?
account_outbox_url(@account, **kwargs)
else
instance_actor_outbox_url(**kwargs)
end
def outbox_url(...)
ActivityPub::TagManager.instance.outbox_uri_for(@account, ...)
end
def next_page

3
app/controllers/admin/account_actions_controller.rb
View file

@ -34,7 +34,8 @@ module Admin
end
def resource_params
params.require(:admin_account_action).permit(:type, :report_id, :warning_preset_id, :text, :send_email_notification, :include_statuses)
params
.expect(admin_account_action: [:type, :report_id, :warning_preset_id, :text, :send_email_notification, :include_statuses])
end
end
end

6
app/controllers/admin/account_moderation_notes_controller.rb
View file

@ -29,10 +29,8 @@ module Admin
private
def resource_params
params.require(:account_moderation_note).permit(
:content,
:target_account_id
)
params
.expect(account_moderation_note: [:content, :target_account_id])
end
def set_account_moderation_note

3
app/controllers/admin/accounts_controller.rb
View file

@ -158,7 +158,8 @@ module Admin
end
def form_account_batch_params
params.require(:form_account_batch).permit(:action, account_ids: [])
params
.expect(form_account_batch: [:action, account_ids: []])
end
def action_from_button

18
app/controllers/admin/announcements/distributions_controller.rb Normal file
View file

@ -0,0 +1,18 @@
# frozen_string_literal: true
class Admin::Announcements::DistributionsController < Admin::BaseController
before_action :set_announcement
def create
authorize @announcement, :distribute?
@announcement.touch(:notification_sent_at)
Admin::DistributeAnnouncementNotificationWorker.perform_async(@announcement.id)
redirect_to admin_announcements_path
end
private
def set_announcement
@announcement = Announcement.find(params[:announcement_id])
end
end

16
app/controllers/admin/announcements/previews_controller.rb Normal file
View file

@ -0,0 +1,16 @@
# frozen_string_literal: true
class Admin::Announcements::PreviewsController < Admin::BaseController
before_action :set_announcement
def show
authorize @announcement, :distribute?
@user_count = @announcement.scope_for_notification.count
end
private
def set_announcement
@announcement = Announcement.find(params[:announcement_id])
end
end

17
app/controllers/admin/announcements/tests_controller.rb Normal file
View file

@ -0,0 +1,17 @@
# frozen_string_literal: true
class Admin::Announcements::TestsController < Admin::BaseController
before_action :set_announcement
def create
authorize @announcement, :distribute?
UserMailer.announcement_published(current_user, @announcement).deliver_later!
redirect_to admin_announcements_path
end
private
def set_announcement
@announcement = Announcement.find(params[:announcement_id])
end
end

3
app/controllers/admin/announcements_controller.rb
View file

@ -84,6 +84,7 @@ class Admin::AnnouncementsController < Admin::BaseController
end
def resource_params
params.require(:announcement).permit(:text, :scheduled_at, :starts_at, :ends_at, :all_day)
params
.expect(announcement: [:text, :scheduled_at, :starts_at, :ends_at, :all_day])
end
end

6
app/controllers/admin/base_controller.rb
View file

@ -7,14 +7,14 @@ module Admin
layout 'admin'
before_action :set_cache_headers
before_action :set_referrer_policy_header
after_action :verify_authorized
private
def set_cache_headers
response.cache_control.replace(private: true, no_store: true)
def set_referrer_policy_header
response.headers['Referrer-Policy'] = 'same-origin'
end
def set_user

5
app/controllers/admin/change_emails_controller.rb
View file

@ -41,9 +41,8 @@ module Admin
end
def resource_params
params.require(:user).permit(
:unconfirmed_email
)
params
.expect(user: [:unconfirmed_email])
end
end
end

6
app/controllers/admin/custom_emojis_controller.rb
View file

@ -44,7 +44,8 @@ module Admin
private
def resource_params
params.require(:custom_emoji).permit(:shortcode, :image, :visible_in_picker)
params
.expect(custom_emoji: [:shortcode, :image, :visible_in_picker])
end
def filtered_custom_emojis
@ -74,7 +75,8 @@ module Admin
end
def form_custom_emoji_batch_params
params.require(:form_custom_emoji_batch).permit(:action, :category_id, :category_name, custom_emoji_ids: [])
params
.expect(form_custom_emoji_batch: [:action, :category_id, :category_name, custom_emoji_ids: []])
end
end
end

3
app/controllers/admin/domain_allows_controller.rb
View file

@ -37,6 +37,7 @@ class Admin::DomainAllowsController < Admin::BaseController
end
def resource_params
params.require(:domain_allow).permit(:domain)
params
.expect(domain_allow: [:domain])
end
end

11
app/controllers/admin/domain_blocks_controller.rb
View file

@ -25,7 +25,9 @@ module Admin
rescue Mastodon::NotPermittedError
flash[:alert] = I18n.t('admin.domain_blocks.not_permitted')
else
redirect_to admin_instances_path(limited: '1'), notice: I18n.t('admin.domain_blocks.created_msg')
flash[:notice] = I18n.t('admin.domain_blocks.created_msg')
ensure
redirect_to admin_instances_path(limited: '1')
end
def new
@ -114,7 +116,12 @@ module Admin
end
def form_domain_block_batch_params
params.require(:form_domain_block_batch).permit(domain_blocks_attributes: [:enabled, :domain, :severity, :reject_media, :reject_reports, :private_comment, :public_comment, :obfuscate])
params
.expect(
form_domain_block_batch: [
domain_blocks_attributes: [[:enabled, :domain, :severity, :reject_media, :reject_reports, :private_comment, :public_comment, :obfuscate]],
]
)
end
def action_from_button

13
app/controllers/admin/email_domain_blocks_controller.rb
View file

@ -5,7 +5,7 @@ module Admin
def index
authorize :email_domain_block, :index?
@email_domain_blocks = EmailDomainBlock.where(parent_id: nil).includes(:children).order(id: :desc).page(params[:page])
@email_domain_blocks = EmailDomainBlock.parents.includes(:children).order(id: :desc).page(params[:page])
@form = Form::EmailDomainBlockBatch.new
end
@ -58,18 +58,17 @@ module Admin
private
def set_resolved_records
Resolv::DNS.open do |dns|
dns.timeouts = 5
@resolved_records = dns.getresources(@email_domain_block.domain, Resolv::DNS::Resource::IN::MX).to_a
end
@resolved_records = DomainResource.new(@email_domain_block.domain).mx
end
def resource_params
params.require(:email_domain_block).permit(:domain, :allow_with_approval, other_domains: [])
params
.expect(email_domain_block: [:domain, :allow_with_approval, other_domains: []])
end
def form_email_domain_block_batch_params
params.require(:form_email_domain_block_batch).permit(email_domain_block_ids: [])
params
.expect(form_email_domain_block_batch: [email_domain_block_ids: []])
end
def action_from_button

3
app/controllers/admin/follow_recommendations_controller.rb
View file

@ -37,7 +37,8 @@ module Admin
end
def form_account_batch_params
params.require(:form_account_batch).permit(:action, account_ids: [])
params
.expect(form_account_batch: [:action, account_ids: []])
end
def filter_params

