From 02b8d63fcef2d30e2514111ec89308a9435dd2ed Mon Sep 17 00:00:00 2001
From: Eugen Rochko <eugen@zeonfederated.com>
Date: Wed, 2 Mar 2022 18:57:08 +0100
Subject: [PATCH 1/4] Fix report category not being saved in REST API (#17682)
---
app/controllers/api/v1/reports_controller.rb | 12 +----
app/services/report_service.rb | 14 +++--
.../api/v1/reports_controller_spec.rb | 54 ++++++++++++++++---
spec/fabricators/rule_fabricator.rb | 8 +--
4 files changed, 62 insertions(+), 26 deletions(-)
diff --git a/app/controllers/api/v1/reports_controller.rb b/app/controllers/api/v1/reports_controller.rb
index 052d70cc8d..8ff6c8fe5c 100644
--- a/app/controllers/api/v1/reports_controller.rb
+++ b/app/controllers/api/v1/reports_controller.rb
@@ -10,9 +10,7 @@ class Api::V1::ReportsController < Api::BaseController
@report = ReportService.new.call(
current_account,
reported_account,
- status_ids: reported_status_ids,
- comment: report_params[:comment],
- forward: report_params[:forward]
+ report_params
)
render json: @report, serializer: REST::ReportSerializer
@@ -20,14 +18,6 @@ class Api::V1::ReportsController < Api::BaseController
private
- def reported_status_ids
- reported_account.statuses.with_discarded.find(status_ids).pluck(:id)
- end
-
- def status_ids
- Array(report_params[:status_ids])
- end
-
def reported_account
Account.find(report_params[:account_id])
end
diff --git a/app/services/report_service.rb b/app/services/report_service.rb
index caf99ab6e0..9d784c341a 100644
--- a/app/services/report_service.rb
+++ b/app/services/report_service.rb
@@ -6,10 +6,10 @@ class ReportService < BaseService
def call(source_account, target_account, options = {})
@source_account = source_account
@target_account = target_account
- @status_ids = options.delete(:status_ids) || []
- @comment = options.delete(:comment) || ''
- @category = options.delete(:category) || 'other'
- @rule_ids = options.delete(:rule_ids)
+ @status_ids = options.delete(:status_ids).presence || []
+ @comment = options.delete(:comment).presence || ''
+ @category = options.delete(:category).presence || 'other'
+ @rule_ids = options.delete(:rule_ids).presence
@options = options
raise ActiveRecord::RecordNotFound if @target_account.suspended?
@@ -26,7 +26,7 @@ class ReportService < BaseService
def create_report!
@report = @source_account.reports.create!(
target_account: @target_account,
- status_ids: @status_ids,
+ status_ids: reported_status_ids,
comment: @comment,
uri: @options[:uri],
forwarded: forward?,
@@ -56,6 +56,10 @@ class ReportService < BaseService
!@target_account.local? && ActiveModel::Type::Boolean.new.cast(@options[:forward])
end
+ def reported_status_ids
+ @target_account.statuses.with_discarded.find(Array(@status_ids)).pluck(:id)
+ end
+
def payload
Oj.dump(serialize_payload(@report, ActivityPub::FlagSerializer, account: some_local_account))
end
diff --git a/spec/controllers/api/v1/reports_controller_spec.rb b/spec/controllers/api/v1/reports_controller_spec.rb
index a13de13706..b5baf60e11 100644
--- a/spec/controllers/api/v1/reports_controller_spec.rb
+++ b/spec/controllers/api/v1/reports_controller_spec.rb
@@ -13,22 +13,64 @@ RSpec.describe Api::V1::ReportsController, type: :controller do
end
describe 'POST #create' do
- let(:scopes) { 'write:reports' }
- let!(:status) { Fabricate(:status) }
