Merge remote-tracking branch 'origin/master' into gs-master

Conflicts:
 	app/serializers/initial_state_serializer.rb

The glitch flavour isn't yet pulling custom emoji data on its own (see
https://github.com/tootsuite/mastodon/pull/7047).  Once that gets into
the glitch flavour, we can eliminate the custom_emojis load.

app/controllers/admin/statuses_controller.rb

@@ -12,7 +12,7 @@ module Admin
     def index
       authorize :status, :index?
 
-      @statuses = @account.statuses
+      @statuses = @account.statuses.where(visibility: [:public, :unlisted])
 
       if params[:media]
         account_media_status_ids = @account.media_attachments.attached.reorder(nil).select(:status_id).distinct

app/controllers/api/v1/accounts/credentials_controller.rb

@@ -13,6 +13,7 @@ class Api::V1::Accounts::CredentialsController < Api::BaseController
   def update
     @account = current_account
     UpdateAccountService.new.call(@account, account_params, raise_error: true)
+    UserSettingsDecorator.new(current_user).update(user_settings_params) if user_settings_params
     ActivityPub::UpdateDistributionWorker.perform_async(@account.id)
     render json: @account, serializer: REST::CredentialAccountSerializer
   end
@@ -22,4 +23,15 @@ class Api::V1::Accounts::CredentialsController < Api::BaseController
   def account_params
     params.permit(:display_name, :note, :avatar, :header, :locked)
   end
+
+  def user_settings_params
+    return nil unless params.key?(:source)
+
+    source_params = params.require(:source)
+
+    {
+      'setting_default_privacy' => source_params.fetch(:privacy, @account.user.setting_default_privacy),
+      'setting_default_sensitive' => source_params.fetch(:sensitive, @account.user.setting_default_sensitive),
+    }
+  end
 end

app/controllers/concerns/remote_account_controller_concern.rb

@@ -0,0 +1,21 @@
+# frozen_string_literal: true
+
+module RemoteAccountControllerConcern
+  extend ActiveSupport::Concern
+
+  included do
+    layout 'public'
+    before_action :set_account
+    before_action :check_account_suspension
+  end
+
+  private
+
+  def set_account
+    @account = Account.find_remote!(params[:acct])
+  end
+
+  def check_account_suspension
+    gone if @account.suspended?
+  end
+end

app/controllers/remote_unfollows.rb

@@ -0,0 +1,39 @@
+# frozen_string_literal: true
+
+class RemoteUnfollowsController < ApplicationController
+  layout 'modal'
+
+  before_action :authenticate_user!
+  before_action :set_body_classes
+
+  def create
+    @account = unfollow_attempt.try(:target_account)
+
+    if @account.nil?
+      render :error
+    else
+      render :success
+    end
+  rescue ActiveRecord::RecordNotFound, Mastodon::NotPermittedError
+    render :error
+  end
+
+  private
+
+  def unfollow_attempt
+    username, domain = acct_without_prefix.split('@')
+    UnfollowService.new.call(current_account, Account.find_remote!(username, domain))
+  end
+
+  def acct_without_prefix
+    acct_params.gsub(/\Aacct:/, '')
+  end
+
+  def acct_params
+    params.fetch(:acct, '')
+  end
+
+  def set_body_classes
+    @body_classes = 'modal-layout'
+  end
+end

app/javascript/mastodon/actions/accounts.js

@@ -1,5 +1,5 @@
 import api, { getLinks } from '../api';
-import asyncDB from '../storage/db';
+import openDB from '../storage/db';
 import { importAccount, importFetchedAccount, importFetchedAccounts } from './importer';
 
 export const ACCOUNT_FETCH_REQUEST = 'ACCOUNT_FETCH_REQUEST';
@@ -94,12 +94,15 @@ export function fetchAccount(id) {
 
     dispatch(fetchAccountRequest(id));
 