4
app/controllers/admin/instances_controller.rb
View file

@ -5,6 +5,8 @@ module Admin
before_action :set_instances, only: :index
before_action :set_instance, except: :index
LOGS_LIMIT = 5
def index
authorize :instance, :index?
preload_delivery_failures!
@ -13,7 +15,7 @@ module Admin
def show
authorize :instance, :show?
@time_period = (6.days.ago.to_date...Time.now.utc.to_date)
@action_logs = Admin::ActionLogFilter.new(target_domain: @instance.domain).results.limit(5)
@action_logs = Admin::ActionLogFilter.new(target_domain: @instance.domain).results.limit(LOGS_LIMIT)
end
def destroy

5
app/controllers/admin/invites_controller.rb
View file

@ -32,14 +32,15 @@ module Admin
def deactivate_all
authorize :invite, :deactivate_all?
Invite.available.in_batches.update_all(expires_at: Time.now.utc)
Invite.available.in_batches.touch_all(:expires_at)
redirect_to admin_invites_path
end
private
def resource_params
params.require(:invite).permit(:max_uses, :expires_in)
params
.expect(invite: [:max_uses, :expires_in])
end
def filtered_invites

6
app/controllers/admin/ip_blocks_controller.rb
View file

@ -44,7 +44,8 @@ module Admin
private
def resource_params
params.require(:ip_block).permit(:ip, :severity, :comment, :expires_in)
params
.expect(ip_block: [:ip, :severity, :comment, :expires_in])
end
def action_from_button
@ -52,7 +53,8 @@ module Admin
end
def form_ip_block_batch_params
params.require(:form_ip_block_batch).permit(ip_block_ids: [])
params
.expect(form_ip_block_batch: [ip_block_ids: []])
end
end
end

7
app/controllers/admin/relays_controller.rb
View file

@ -21,6 +21,7 @@ module Admin
@relay = Relay.new(resource_params)
if @relay.save
log_action :create, @relay
@relay.enable!
redirect_to admin_relays_path
else
@ -31,18 +32,21 @@ module Admin
def destroy
authorize :relay, :update?
@relay.destroy
log_action :destroy, @relay
redirect_to admin_relays_path
end
def enable
authorize :relay, :update?
@relay.enable!
log_action :enable, @relay
redirect_to admin_relays_path
end
def disable
authorize :relay, :update?
@relay.disable!
log_action :disable, @relay
redirect_to admin_relays_path
end
@ -53,7 +57,8 @@ module Admin
end
def resource_params
params.require(:relay).permit(:inbox_url)
params
.expect(relay: [:inbox_url])
end
def warn_signatures_not_enabled!

6
app/controllers/admin/report_notes_controller.rb
View file

@ -47,10 +47,8 @@ module Admin
end
def resource_params
params.require(:report_note).permit(
:content,
:report_id
)
params
.expect(report_note: [:content, :report_id])
end
def set_report_note

3
app/controllers/admin/roles_controller.rb
View file

@ -61,7 +61,8 @@ module Admin
end
def resource_params
params.require(:user_role).permit(:name, :color, :highlighted, :position, permissions_as_keys: [])
params
.expect(user_role: [:name, :color, :highlighted, :position, permissions_as_keys: []])
end
end
end

3
app/controllers/admin/rules_controller.rb
View file

@ -53,7 +53,8 @@ module Admin
end
def resource_params
params.require(:rule).permit(:text, :hint, :priority)
params
.expect(rule: [:text, :hint, :priority])
end
end
end

3
app/controllers/admin/settings_controller.rb
View file

@ -28,7 +28,8 @@ module Admin
end
def settings_params
params.require(:form_admin_settings).permit(*Form::AdminSettings::KEYS)
params
.expect(form_admin_settings: [*Form::AdminSettings::KEYS])
end
end
end

2
app/controllers/admin/software_updates_controller.rb
View file

@ -6,7 +6,7 @@ module Admin
def index
authorize :software_update, :index?
@software_updates = SoftwareUpdate.all.sort_by(&:gem_version)
@software_updates = SoftwareUpdate.by_version.filter(&:pending?)
end
private

5
app/controllers/admin/statuses_controller.rb
View file

@ -16,6 +16,8 @@ module Admin
def show
authorize [:admin, @status], :show?
@status_batch_action = Admin::StatusBatchAction.new
end
def batch
@ -37,7 +39,8 @@ module Admin
helper_method :batched_ordered_status_edits
def admin_status_batch_action_params
params.require(:admin_status_batch_action).permit(status_ids: [])
params
.expect(admin_status_batch_action: [status_ids: []])
end
def after_create_redirect_path

3
app/controllers/admin/tags_controller.rb
View file

@ -37,7 +37,8 @@ module Admin
end
def tag_params
params.require(:tag).permit(:name, :display_name, :trendable, :usable, :listable)
params
.expect(tag: [:name, :display_name, :trendable, :usable, :listable])
end
def filtered_tags

18
app/controllers/admin/terms_of_service/distributions_controller.rb Normal file
View file

@ -0,0 +1,18 @@
# frozen_string_literal: true
class Admin::TermsOfService::DistributionsController < Admin::BaseController
before_action :set_terms_of_service
def create
authorize @terms_of_service, :distribute?
@terms_of_service.touch(:notification_sent_at)
Admin::DistributeTermsOfServiceNotificationWorker.perform_async(@terms_of_service.id)
redirect_to admin_terms_of_service_index_path
end
private
def set_terms_of_service
@terms_of_service = TermsOfService.find(params[:terms_of_service_id])
end
end

37
app/controllers/admin/terms_of_service/drafts_controller.rb Normal file
View file

@ -0,0 +1,37 @@
# frozen_string_literal: true
class Admin::TermsOfService::DraftsController < Admin::BaseController
before_action :set_terms_of_service
def show
authorize :terms_of_service, :create?
end
def update
authorize @terms_of_service, :update?
@terms_of_service.published_at = Time.now.utc if params[:action_type] == 'publish'
if @terms_of_service.update(resource_params)
log_action(:publish, @terms_of_service) if @terms_of_service.published?
redirect_to @terms_of_service.published? ? admin_terms_of_service_index_path : admin_terms_of_service_draft_path
else
render :show
end
end
private
def set_terms_of_service
@terms_of_service = TermsOfService.draft.first || TermsOfService.new(text: current_terms_of_service&.text, effective_date: 10.days.from_now)
end
def current_terms_of_service
TermsOfService.live.first
end
def resource_params
params
.expect(terms_of_service: [:text, :changelog, :effective_date])
end
end

38
app/controllers/admin/terms_of_service/generates_controller.rb Normal file
View file

@ -0,0 +1,38 @@
# frozen_string_literal: true
class Admin::TermsOfService::GeneratesController < Admin::BaseController
before_action :set_instance_presenter
def show
authorize :terms_of_service, :create?
@generator = TermsOfService::Generator.new(
domain: @instance_presenter.domain,
admin_email: @instance_presenter.contact.email
)
end
def create
authorize :terms_of_service, :create?
@generator = TermsOfService::Generator.new(resource_params)
if @generator.valid?
TermsOfService.create!(text: @generator.render)
redirect_to admin_terms_of_service_draft_path
else
render :show
end
end
private
def set_instance_presenter
@instance_presenter = InstancePresenter.new
end
def resource_params
params
.expect(terms_of_service_generator: [*TermsOfService::Generator::VARIABLES])
end
end

8
app/controllers/admin/terms_of_service/histories_controller.rb Normal file
View file

