Merge commit '2016c5d912f400ae98ee03ce269112de2f9ec62d' into glitch-soc/merge-upstream

Conflicts: - `config/initializers/cors.rb`: Upstream refactored this file, and glitch-soc had local changes. I could not find the rationale for the glitch-soc changes, so I used upstream's version.
2023-10-08 16:41:56 +02:00 · 2023-10-08 16:41:56 +02:00 · d7fcd70023
parent cfc0da77ac 2016c5d912
commit d7fcd70023
16 changed files with 115 additions and 122 deletions
--- a/.haml-lint_todo.yml
+++ b/.haml-lint_todo.yml
@ -1,13 +1,13 @@
 # This configuration was generated by
 # `haml-lint --auto-gen-config`
-# on 2023-08-28 13:08:37 -0400 using Haml-Lint version 0.50.0.
+# on 2023-09-28 10:26:23 -0400 using Haml-Lint version 0.50.0.
 # The point is for the user to remove these configuration records
 # one by one as the lints are removed from the code base.
 # Note that changes in the inspected code, or installation of new
 # versions of Haml-Lint, may require this file to be generated again.
 linters:
-  # Offense count: 945
+  # Offense count: 944
  LineLength:
    enabled: false
@ -15,7 +15,7 @@ linters:
  UnnecessaryStringOutput:
    enabled: false
-  # Offense count: 57
+  # Offense count: 59
  RuboCop:
    enabled: false
@ -26,12 +26,10 @@ linters:
      - 'app/views/admin/reports/show.html.haml'
      - 'app/views/disputes/strikes/show.html.haml'
-  # Offense count: 28
+  # Offense count: 18
  InstanceVariables:
    exclude:
      - 'app/views/admin/reports/_actions.html.haml'
      - 'app/views/admin/roles/_form.html.haml'
      - 'app/views/admin/webhooks/_form.html.haml'
      - 'app/views/auth/registrations/_status.html.haml'
      - 'app/views/auth/sessions/two_factor/_otp_authentication_form.html.haml'
      - 'app/views/relationships/_account.html.haml'
--- a/.rubocop.yml
+++ b/.rubocop.yml
@ -75,12 +75,6 @@ Metrics/AbcSize:
    - 'lib/mastodon/cli/*.rb'
    - db/*migrate/**/*
 # Reason:
 # https://docs.rubocop.org/rubocop/cops_metrics.html#metricsblocknesting
 Metrics/BlockNesting:
  Exclude:
    - 'lib/mastodon/cli/*.rb'
 # Reason: Currently disabled in .rubocop_todo.yml
 # https://docs.rubocop.org/rubocop/cops_metrics.html#metricscyclomaticcomplexity
 Metrics/CyclomaticComplexity:
--- a/.rubocop_todo.yml
+++ b/.rubocop_todo.yml
@ -13,14 +13,6 @@ Bundler/OrderedGems:
  Exclude:
    - 'Gemfile'
 # This cop supports safe autocorrection (--autocorrect).
 # Configuration parameters: EnforcedStyle, IndentationWidth.
 # SupportedStyles: with_first_argument, with_fixed_indentation
 Layout/ArgumentAlignment:
  Exclude:
    - 'config/initializers/cors.rb'
    - 'config/initializers/session_store.rb'
 # This cop supports safe autocorrection (--autocorrect).
 # Configuration parameters: AllowMultipleStyles, EnforcedHashRocketStyle, EnforcedColonStyle, EnforcedLastArgumentHashStyle.