-    asyncDB.then(db => getFromDB(
+    openDB().then(db => getFromDB(
       dispatch,
       getState,
       db.transaction('accounts', 'read').objectStore('accounts').index('id'),
       id
-    )).catch(() => api(getState).get(`/api/v1/accounts/${id}`).then(response => {
+    ).then(() => db.close(), error => {
+      db.close();
+      throw error;
+    })).catch(() => api(getState).get(`/api/v1/accounts/${id}`).then(response => {
       dispatch(importFetchedAccount(response.data));
     })).then(() => {
       dispatch(fetchAccountSuccess());

app/javascript/mastodon/actions/custom_emojis.js

@@ -0,0 +1,37 @@
+import api from '../api';
+
+export const CUSTOM_EMOJIS_FETCH_REQUEST = 'CUSTOM_EMOJIS_FETCH_REQUEST';
+export const CUSTOM_EMOJIS_FETCH_SUCCESS = 'CUSTOM_EMOJIS_FETCH_SUCCESS';
+export const CUSTOM_EMOJIS_FETCH_FAIL = 'CUSTOM_EMOJIS_FETCH_FAIL';
+
+export function fetchCustomEmojis() {
+  return (dispatch, getState) => {
+    dispatch(fetchCustomEmojisRequest());
+
+    api(getState).get('/api/v1/custom_emojis').then(response => {
+      dispatch(fetchCustomEmojisSuccess(response.data));
+    }).catch(error => {
+      dispatch(fetchCustomEmojisFail(error));
+    });
+  };
+};
+
+export function fetchCustomEmojisRequest() {
+  return {
+    type: CUSTOM_EMOJIS_FETCH_REQUEST,
+  };
+};
+
+export function fetchCustomEmojisSuccess(custom_emojis) {
+  return {
+    type: CUSTOM_EMOJIS_FETCH_SUCCESS,
+    custom_emojis,
+  };
+};
+
+export function fetchCustomEmojisFail(error) {
+  return {
+    type: CUSTOM_EMOJIS_FETCH_FAIL,
+    error,
+  };
+};

app/javascript/mastodon/actions/importer/index.js

@@ -1,3 +1,4 @@
+import { autoPlayGif } from '../../initial_state';
 import { putAccounts, putStatuses } from '../../storage/modifier';
 import { normalizeAccount, normalizeStatus } from './normalizer';
 
@@ -44,7 +45,7 @@ export function importFetchedAccounts(accounts) {
   }
 
   accounts.forEach(processAccount);
-  putAccounts(normalAccounts);
+  putAccounts(normalAccounts, !autoPlayGif);
 
   return importAccounts(normalAccounts);
 }

app/javascript/mastodon/actions/statuses.js

@@ -1,5 +1,5 @@
 import api from '../api';
-import asyncDB from '../storage/db';
+import openDB from '../storage/db';
 import { evictStatus } from '../storage/modifier';
 
 import { deleteFromTimelines } from './timelines';
@@ -92,12 +92,17 @@ export function fetchStatus(id) {
 
     dispatch(fetchStatusRequest(id, skipLoading));
 
-    asyncDB.then(db => {
+    openDB().then(db => {
       const transaction = db.transaction(['accounts', 'statuses'], 'read');
       const accountIndex = transaction.objectStore('accounts').index('id');
       const index = transaction.objectStore('statuses').index('id');
 
-      return getFromDB(dispatch, getState, accountIndex, index, id);
+      return getFromDB(dispatch, getState, accountIndex, index, id).then(() => {
+        db.close();
+      }, error => {
+        db.close();
+        throw error;
+      });
     }).then(() => {
       dispatch(fetchStatusSuccess(skipLoading));
     }, () => api(getState).get(`/api/v1/statuses/${id}`).then(response => {

app/javascript/mastodon/containers/mastodon.js

@@ -6,6 +6,7 @@ import { showOnboardingOnce } from '../actions/onboarding';
 import { BrowserRouter, Route } from 'react-router-dom';
 import { ScrollContext } from 'react-router-scroll-4';
 import UI from '../features/ui';
+import { fetchCustomEmojis } from '../actions/custom_emojis';
 import { hydrateStore } from '../actions/store';
 import { connectUserStream } from '../actions/streaming';
 import { IntlProvider, addLocaleData } from 'react-intl';
@@ -19,6 +20,9 @@ export const store = configureStore();
 const hydrateAction = hydrateStore(initialState);
 store.dispatch(hydrateAction);
 
