David Yip
020b40efdb
Merge remote-tracking branch 'origin/master' into merge-upstream
...
Conflicts:
.travis.yml
app/lib/user_settings_decorator.rb
app/models/user.rb
app/serializers/initial_state_serializer.rb
app/views/stream_entries/_detailed_status.html.haml
app/views/stream_entries/_simple_status.html.haml
config/locales/simple_form.en.yml
2018-02-09 09:25:53 -06:00
Eugen Rochko
76f3d5d16b
Add preference to always display sensitive media ( #6448 )
2018-02-09 00:26:57 +01:00
Jenkins
5ba2c300d8
Merge remote-tracking branch 'tootsuite/master' into glitchsoc/master
2018-02-08 23:17:14 +00:00
abcang
cf32f7da5c
Fix response of signature_verification_failure_reason ( #6441 )
2018-02-08 05:00:45 +01:00
David Yip
a6fb1c58ee
Merge remote-tracking branch 'origin/master' into merge-upstream
...
Conflicts:
.env.production.sample
app/controllers/auth/confirmations_controller.rb
db/schema.rb
2018-02-04 16:36:19 -06:00
abcang
3f35d43222
Exclude nil from relationships array ( #6427 )
2018-02-04 12:32:10 +01:00
Renato "Lond" Cerqueira
4e4f1b0dcb
Add option to show only local toots in timeline preview ( #6292 )
...
* Add option to show only local toots in timeline preview
Right know, toots from all the known fediverse are shown in the main
page of an instance. That however doesn't reflect the instance itself.
With this option the admin may choose to display only local toots so
that users checking the instance get a better idea of internal
conversations.
* Fix issues pointed by codeclimate and eslint
* Add default message for community timeline
* Update pl.yml
2018-02-04 06:00:10 +01:00
Eugen Rochko
26f21fd5a0
CAS + SAML authentication feature ( #6425 )
...
* Cas authentication feature
* Config
* Remove class_eval + Omniauth initializer
* Codeclimate review
* Codeclimate review 2
* Codeclimate review 3
* Remove uid/email reconciliation
* SAML authentication
* Clean up code
* Improve login form
* Fix code style issues
* Add locales
2018-02-04 05:42:13 +01:00
David Yip
4c1fd9a19c
Merge remote-tracking branch 'tootsuite/master' into merge-upstream
...
Conflicts:
app/javascript/styles/mastodon/components.scss
2018-02-02 08:39:52 -06:00
ThibG
ac1093256c
Allow HTTP caching of atom-rendered public toots (OStatus compatibility) ( #6207 )
2018-02-02 10:54:04 +01:00
puckipedia
8e4cf6282b
Allow retrieval of private statuses (single or in outbox) using HTTP signatures ( #6225 )
2018-02-02 10:19:59 +01:00
Alexander
04fef7b888
pam authentication ( #5303 )
...
* add pam support, without extra column
* bugfixes for pam login
* document options
* fix code style
* fix codestyle
* fix tests
* don't call remember_me without password
* fix codestyle
* improve checks for pam usage (should fix tests)
* fix remember_me part 1
* add remember_token column because :rememberable requires either a password or this column.
* migrate db for remember_token
* move pam_authentication to the right place, fix logic bug in edit.html.haml
* fix tests
* fix pam authentication, improve username lookup, add comment
* valid? is sometimes not honored, return nil instead trying to authenticate with pam
* update devise_pam_authenticatable2 and adjust code. Fixes sideeffects observed in tests
* update devise_pam_authenticatable gem, fixes for codeconventions, fix finding user
* codeconvention fixes
* code convention fixes
* fix idention
* update dependency, explicit conflict check
* fix disabled password updates if in pam mode
* fix check password if password is present, fix templates
* block registration if account is maintained by pam
* Revert "block registration if account is maintained by pam"
This reverts commit 8e7a083d650240b6fac414926744b4b90b435f20.