@ -0,0 +1,8 @@
# frozen_string_literal: true
class Admin::TermsOfService::HistoriesController < Admin::BaseController
def show
authorize :terms_of_service, :index?
@terms_of_service = TermsOfService.published.all
end
end

16
app/controllers/admin/terms_of_service/previews_controller.rb Normal file
View file

@ -0,0 +1,16 @@
# frozen_string_literal: true
class Admin::TermsOfService::PreviewsController < Admin::BaseController
before_action :set_terms_of_service
def show
authorize @terms_of_service, :distribute?
@user_count = @terms_of_service.scope_for_notification.count
end
private
def set_terms_of_service
@terms_of_service = TermsOfService.find(params[:terms_of_service_id])
end
end

17
app/controllers/admin/terms_of_service/tests_controller.rb Normal file
View file

@ -0,0 +1,17 @@
# frozen_string_literal: true
class Admin::TermsOfService::TestsController < Admin::BaseController
before_action :set_terms_of_service
def create
authorize @terms_of_service, :distribute?
UserMailer.terms_of_service_changed(current_user, @terms_of_service).deliver_later!
redirect_to admin_terms_of_service_preview_path(@terms_of_service)
end
private
def set_terms_of_service
@terms_of_service = TermsOfService.find(params[:terms_of_service_id])
end
end

8
app/controllers/admin/terms_of_service_controller.rb Normal file
View file

@ -0,0 +1,8 @@
# frozen_string_literal: true
class Admin::TermsOfServiceController < Admin::BaseController
def index
authorize :terms_of_service, :index?
@terms_of_service = TermsOfService.published.first
end
end

3
app/controllers/admin/trends/links/preview_card_providers_controller.rb
View file

@ -31,7 +31,8 @@ class Admin::Trends::Links::PreviewCardProvidersController < Admin::BaseControll
end
def trends_preview_card_provider_batch_params
params.require(:trends_preview_card_provider_batch).permit(:action, preview_card_provider_ids: [])
params
.expect(trends_preview_card_provider_batch: [:action, preview_card_provider_ids: []])
end
def action_from_button

5
app/controllers/admin/trends/links_controller.rb
View file

@ -4,7 +4,7 @@ class Admin::Trends::LinksController < Admin::BaseController
def index
authorize :preview_card, :review?
@locales = PreviewCardTrend.pluck('distinct language')
@locales = PreviewCardTrend.locales
@preview_cards = filtered_preview_cards.page(params[:page])
@form = Trends::PreviewCardBatch.new
end
@ -31,7 +31,8 @@ class Admin::Trends::LinksController < Admin::BaseController
end
def trends_preview_card_batch_params
params.require(:trends_preview_card_batch).permit(:action, preview_card_ids: [])
params
.expect(trends_preview_card_batch: [:action, preview_card_ids: []])
end
def action_from_button

5
app/controllers/admin/trends/statuses_controller.rb
View file

@ -4,7 +4,7 @@ class Admin::Trends::StatusesController < Admin::BaseController
def index
authorize [:admin, :status], :review?
@locales = StatusTrend.pluck('distinct language')
@locales = StatusTrend.locales
@statuses = filtered_statuses.page(params[:page])
@form = Trends::StatusBatch.new
end
@ -31,7 +31,8 @@ class Admin::Trends::StatusesController < Admin::BaseController
end
def trends_status_batch_params
params.require(:trends_status_batch).permit(:action, status_ids: [])
params
.expect(trends_status_batch: [:action, status_ids: []])
end
def action_from_button

3
app/controllers/admin/trends/tags_controller.rb
View file

@ -31,7 +31,8 @@ class Admin::Trends::TagsController < Admin::BaseController
end
def trends_tag_batch_params
params.require(:trends_tag_batch).permit(:action, tag_ids: [])
params
.expect(trends_tag_batch: [:action, tag_ids: []])
end
def action_from_button

3
app/controllers/admin/users/roles_controller.rb
View file

@ -28,7 +28,8 @@ module Admin
end
def resource_params
params.require(:user).permit(:role_id)
params
.expect(user: [:role_id])
end
end
end

3
app/controllers/admin/warning_presets_controller.rb
View file

@ -52,7 +52,8 @@ module Admin
end
def warning_preset_params
params.require(:account_warning_preset).permit(:title, :text)
params
.expect(account_warning_preset: [:title, :text])
end
end
end

3
app/controllers/admin/webhooks_controller.rb
View file

@ -74,7 +74,8 @@ module Admin
end
def resource_params
params.require(:webhook).permit(:url, :template, events: [])
params
.expect(webhook: [:url, :template, events: []])
end
end
end

3
app/controllers/api/v1/accounts/credentials_controller.rb
View file

@ -14,7 +14,7 @@ class Api::V1::Accounts::CredentialsController < Api::BaseController
@account = current_account
UpdateAccountService.new.call(@account, account_params, raise_error: true)
current_user.update(user_params) if user_params
ActivityPub::UpdateDistributionWorker.perform_async(@account.id)
ActivityPub::UpdateDistributionWorker.perform_in(ActivityPub::UpdateDistributionWorker::DEBOUNCE_DELAY, @account.id)
render json: @account, serializer: REST::CredentialAccountSerializer
rescue ActiveRecord::RecordInvalid => e
render json: ValidationErrorFormatter.new(e).as_json, status: 422
@ -33,6 +33,7 @@ class Api::V1::Accounts::CredentialsController < Api::BaseController
:discoverable,
:hide_collections,
:indexable,
attribution_domains: [],
fields_attributes: [:name, :value]
)
end

2
app/controllers/api/v1/accounts/familiar_followers_controller.rb
View file

@ -12,7 +12,7 @@ class Api::V1::Accounts::FamiliarFollowersController < Api::BaseController
private
def set_accounts
@accounts = Account.without_suspended.where(id: account_ids).select('id, hide_collections')
@accounts = Account.without_suspended.where(id: account_ids).select(:id, :hide_collections)
end
def familiar_followers

4
app/controllers/api/v1/accounts_controller.rb
View file

@ -106,8 +106,8 @@ class Api::V1::AccountsController < Api::BaseController
render json: { error: I18n.t('accounts.self_follow_error') }, status: 403 if current_user.account.id == @account.id
end
def relationships(**options)
AccountRelationshipsPresenter.new([@account], current_user.account_id, **options)
def relationships(**)
AccountRelationshipsPresenter.new([@account], current_user.account_id, **)
end
def account_ids

11
app/controllers/api/v1/annual_reports_controller.rb
View file

@ -17,6 +17,17 @@ class Api::V1::AnnualReportsController < Api::BaseController
relationships: @relationships
end
def show
with_read_replica do
@presenter = AnnualReportsPresenter.new([@annual_report])
@relationships = StatusRelationshipsPresenter.new(@presenter.statuses, current_account.id)
end
render json: @presenter,
serializer: REST::AnnualReportsSerializer,
relationships: @relationships
end
def read
@annual_report.view!
render_empty

4
app/controllers/api/v1/featured_tags/suggestions_controller.rb
View file

@ -5,6 +5,8 @@ class Api::V1::FeaturedTags::SuggestionsController < Api::BaseController
before_action :require_user!
before_action :set_recently_used_tags, only: :index
RECENT_TAGS_LIMIT = 10
def index
render json: @recently_used_tags, each_serializer: REST::TagSerializer, relationships: TagRelationshipsPresenter.new(@recently_used_tags, current_user&.account_id)
end
@ -12,6 +14,6 @@ class Api::V1::FeaturedTags::SuggestionsController < Api::BaseController
private
def set_recently_used_tags
@recently_used_tags = Tag.suggestions_for_account(current_account).limit(10)
@recently_used_tags = Tag.suggestions_for_account(current_account).limit(RECENT_TAGS_LIMIT)
end
end

