Commit Graph

3008 Commits

Author SHA1 Message Date
Matt Jankowski b61ae28f8d
Separate methods for theme style and meta color tags (#29802) 2024-04-05 09:52:43 +00:00
Matt Jankowski 59da591d13
Improve spec for dimension/languages admin metric (#29842) 2024-04-05 08:54:11 +00:00
Claire 38b9d31f63
Improve email address validation (#29838) 2024-04-05 07:48:45 +00:00
Claire 1f11aa5f04
Add stub for trending tags in user mailer spec (#29850) 2024-04-05 07:48:07 +00:00
Matt Jankowski 191bf5876e
Add coverage for sanitize failure path in api/web/embeds spec (#29851) 2024-04-04 16:07:16 +00:00
Matt Jankowski f87959ab50
Fix `RSpec/LetSetup` cop in api/v1/timelines/public spec (#28972) 2024-04-02 14:05:02 +00:00
Matt Jankowski 34489591ec
Add `max_pinned_statuses` to instances serializer and api response (#29441) 2024-04-02 13:54:11 +00:00
Renaud Chaput b4d991adaa
Use integers and not numbers in notification policy API counters (#29810) 2024-04-02 10:06:26 +00:00
renovate[bot] 589e34d00c
Update dependency selenium-webdriver to v4.19.0 (#29776)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2024-04-02 08:53:44 +00:00
Claire 9c24f2d6b1
Undo notification permissions on individual and domain blocks (#29570) 2024-03-26 14:46:38 +00:00
Claire 81a04ac25c
Improve specs for severed relationships (#29688) 2024-03-22 16:25:36 +00:00
Matt Jankowski 34f293475e
Fix results/query in `api/v1/featured_tags/suggestions` (#29597) 2024-03-22 15:08:27 +00:00
Claire 05eda8d193
Remove severed relationship notifications for single account suspensions (#29700) 2024-03-21 21:53:24 +00:00
Claire 814a48517f
Add some more tests for notification policies (#29698) 2024-03-21 16:46:38 +00:00
Claire 7434c9c276
Fix the relationships controller spec, since it requires an extra model now (#29671) 2024-03-21 08:28:37 +00:00
Claire c0aade79b0 Merge commit '8a1423a47425dd67615e94bdfd13d64b53676da4' into glitch-soc/merge-upstream 2024-03-20 18:31:09 +01:00
Claire 44bf7b8128
Add notifications of severed relationships (#27511) 2024-03-20 15:37:21 +00:00
Claire 8a1423a474
Allow unblocking email addresses from any matching account (#29305) 2024-03-20 14:38:00 +00:00
Claire 876aa35350 Merge commit 'ffc5be4820ed7bad4656489f096230dd7965140b' into glitch-soc/merge-upstream
Conflicts:
- `package.json`:
  Upstream updated a dependency that is on an adjacent line to a
  glitch-soc-only dependency in that file.
  Updated as upstream did.
- `yarn.lock`:
  Upstream updated a dependency that is on an adjacent line to a
  glitch-soc-only dependency in that file.
  Updated as upstream did.
2024-03-19 19:21:12 +01:00
Matt Jankowski 6d2986017e
Remove unused `active_nav_class` helper method (#29617) 2024-03-18 13:24:59 +00:00
Claire d5063072c3
Revert friends-of-friends follow recommendation query to using a CTE (#29619) 2024-03-18 12:57:21 +00:00
Matt Jankowski 92855948a0
Remove unused `show_landing_strip?` helper method (#29618) 2024-03-18 08:55:54 +00:00
Matt Jankowski ecdbf15ebe
Remove unused `link_to_older` and `link_to_newer` helper methods (#29620) 2024-03-18 08:54:46 +00:00
Claire b8f476256e Merge commit 'd702a03a0c35fc631a0fa456532946e6751cbbfd' into glitch-soc/merge-upstream 2024-03-15 22:48:04 +01:00
Matt Jankowski 4f4132f1a1
Add diagnostic message for failure during CLI search deploy (#29462) 2024-03-15 14:26:23 +00:00
Claire 2e49bc97b0 Merge commit '7720c684c5bf54e73e8815defe15473777d1c201' into glitch-soc/merge-upstream 2024-03-15 12:20:32 +01:00
Matt Jankowski 2e91a9bd34
Add `include_pagination_headers` matcher to check `Link` header in api specs (#29596) 2024-03-15 10:17:45 +00:00
Matt Jankowski e75b55a6d7
Extract target account on list method in bulk import row service spec (#29601) 2024-03-15 09:31:25 +00:00