* fix identation error introduced by rebase
* block usernames maintained by pam
* document pam settings better
* fix code style
2018-02-02 10:18:55 +01:00
Jenkins
0e10667fbe
Merge remote-tracking branch 'tootsuite/master' into glitchsoc/master
2018-01-24 19:17:11 +00:00
Eugen Rochko
1cc44cba81
Fix #6331 ( #6341 )
...
UserTrackingConcern is circumvented by SessionsController#create
because it calls warden, which calls the User#update_tracked_fields!
method directly. Move returning user logic to that method.
2018-01-23 20:52:30 +01:00
Akihiko Odaki
613e7c7521
Rename ResolveRemoteAccountService to ResolveAccountService ( #6327 )
...
The service used to be named ResolveRemoteAccountService resolves local
accounts as well.
2018-01-22 14:25:09 +01:00
David Yip
1253279feb
Merge remote-tracking branch 'origin/master' into merge-upstream
...
Conflicts:
app/controllers/settings/two_factor_authentication/confirmations_controller.rb
2018-01-21 13:36:10 -06:00
Aboobacker MK
112b1fa265
Redirect to 2FA creation page when otp_secret is not available ( #6314 )
2018-01-21 13:21:28 +01:00
David Yip
2ca965c704
Merge remote-tracking branch 'origin/master' into merge-upstream
...
Conflicts:
app/javascript/styles/mastodon/components.scss
app/javascript/styles/mastodon/modal.scss
2018-01-19 15:22:10 -06:00
Eugen Rochko
9b3b40df66
Fix regeneration marker not expiring ( #6290 )
...
* Fix regeneration key not getting expired
* Add rake task to remove old regeneration markers
2018-01-18 20:29:56 +01:00
David Yip
201e82686f
Merge remote-tracking branch 'origin/master' into merge-upstream
...
Conflicts:
app/javascript/styles/mastodon/components.scss
2018-01-17 18:37:09 -06:00
Eugen Rochko
7badad7797
Fix home regeneration ( #6251 )
...
* Fix regeneration marker not being removed after completion
* Return HTTP 206 from /api/v1/timelines/home if regeneration in progress
Prioritize RegenerationWorker by putting it into default queue
* Display loading indicator and poll home timeline while it regenerates
* Add graphic to regeneration message
* Make "not found" indicator consistent with home regeneration
2018-01-17 23:56:03 +01:00
Jenkins
aa2bf07281
Merge remote-tracking branch 'tootsuite/master' into glitchsoc/master
2018-01-17 16:17:10 +00:00
りんすき
fbe7756da6
implement web share target ( #6278 )
...
* web share target
* fix
* fix
2018-01-17 17:08:10 +01:00
Jenkins
0c7dc6c781
Merge remote-tracking branch 'tootsuite/master' into glitchsoc/master
2018-01-15 06:17:15 +00:00
Patrick Figel
537d2939b1
Suppress CSRF token warnings ( #6240 )
...
CSRF token checking was enabled for API controllers in #6223 ,
producing "Can't verify CSRF token authenticity" log spam. This
disables logging of failed CSRF checks.
This also changes the protection strategy for
PushSubscriptionsController to use exceptions, making it consistent
with other controllers that use sessions.
2018-01-15 06:51:23 +01:00
David Yip
395e64e858
Thank you, Officer Murphy
2018-01-10 12:10:43 -06:00
David Yip
514db316f7
The flavour parameter is unused, so omit it ( #317 )
2018-01-10 12:09:42 -06:00
David Yip
6fcb870d96
Allow for user object to be empty. Fixes #317 .
...
If a flavour has only one skin, the skin selector will be omitted. This
omits the user[setting_skin] field, and because that's the only
user[...] field on the page, the entire user object will not be present
in the request handler's params object.
This commit accounts for that scenario by avoiding params.require(:user)
and instead picking out what we need from the params hash.
2018-01-10 12:09:42 -06:00
Jenkins
7c719c567c
Merge remote-tracking branch 'tootsuite/master' into glitchsoc/master
2018-01-09 05:17:13 +00:00
nightpool
c235711ffe
Refactor /api/web APIs to use the centralized axios instance ( #6223 )
...