4
app/controllers/api/v1/follow_requests_controller.rb
View file

@ -28,8 +28,8 @@ class Api::V1::FollowRequestsController < Api::BaseController
@account ||= Account.find(params[:id])
end
def relationships(**options)
AccountRelationshipsPresenter.new([account], current_user.account_id, **options)
def relationships(**)
AccountRelationshipsPresenter.new([account], current_user.account_id, **)
end
def load_accounts

4
app/controllers/api/v1/instances/domain_blocks_controller.rb
View file

@ -31,7 +31,7 @@ class Api::V1::Instances::DomainBlocksController < Api::V1::Instances::BaseContr
end
def show_domain_blocks_to_user?
Setting.show_domain_blocks == 'users' && user_signed_in?
Setting.show_domain_blocks == 'users' && user_signed_in? && current_user.functional_or_moved?
end
def set_domain_blocks
@ -47,6 +47,6 @@ class Api::V1::Instances::DomainBlocksController < Api::V1::Instances::BaseContr
end
def show_rationale_for_user?
Setting.show_domain_blocks_rationale == 'users' && user_signed_in?
Setting.show_domain_blocks_rationale == 'users' && user_signed_in? && current_user.functional_or_moved?
end
end

22
app/controllers/api/v1/instances/terms_of_services_controller.rb Normal file
View file

@ -0,0 +1,22 @@
# frozen_string_literal: true
class Api::V1::Instances::TermsOfServicesController < Api::V1::Instances::BaseController
before_action :set_terms_of_service
def show
cache_even_if_authenticated!
render json: @terms_of_service, serializer: REST::TermsOfServiceSerializer
end
private
def set_terms_of_service
@terms_of_service = begin
if params[:date].present?
TermsOfService.published.find_by!(effective_date: params[:date])
else
TermsOfService.live.first || TermsOfService.published.first! # For the case when none of the published terms have become effective yet
end
end
end
end

13
app/controllers/api/v1/lists/accounts_controller.rb
View file

@ -15,17 +15,12 @@ class Api::V1::Lists::AccountsController < Api::BaseController
end
def create
ApplicationRecord.transaction do
list_accounts.each do |account|
@list.accounts << account
end
end
AddAccountsToListService.new.call(@list, Account.find(account_ids))
render_empty
end
def destroy
ListAccount.where(list: @list, account_id: account_ids).destroy_all
RemoveAccountsFromListService.new.call(@list, Account.where(id: account_ids))
render_empty
end
@ -43,10 +38,6 @@ class Api::V1::Lists::AccountsController < Api::BaseController
end
end
def list_accounts
Account.find(account_ids)
end
def account_ids
Array(resource_params[:account_ids])
end

17
app/controllers/api/v1/media_controller.rb
View file

@ -3,8 +3,8 @@
class Api::V1::MediaController < Api::BaseController
before_action -> { doorkeeper_authorize! :write, :'write:media' }
before_action :require_user!
before_action :set_media_attachment, except: [:create]
before_action :check_processing, except: [:create]
before_action :set_media_attachment, except: [:create, :destroy]
before_action :check_processing, except: [:create, :destroy]
def show
render json: @media_attachment, serializer: REST::MediaAttachmentSerializer, status: status_code_for_media_attachment
@ -25,6 +25,15 @@ class Api::V1::MediaController < Api::BaseController
render json: @media_attachment, serializer: REST::MediaAttachmentSerializer, status: status_code_for_media_attachment
end
def destroy
@media_attachment = current_account.media_attachments.find(params[:id])
return render json: in_usage_error, status: 422 unless @media_attachment.status_id.nil?
@media_attachment.destroy
render_empty
end
private
def status_code_for_media_attachment
@ -54,4 +63,8 @@ class Api::V1::MediaController < Api::BaseController
def processing_error
{ error: 'Error processing thumbnail for uploaded media' }
end
def in_usage_error
{ error: 'Media attachment is currently used by a status' }
end
end

2
app/controllers/api/v1/polls/votes_controller.rb
View file

@ -15,7 +15,7 @@ class Api::V1::Polls::VotesController < Api::BaseController
private
def set_poll
@poll = Poll.attached.find(params[:poll_id])
@poll = Poll.find(params[:poll_id])
authorize @poll.status, :show?
rescue Mastodon::NotPermittedError
not_found

2
app/controllers/api/v1/polls_controller.rb
View file

@ -15,7 +15,7 @@ class Api::V1::PollsController < Api::BaseController
private
def set_poll
@poll = Poll.attached.find(params[:id])
@poll = Poll.find(params[:id])
authorize @poll.status, :show?
rescue Mastodon::NotPermittedError
not_found

2
app/controllers/api/v1/profile/avatars_controller.rb
View file

@ -7,7 +7,7 @@ class Api::V1::Profile::AvatarsController < Api::BaseController
def destroy
@account = current_account
UpdateAccountService.new.call(@account, { avatar: nil }, raise_error: true)
ActivityPub::UpdateDistributionWorker.perform_async(@account.id)
ActivityPub::UpdateDistributionWorker.perform_in(ActivityPub::UpdateDistributionWorker::DEBOUNCE_DELAY, @account.id)
render json: @account, serializer: REST::CredentialAccountSerializer
end
end

2
app/controllers/api/v1/profile/headers_controller.rb
View file

@ -7,7 +7,7 @@ class Api::V1::Profile::HeadersController < Api::BaseController
def destroy
@account = current_account
UpdateAccountService.new.call(@account, { header: nil }, raise_error: true)
ActivityPub::UpdateDistributionWorker.perform_async(@account.id)
ActivityPub::UpdateDistributionWorker.perform_in(ActivityPub::UpdateDistributionWorker::DEBOUNCE_DELAY, @account.id)
render json: @account, serializer: REST::CredentialAccountSerializer
end
end

5
app/controllers/api/v1/push/subscriptions_controller.rb
View file

@ -21,6 +21,7 @@ class Api::V1::Push::SubscriptionsController < Api::BaseController
endpoint: subscription_params[:endpoint],
key_p256dh: subscription_params[:keys][:p256dh],
key_auth: subscription_params[:keys][:auth],
standard: subscription_params[:standard] || false,
data: data_params,
user_id: current_user.id,
access_token_id: doorkeeper_token.id
@ -55,12 +56,12 @@ class Api::V1::Push::SubscriptionsController < Api::BaseController
end
def subscription_params
params.require(:subscription).permit(:endpoint, keys: [:auth, :p256dh])
params.expect(subscription: [:endpoint, :standard, keys: [:auth, :p256dh]])
end
def data_params
return {} if params[:data].blank?
params.require(:data).permit(:policy, alerts: Notification::TYPES)
params.expect(data: [:policy, alerts: Notification::TYPES])
end
end

