Commit Graph

202 Commits

Author SHA1 Message Date
Claire e61a7794f8 Merge commit 'df9e26158d9787859b24bdc276af478abf05e1af' into glitch-soc/merge-upstream
Conflicts:
- `lib/sanitize_ext/sanitize_config.rb`:
  Conflict because glitch-soc has a different list of allowed tags.
  Added upstream's new allowed tags while keeping ours.
- `spec/requests/api/v1/timelines/public_spec.rb`:
  Conflict because of glitch-soc's default settings.
  Updated accordingly.
2024-07-04 17:12:14 +02:00
Claire 502cf75b16
Merge pull request from GHSA-58x8-3qxw-6hm7
* Fix insufficient permission checking for public timeline endpoints

Note that this changes unauthenticated access failure code from 401 to 422

* Add more tests for public timelines

* Require user token in `/api/v1/statuses/:id/translate` and `/api/v1/scheduled_statuses`
2024-07-04 16:26:49 +02:00
Claire b0c979af49 Merge commit '58ace2e45e16a69977267d03874568c11043f04c' into glitch-soc/merge-upstream 2024-06-18 18:20:36 +02:00
Claire 58ace2e45e
Fix SQL error in admin measures API (#30753) 2024-06-18 16:04:58 +00:00
Claire 677f73f793 Merge commit '3a191b3797dde1daf79cd748a14b87240532d543' into glitch-soc/merge-upstream 2024-06-17 13:41:58 +02:00
Claire 45abddb302
Fix pagination attributes not being returned in ungroupable-only pages (#30688) 2024-06-13 14:10:34 +00:00
Claire 4daed855e5 Merge commit 'd818ddd6870094e89e58ef61f37da4cb73935856' into glitch-soc/merge-upstream 2024-06-11 19:46:11 +02:00
Matt Jankowski b2496177e0
Use correct params in `v1/admin/domain_allows` spec (#30378) 2024-06-11 07:35:30 +00:00
Claire be68f8f4af Merge commit '9cc4040308a758d4b77961f4da79cf63a044fffe' into glitch-soc/merge-upstream 2024-06-10 18:20:08 +02:00
Daniel M Brasil 77c2216e47
fix: Return HTTP 422 when scheduled status time is less than 5 minutes (#30584) 2024-06-10 13:33:48 +00:00
Claire 7277d2f130 Merge commit '496c10542bd39ca86a85d4de81778c134ea4383c' into glitch-soc/merge-upstream 2024-06-07 20:30:51 +02:00
Matt Jankowski 07cc94e05f
Use `sidekiq_inline` in requests/api/v1/admin/account_actions spec (#30563) 2024-06-06 14:19:22 +00:00
Matt Jankowski 9b9b0e25b6
Use `sidekiq_inline` in requests/api/v1/reports spec (#30564) 2024-06-06 14:14:33 +00:00
Claire 578b0eae7d Fix /api/v1/timelines/link specs for glitch-soc default settings 2024-06-06 12:52:15 +02:00
Claire 30b00ca2b5 Merge commit '5652ca613582df03e5b838626078981414f3b897' into glitch-soc/merge-upstream 2024-06-06 12:27:26 +02:00
Eugen Rochko a2505e8611
Add timeline of public posts about a trending link to REST API (#30381) 2024-06-06 08:43:04 +00:00
Emelia Smith e02d23b549
Change `read:me` scope to `profile` scope (#30357)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2024-06-06 07:30:10 +00:00
Emelia Smith 4655be0da6
Fix add validation to webpush subscription keys (#30542) 2024-06-05 19:16:47 +00:00
Emelia Smith eef2cc054f
Add url validation to Web::PushSubscription endpoints (#30540) 2024-06-05 08:06:06 +00:00
Claire 974335e414
Add experimental server-side notification grouping (#29889) 2024-06-03 08:35:59 +00:00
Claire c827a98f19 Merge commit 'd20a5c3ec9ed40a991245fe32d0acb6187dd48c4' into glitch-soc/merge-upstream
Conflicts:
- `yarn.lock`:
  Not a real conflict, just a line adjacent to a glitch-soc only dependency
  getting updated.
  Updated dependencies as upstream did.
2024-05-29 17:03:24 +02:00
Claire 36fe8f8566
Change `ids` param to `id` in `/api/v1/statuses` and `/api/v1/accounts` for consistency (#30465) 2024-05-29 09:19:17 +00:00
Matt Jankowski c61e356475
Add `Status::MEDIA_ATTACHMENTS_LIMIT` configuration constant (#30433) 2024-05-27 09:49:44 +00:00
Claire 0e8633f6c7 Merge commit '3a862439dfc989c6c5741e007c2f4e0335fffe33' into glitch-soc/merge-upstream 2024-05-23 20:11:12 +02:00
Matt Jankowski 3a862439df
Remove unused account record in api/v2/admin/accounts spec (#30397) 2024-05-23 08:26:58 +00:00
Claire e46321e63d Merge commit 'de4815afda0809bf999519aabda1cd14c67278da' into glitch-soc/merge-upstream 2024-05-20 12:17:36 +02:00
Emelia Smith 2da2a1dae9
Support multiple redirect_uris when creating OAuth 2.0 Applications (#29192) 2024-05-17 13:46:12 +00:00
Claire 016d194274 Merge commit '2fe1b8d1695d8faa452a69872fde94ccc4611576' into glitch-soc/merge-upstream
Conflicts:
- `app/helpers/application_helper.rb`:
  Not a real conflict, upstream added helpers right next to glitch-soc only
  helpers.
  Added upstream's helpers.
- `spec/models/status_spec.rb`:
  Not a real conflict, upstream added specs right next to glitch-soc only
  specs.
  Added upstream's tests.
2024-05-06 17:53:51 +02:00
Claire 2fe1b8d169
Add API to get multiple accounts and statuses (#27871)
Co-authored-by: noellabo <noel.yoshiba@gmail.com>
2024-05-06 15:19:15 +00:00
Claire 3789d9f825 Merge commit 'b7902225d698a107df2cf8b4ca221caad38fa464' into glitch-soc/merge-upstream
Conflicts:
- `spec/validators/status_length_validator_spec.rb`:
  Upstream refactored tests to stub `StatusLengthValidator::MAX_CHARS`
  while glitch-soc had custom code to read from `MAX_TOOT_CHARS`.
  Switched to using upstream's implementation of the tests.
2024-05-04 16:28:30 +02:00
Claire f09f5b35f2 Merge commit 'd97d31cce664281d868e4c661451687a301c97c8' into glitch-soc/merge-upstream
Conflicts:
- `app/models/account.rb`:
  Upstream refactored this file a bit, moving validation limits to constants.
  We already had a similar change, although with different constant names.
  Updated to match upstream's code.