Claire e91ede5be6 Merge commit 'df6086d4027910fb160d531b4fe7ffdec26b0cd7' into glitch-soc/merge-upstream 2024-03-14 17:27:16 +01:00
Matt Jankowski 974c7672e5
Extract shared behavior methods in oauth feature spec (#28360) 2024-03-14 13:42:59 +00:00
Matt Jankowski 0bc17a3d48
Use enum-generated `public_visibility` scope on Status (#28156) 2024-03-14 09:31:57 +00:00
Matt Jankowski 681a89f684
Readability clean up in `ImportVacuum` spec (#28955) 2024-03-14 09:24:00 +00:00
Matt Jankowski f9100743ec
Add `Api::ErrorHandling` concern for api/base controller (#29574) 2024-03-14 09:09:47 +00:00
Matt Jankowski 42875fee52
Add coverage for bad args/options in `CLI::Domains#purge` (#29578) 2024-03-14 08:58:53 +00:00
Claire 65ca37bbaa Merge commit 'a32a126cac42c73236236b5a9bd660765b9c58ee' into glitch-soc/merge-upstream
Conflicts:
- `spec/lib/sanitize/config_spec.rb`:
  Conflict due to glitch-soc having factored the file differently.
  Ported upstream's changes.
2024-03-13 20:14:18 +01:00
Claire 08b10cce52 Merge commit 'b43eaa4517107326c7e73b949cec759f841b4a30' into glitch-soc/merge-upstream
Conflicts:
- `spec/controllers/api/v1/accounts/credentials_controller_spec.rb`
  Conflict due to glitch-soc's different note length handling.
  Ported the changes in `spec/requests/api/v1/accounts/credentials_spec.rb` instead.
2024-03-13 20:12:58 +01:00
Claire 06881a8669 Merge commit '2c0441acd7f943a9873b650cf75d33c73d545acf' into glitch-soc/merge-upstream 2024-03-13 19:16:47 +01:00
Claire 27ffc09847 Merge commit 'af4e44e30a6a2701102a7d573e47e9db42025821' into glitch-soc/merge-upstream 2024-03-13 18:56:40 +01:00
Matt Jankowski 71e5f0f48c
Add coverage for suspended instance actor scenario (#29571) 2024-03-13 15:43:40 +00:00
Matt Jankowski 6262ceeb70
Fix `RSpec/DescribedClass` cop (#29472) 2024-03-13 15:42:39 +00:00
Matt Jankowski c09b8a7164
Add `Account.without_internal` scope (#29559)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2024-03-13 14:11:23 +00:00
Matt Jankowski 46e902f1f3
Merge `api/v1/accounts/credentials` controller spec into existing request spec (#29006) 2024-03-13 09:22:43 +00:00
Matt Jankowski 01b624c4a0
Use `normalizes` on `CustomFilter#context` value (#27602) 2024-03-13 08:50:21 +00:00
Matt Jankowski 71eecbfa1f
Move `api/v2/filters/*` to request spec (#28956) 2024-03-13 08:47:09 +00:00
Matt Jankowski 8349b45d60
Accept extra args that we wont verify in `ap/activity/add_spec` (#29005) 2024-03-13 08:46:11 +00:00
Matt Jankowski 469028b6d3
Remove unneeded `type: :service` from spec/services files (#29304) 2024-03-13 08:39:26 +00:00
Matt Jankowski 3eaac3af73
Use `before_all` block to setup `requests/cache_spec` data (#29437) 2024-03-13 08:38:57 +00:00
Matt Jankowski 19f0590795
Add basic coverage for `TagSearchService` class (#29319) 2024-03-13 08:33:03 +00:00
Matt Jankowski 96013cd576
Reduce `RSpec/ExampleLength` in CSP request spec (#29104) 2024-03-13 08:22:32 +00:00
Matt Jankowski 216cea1e27
Fix incorrect frequency value in `FriendsOfFriendsSource` data (#29550) 2024-03-12 08:38:32 +00:00
Claire a5127d0ef8 Merge commit '24319836de6046fb2985ec1a24c30ad7d47584d7' into glitch-soc/merge-upstream
Conflicts:
- `config/routes/api.rb`:
  glitch-soc has an extra `:destroy` action on notifications for historical reasons.
  Kept it for now, while otherwise updating as upstream did.
2024-03-11 17:29:07 +01:00
Matt Jankowski 24319836de
Convert request-based setup into factory setup in push/subscriptions request spec (#29489) 2024-03-11 15:46:25 +00:00
Matt Jankowski a38e424185
Use unchanging github links in docs/comments (#29545) 2024-03-11 15:14:55 +00:00
Eugen Rochko c10bbf5fe3