4
app/controllers/api/v1/statuses_controller.rb
View file

@ -58,6 +58,8 @@ class Api::V1::StatusesController < Api::BaseController
statuses = [@status] + @context.ancestors + @context.descendants
render json: @context, serializer: REST::ContextSerializer, relationships: StatusRelationshipsPresenter.new(statuses, current_user&.account_id)
ActivityPub::FetchAllRepliesWorker.perform_async(@status.id) if !current_account.nil? && @status.should_fetch_replies?
end
def create
@ -111,7 +113,7 @@ class Api::V1::StatusesController < Api::BaseController
@status.account.statuses_count = @status.account.statuses_count - 1
json = render_to_body json: @status, serializer: REST::StatusSerializer, source_requested: true
RemovalWorker.perform_async(@status.id, { 'redraft' => true })
RemovalWorker.perform_async(@status.id, { 'redraft' => !truthy_param?(:delete_media) })
render json: json
end

4
app/controllers/api/v1/trends/tags_controller.rb
View file

@ -27,7 +27,9 @@ class Api::V1::Trends::TagsController < Api::BaseController
end
def tags_from_trends
Trends.tags.query.allowed
scope = Trends.tags.query.allowed.in_locale(content_locale)
scope = scope.filtered_for(current_account) if user_signed_in?
scope
end
def next_path

27
app/controllers/api/v2/notifications_controller.rb
View file

@ -46,7 +46,7 @@ class Api::V2::NotificationsController < Api::BaseController
end
def show
@notification = current_account.notifications.without_suspended.find_by!(group_key: params[:group_key])
@notification = current_account.notifications.without_suspended.by_group_key(params[:group_key]).take!
presenter = GroupedNotificationsPresenter.new(NotificationGroup.from_notifications([@notification]))
render json: presenter, serializer: REST::DedupNotificationGroupSerializer
end
@ -57,7 +57,7 @@ class Api::V2::NotificationsController < Api::BaseController
end
def dismiss
current_account.notifications.where(group_key: params[:group_key]).destroy_all
current_account.notifications.by_group_key(params[:group_key]).destroy_all
render_empty
end
@ -80,10 +80,31 @@ class Api::V2::NotificationsController < Api::BaseController
return [] if @notifications.empty?
MastodonOTELTracer.in_span('Api::V2::NotificationsController#load_grouped_notifications') do
NotificationGroup.from_notifications(@notifications, pagination_range: (@notifications.last.id)..(@notifications.first.id), grouped_types: params[:grouped_types])
pagination_range = (@notifications.last.id)..@notifications.first.id
# If the page is incomplete, we know we are on the last page
if incomplete_page?
if paginating_up?
pagination_range = @notifications.last.id...(params[:max_id]&.to_i)
else
range_start = params[:since_id]&.to_i
range_start += 1 unless range_start.nil?
pagination_range = range_start..(@notifications.first.id)
end
end
NotificationGroup.from_notifications(@notifications, pagination_range: pagination_range, grouped_types: params[:grouped_types])
end
end
def incomplete_page?
@notifications.size < limit_param(DEFAULT_NOTIFICATIONS_LIMIT)
end
def paginating_up?
params[:min_id].present?
end
def browserable_account_notifications
current_account.notifications.without_suspended.browserable(
types: Array(browserable_params[:types]),

5
app/controllers/api/web/push_subscriptions_controller.rb
View file

@ -66,7 +66,7 @@ class Api::Web::PushSubscriptionsController < Api::Web::BaseController
end
def subscription_params
@subscription_params ||= params.require(:subscription).permit(:endpoint, keys: [:auth, :p256dh])
@subscription_params ||= params.expect(subscription: [:standard, :endpoint, keys: [:auth, :p256dh]])
end
def web_push_subscription_params
@ -76,11 +76,12 @@ class Api::Web::PushSubscriptionsController < Api::Web::BaseController
endpoint: subscription_params[:endpoint],
key_auth: subscription_params[:keys][:auth],
key_p256dh: subscription_params[:keys][:p256dh],
standard: subscription_params[:standard] || false,
user_id: active_session.user_id,
}
end
def data_params
@data_params ||= params.require(:data).permit(:policy, alerts: Notification::TYPES)
@data_params ||= params.expect(data: [:policy, alerts: Notification::TYPES])
end
end

13
app/controllers/application_controller.rb
View file

@ -22,7 +22,6 @@ class ApplicationController < ActionController::Base
helper_method :use_seamless_external_login?
helper_method :sso_account_settings
helper_method :limited_federation_mode?
helper_method :body_class_string
helper_method :skip_csrf_meta_tags?
rescue_from ActionController::ParameterMissing, Paperclip::AdapterRegistry::NoHandlerError, with: :bad_request
@ -71,7 +70,13 @@ class ApplicationController < ActionController::Base
end
def require_functional!
redirect_to edit_user_registration_path unless current_user.functional?
return if current_user.functional?
if current_user.confirmed?
redirect_to edit_user_registration_path
else
redirect_to auth_setup_path
end
end
def skip_csrf_meta_tags?
@ -158,10 +163,6 @@ class ApplicationController < ActionController::Base
current_user.setting_theme
end
def body_class_string
@body_classes || ''
end
def respond_with_error(code)
respond_to do |format|
format.any { render "errors/#{code}", layout: 'error', status: code, formats: [:html] }

9
app/controllers/auth/registrations_controller.rb
View file

@ -12,7 +12,6 @@ class Auth::RegistrationsController < Devise::RegistrationsController
before_action :set_sessions, only: [:edit, :update]
before_action :set_strikes, only: [:edit, :update]
before_action :require_not_suspended!, only: [:update]
before_action :set_cache_headers, only: [:edit, :update]
before_action :set_rules, only: :new
before_action :require_rules_acceptance!, only: :new
before_action :set_registration_form_time, only: :new
@ -139,7 +138,11 @@ class Auth::RegistrationsController < Devise::RegistrationsController
set_locale { render :rules }
end
def set_cache_headers
response.cache_control.replace(private: true, no_store: true)
def is_flashing_format? # rubocop:disable Naming/PredicateName
if params[:action] == 'create'
false # Disable flash messages for sign-up
else
super
end
end
end

2
app/controllers/auth/sessions_controller.rb
View file

@ -73,7 +73,7 @@ class Auth::SessionsController < Devise::SessionsController
end
def user_params
params.require(:user).permit(:email, :password, :otp_attempt, credential: {})
params.expect(user: [:email, :password, :otp_attempt, credential: {}])
end
def after_sign_in_path_for(resource)

4
app/controllers/auth/setup_controller.rb
View file

@ -18,7 +18,7 @@ class Auth::SetupController < ApplicationController
if @user.update(user_params)
@user.resend_confirmation_instructions unless @user.confirmed?
redirect_to auth_setup_path, notice: I18n.t('auth.setup.new_confirmation_instructions_sent')
redirect_to auth_setup_path, notice: t('auth.setup.new_confirmation_instructions_sent')
else
render :show
end
@ -35,6 +35,6 @@ class Auth::SetupController < ApplicationController
end
def user_params
params.require(:user).permit(:email)
params.expect(user: [:email])
end
end

2
app/controllers/concerns/admin/export_controller_concern.rb
View file

@ -24,6 +24,6 @@ module Admin::ExportControllerConcern
end
def import_params
params.require(:admin_import).permit(:data)
params.expect(admin_import: [:data])
end
end