Also adds the ability to decouple the centralized axios logic from the
state dispatcher
2018-01-08 20:01:33 +01:00
Jenkins
f839ac694c
Merge remote-tracking branch 'tootsuite/master' into glitchsoc/master
2018-01-08 10:17:15 +00:00
Eugen Rochko
dbda87c31f
Revert #5772 ( #6221 )
2018-01-08 10:57:52 +01:00
David Yip
f7c4d4464b
Merge remote-tracking branch 'personal/merge/tootsuite/master' into gs-master
2018-01-07 13:30:52 -06:00
David Yip
70c99a9f34
Use error pack when rendering error pages. Fixes #305 .
2018-01-07 13:30:17 -06:00
Jenkins
c2e1bfd9ae
Merge remote-tracking branch 'tootsuite/master' into glitchsoc/master
2018-01-07 15:17:13 +00:00
Yamagishi Kazutoshi
1d92b90be9
Fix force_ssl conditional ( #6201 )
2018-01-07 15:19:23 +01:00
Yamagishi Kazutoshi
da809f9eec
Fix unintended cache ( #6214 )
2018-01-07 15:12:59 +01:00
David Yip
5083311d64
Merge remote-tracking branch 'ykzts/fix-unintended-cache' into gs-master
2018-01-07 00:32:24 -06:00
Yamagishi Kazutoshi
2af307bce4
Fix unintended cache
2018-01-07 14:59:12 +09:00
Jenkins
f6adb409fd
Merge remote-tracking branch 'tootsuite/master' into glitchsoc/master
2018-01-05 22:17:12 +00:00
TheKinrar
95bd85d9e8
Represent numbers by strings in instance activity API ( #6198 )
...
Fixes #6197 .
2018-01-05 22:38:33 +01:00
Jenkins
c69a23ae46
Merge remote-tracking branch 'tootsuite/master' into glitchsoc/master
2018-01-04 23:17:11 +00:00
ThibG
3bee0996c5
Make sure private toots remain private and do not end up in HTTP caches ( #6175 )
2018-01-04 14:39:38 +01:00
Eugen Rochko
c10f4bdb03
Cache JSON of immutable ActivityPub representations ( #6171 )
2018-01-04 01:21:38 +01:00
Jenkins
fc884d015a
Merge remote-tracking branch 'tootsuite/master' into glitchsoc/master
2018-01-03 20:17:13 +00:00
Akihiko Odaki
161c72d66d
Allow to dereference Follow object for ActivityPub ( #5772 )
...
* Allow to dereference Follow object for ActivityPub
* Accept IRI as object representation for Accept activity
2018-01-03 18:08:57 +01:00
Jenkins
933840bebf
Merge remote-tracking branch 'tootsuite/master' into glitchsoc/master
2018-01-03 04:17:11 +00:00
ThibG
99f962ba73
Allow HTTP caching of json view of public statuses ( #6115 )
...
* Allow HTTP caching of json view of public statuses
HTML views are not cached as they can contain private statuses as well
* Disable session cookies for ActivityPub json rendering of public toots
2018-01-03 04:57:57 +01:00
Patrick Figel
04ecf44c2f
Add confirmation step for email changes ( #6071 )
...
* Add confirmation step for email changes
This adds a confirmation step for email changes of existing users.
Like the initial account confirmation, a confirmation link is sent
to the new address.
Additionally, a notification is sent to the existing address when
the change is initiated. This message includes instruction to reset
the password immediately or to contact the instance admin if the
change was not initiated by the account owner.
Fixes #3871
* Add review fixes
2018-01-02 16:55:00 +01:00
David Yip
54148b9a4a
Merge remote-tracking branch 'origin/master' into merge-upstream
...
Conflicts:
app/controllers/authorize_follows_controller.rb
app/javascript/styles/mastodon/components.scss
2018-01-02 00:11:41 -06:00