Add notification policies and notification requests in web UI (#29433) 2024-03-11 15:02:21 +00:00
Jeong Arm 4a6ddbc9c0
Normalize idna domain before account unblock domain (#29530) 2024-03-11 09:28:08 +00:00
Matt Jankowski a7284690fc
Add coverage for admin/metrics base classes, simplify subclass generation (#29527) 2024-03-11 09:16:19 +00:00
Matt Jankowski 98ef38e34e
Ensure unique values in fabricators (#29515) 2024-03-11 08:53:24 +00:00
Eugen Rochko 50b17f7e10
Add notification policies and notification requests (#29366) 2024-03-07 14:53:37 +00:00
Claire 45e56db8e4 Merge commit 'f89512fbedb547f66a72eefdff047768fb505eb6' into glitch-soc/merge-upstream
Conflicts:
- `README.md`:
  Upstream updated its README, we have a completely different one.
  Kept our version.
2024-03-05 16:25:50 +01:00
Claire ee8d0b9447
Fix follow suggestions potentially including silenced or blocked accounts (#29306) 2024-03-04 06:35:20 +00:00
Claire 159e500749 Merge commit '18945f62e07617ac44b7a25a61799b0959fe67f7' into glitch-soc/merge-upstream 2024-03-01 18:34:48 +01:00
Matt Jankowski 18945f62e0
Convert more API specs from controller->request style (#29004) 2024-03-01 16:24:45 +00:00
Daniel M Brasil a25014de8f
Improve `IpBlock` model test coverage (#29460) 2024-03-01 16:17:40 +00:00
Claire f01605c665 Merge commit '3389c41b5899c1da479bfc08e84588184e09902d' into glitch-soc/merge-upstream
Conflicts:
- `app/javascript/packs/admin.tsx`:
  Changes applied to `app/javascript/core/admin.ts` instead.
2024-03-01 13:02:59 +01:00
Matt Jankowski 3389c41b58
Move `nobody` position in `UserRole` magic number to constant (#29465) 2024-03-01 11:05:24 +00:00
Claire 4d7e7cc562 Merge commit '6dfe318f34d69066dc0f453a228fdfc6af84b62e' into glitch-soc/merge-upstream 2024-02-29 18:24:47 +01:00
Matt Jankowski eb1b8f69de
Allow pagination `Link` headers on API accounts/statuses when pinned true (#29442) 2024-02-29 14:21:56 +00:00
Matt Jankowski 6675bf574a
Extract `parsed_uri_query_values` helper in ap/replies controller spec (#29410) 2024-02-29 13:47:38 +00:00
Matt Jankowski 14c65180df
Use sequence in `software_update` fabricator to allow multiple (#29438) 2024-02-29 10:51:11 +00:00
Claire ccdf56085d Merge commit '7f84bbfd92377689f84121ec45c5b9d809d94cde' into glitch-soc/merge-upstream 2024-02-28 20:37:38 +01:00
Claire a482932649 Merge commit '6f7615ba86afda56e1d661442286a1d68467a525' into glitch-soc/merge-upstream
Conflicts:
- `app/controllers/application_controller.rb`:
  Not a real conflict, upstream fixed a bug in a line adjacent to code
  modified by glitch-soc.
  Ported upstream's change.
2024-02-27 19:20:57 +01:00
Matt Jankowski 8f3c91fc3c
Add `change` block expectation to `admin/invites#deactivate_all` spec (#29412) 2024-02-27 16:25:58 +00:00
Claire 6f7615ba86
Add basic end-to-end test for admin moderation interface (#29424) 2024-02-27 15:18:06 +00:00
Matt Jankowski 9e78129e6e
Use "cacheable response" shared example in more places (#29419) 2024-02-27 11:50:21 +00:00
Claire 67ca8bb56a Merge commit '8156113d58db851d00f8052e66459e6dafb71e82' into glitch-soc/merge-upstream
Conflicts:
- `app/javascript/packs/admin.jsx`:
  Change applied to `app/javascript/core/admin.js` instead.
2024-02-26 17:43:16 +01:00
Matt Jankowski 8156113d58
Use `response_vary_headers` method in requests/cache_spec (#29411) 2024-02-26 16:27:07 +00:00
Damien Mathieu 1540f42522
Better tests for auth/registrations#update (#29303) 2024-02-26 16:09:56 +00:00
Wolfgang Fournès d51c3ac087
Add a missing spec to `SessionsController#webauthn_options` (#29277) 2024-02-26 16:09:40 +00:00
Claire 2dc244784c Merge commit 'cfa71a4d16e71b04a42dda564ed8e188bd1badd9' into glitch-soc/merge-upstream 2024-02-24 15:43:15 +01:00