 # SupportedHashRocketStyles: key, separator, table
@ -844,6 +836,5 @@ Style/TrailingCommaInHashLiteral:
 Style/WordArray:
  Exclude:
    - 'app/helpers/languages_helper.rb'
    - 'config/initializers/cors.rb'
    - 'spec/controllers/settings/imports_controller_spec.rb'
    - 'spec/models/form/import_spec.rb'
--- a/Gemfile.lock
+++ b/Gemfile.lock
@ -640,7 +640,7 @@ GEM
      sidekiq (>= 5, < 8)
    rspec-support (3.12.1)
    rspec_chunked (0.6)
-    rubocop (1.56.3)
+    rubocop (1.56.4)
      base64 (~> 0.1.1)
      json (~> 2.3)
      language_server-protocol (>= 3.17.0)
--- a/app/helpers/routing_helper.rb
+++ b/app/helpers/routing_helper.rb
@ -3,11 +3,12 @@
 module RoutingHelper
  extend ActiveSupport::Concern
  include Rails.application.routes.url_helpers
  include ActionView::Helpers::AssetTagHelper
  include Webpacker::Helper
  included do
    include Rails.application.routes.url_helpers
    def default_url_options
      ActionMailer::Base.default_url_options
    end
--- a/app/models/form/import.rb
+++ b/app/models/form/import.rb
@ -43,14 +43,14 @@ class Form::Import
  validate :validate_data
  def guessed_type
-    return :muting if csv_data.headers.include?('Hide notifications')
+    return :muting if csv_headers_match?('Hide notifications')
-    return :following if csv_data.headers.include?('Show boosts') || csv_data.headers.include?('Notify on new posts') || csv_data.headers.include?('Languages')
+    return :following if csv_headers_match?('Show boosts') || csv_headers_match?('Notify on new posts') || csv_headers_match?('Languages')
-    return :following if data.original_filename&.start_with?('follows') || data.original_filename&.start_with?('following_accounts')
+    return :following if file_name_matches?('follows') || file_name_matches?('following_accounts')
-    return :blocking if data.original_filename&.start_with?('blocks') || data.original_filename&.start_with?('blocked_accounts')
+    return :blocking if file_name_matches?('blocks') || file_name_matches?('blocked_accounts')
-    return :muting if data.original_filename&.start_with?('mutes') || data.original_filename&.start_with?('muted_accounts')
+    return :muting if file_name_matches?('mutes') || file_name_matches?('muted_accounts')
-    return :domain_blocking if data.original_filename&.start_with?('domain_blocks') || data.original_filename&.start_with?('blocked_domains')
+    return :domain_blocking if file_name_matches?('domain_blocks') || file_name_matches?('blocked_domains')
-    return :bookmarks if data.original_filename&.start_with?('bookmarks')
+    return :bookmarks if file_name_matches?('bookmarks')
-    return :lists if data.original_filename&.start_with?('lists')
+    return :lists if file_name_matches?('lists')
  end
  # Whether the uploaded CSV file seems to correspond to a different import type than the one selected
@ -79,6 +79,14 @@ class Form::Import
  private
  def file_name_matches?(string)
    data.original_filename&.start_with?(string)
  end
  def csv_headers_match?(string)
    csv_data.headers.include?(string)
  end
  def default_csv_headers
    case type.to_sym
    when :following, :blocking, :muting
--- a/app/models/report_filter.rb
+++ b/app/models/report_filter.rb
@ -19,7 +19,7 @@ class ReportFilter
    scope = Report.unresolved
    params.each do |key, value|
-      scope = scope.merge scope_for(key, value), rewhere: true
+      scope = scope.merge scope_for(key, value)
    end
    scope
--- a/app/views/admin/roles/_form.html.haml
+++ b/app/views/admin/roles/_form.html.haml
@ -1,40 +1,36 @@
-= simple_form_for @role, url: @role.new_record? ? admin_roles_path : admin_role_path(@role) do |f|
+= render 'shared/error_messages', object: form.object
  = render 'shared/error_messages', object: @role
-  - if @role.everyone?
+- if form.object.everyone?
-    .flash-message.info
+  .flash-message.info
-      = t('admin.roles.everyone_full_description_html')
+    = t('admin.roles.everyone_full_description_html')
-  - else
+- else
  .fields-group
    = form.input :name, wrapper: :with_label
  - unless current_user.role == form.object
    .fields-group
-      = f.input :name, wrapper: :with_label
+      = form.input :position, wrapper: :with_label, input_html: { max: current_user.role.position - 1 }
-    - unless current_user.role.id == @role.id
+  .fields-group
-      .fields-group
+    = form.input :color, wrapper: :with_label, input_html: { placeholder: '#000000', type: 'color' }
        = f.input :position, wrapper: :with_label, input_html: { max: current_user.role.position - 1 }
-    .fields-group
+  %hr.spacer/
      = f.input :color, wrapper: :with_label, input_html: { placeholder: '#000000', type: 'color' }