- let!(:admin) { Fabricate(:user, admin: true) }
+ let!(:admin) { Fabricate(:user, admin: true) }
+
+ let(:scopes) { 'write:reports' }
+ let(:status) { Fabricate(:status) }
+ let(:target_account) { status.account }
+ let(:category) { nil }
+ let(:forward) { nil }
+ let(:rule_ids){ nil }
before do
allow(AdminMailer).to receive(:new_report).and_return(double('email', deliver_later: nil))
- post :create, params: { status_ids: [status.id], account_id: status.account.id, comment: 'reasons' }
+ post :create, params: { status_ids: [status.id], account_id: target_account.id, comment: 'reasons', category: category, rule_ids: rule_ids, forward: forward }
+ end
+
+ it 'returns http success' do
+ expect(response).to have_http_status(200)
end
it 'creates a report' do
- expect(status.reload.account.targeted_reports).not_to be_empty
- expect(response).to have_http_status(200)
+ expect(target_account.targeted_reports).to_not be_empty
+ end
+
+ it 'saves comment' do
+ expect(target_account.targeted_reports.first.comment).to eq 'reasons'
end
it 'sends e-mails to admins' do
expect(AdminMailer).to have_received(:new_report).with(admin.account, Report)
end
+
+ context 'when a status does not belong to the reported account' do
+ let(:target_account) { Fabricate(:account) }
+
+ it 'returns http not found' do
+ expect(response).to have_http_status(404)
+ end
+ end
+
+ context 'when a category is chosen' do
+ let(:category) { 'spam' }
+
+ it 'saves category' do
+ expect(target_account.targeted_reports.first.spam?).to be true
+ end
+ end
+
+ context 'when violated rules are chosen' do
+ let(:rule) { Fabricate(:rule) }
+ let(:category) { 'violation' }
+ let(:rule_ids) { [rule.id] }
+
+ it 'saves category' do
+ expect(target_account.targeted_reports.first.violation?).to be true
+ end
+
+ it 'saves rule_ids' do
+ expect(target_account.targeted_reports.first.rule_ids).to match_array([rule.id])
+ end
+ end
end
end
diff --git a/spec/fabricators/rule_fabricator.rb b/spec/fabricators/rule_fabricator.rb
index 4bdfd05e0e..bc29bc48e1 100644
--- a/spec/fabricators/rule_fabricator.rb
+++ b/spec/fabricators/rule_fabricator.rb
@@ -1,5 +1,5 @@
Fabricator(:rule) do
- priority ""
- deleted_at "2021-02-21 05:51:09"
- text "MyText"
-end
\ No newline at end of file
+ priority 0
+ deleted_at nil
+ text { Faker::Lorem.paragraph }
+end
From e24b14cc74034585b29ca92bbb9623df32328bf3 Mon Sep 17 00:00:00 2001
From: Eugen Rochko <eugen@zeonfederated.com>
Date: Wed, 2 Mar 2022 18:57:26 +0100
Subject: [PATCH 2/4] Fix leak of existence of otherwise inaccessible statuses
in REST API (#17684)
---
app/controllers/api/v1/statuses_controller.rb | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/app/controllers/api/v1/statuses_controller.rb b/app/controllers/api/v1/statuses_controller.rb
index 2d82a7a99b..f48aeb945a 100644
--- a/app/controllers/api/v1/statuses_controller.rb
+++ b/app/controllers/api/v1/statuses_controller.rb
@@ -92,8 +92,9 @@ class Api::V1::StatusesController < Api::BaseController
end
def set_thread
- @thread = status_params[:in_reply_to_id].blank? ? nil : Status.find(status_params[:in_reply_to_id])
- rescue ActiveRecord::RecordNotFound
+ @thread = Status.find(status_params[:in_reply_to_id]) if status_params[:in_reply_to_id].present?
+ authorize(@thread, :show?) if @thread.present?
