Commit Graph

2174 Commits

Author SHA1 Message Date
Claire e61a7794f8 Merge commit 'df9e26158d9787859b24bdc276af478abf05e1af' into glitch-soc/merge-upstream
Conflicts:
- `lib/sanitize_ext/sanitize_config.rb`:
  Conflict because glitch-soc has a different list of allowed tags.
  Added upstream's new allowed tags while keeping ours.
- `spec/requests/api/v1/timelines/public_spec.rb`:
  Conflict because of glitch-soc's default settings.
  Updated accordingly.
2024-07-04 17:12:14 +02:00
Claire 502cf75b16
Merge pull request from GHSA-58x8-3qxw-6hm7
* Fix insufficient permission checking for public timeline endpoints

Note that this changes unauthenticated access failure code from 401 to 422

* Add more tests for public timelines

* Require user token in `/api/v1/statuses/:id/translate` and `/api/v1/scheduled_statuses`
2024-07-04 16:26:49 +02:00
Claire 395f17ca17
Merge pull request from GHSA-vp5r-5pgw-jwqx
* Fix streaming sessions not being closed when revoking access to an app

* Add tests for GHSA-7w3c-p9j8-mq3x
2024-07-04 16:11:28 +02:00
Claire 3b4607991d Merge commit '4743657ba24e83c376e9f477fbf49114e6f09a57' into glitch-soc/merge-upstream 2024-06-22 20:59:23 +02:00
Matt Jankowski 929b9fdaff
Remove exclusion for `Rails/LexicallyScopedActionFilter` cop (#30697) 2024-06-21 15:34:13 +00:00
Claire fd867adffe Merge commit 'bb2d77b4a07e95e7d96df080f2d6994c1422b0c0' into glitch-soc/merge-upstream 2024-06-20 18:36:13 +02:00
Claire bb2d77b4a0
Change `/api/v2_alpha/notifications` to only return historical data in pages (#30781) 2024-06-20 15:54:50 +00:00
Claire 4daed855e5 Merge commit 'd818ddd6870094e89e58ef61f37da4cb73935856' into glitch-soc/merge-upstream 2024-06-11 19:46:11 +02:00
Matt Jankowski 978601a0ae
Extract permitted params constant in v1/admin/tags (#30652) 2024-06-11 15:29:41 +00:00
Matt Jankowski 410370eecd
Extract `PERMITTED_PARAMS` constant from `admin/domain_blocks` controller (#30380) 2024-06-11 09:40:47 +00:00
Claire 30b00ca2b5 Merge commit '5652ca613582df03e5b838626078981414f3b897' into glitch-soc/merge-upstream 2024-06-06 12:27:26 +02:00
Eugen Rochko a2505e8611
Add timeline of public posts about a trending link to REST API (#30381) 2024-06-06 08:43:04 +00:00
Emelia Smith e02d23b549
Change `read:me` scope to `profile` scope (#30357)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2024-06-06 07:30:10 +00:00
Claire 974335e414
Add experimental server-side notification grouping (#29889) 2024-06-03 08:35:59 +00:00
Matt Jankowski 469de923aa
Update `current_user` override mode description in controllers (#30515) 2024-06-03 07:16:29 +00:00
Matt Jankowski 85d9053b36
Move `pagination_params` into `API::BaseController` (#28845) 2024-05-30 14:56:48 +00:00
Claire c827a98f19 Merge commit 'd20a5c3ec9ed40a991245fe32d0acb6187dd48c4' into glitch-soc/merge-upstream
Conflicts:
- `yarn.lock`:
  Not a real conflict, just a line adjacent to a glitch-soc only dependency
  getting updated.
  Updated dependencies as upstream did.
2024-05-29 17:03:24 +02:00
Claire 36fe8f8566
Change `ids` param to `id` in `/api/v1/statuses` and `/api/v1/accounts` for consistency (#30465) 2024-05-29 09:19:17 +00:00