The following files were also modified accordingly:
- `app/views/settings/profiles/show.html.haml`
- `spec/requests/api/v1/accounts/credentials_spec.rb`
2024-05-04 16:12:51 +02:00
Claire 253ead3aa7
Fix not being able to block a subdomain of an already-blocked domain through the API (#30119) 2024-05-02 20:56:21 +00:00
Claire b039e62194 Merge commit 'a2399046ca600d492b492b8dae88011de687bece' into glitch-soc/merge-upstream 2024-05-01 19:49:59 +02:00
Claire 0fb469e2f3 Merge commit '52ab8a59c6e77b6409a7d4d81b15751732b3af91' into glitch-soc/merge-upstream 2024-05-01 17:30:52 +02:00
Claire 15f6d2d038 Merge commit 'd27eb181f6ab419d1745a1fe9b94094be17a618f' into glitch-soc/merge-upstream
Conflicts:
- `spec/requests/api/v2/instance_spec.rb`:
  Conflict due to glitch-soc having a different default site name.
  Updated the tests as upstream did, keeping glitch-soc's default name.
2024-05-01 17:22:02 +02:00
Claire 2c386d4cfe Merge commit 'c70c39cad03824c64564fa7d241e6bf01acbab76' into glitch-soc/merge-upstream 2024-05-01 17:06:49 +02:00
Emelia Smith 049b159beb
Add read:me OAuth 2.0 scope, allowing more limited access to user data (#29087) 2024-04-23 11:47:00 +00:00
Claire 777984faeb Merge commit '119c7aa0df1e1d26bdee1701250d23a7af9e9136' into glitch-soc/merge-upstream 2024-04-06 20:34:07 +02:00
Claire 903dc53522 Merge commit '05eda8d19330a9c27c0cf07de19a87edff269057' into glitch-soc/merge-upstream 2024-04-06 20:01:25 +02:00
Matt Jankowski 191bf5876e
Add coverage for sanitize failure path in api/web/embeds spec (#29851) 2024-04-04 16:07:16 +00:00
Matt Jankowski f87959ab50
Fix `RSpec/LetSetup` cop in api/v1/timelines/public spec (#28972) 2024-04-02 14:05:02 +00:00
Matt Jankowski 34489591ec
Add `max_pinned_statuses` to instances serializer and api response (#29441) 2024-04-02 13:54:11 +00:00
Renaud Chaput b4d991adaa
Use integers and not numbers in notification policy API counters (#29810) 2024-04-02 10:06:26 +00:00
Matt Jankowski 34f293475e
Fix results/query in `api/v1/featured_tags/suggestions` (#29597) 2024-03-22 15:08:27 +00:00
Claire 814a48517f
Add some more tests for notification policies (#29698) 2024-03-21 16:46:38 +00:00
Claire 2e49bc97b0 Merge commit '7720c684c5bf54e73e8815defe15473777d1c201' into glitch-soc/merge-upstream 2024-03-15 12:20:32 +01:00
Matt Jankowski 2e91a9bd34
Add `include_pagination_headers` matcher to check `Link` header in api specs (#29596) 2024-03-15 10:17:45 +00:00
Claire 08b10cce52 Merge commit 'b43eaa4517107326c7e73b949cec759f841b4a30' into glitch-soc/merge-upstream
Conflicts:
- `spec/controllers/api/v1/accounts/credentials_controller_spec.rb`
  Conflict due to glitch-soc's different note length handling.
  Ported the changes in `spec/requests/api/v1/accounts/credentials_spec.rb` instead.
2024-03-13 20:12:58 +01:00
Claire 06881a8669 Merge commit '2c0441acd7f943a9873b650cf75d33c73d545acf' into glitch-soc/merge-upstream 2024-03-13 19:16:47 +01:00
Matt Jankowski 46e902f1f3
Merge `api/v1/accounts/credentials` controller spec into existing request spec (#29006) 2024-03-13 09:22:43 +00:00