Claire 1ad91dece8 Merge commit '9d8dfeb5fbbc274482489a3ac9f22dd736da156c' into glitch-soc/merge-upstream
Conflicts:
- `app/javascript/packs/admin.jsx`:
  Changes applied to `app/javascript/core/admin.js` instead.
2024-02-24 15:35:56 +01:00
Claire 7901dc9e24 Merge commit '491dd9764244c8adf37861f00d916c96bdbfdaf8' into glitch-soc/merge-upstream
Conflicts:
- `app/workers/scheduler/auto_close_registrations_scheduler.rb`:
  Changes were already cherry-picked and updated further in glitch-soc.
  Kept glitch-soc's version.
2024-02-24 15:33:36 +01:00
Claire d2cfc6e5e2 Merge commit '08342ad40c1b92caf873282190efe8533a7d6e2e' into glitch-soc/merge-upstream 2024-02-24 15:02:28 +01:00
Claire ef3d15554b Merge commit 'c645490d553124d800d30488595f7d2d9d61584d' into glitch-soc/merge-upstream
Conflicts:
- `Gemfile.lock`:
  Changes were already cherry-picked and updated further in glitch-soc.
  Kept glitch-soc's version.
- `README.md`:
  Upstream updated its README, we have a completely different one.
  Kept glitch-soc's README.
- `app/models/account.rb`:
  Not a real conflict, upstream updated some lines textually adjacent
  to glitch-soc-specific lines.
  Ported upstream's changes.
2024-02-24 14:46:14 +01:00
Claire ab2f0daa10 Merge commit 'aaa58d4807377e04649499ebee91757b16b9a007' into glitch-soc/merge-upstream
Conflicts:
- `.github/workflows/build-security.yml`:
  Changes were already cherry-picked and adapted in glitch-soc.
  Kept glitch-soc's version.
- `Gemfile.lock`:
  Changes were already cherry-picked and updated further in glitch-soc.
  Kept glitch-soc's version.
- `lib/mastodon/version.rb`:
  Changes were already cherry-picked and updated further in glitch-soc.
  Kept glitch-soc's version.
2024-02-24 14:27:43 +01:00
Claire 5b9ddfcfcc Merge commit 'fa0ba677538588086d83c97c0ea56f9cd1556590' into glitch-soc/merge-upstream 2024-02-24 14:18:16 +01:00
Claire dfd74f0dae Merge commit '1467f1e1e1c18dc4b310862ff1f719165a24cfb6' into glitch-soc/merge-upstream 2024-02-24 14:15:49 +01:00
Claire 73de36318e Move `api/v1/timelines/direct` to request spec 2024-02-24 14:10:05 +01:00
Claire 9903e6beab Merge commit '0b0ca6f3b85c9d08e4642e49d743f8d060632293' into glitch-soc/merge-upstream
Conflicts:
- `spec/controllers/api/v1/timelines/direct_controller_spec.rb`:
  `spec/controllers/api/v1/timelines` has been renamed, but we had an extra
  spec here for a glitch-soc-only endpoint.
  Kept glitch-soc's file unchanged (will port to a request spec later).
2024-02-24 14:05:26 +01:00
Claire c297d999ba Merge commit '87ad398ddc78f2da5746774960690661e8e57335' into glitch-soc/merge-upstream 2024-02-24 14:02:01 +01:00
Claire 20615a516d Merge commit '805dba7f8d2a2d5f910ec1396247b36417170345' into glitch-soc/merge-upstream 2024-02-24 13:53:59 +01:00
Matt Jankowski b0064ddda7
Add basic coverage for `MoveService` class (#29301) 2024-02-23 09:59:29 +00:00
Claire 9d8dfeb5fb
Fix processing of `Link` objects in `Image` objects (#29335) 2024-02-22 22:27:24 +01:00
Matt Jankowski a6ed148769
Use heredoc on the `HTML` blocks in verify link spec (#29365) 2024-02-22 21:26:48 +00:00
Claire 10a0d76bf0 Merge commit '6936e5aa693ccc4aabd26ef18a65fbb8132f6f74' into glitch-soc/merge-upstream-composer
Conflicts:
- `app/javascript/mastodon/features/compose/components/compose_form.jsx`:
  Upstream completely redesigned this, and glitch-soc had different handling for
  the character limit.
  Ported upstream's change to the new version.
- `app/javascript/mastodon/features/compose/components/poll_form.jsx`:
  Upstream completely redesigned this, and glitch-soc had different limits for
  option length and number of options.
  Ported glitch-soc's changes to the new version.