Eugen Rochko 128987eded
Add support for `fediverse:creator` OpenGraph tag (#30398) 2024-05-29 01:34:33 +02:00
Claire d76106da12 Merge commit 'ccb6aeddacbab950d7d7f1b0d2b64212d7aa99eb' into glitch-soc/merge-upstream 2024-05-24 17:08:21 +02:00
Matt Jankowski 9b5055d34d
Fix `Style/SuperArguments` cop (#30406) 2024-05-24 08:36:21 +00:00
Claire d3136e6d58 Merge commit '89f89d738f5840c80ff938f8bf6734cdafe0fa83' into glitch-soc/merge-upstream 2024-05-21 12:06:38 +02:00
Claire 89f89d738f
Revert "Allow unblocking email addresses from any matching account (#29305)" (#30385) 2024-05-21 08:56:08 +00:00
Claire e46321e63d Merge commit 'de4815afda0809bf999519aabda1cd14c67278da' into glitch-soc/merge-upstream 2024-05-20 12:17:36 +02:00
Emelia Smith 2da2a1dae9
Support multiple redirect_uris when creating OAuth 2.0 Applications (#29192) 2024-05-17 13:46:12 +00:00
Claire 2810231180 Merge commit 'b2388be71eb0031ef9e47c492b1c038231cd8bc0' into glitch-soc/merge-upstream
Conflicts:
- `app/controllers/activitypub/collections_controller.rb`:
  Upstream renamed a helper method everywhere.
  There was one glitch-soc line involving changes because of the local-only post
  feature.
  Ported upstream's change.
2024-05-16 19:30:10 +02:00
Matt Jankowski 65e82211cd
Rename `cache_*` methods to `preload_*` in controller concern (#30209) 2024-05-16 08:03:46 +00:00
Emelia Smith f0d6dc4519
Fix: Mark redirect uris field in Development > Application form as required (#30311) 2024-05-16 07:59:46 +00:00
Claire 016d194274 Merge commit '2fe1b8d1695d8faa452a69872fde94ccc4611576' into glitch-soc/merge-upstream
Conflicts:
- `app/helpers/application_helper.rb`:
  Not a real conflict, upstream added helpers right next to glitch-soc only
  helpers.
  Added upstream's helpers.
- `spec/models/status_spec.rb`:
  Not a real conflict, upstream added specs right next to glitch-soc only
  specs.
  Added upstream's tests.
2024-05-06 17:53:51 +02:00
Claire 2fe1b8d169
Add API to get multiple accounts and statuses (#27871)
Co-authored-by: noellabo <noel.yoshiba@gmail.com>
2024-05-06 15:19:15 +00:00
Fawaz Farid 05126d106f
Redirect back after site upload deletion (#30141) 2024-05-06 13:31:39 +00:00
Emelia Smith 116f01ec7d
Implement RFC 8414 for OAuth 2.0 server metadata (#29191) 2024-05-06 13:17:56 +00:00
Claire 8e4fea77e3
Fix race condition in `POST /api/v1/push/subscription` (#30166) 2024-05-06 12:41:14 +00:00
Claire 3789d9f825 Merge commit 'b7902225d698a107df2cf8b4ca221caad38fa464' into glitch-soc/merge-upstream
Conflicts:
- `spec/validators/status_length_validator_spec.rb`:
  Upstream refactored tests to stub `StatusLengthValidator::MAX_CHARS`
  while glitch-soc had custom code to read from `MAX_TOOT_CHARS`.
  Switched to using upstream's implementation of the tests.
2024-05-04 16:28:30 +02:00
Claire f09f5b35f2 Merge commit 'd97d31cce664281d868e4c661451687a301c97c8' into glitch-soc/merge-upstream
Conflicts:
- `app/models/account.rb`:
  Upstream refactored this file a bit, moving validation limits to constants.
  We already had a similar change, although with different constant names.
  Updated to match upstream's code.