2
app/controllers/concerns/cache_concern.rb
View file

@ -28,7 +28,7 @@ module CacheConcern
def render_with_cache(**options)
raise ArgumentError, 'Only JSON render calls are supported' unless options.key?(:json) || block_given?
key = options.delete(:key) || [[params[:controller], params[:action]].join('/'), options[:json].respond_to?(:cache_key) ? options[:json].cache_key : nil, options[:fields].nil? ? nil : options[:fields].join(',')].compact.join(':')
key = options.delete(:key) || [[params[:controller], params[:action]].join('/'), options[:json].respond_to?(:cache_key) ? options[:json].cache_key : nil, options[:fields]&.join(',')].compact.join(':')
expires_in = options.delete(:expires_in) || 3.minutes
body = Rails.cache.read(key, raw: true)

2
app/controllers/concerns/challengable_concern.rb
View file

@ -58,6 +58,6 @@ module ChallengableConcern
end
def challenge_params
params.require(:form_challenge).permit(:current_password, :return_to)
params.expect(form_challenge: [:current_password, :return_to])
end
end

2
app/controllers/concerns/localized.rb
View file

@ -25,7 +25,7 @@ module Localized
end
def available_locale_or_nil(locale_name)
locale_name.to_sym if locale_name.present? && I18n.available_locales.include?(locale_name.to_sym)
locale_name.to_sym if locale_name.respond_to?(:to_sym) && I18n.available_locales.include?(locale_name.to_sym)
end
def content_locale

8
app/controllers/concerns/signature_verification.rb
View file

@ -117,7 +117,7 @@ module SignatureVerification
def verify_signature_strength!
raise SignatureVerificationError, 'Mastodon requires the Date header or (created) pseudo-header to be signed' unless signed_headers.include?('date') || signed_headers.include?('(created)')
raise SignatureVerificationError, 'Mastodon requires the Digest header or (request-target) pseudo-header to be signed' unless signed_headers.include?(Request::REQUEST_TARGET) || signed_headers.include?('digest')
raise SignatureVerificationError, 'Mastodon requires the Digest header or (request-target) pseudo-header to be signed' unless signed_headers.include?(HttpSignatureDraft::REQUEST_TARGET) || signed_headers.include?('digest')
raise SignatureVerificationError, 'Mastodon requires the Host header to be signed when doing a GET request' if request.get? && !signed_headers.include?('host')
raise SignatureVerificationError, 'Mastodon requires the Digest header to be signed when doing a POST request' if request.post? && !signed_headers.include?('digest')
end
@ -155,14 +155,14 @@ module SignatureVerification
def build_signed_string(include_query_string: true)
signed_headers.map do |signed_header|
case signed_header
when Request::REQUEST_TARGET
when HttpSignatureDraft::REQUEST_TARGET
if include_query_string
"#{Request::REQUEST_TARGET}: #{request.method.downcase} #{request.original_fullpath}"
"#{HttpSignatureDraft::REQUEST_TARGET}: #{request.method.downcase} #{request.original_fullpath}"
else
# Current versions of Mastodon incorrectly omit the query string from the (request-target) pseudo-header.
# Therefore, temporarily support such incorrect signatures for compatibility.
# TODO: remove eventually some time after release of the fixed version
"#{Request::REQUEST_TARGET}: #{request.method.downcase} #{request.path}"
"#{HttpSignatureDraft::REQUEST_TARGET}: #{request.method.downcase} #{request.path}"
end
when '(created)'
raise SignatureVerificationError, 'Invalid pseudo-header (created) for rsa-sha256' unless signature_algorithm == 'hs2019'

12
app/controllers/concerns/web_app_controller_concern.rb
View file

@ -7,7 +7,7 @@ module WebAppControllerConcern
vary_by 'Accept, Accept-Language, Cookie'
before_action :redirect_unauthenticated_to_permalinks!
before_action :set_app_body_class
before_action :set_referer_header
content_security_policy do |p|
policy = ContentSecurityPolicy.new
@ -24,10 +24,6 @@ module WebAppControllerConcern
!(ENV['ONE_CLICK_SSO_LOGIN'] == 'true' && ENV['OMNIAUTH_ONLY'] == 'true' && Devise.omniauth_providers.length == 1) && current_user.nil?
end
def set_app_body_class
@body_classes = 'app-body'
end
def redirect_unauthenticated_to_permalinks!
return if user_signed_in? && current_account.moved_to_account_id.nil?
@ -46,4 +42,10 @@ module WebAppControllerConcern
end
end
end
protected
def set_referer_header
response.set_header('Referrer-Policy', Setting.allow_referrer_origin ? 'strict-origin-when-cross-origin' : 'same-origin')
end
end

8
app/controllers/custom_css_controller.rb
View file

@ -1,10 +1,8 @@
# frozen_string_literal: true
class CustomCssController < ActionController::Base # rubocop:disable Rails/ApplicationController
before_action :set_user_roles
def show
expires_in 3.minutes, public: true
expires_in 1.month, public: true
render content_type: 'text/css'
end
@ -14,8 +12,4 @@ class CustomCssController < ActionController::Base # rubocop:disable Rails/Appli
Setting.custom_css
end
helper_method :custom_css_styles
def set_user_roles
@user_roles = UserRole.providing_styles
end
end

2
app/controllers/disputes/appeals_controller.rb
View file

@ -21,6 +21,6 @@ class Disputes::AppealsController < Disputes::BaseController
end
def appeal_params
params.require(:appeal).permit(:text)
params.expect(appeal: [:text])
end
end

7
app/controllers/disputes/base_controller.rb
View file

@ -8,11 +8,4 @@ class Disputes::BaseController < ApplicationController
skip_before_action :require_functional!
before_action :authenticate_user!
before_action :set_cache_headers
private
def set_cache_headers
response.cache_control.replace(private: true, no_store: true)
end
end

7
app/controllers/filters/statuses_controller.rb
View file

@ -6,7 +6,6 @@ class Filters::StatusesController < ApplicationController
before_action :authenticate_user!
before_action :set_filter
before_action :set_status_filters
before_action :set_cache_headers
PER_PAGE = 20
@ -34,14 +33,10 @@ class Filters::StatusesController < ApplicationController
end
def status_filter_batch_action_params
params.require(:form_status_filter_batch_action).permit(status_filter_ids: [])
params.expect(form_status_filter_batch_action: [status_filter_ids: []])
end
def action_from_button
'remove' if params[:remove]
end
def set_cache_headers
response.cache_control.replace(private: true, no_store: true)
end
end

7
app/controllers/filters_controller.rb
View file

@ -5,7 +5,6 @@ class FiltersController < ApplicationController
before_action :authenticate_user!
before_action :set_filter, only: [:edit, :update, :destroy]
before_action :set_cache_headers
def index
@filters = current_account.custom_filters.includes(:keywords, :statuses).order(:phrase)
@ -48,10 +47,6 @@ class FiltersController < ApplicationController
end
def resource_params
params.require(:custom_filter).permit(:title, :expires_in, :filter_action, context: [], keywords_attributes: [:id, :keyword, :whole_word, :_destroy])
end
def set_cache_headers
response.cache_control.replace(private: true, no_store: true)
params.expect(custom_filter: [:title, :expires_in, :filter_action, context: [], keywords_attributes: [[:id, :keyword, :whole_word, :_destroy]]])
end
end

2
app/controllers/follower_accounts_controller.rb
View file

@ -46,7 +46,7 @@ class FollowerAccountsController < ApplicationController
end
def page_url(page)
account_followers_url(@account, page: page) unless page.nil?
ActivityPub::TagManager.instance.followers_uri_for(@account, page: page) unless page.nil?
end
def next_page_url