Additional change:
- `app/javascript/styles/components.scss`:
  Change how the new image is looked up.
2024-02-22 20:58:41 +01:00
Claire f25414014a Fix link verifications when page size exceeds 1MB (#29358) 2024-02-22 20:45:40 +01:00
Claire d23f445527 Automatically switch from open to approved registrations in absence of moderators (#29318) 2024-02-22 20:45:40 +01:00
Claire 5152dd869e
Fix link verifications when page size exceeds 1MB (#29358) 2024-02-22 17:31:50 +00:00
Claire b71904816a
Change registrations to be disabled by default for new servers (#29280) 2024-02-22 13:28:19 +00:00
Matt Jankowski e9b0f0c314
Add basic coverage for `RemoveDomainsFromFollowersService` class (#29327) 2024-02-22 10:53:38 +00:00
Matt Jankowski 7c7dfe7de3
Add basic coverage for `RemoveFeaturedTagService` class (#29328) 2024-02-22 10:51:04 +00:00
Matt Jankowski 6342ddd698
Add basic coverage for `UnfavouriteService` class (#29329) 2024-02-22 10:48:42 +00:00
Matt Jankowski f70905f127
Add basic coverage for `UnmuteService` class (#29330) 2024-02-22 10:48:09 +00:00
Matt Jankowski a69fe534e3
Add basic coverage for `WebhookService` class (#29331) 2024-02-22 10:46:20 +00:00
Matt Jankowski d1602c017d
Add basic coverage for `ApproveAppealService` class (#29333) 2024-02-22 10:40:07 +00:00
Matt Jankowski ab2ef63a03
Add basic coverage for `VoteService` class (#29334) 2024-02-22 10:39:18 +00:00
Claire 2751acb6cd
Automatically switch from open to approved registrations in absence of moderators (#29318) 2024-02-21 17:45:06 +00:00
Matt Jankowski 08342ad40c
Add basic coverage for `AfterUnallowDomainService` class (#29324) 2024-02-21 17:13:11 +00:00
Matt Jankowski 8f61e32569
Add basic coverage for `AppealService` class (#29322) 2024-02-21 17:12:31 +00:00
Matt Jankowski b73932461f
Add basic coverage for `CreateFeaturedTagService` class (#29321) 2024-02-21 16:58:19 +00:00
Matt Jankowski 5f19e7e799
Add basic coverage for `ProcessHashtagsService` class (#29320) 2024-02-21 16:57:45 +00:00
Matt Jankowski 1f648fdf1a
Remove erroneous service type on `TagFeed` model spec (#29302) 2024-02-21 11:25:33 +00:00
Matt Jankowski 64f9939e39
Use `capture_emails` helper to improve email assertions in specs (#29245) 2024-02-19 15:57:47 +00:00
Wolfgang Fournès 86627ea2e4
Add a missing thread example to the statuses spec (#29278) 2024-02-19 13:35:58 +00:00
Matt Jankowski 245064bb98
Move "everyone" role and "instance actor" account magic number IDs to constants (#29260) 2024-02-19 11:09:43 +00:00
Claire 96ddf1d482
Fix flaky end-to-end OCR test (#29244) 2024-02-16 16:57:23 +00:00
Matt Jankowski 1946e171e6
Reduce round trips in admin/disputes/appeals spec (#29234) 2024-02-16 13:46:28 +00:00
Matt Jankowski 3454fcbd71
Reduce round trips in auth/sessions spec (#29233) 2024-02-16 13:38:49 +00:00
Matt Jankowski a316c0e38d
Reduce round trips in disputes/appeals spec (#29232) 2024-02-16 13:01:15 +00:00
Matt Jankowski 117b507df5
Extract `subject` from `User#mark_email_as_confirmed!` spec (#29231) 2024-02-16 13:01:04 +00:00
Matt Jankowski 1690fb39e6
Reduce `RSpec/MultipleExpectations` in instance_actors_controller spec (#29229) 2024-02-16 13:00:11 +00:00
Matt Jankowski bba488c189
Reduce `RSpec/MultipleExpectations` in media_attachment spec (#29228) 2024-02-16 13:00:09 +00:00
Claire 6c1b6194f7 Merge pull request from GHSA-jhrq-qvrm-qr36
* Fix insufficient Content-Type checking of fetched ActivityStreams objects