The following files were also modified accordingly:
- `app/views/settings/profiles/show.html.haml`
- `spec/requests/api/v1/accounts/credentials_spec.rb`
2024-05-04 16:12:51 +02:00
Claire 253ead3aa7
Fix not being able to block a subdomain of an already-blocked domain through the API (#30119) 2024-05-02 20:56:21 +00:00
Claire b039e62194 Merge commit 'a2399046ca600d492b492b8dae88011de687bece' into glitch-soc/merge-upstream 2024-05-01 19:49:59 +02:00
Claire 6204d13a2e Merge commit 'ec71c02c4b028c3541742f023729aeb295a51559' into glitch-soc/merge-upstream
Conflicts:
- `Gemfile`:
  There was an extra newline in glitch-soc for some reason.
  Removed it.
2024-05-01 19:38:34 +02:00
Claire 360590ecd8 Merge commit 'a3902997440c71f161e392f1ad6c5cdcf6aba95d' into glitch-soc/merge-upstream
Conflicts:
- `app/controllers/accounts_controller.rb`:
  Conflict due to glitch-soc's local-only posting feature.
  Refactored as upstream did but kept local changes.
- `app/lib/account_statuses_filter.rb`:
  Conflict due to glitch-soc's local-only posting feature.
  Refactored as upstream did but kept local changes.
2024-05-01 19:30:41 +02:00
Claire 9ce82a35cb Merge commit '20b1e55f24a87868d661fc7b033bbbbd48b1a918' into glitch-soc/merge-upstream 2024-05-01 18:42:26 +02:00
Claire 15f6d2d038 Merge commit 'd27eb181f6ab419d1745a1fe9b94094be17a618f' into glitch-soc/merge-upstream
Conflicts:
- `spec/requests/api/v2/instance_spec.rb`:
  Conflict due to glitch-soc having a different default site name.
  Updated the tests as upstream did, keeping glitch-soc's default name.
2024-05-01 17:22:02 +02:00
Claire a6147a831f Merge commit '02ea16150647ac3baf0bb8a89203ccc7200b4a2f' into glitch-soc/merge-upstream
Conflicts:
- `app/lib/themes.rb`
- `app/views/layouts/application.html.haml`
- `app/views/layouts/embedded.html.haml`
- `app/views/layouts/error.html.haml`
- `config/settings.yml`

All these conflicts are because glitch-soc and upstream have different theming
systems and upstream changed a few things to have dynamic theme selection based
on system settings.

Conflicts were solved to take that into account, and `current_theme` has been
changed in the process to return a tuple of `[flavour, skin]` to be used in
the `theme_style_tags` helper.
2024-05-01 14:25:47 +02:00
Emelia Smith 81f0002e76
Fix missing destory audit logs for Domain Allows (#30125) 2024-04-30 08:48:02 +00:00
Claire 7208edbd37 Replace `use_pack`, `layouts/theme` and `@theme` by new helpers
Packs are now loaded from views, just like upstream, and are
identified by their filenames. The definition of `theme.yml` has
changed as such:
- `pack_directory` is now required
- `pack` is now unused
- `signed_in_preload` has been introduced
2024-04-28 15:45:42 +02:00
Claire c3e12a4dfa Change how theme style packs are loaded
Load the `common` style pack, and then charge the style pack for the current
skin, independent from any selected JS pack.
2024-04-28 15:45:41 +02:00
Claire 93cdc66e64 Make `common` inheritence unconditional and simplify theming code 2024-04-28 15:06:48 +02:00
Claire dee57982f1 Rename “home” pack to “application” 2024-04-28 15:06:41 +02:00
Claire 9a8be8cf49 Remove theme fallback mechanism
Remove the `fallback` property and do not fallback to using another flavour
when a pack is not available in the selected flavour.

Flavours should define all packs, and should they wish to piggy-back on
another one, they can import that other one's pack explicitly instead.
2024-04-28 15:05:16 +02:00
Claire 62bc36416f Get rid of `app/javascript/core`
Have all flavors implement everything they need instead.
2024-04-28 15:04:52 +02:00
Emelia Smith 049b159beb
Add read:me OAuth 2.0 scope, allowing more limited access to user data (#29087) 2024-04-23 11:47:00 +00:00