-    %hr.spacer/
+  .fields-group
    = form.input :highlighted, wrapper: :with_label
-    .fields-group
+  %hr.spacer/
      = f.input :highlighted, wrapper: :with_label
-    %hr.spacer/
+- unless current_user.role == form.object
-  - unless current_user.role.id == @role.id
+  .field-group
    .input.with_block_label
      %label= t('simple_form.labels.user_role.permissions_as_keys')
      %span.hint= t('simple_form.hints.user_role.permissions_as_keys')
-    .field-group
+    - (form.object.everyone? ? UserRole::Flags::CATEGORIES.slice(:invites) : UserRole::Flags::CATEGORIES).each do |category, permissions|
-      .input.with_block_label
+      %h4= t(category, scope: 'admin.roles.categories')
        %label= t('simple_form.labels.user_role.permissions_as_keys')
        %span.hint= t('simple_form.hints.user_role.permissions_as_keys')
-      - (@role.everyone? ? UserRole::Flags::CATEGORIES.slice(:invites) : UserRole::Flags::CATEGORIES).each do |category, permissions|
+      = form.input :permissions_as_keys, collection: permissions, wrapper: :with_block_label, include_blank: false, label_method: ->(privilege) { safe_join([t("admin.roles.privileges.#{privilege}"), content_tag(:span, t("admin.roles.privileges.#{privilege}_description"), class: 'hint')]) }, required: false, as: :check_boxes, collection_wrapper_tag: 'ul', item_wrapper_tag: 'li', label: false, hint: false, disabled: permissions.filter { |privilege| UserRole::FLAGS[privilege] & current_user.role.computed_permissions == 0 }
        %h4= t(category, scope: 'admin.roles.categories')
-        = f.input :permissions_as_keys, collection: permissions, wrapper: :with_block_label, include_blank: false, label_method: ->(privilege) { safe_join([t("admin.roles.privileges.#{privilege}"), content_tag(:span, t("admin.roles.privileges.#{privilege}_description"), class: 'hint')]) }, required: false, as: :check_boxes, collection_wrapper_tag: 'ul', item_wrapper_tag: 'li', label: false, hint: false, disabled: permissions.filter { |privilege| UserRole::FLAGS[privilege] & current_user.role.computed_permissions == 0 }
+  %hr.spacer/
    %hr.spacer/
  .actions
    = f.button :button, @role.new_record? ? t('admin.roles.add_new') : t('generic.save_changes'), type: :submit
--- a/app/views/admin/roles/edit.html.haml
+++ b/app/views/admin/roles/edit.html.haml
@ -4,4 +4,7 @@
 - content_for :heading_actions do
  = link_to t('admin.roles.delete'), admin_role_path(@role), method: :delete, data: { confirm: t('admin.accounts.are_you_sure') }, class: 'button button--destructive' if can?(:destroy, @role)
-= render partial: 'form'
+= simple_form_for @role, url: admin_role_path(@role) do |form|
  = render partial: 'form', object: form
  .actions
    = form.button :button, t('generic.save_changes'), type: :submit
--- a/app/views/admin/roles/new.html.haml
+++ b/app/views/admin/roles/new.html.haml
@ -1,4 +1,7 @@
 - content_for :page_title do
  = t('admin.roles.add_new')
-= render partial: 'form'
+= simple_form_for @role, url: admin_roles_path do |form|
  = render partial: 'form', object: form
  .actions
    = form.button :button, t('admin.roles.add_new'), type: :submit
--- a/app/views/admin/webhooks/_form.html.haml
+++ b/app/views/admin/webhooks/_form.html.haml
@ -1,14 +1,10 @@
-= simple_form_for @webhook, url: @webhook.new_record? ? admin_webhooks_path : admin_webhook_path(@webhook) do |f|
+= render 'shared/error_messages', object: form.object
  = render 'shared/error_messages', object: @webhook
-  .fields-group
+.fields-group
-    = f.input :url, wrapper: :with_block_label, input_html: { placeholder: 'https://' }
+  = form.input :url, wrapper: :with_block_label, input_html: { placeholder: 'https://' }
-  .fields-group
+.fields-group
-    = f.input :events, collection: Webhook::EVENTS, wrapper: :with_block_label, include_blank: false, as: :check_boxes, collection_wrapper_tag: 'ul', item_wrapper_tag: 'li', disabled: Webhook::EVENTS.filter { |event| !current_user.role.can?(Webhook.permission_for_event(event)) }
+  = form.input :events, collection: Webhook::EVENTS, wrapper: :with_block_label, include_blank: false, as: :check_boxes, collection_wrapper_tag: 'ul', item_wrapper_tag: 'li', disabled: Webhook::EVENTS.filter { |event| !current_user.role.can?(Webhook.permission_for_event(event)) }
-  .fields-group
+.fields-group
-    = f.input :template, wrapper: :with_block_label, input_html: { placeholder: '{ "content": "Hello {{object.username}}" }' }
+  = form.input :template, wrapper: :with_block_label, input_html: { placeholder: '{ "content": "Hello {{object.username}}" }' }
  .actions
    = f.button :button, @webhook.new_record? ? t('admin.webhooks.add_new') : t('generic.save_changes'), type: :submit