* Allow JSON-LD documents with multiple profiles
2024-02-16 12:17:15 +01:00
Claire 9fee5e8526
Merge pull request from GHSA-jhrq-qvrm-qr36
* Fix insufficient Content-Type checking of fetched ActivityStreams objects

* Allow JSON-LD documents with multiple profiles
2024-02-16 11:56:12 +01:00
Matt Jankowski a9f9b0097b
Reduce `RSpec/MultipleExpectations` in captcha feature spec (#29226) 2024-02-16 07:52:57 +00:00
Matt Jankowski 4b7f04e3ea
Reduce `RSpec/MultipleExpectations` in post_status_service spec (#29225) 2024-02-16 07:52:29 +00:00
Matt Jankowski ed4939296a
Reduce `RSpec/MultipleExpectations` in ap/activity/create spec (#29224) 2024-02-16 07:43:00 +00:00
Matt Jankowski 1df2ffc3ee
Use `subject` in blacklist email validator spec (#29211) 2024-02-16 07:42:03 +00:00
Matt Jankowski fc4f823464
Avoid local block var assignment in ap/process_status_update_service spec (#29210) 2024-02-16 07:41:25 +00:00
Claire e7ca82762d Fix user creation failure handling in OAuth paths (#29207) 2024-02-14 23:12:59 +01:00
Claire d4d0565b0f
Fix user creation failure handling in OAuth paths (#29207) 2024-02-14 21:49:45 +00:00
Claire 486e4bc7d3 Fix OmniAuth tests (#29201) 2024-02-14 16:07:28 +01:00
Claire bbbbf00084
Fix OmniAuth tests (#29201) 2024-02-14 14:57:49 +00:00
Claire 53b73ed6a2 Merge pull request from GHSA-vm39-j3vx-pch3
* Prevent different identities from a same SSO provider from accessing a same account

* Lock auth provider changes behind `ALLOW_UNSAFE_AUTH_PROVIDER_REATTACH=true`

* Rename methods to avoid confusion between OAuth and OmniAuth
2024-02-14 15:25:15 +01:00
Emelia Smith 436419cc2f Merge pull request from GHSA-7w3c-p9j8-mq3x
* Ensure destruction of OAuth Applications notifies streaming

Due to doorkeeper using a dependent: delete_all relationship, the destroy of an OAuth Application bypassed the existing AccessTokenExtension callbacks for announcing destructing of access tokens.

* Ensure password resets revoke access to Streaming API

* Improve performance of deleting OAuth tokens

---------

Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2024-02-14 15:25:15 +01:00
Claire b31af34c97
Merge pull request from GHSA-vm39-j3vx-pch3
* Prevent different identities from a same SSO provider from accessing a same account

* Lock auth provider changes behind `ALLOW_UNSAFE_AUTH_PROVIDER_REATTACH=true`

* Rename methods to avoid confusion between OAuth and OmniAuth
2024-02-14 15:16:07 +01:00
Emelia Smith 68eaa804c9
Merge pull request from GHSA-7w3c-p9j8-mq3x
* Ensure destruction of OAuth Applications notifies streaming

Due to doorkeeper using a dependent: delete_all relationship, the destroy of an OAuth Application bypassed the existing AccessTokenExtension callbacks for announcing destructing of access tokens.

* Ensure password resets revoke access to Streaming API

* Improve performance of deleting OAuth tokens

---------

Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2024-02-14 15:15:34 +01:00
Emelia Smith eae436c5a8 Disable administrative doorkeeper routes (#29187) 2024-02-13 20:03:00 +01:00
Emelia Smith 46142cdbdd
Disable administrative doorkeeper routes (#29187) 2024-02-13 18:11:47 +00:00
Claire ca8fbda5d0
Add end-to-end test for OCR in media uploads (#29148) 2024-02-08 19:13:44 +00:00
Matt Jankowski a9e91eb955
Add common stub setup for resolv dns in email mx validator spec (#29140) 2024-02-08 14:26:45 +00:00
Matt Jankowski 15437e4ad9
Add `context` and `before` to lengthy tag manager spec examples (#29129) 2024-02-08 10:03:04 +00:00
Matt Jankowski 5271131658
Extract helper method for repeated form fill in admin/domain_blocks feature spec (#29128) 2024-02-08 10:02:53 +00:00
Claire eff447a455
Rewrite signature verification using regexps and `StringScanner` (#29133) 2024-02-07 17:24:42 +00:00
Matt Jankowski 95da28d201
Add common `ThreadingHelper` module for specs (#29116) 2024-02-07 14:53:29 +00:00
Claire 7efc33b909
Move HTTP Signature parsing code to its own class (#28932) 2024-02-07 13:35:37 +00:00
Matt Jankowski da50217b88
Combine repeated requests in `admin/accounts` controller spec (#29119) 2024-02-07 10:59:32 +00:00
Claire 7ee93b7431
Change `source` attribute of `Suggestion` entity in `/api/v2/suggestions` back to a string (#29108) 2024-02-06 17:10:17 +00:00
Matt Jankowski 0df86d77fd
Reduce `RSpec/ExampleLength` in PostStatusService spec example (#29105) 2024-02-06 14:36:04 +00:00
Matt Jankowski 2d6ab44556
Reduce request/response round-trips in ap/collections controller spec (#29102) 2024-02-06 13:10:00 +00:00
Matt Jankowski 978fdc71ca
Reduce expectation count in example from `ProcessAccountService` spec (#29100) 2024-02-06 13:04:02 +00:00
Matt Jankowski 577520b637
Replace deprecated `Sidekiq::Testing` block style (#29097) 2024-02-06 12:49:48 +00:00
Matt Jankowski df7acdcee5
Update markers API spec for error case (#29096) 2024-02-06 12:47:04 +00:00
Emelia Smith 4fb7f611de
Return domain block digests from admin domain blocks API (#29092) 2024-02-06 12:38:14 +00:00
Matt Jankowski 4cf07ed78c
Add missing action logging to `api/v1/admin/reports#update` (#29044) 2024-02-06 11:34:11 +00:00
Claire 66dda7c762
Fix already-invalid reports failing to resolve (#29027) 2024-02-06 09:35:27 +00:00
Claire ff58ec0103 Merge pull request from GHSA-3fjr-858r-92rw
* Fix insufficient origin validation