+ rescue ActiveRecord::RecordNotFound, Mastodon::NotPermittedError
render json: { error: I18n.t('statuses.errors.in_reply_not_found') }, status: 404
end
From 9b58fb1ea4036daca945cb524e674446adb9ac42 Mon Sep 17 00:00:00 2001
From: Eugen Rochko <eugen@zeonfederated.com>
Date: Wed, 2 Mar 2022 18:57:44 +0100
Subject: [PATCH 3/4] Add descriptions to trending features in admin UI
(#17677)
---
app/views/admin/trends/links/index.html.haml | 4 ++++
.../trends/links/preview_card_providers/index.html.haml | 5 ++++-
app/views/admin/trends/statuses/_status.html.haml | 3 +++
app/views/admin/trends/statuses/index.html.haml | 4 ++++
app/views/admin/trends/tags/index.html.haml | 4 ++++
config/locales/en.yml | 5 +++++
6 files changed, 24 insertions(+), 1 deletion(-)
diff --git a/app/views/admin/trends/links/index.html.haml b/app/views/admin/trends/links/index.html.haml
index 79f3513d31..49a53d979b 100644
--- a/app/views/admin/trends/links/index.html.haml
+++ b/app/views/admin/trends/links/index.html.haml
@@ -4,6 +4,10 @@
- content_for :header_tags do
= javascript_pack_tag 'admin', async: true, crossorigin: 'anonymous'
+%p= t('admin.trends.links.description_html')
+
+%hr.spacer/
+
= form_tag admin_trends_links_path, method: 'GET', class: 'simple_form' do
- Trends::PreviewCardFilter::KEYS.each do |key|
= hidden_field_tag key, params[key] if params[key].present?
diff --git a/app/views/admin/trends/links/preview_card_providers/index.html.haml b/app/views/admin/trends/links/preview_card_providers/index.html.haml
index b793499477..c3648c35e9 100644
--- a/app/views/admin/trends/links/preview_card_providers/index.html.haml
+++ b/app/views/admin/trends/links/preview_card_providers/index.html.haml
@@ -4,6 +4,10 @@
- content_for :header_tags do
= javascript_pack_tag 'admin', async: true, crossorigin: 'anonymous'
+%p= t('admin.trends.preview_card_providers.description_html')
+
+%hr.spacer/
+
.filters
.filter-subset
%strong= t('admin.tags.review')
@@ -17,7 +21,6 @@
= fa_icon 'chevron-left fw'
= t('admin.trends.links.title')
-
%hr.spacer/
= form_for(@form, url: batch_admin_trends_links_preview_card_providers_path) do |f|
diff --git a/app/views/admin/trends/statuses/_status.html.haml b/app/views/admin/trends/statuses/_status.html.haml
index c99ee5d60e..edb27b9ff5 100644
--- a/app/views/admin/trends/statuses/_status.html.haml
+++ b/app/views/admin/trends/statuses/_status.html.haml
@@ -22,6 +22,9 @@
- if status.language.present?
•
= standard_locale_name(status.language)
+ - if status.trendable? && !status.account.discoverable?
+ •
+ = t('admin.trends.statuses.not_discoverable')
- if status.trendable? && (rank = Trends.statuses.rank(status.id))
•
%abbr{ title: t('admin.trends.tags.current_score', score: Trends.statuses.score(status.id)) }= t('admin.trends.tags.trending_rank', rank: rank + 1)
diff --git a/app/views/admin/trends/statuses/index.html.haml b/app/views/admin/trends/statuses/index.html.haml
index 3476882628..b0059b20d7 100644
--- a/app/views/admin/trends/statuses/index.html.haml
+++ b/app/views/admin/trends/statuses/index.html.haml
@@ -4,6 +4,10 @@
- content_for :header_tags do
= javascript_pack_tag 'admin', async: true, crossorigin: 'anonymous'
+%p= t('admin.trends.statuses.description_html')
+
+%hr.spacer/
+
= form_tag admin_trends_statuses_path, method: 'GET', class: 'simple_form' do
- Trends::StatusFilter::KEYS.each do |key|
= hidden_field_tag key, params[key] if params[key].present?
diff --git a/app/views/admin/trends/tags/index.html.haml b/app/views/admin/trends/tags/index.html.haml
index 8a2f785bc2..bde32a2952 100644
--- a/app/views/admin/trends/tags/index.html.haml
+++ b/app/views/admin/trends/tags/index.html.haml
@@ -4,6 +4,10 @@
- content_for :header_tags do
= javascript_pack_tag 'admin', async: true, crossorigin: 'anonymous'
+%p= t('admin.trends.tags.description_html')
+
+%hr.spacer/
+
.filters
.filter-subset
%strong= t('admin.tags.review')
diff --git a/config/locales/en.yml b/config/locales/en.yml
index 5ce43be1ab..6a55941858 100644
--- a/config/locales/en.yml
+++ b/config/locales/en.yml
@@ -777,6 +777,7 @@ en:
links:
allow: Allow link
allow_provider: Allow publisher
+ description_html: These are links that are currently being shared a lot by accounts that your server sees posts from. It can help your users find out what's going on in the world. No links are displayed publicly until you approve the publisher. You can also allow or reject individual links.