7
app/controllers/invites_controller.rb
View file

@ -6,7 +6,6 @@ class InvitesController < ApplicationController
layout 'admin'
before_action :authenticate_user!
before_action :set_cache_headers
def index
authorize :invite, :create?
@ -43,10 +42,6 @@ class InvitesController < ApplicationController
end
def resource_params
params.require(:invite).permit(:max_uses, :expires_in, :autofollow, :comment)
end
def set_cache_headers
response.cache_control.replace(private: true, no_store: true)
params.expect(invite: [:max_uses, :expires_in, :autofollow, :comment])
end
end

5
app/controllers/oauth/authorizations_controller.rb
View file

@ -5,7 +5,6 @@ class Oauth::AuthorizationsController < Doorkeeper::AuthorizationsController
before_action :store_current_location
before_action :authenticate_resource_owner!
before_action :set_cache_headers
content_security_policy do |p|
p.form_action(false)
@ -32,8 +31,4 @@ class Oauth::AuthorizationsController < Doorkeeper::AuthorizationsController
def truthy_param?(key)
ActiveModel::Type::Boolean.new.cast(params[key])
end
def set_cache_headers
response.cache_control.replace(private: true, no_store: true)
end
end

13
app/controllers/oauth/authorized_applications_controller.rb
View file

@ -6,7 +6,6 @@ class Oauth::AuthorizedApplicationsController < Doorkeeper::AuthorizedApplicatio
before_action :store_current_location
before_action :authenticate_resource_owner!
before_action :require_not_suspended!, only: :destroy
before_action :set_cache_headers
before_action :set_last_used_at_by_app, only: :index, unless: -> { request.format == :json }
@ -30,17 +29,7 @@ class Oauth::AuthorizedApplicationsController < Doorkeeper::AuthorizedApplicatio
forbidden if current_account.unavailable?
end
def set_cache_headers
response.cache_control.replace(private: true, no_store: true)
end
def set_last_used_at_by_app
@last_used_at_by_app = Doorkeeper::AccessToken
.select('DISTINCT ON (application_id) application_id, last_used_at')
.where(resource_owner_id: current_resource_owner.id)
.where.not(last_used_at: nil)
.order(application_id: :desc, last_used_at: :desc)
.pluck(:application_id, :last_used_at)
.to_h
@last_used_at_by_app = current_resource_owner.applications_last_used
end
end

11
app/controllers/oauth/userinfo_controller.rb Normal file
View file

@ -0,0 +1,11 @@
# frozen_string_literal: true
class Oauth::UserinfoController < Api::BaseController
before_action -> { doorkeeper_authorize! :profile }, only: [:show]
before_action :require_user!
def show
@account = current_account
render json: @account, serializer: OauthUserinfoSerializer
end
end

7
app/controllers/relationships_controller.rb
View file

@ -6,7 +6,6 @@ class RelationshipsController < ApplicationController
before_action :authenticate_user!
before_action :set_accounts, only: :show
before_action :set_relationships, only: :show
before_action :set_cache_headers
helper_method :following_relationship?, :followed_by_relationship?, :mutual_relationship?
@ -36,7 +35,7 @@ class RelationshipsController < ApplicationController
end
def form_account_batch_params
params.require(:form_account_batch).permit(:action, account_ids: [])
params.expect(form_account_batch: [:action, account_ids: []])
end
def following_relationship?
@ -66,8 +65,4 @@ class RelationshipsController < ApplicationController
'remove_domains_from_followers'
end
end
def set_cache_headers
response.cache_control.replace(private: true, no_store: true)
end
end

2
app/controllers/settings/aliases_controller.rb
View file

@ -30,7 +30,7 @@ class Settings::AliasesController < Settings::BaseController
private
def resource_params
params.require(:account_alias).permit(:acct)
params.expect(account_alias: [:acct])
end
def set_alias

13
app/controllers/settings/applications_controller.rb
View file

@ -2,7 +2,6 @@
class Settings::ApplicationsController < Settings::BaseController
before_action :set_application, only: [:show, :update, :destroy, :regenerate]
before_action :prepare_scopes, only: [:create, :update]
def index
@applications = current_user.applications.order(id: :desc).page(params[:page])
@ -60,16 +59,6 @@ class Settings::ApplicationsController < Settings::BaseController
end
def application_params
params.require(:doorkeeper_application).permit(
:name,
:redirect_uri,
:scopes,
:website
)
end
def prepare_scopes
scopes = params.fetch(:doorkeeper_application, {}).fetch(:scopes, nil)
params[:doorkeeper_application][:scopes] = scopes.join(' ') if scopes.is_a? Array
params.expect(doorkeeper_application: [:name, :redirect_uri, :website, scopes: []])
end
end

5
app/controllers/settings/base_controller.rb
View file

@ -4,14 +4,9 @@ class Settings::BaseController < ApplicationController
layout 'admin'
before_action :authenticate_user!
before_action :set_cache_headers
private
def set_cache_headers
response.cache_control.replace(private: true, no_store: true)
end
def require_not_suspended!
forbidden if current_account.unavailable?
end

2
app/controllers/settings/deletes_controller.rb
View file

@ -21,7 +21,7 @@ class Settings::DeletesController < Settings::BaseController
private
def resource_params
params.require(:form_delete_confirmation).permit(:password, :username)
params.expect(form_delete_confirmation: [:password, :username])
end
def require_not_suspended!

6
app/controllers/settings/featured_tags_controller.rb
View file

@ -5,6 +5,8 @@ class Settings::FeaturedTagsController < Settings::BaseController
before_action :set_featured_tag, except: [:index, :create]
before_action :set_recently_used_tags, only: :index
RECENT_TAGS_LIMIT = 10
def index
@featured_tag = FeaturedTag.new
end
@ -38,10 +40,10 @@ class Settings::FeaturedTagsController < Settings::BaseController
end
def set_recently_used_tags
@recently_used_tags = Tag.suggestions_for_account(current_account).limit(10)
@recently_used_tags = Tag.suggestions_for_account(current_account).limit(RECENT_TAGS_LIMIT)
end
def featured_tag_params
params.require(:featured_tag).permit(:name)
params.expect(featured_tag: [:name])
end
end

6
app/controllers/settings/imports_controller.rb
View file

@ -24,6 +24,8 @@ class Settings::ImportsController < Settings::BaseController
lists: false,
}.freeze
RECENT_IMPORTS_LIMIT = 10
def index
@import = Form::Import.new(current_account: current_account)
end
@ -88,7 +90,7 @@ class Settings::ImportsController < Settings::BaseController
private
def import_params
params.require(:form_import).permit(:data, :type, :mode)
params.expect(form_import: [:data, :type, :mode])
end
def set_bulk_import
@ -96,6 +98,6 @@ class Settings::ImportsController < Settings::BaseController
end
def set_recent_imports
@recent_imports = current_account.bulk_imports.reorder(id: :desc).limit(10)
@recent_imports = current_account.bulk_imports.reorder(id: :desc).limit(RECENT_IMPORTS_LIMIT)
end
end

2
app/controllers/settings/migration/redirects_controller.rb
View file

@ -33,6 +33,6 @@ class Settings::Migration::RedirectsController < Settings::BaseController
private
def resource_params
params.require(:form_redirect).permit(:acct, :current_password, :current_username)
params.expect(form_redirect: [:acct, :current_password, :current_username])
end
end