* Bump version to 4.3.0-alpha.1
2024-02-01 15:57:08 +01:00
Claire 1726085db5
Merge pull request from GHSA-3fjr-858r-92rw
* Fix insufficient origin validation

* Bump version to 4.3.0-alpha.1
2024-02-01 15:56:46 +01:00
Matt Jankowski f4416e6b3a Configure selenium to use Chrome version 120 (#29038) 2024-02-01 11:15:23 +01:00
Matt Jankowski 8b7b0ee598
Configure selenium to use Chrome version 120 (#29038) 2024-02-01 09:46:31 +00:00
Matt Jankowski 86fbde7b46
Fix `Style/NumericLiterals` cop in ProfileStories support module (#28971) 2024-01-30 15:38:33 +00:00
Matt Jankowski f91acba70a
Combine repeated requests in account controller concern spec (#28957) 2024-01-30 15:32:20 +00:00
Claire bf153b384b Merge commit '42ab855b2339c5cea3229c856ab539f883736b12' into glitch-soc/merge-upstream
Conflicts:
- `app/controllers/auth/confirmations_controller.rb`:
  Upstream refactored, changing lines textually close of glitch-soc-only lines
  pertaining to the theming system.
  Resolved the conflict.
- `app/controllers/auth/passwords_controller.rb`:
  Upstream refactored, changing lines textually close of glitch-soc-only lines
  pertaining to the theming system.
  Resolved the conflict.
- `app/controllers/settings/two_factor_authentication/webauthn_credentials_controller.rb`:
  Upstream refactored, changing lines textually close of glitch-soc-only lines
  pertaining to the theming system.
  Resolved the conflict.
2024-01-27 19:06:41 +01:00
Claire 5fa2821853 Merge commit '3205a654caf903002c2db872f802a3332201678b' into glitch-soc/merge-upstream 2024-01-26 20:47:20 +01:00
Matt Jankowski ff8937aa2c
Move `api/v1/statuses/*` to request spec (#28954) 2024-01-26 17:45:54 +00:00
Matt Jankowski 44f6d285af
Combine repeated subject in ap fetch remote actor service spec (#28953) 2024-01-26 17:44:12 +00:00
Matt Jankowski 239244e2ed
Combine repeated subject in ap fetch remote account service spec (#28952) 2024-01-26 17:43:08 +00:00
Matt Jankowski 5119fbc9b7
Move `api/v1/admin/trends/links/preview_card_providers` to request spec (#28951) 2024-01-26 17:41:39 +00:00
Matt Jankowski b6baab447d
Move `api/v2/admin/accounts` to request spec (#28950) 2024-01-26 17:41:13 +00:00
Matt Jankowski 7adcc0aae3
Move `api/v1/trends/*` to request specs (#28949) 2024-01-26 17:40:39 +00:00
Matt Jankowski 0b0ca6f3b8
Move `api/v1/timelines/list` to request spec (#28948) 2024-01-26 17:40:15 +00:00
Matt Jankowski e519f113e8
Combine repeated subject in `cacheable response` shared example (#28945) 2024-01-26 16:37:05 +00:00
Matt Jankowski d791bca11b
Combine double subject in `well_known/webfinger` shared example (#28944) 2024-01-26 16:36:21 +00:00
Matt Jankowski 09a3493fca
Combine double subject in `api/v1/media` shared example (#28943) 2024-01-26 16:35:49 +00:00
Matt Jankowski 5fbdb2055b
Combine repeated `subject` in `cli/accounts` spec shared example (#28942) 2024-01-26 16:35:19 +00:00
Matt Jankowski 1a30a517d6
Combine repeated subjects in link details extractor spec (#28941) 2024-01-26 16:31:07 +00:00
Matt Jankowski 685eaa04d4
Combine double subject in admin/statuses controller shared example (#28940) 2024-01-26 16:30:30 +00:00