--- a/app/views/admin/webhooks/edit.html.haml
+++ b/app/views/admin/webhooks/edit.html.haml
@ -1,4 +1,7 @@
 - content_for :page_title do
  = t('admin.webhooks.edit')
-= render partial: 'form'
+= simple_form_for @webhook, url: admin_webhook_path(@webhook) do |form|
  = render partial: 'form', object: form
  .actions
    = form.button :button, t('generic.save_changes'), type: :submit
--- a/app/views/admin/webhooks/new.html.haml
+++ b/app/views/admin/webhooks/new.html.haml
@ -1,4 +1,7 @@
 - content_for :page_title do
  = t('admin.webhooks.new')
-= render partial: 'form'
+= simple_form_for @webhook, url: admin_webhooks_path do |form|
  = render partial: 'form', object: form
  .actions
    = form.button :button, t('admin.webhooks.add_new'), type: :submit
--- a/config/initializers/cors.rb
+++ b/config/initializers/cors.rb
@ -11,30 +11,16 @@ Rails.application.config.middleware.insert_before 0, Rack::Cors do
  allow do
    origins '*'
-    resource '/.well-known/*',
+    with_options headers: :any, credentials: false do
-      headers: :any,
+      with_options methods: [:get] do
-      methods: [:get],
+        resource '/.well-known/*'
-      credentials: false
+        resource '/@:username'
-    resource '/@:username',
+        resource '/users/:username'
-      headers: :any,
+      end
-      methods: [:get],
+      resource '/api/*',
-      credentials: false
+               expose: %w(Link X-RateLimit-Reset X-RateLimit-Limit X-RateLimit-Remaining X-Request-Id),
-    resource '/users/:username',
+               methods: %i(post put delete get patch options)
-      headers: :any,
+      resource '/oauth/token', methods: [:post]
-      methods: [:get],
+    end
      credentials: false
    resource '/api/*',
      headers: :any,
      methods: [:post, :put, :delete, :get, :patch, :options],
      credentials: false,
      expose: ['Link', 'X-RateLimit-Reset', 'X-RateLimit-Limit', 'X-RateLimit-Remaining', 'X-Request-Id']
    resource '/oauth/token',
      headers: :any,
      methods: [:post],
      credentials: false
    resource '/assets/*', headers: :any, methods: [:get, :head, :options]
    resource '/stylesheets/*', headers: :any, methods: [:get, :head, :options]
    resource '/javascripts/*', headers: :any, methods: [:get, :head, :options]
    resource '/packs/*', headers: :any, methods: [:get, :head, :options]
  end
 end
--- a/config/initializers/session_store.rb
+++ b/config/initializers/session_store.rb
@ -2,7 +2,10 @@
 # Be sure to restart your server when you modify this file.
-Rails.application.config.session_store :cookie_store,
+Rails
-  key: '_mastodon_session',
+  .application
-  secure: false, # All cookies have their secure flag set by the force_ssl option in production
+  .config
-  same_site: :lax
+  .session_store :cookie_store,
                 key: '_mastodon_session',
                 secure: false, # All cookies have their secure flag set by the force_ssl option in production
                 same_site: :lax
--- a/lib/mastodon/cli/upgrade.rb
+++ b/lib/mastodon/cli/upgrade.rb
@ -125,27 +125,12 @@ module Mastodon::CLI
        progress.log("Moving #{previous_path} to #{upgraded_path}") if options[:verbose]
        begin
-          unless dry_run?
+          move_previous_to_upgraded
            FileUtils.mkdir_p(File.dirname(upgraded_path))
            FileUtils.mv(previous_path, upgraded_path)
            begin
              FileUtils.rmdir(File.dirname(previous_path), parents: true)
            rescue Errno::ENOTEMPTY
              # OK
            end
          end
        rescue => e
          progress.log(pastel.red("Error processing #{previous_path}: #{e}"))
          success = false
-          unless dry_run?
+          remove_directory
            begin
              FileUtils.rmdir(File.dirname(upgraded_path), parents: true)
            rescue Errno::ENOTEMPTY
              # OK
            end
          end
        end
      end
@ -155,5 +140,28 @@ module Mastodon::CLI
      attachment.instance_write(:storage_schema_version, previous_storage_schema_version)
      success
    end
    def move_previous_to_upgraded(previous_path, upgraded_path)
      return if dry_run?
      FileUtils.mkdir_p(File.dirname(upgraded_path))
      FileUtils.mv(previous_path, upgraded_path)
      begin
        FileUtils.rmdir(File.dirname(previous_path), parents: true)
      rescue Errno::ENOTEMPTY
        # OK
      end
    end
    def remove_directory(path)
      return if dry_run?
      begin
        FileUtils.rmdir(File.dirname(path), parents: true)
      rescue Errno::ENOTEMPTY
        # OK
      end
    end
  end
 end