2
app/controllers/settings/migrations_controller.rb
View file

@ -27,7 +27,7 @@ class Settings::MigrationsController < Settings::BaseController
private
def resource_params
params.require(:account_migration).permit(:acct, :current_password, :current_username)
params.expect(account_migration: [:acct, :current_password, :current_username])
end
def set_migrations

2
app/controllers/settings/pictures_controller.rb
View file

@ -8,7 +8,7 @@ module Settings
def destroy
if valid_picture?
if UpdateAccountService.new.call(@account, { @picture => nil, "#{@picture}_remote_url" => '' })
ActivityPub::UpdateDistributionWorker.perform_async(@account.id)
ActivityPub::UpdateDistributionWorker.perform_in(ActivityPub::UpdateDistributionWorker::DEBOUNCE_DELAY, @account.id)
redirect_to settings_profile_path, notice: I18n.t('generic.changes_saved_msg'), status: 303
else
redirect_to settings_profile_path

2
app/controllers/settings/preferences/base_controller.rb
View file

@ -19,6 +19,6 @@ class Settings::Preferences::BaseController < Settings::BaseController
end
def user_params
params.require(:user).permit(:locale, :time_zone, chosen_languages: [], settings_attributes: UserSettings.keys)
params.expect(user: [:locale, :time_zone, chosen_languages: [], settings_attributes: UserSettings.keys])
end
end

4
app/controllers/settings/privacy_controller.rb
View file

@ -8,7 +8,7 @@ class Settings::PrivacyController < Settings::BaseController
def update
if UpdateAccountService.new.call(@account, account_params.except(:settings))
current_user.update!(settings_attributes: account_params[:settings])
ActivityPub::UpdateDistributionWorker.perform_async(@account.id)
ActivityPub::UpdateDistributionWorker.perform_in(ActivityPub::UpdateDistributionWorker::DEBOUNCE_DELAY, @account.id)
redirect_to settings_privacy_path, notice: I18n.t('generic.changes_saved_msg')
else
render :show
@ -18,7 +18,7 @@ class Settings::PrivacyController < Settings::BaseController
private
def account_params
params.require(:account).permit(:discoverable, :unlocked, :indexable, :show_collections, settings: UserSettings.keys)
params.expect(account: [:discoverable, :unlocked, :indexable, :show_collections, settings: UserSettings.keys])
end
def set_account

4
app/controllers/settings/profiles_controller.rb
View file

@ -9,7 +9,7 @@ class Settings::ProfilesController < Settings::BaseController
def update
if UpdateAccountService.new.call(@account, account_params)
ActivityPub::UpdateDistributionWorker.perform_async(@account.id)
ActivityPub::UpdateDistributionWorker.perform_in(ActivityPub::UpdateDistributionWorker::DEBOUNCE_DELAY, @account.id)
redirect_to settings_profile_path, notice: I18n.t('generic.changes_saved_msg')
else
@account.build_fields
@ -20,7 +20,7 @@ class Settings::ProfilesController < Settings::BaseController
private
def account_params
params.require(:account).permit(:display_name, :note, :avatar, :header, :bot, fields_attributes: [:name, :value])
params.expect(account: [:display_name, :note, :avatar, :header, :bot, fields_attributes: [[:name, :value]]])
end
def set_account

2
app/controllers/settings/two_factor_authentication/confirmations_controller.rb
View file

@ -38,7 +38,7 @@ module Settings
private
def confirmation_params
params.require(:form_two_factor_confirmation).permit(:otp_attempt)
params.expect(form_two_factor_confirmation: [:otp_attempt])
end
def prepare_two_factor_form

6
app/controllers/settings/verifications_controller.rb
View file

@ -8,7 +8,7 @@ class Settings::VerificationsController < Settings::BaseController
def update
if UpdateAccountService.new.call(@account, account_params)
ActivityPub::UpdateDistributionWorker.perform_async(@account.id)
ActivityPub::UpdateDistributionWorker.perform_in(ActivityPub::UpdateDistributionWorker::DEBOUNCE_DELAY, @account.id)
redirect_to settings_verification_path, notice: I18n.t('generic.changes_saved_msg')
else
render :show
@ -18,7 +18,9 @@ class Settings::VerificationsController < Settings::BaseController
private
def account_params
params.require(:account).permit(:attribution_domains_as_text)
params.expect(account: [:attribution_domains]).tap do |params|
params[:attribution_domains] = params[:attribution_domains].split if params[:attribution_domains]
end
end
def set_account

5
app/controllers/severed_relationships_controller.rb
View file

@ -4,7 +4,6 @@ class SeveredRelationshipsController < ApplicationController
layout 'admin'
before_action :authenticate_user!
before_action :set_cache_headers
before_action :set_event, only: [:following, :followers]
@ -49,8 +48,4 @@ class SeveredRelationshipsController < ApplicationController
def acct(account)
account.local? ? account.local_username_and_domain : account.acct
end
def set_cache_headers
response.cache_control.replace(private: true, no_store: true)
end
end

9
app/controllers/statuses_cleanup_controller.rb
View file

@ -5,7 +5,6 @@ class StatusesCleanupController < ApplicationController
before_action :authenticate_user!
before_action :set_policy
before_action :set_cache_headers
def show; end
@ -15,8 +14,6 @@ class StatusesCleanupController < ApplicationController
else
render :show
end
rescue ActionController::ParameterMissing
# Do nothing
end
def require_functional!
@ -30,10 +27,6 @@ class StatusesCleanupController < ApplicationController
end
def resource_params
params.require(:account_statuses_cleanup_policy).permit(:enabled, :min_status_age, :keep_direct, :keep_pinned, :keep_polls, :keep_media, :keep_self_fav, :keep_self_bookmark, :min_favs, :min_reblogs)
end
def set_cache_headers
response.cache_control.replace(private: true, no_store: true)
params.expect(account_statuses_cleanup_policy: [:enabled, :min_status_age, :keep_direct, :keep_pinned, :keep_polls, :keep_media, :keep_self_fav, :keep_self_bookmark, :min_favs, :min_reblogs])
end
end

11
app/controllers/terms_of_service_controller.rb Normal file
View file

@ -0,0 +1,11 @@
# frozen_string_literal: true
class TermsOfServiceController < ApplicationController
include WebAppControllerConcern
skip_before_action :require_functional!
def show
expires_in(15.seconds, public: true, stale_while_revalidate: 30.seconds, stale_if_error: 1.day) unless user_signed_in?
end
end

4
app/helpers/admin/account_moderation_notes_helper.rb
View file

@ -12,12 +12,12 @@ module Admin::AccountModerationNotesHelper
)
end
def admin_account_inline_link_to(account)
def admin_account_inline_link_to(account, path: nil)
return if account.nil?
link_to(
account_inline_text(account),
admin_account_path(account.id),
path || admin_account_path(account.id),
class: class_names('inline-name-tag', suspended: suspended_account?(account)),
title: account.acct
)

2
app/helpers/admin/action_logs_helper.rb
View file

@ -33,6 +33,8 @@ module Admin::ActionLogsHelper
else
I18n.t('admin.action_logs.deleted_account')
end
when 'Relay'
link_to log.human_identifier, admin_relays_path
end
end

Some files were not shown because too many files have changed in this diff Show more