Matt Jankowski beb74fd71c
Combine double subjects in instance actors controller shared example (#28939) 2024-01-26 16:28:50 +00:00
Matt Jankowski beaef4b672
Combine double subjects in application controller shared example (#28938) 2024-01-26 16:23:12 +00:00
Matt Jankowski 6d35a77c92
Combine repeated subjects in `models/user` spec (#28937) 2024-01-26 16:22:44 +00:00
Matt Jankowski 2f8656334d
Combine double subjects in `admin/accounts` controller spec (#28936) 2024-01-26 16:21:31 +00:00
Matt Jankowski 9cc1817bb4
Fix intmermittent failure in `api/v1/accounts/statuses` controller spec (#28931) 2024-01-26 14:10:26 +00:00
Matt Jankowski 0e0a94f483
Handle CLI failure exit status at the top-level script (#28322) 2024-01-26 08:53:44 +00:00
Claire 70de52c297 Merge commit '7a1f087659204e9d0cbba2de37e45b1921cefe20' into glitch-soc/merge-upstream 2024-01-25 19:51:19 +01:00
Eugen Rochko 6936e5aa69
Change design of compose form in web UI (#28119)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2024-01-25 15:41:31 +00:00
Matt Jankowski 42ab855b23
Add specs for `Instance` model scopes and add `with_domain_follows` scope (#28767) 2024-01-25 15:28:27 +00:00
Matt Jankowski 2866106ec1
Reduce factory creation in `spec/models/account_statuses_cleanup_policy` (#28361) 2024-01-25 13:37:25 +00:00
Matt Jankowski 6b6586f5d0
Add `CustomFilterKeyword#to_regex` method (#28893) 2024-01-25 13:00:34 +00:00
Matt Jankowski 7c9c6c7f80
Fix remaining `Rails/WhereExists` cop violations, regenerate todo (#28892) 2024-01-25 12:37:07 +00:00
Claire 087415d0fe
Add tests for processing statuses using bearcap URIs (#28904) 2024-01-25 11:13:36 +00:00
Claire 0471a78055
Add tests for redirect confirmations (#28903) 2024-01-25 11:13:33 +00:00
Claire 22cfab0ebf Merge commit '01ce9df88008cee705b7e02a4581802afa07c3df' into glitch-soc/merge-upstream
Conflicts:
- `tsconfig.json`:
  Upstream made style fixes, while glitch-soc had extra options.
  Ported upstream's style fixes.
2024-01-24 20:42:53 +01:00
Matt Jankowski a11a2fb052
Add error classes to api/base errors coverage (#28864) 2024-01-24 10:31:31 +00:00
Matt Jankowski b0207d7757
Add coverage for `Tag.recently_used` scope (#28850) 2024-01-23 09:10:11 +00:00
Claire 102eff7c05 Merge commit 'e2d9635074ad33cc8144adc434bcd90faae9c424' into glitch-soc/merge-upstream 2024-01-22 19:19:40 +01:00
Claire 0700eb58bc Merge commit '163db814c2b3cf544b78e427e7f7bbd99b94a025' into glitch-soc/merge-upstream 2024-01-22 19:12:05 +01:00
Claire e2d9635074
Add notification email on invalid second authenticator (#28822) 2024-01-22 13:55:43 +00:00
Matt Jankowski 18004bf227
Add `Account.matches_uri_prefix` scope and use in activitypub/followers_synchronizations controller (#28820) 2024-01-22 13:55:37 +00:00
Matt Jankowski 7ecf7f5403
Move controller->request specs for api/v1/statuses/* (#28818) 2024-01-22 11:58:54 +00:00
Claire cf2a2ed71c
Fix processing of compacted single-item JSON-LD collections (#28816) 2024-01-19 12:43:10 +00:00
Claire 3593ee2e36
Add rate-limit of TOTP authentication attempts at controller level (#28801) 2024-01-19 12:19:49 +00:00