disallow: Disallow link
disallow_provider: Disallow publisher
shared_by_over_week:
@@ -788,14 +789,17 @@ en:
pending_review: Pending review
preview_card_providers:
allowed: Links from this publisher can trend
+ description_html: These are domains from which links are often shared on your server. Links will not trend publicly unless the domain of the link is approved. Your approval (or rejection) extends to subdomains.
rejected: Links from this publisher won't trend
title: Publishers
rejected: Rejected
statuses:
allow: Allow post
allow_account: Allow author
+ description_html: These are posts that your server knows about that are currently being shared and favourited a lot at the moment. It can help your new and returning users to find more people to follow. No posts are displayed publicly until you approve the author, and the author allows their account to be suggested to others. You can also allow or reject individual posts.
disallow: Disallow post
disallow_account: Disallow author
+ not_discoverable: Author has not opted-in to being discoverable
shared_by:
one: Shared or favourited one time
other: Shared and favourited %{friendly_count} times
@@ -808,6 +812,7 @@ en:
tag_servers_dimension: Top servers
tag_servers_measure: different servers
tag_uses_measure: total uses
+ description_html: These are hashtags that are currently appearing in a lot of posts that your server sees. It can help your users find out what people are talking the most about at the moment. No hashtags are displayed publicly until you approve them.
listable: Can be suggested
not_listable: Won't be suggested
not_trendable: Won't appear under trends
From c0c4b5718d8827fc59d5564c227e848547a2cb69 Mon Sep 17 00:00:00 2001
From: Claire <claire.github-309c@sitedethib.com>
Date: Wed, 2 Mar 2022 20:28:25 +0100
Subject: [PATCH 4/4] Change visual separation of applications in authorized
apps list (#17686)
---
app/javascript/styles/mastodon/admin.scss | 8 ++++++++
app/javascript/styles/mastodon/forms.scss | 1 +
app/views/oauth/authorized_applications/index.html.haml | 4 ++--
3 files changed, 11 insertions(+), 2 deletions(-)
diff --git a/app/javascript/styles/mastodon/admin.scss b/app/javascript/styles/mastodon/admin.scss
index 52bc2086a5..06ec4d37bc 100644
--- a/app/javascript/styles/mastodon/admin.scss
+++ b/app/javascript/styles/mastodon/admin.scss
@@ -888,6 +888,14 @@ a.name-tag,
text-align: center;
}
+.applications-list__item {
+ padding: 15px 0;
+ background: $ui-base-color;
+ border: 1px solid lighten($ui-base-color, 4%);
+ border-radius: 4px;
+ margin-top: 15px;
+}
+
.announcements-list {
border: 1px solid lighten($ui-base-color, 4%);
border-radius: 4px;
diff --git a/app/javascript/styles/mastodon/forms.scss b/app/javascript/styles/mastodon/forms.scss
index 6e02e2332b..90d56b0759 100644
--- a/app/javascript/styles/mastodon/forms.scss
+++ b/app/javascript/styles/mastodon/forms.scss
@@ -1069,6 +1069,7 @@ code {
&:last-child {
border-bottom: 0;
+ padding-bottom: 0;
}
}
}
diff --git a/app/views/oauth/authorized_applications/index.html.haml b/app/views/oauth/authorized_applications/index.html.haml
index fead56f4ae..0280d8aef8 100644
--- a/app/views/oauth/authorized_applications/index.html.haml
+++ b/app/views/oauth/authorized_applications/index.html.haml
@@ -5,9 +5,9 @@
%hr.spacer/
-.announcements-list
+.applications-list
- @applications.each do |application|
- .announcements-list__item
+ .applications-list__item
- if application.website.present?
= link_to application.name, application.website, target: '_blank', rel: 'noopener noreferrer', class: 'announcements-list__item__title'
- else