+// load custom emojis
+store.dispatch(fetchCustomEmojis());
+
 export default class Mastodon extends React.PureComponent {
 
   static propTypes = {

app/javascript/mastodon/features/compose/containers/emoji_picker_dropdown_container.js

@@ -38,7 +38,8 @@ const getFrequentlyUsedEmojis = createSelector([
     .toArray();
 
   if (emojis.length < DEFAULTS.length) {
-    emojis = emojis.concat(DEFAULTS.slice(0, DEFAULTS.length - emojis.length));
+    let uniqueDefaults = DEFAULTS.filter(emoji => !emojis.includes(emoji));
+    emojis = emojis.concat(uniqueDefaults.slice(0, DEFAULTS.length - emojis.length));
   }
 
   return emojis;

app/javascript/mastodon/features/compose/index.js

@@ -24,9 +24,9 @@ const messages = defineMessages({
   logout: { id: 'navigation_bar.logout', defaultMessage: 'Logout' },
 });
 
-const mapStateToProps = state => ({
+const mapStateToProps = (state, ownProps) => ({
   columns: state.getIn(['settings', 'columns']),
-  showSearch: state.getIn(['search', 'submitted']) && !state.getIn(['search', 'hidden']),
+  showSearch: ownProps.multiColumn ? state.getIn(['search', 'submitted']) && !state.getIn(['search', 'hidden']) : ownProps.isSearchPage,
 });
 
 @connect(mapStateToProps)
@@ -38,6 +38,7 @@ export default class Compose extends React.PureComponent {
     columns: ImmutablePropTypes.list.isRequired,
     multiColumn: PropTypes.bool,
     showSearch: PropTypes.bool,
+    isSearchPage: PropTypes.bool,
     intl: PropTypes.object.isRequired,
   };
 
@@ -58,7 +59,7 @@ export default class Compose extends React.PureComponent {
   }
 
   render () {
-    const { multiColumn, showSearch, intl } = this.props;
+    const { multiColumn, showSearch, isSearchPage, intl } = this.props;
 
     let header = '';
 
@@ -89,7 +90,7 @@ export default class Compose extends React.PureComponent {
       <div className='drawer'>
         {header}
 
-        <SearchContainer />
+        {(multiColumn || isSearchPage) && <SearchContainer /> }
 
         <div className='drawer__pager'>
           <div className='drawer__inner' onFocus={this.onFocus}>
@@ -102,7 +103,7 @@ export default class Compose extends React.PureComponent {
             )}
           </div>
 
-          <Motion defaultStyle={{ x: -100 }} style={{ x: spring(showSearch ? 0 : -100, { stiffness: 210, damping: 20 }) }}>
+          <Motion defaultStyle={{ x: isSearchPage ? 0 : -100 }} style={{ x: spring(showSearch || isSearchPage ? 0 : -100, { stiffness: 210, damping: 20 }) }}>
             {({ x }) => (
               <div className='drawer__inner darker' style={{ transform: `translateX(${x}%)`, visibility: x === -100 ? 'hidden' : 'visible' }}>
                 <SearchResultsContainer />

app/javascript/mastodon/features/ui/components/tabs_bar.js

@@ -8,6 +8,7 @@ import { isUserTouching } from '../../../is_mobile';
 export const links = [
   <NavLink className='tabs-bar__link primary' to='/timelines/home' data-preview-title-id='column.home' data-preview-icon='home' ><i className='fa fa-fw fa-home' /><FormattedMessage id='tabs_bar.home' defaultMessage='Home' /></NavLink>,
   <NavLink className='tabs-bar__link primary' to='/notifications' data-preview-title-id='column.notifications' data-preview-icon='bell' ><i className='fa fa-fw fa-bell' /><FormattedMessage id='tabs_bar.notifications' defaultMessage='Notifications' /></NavLink>,
+  <NavLink className='tabs-bar__link primary' to='/search' data-preview-title-id='tabs_bar.search' data-preview-icon='bell' ><i className='fa fa-fw fa-search' /><FormattedMessage id='tabs_bar.search' defaultMessage='Search' /></NavLink>,
 
   <NavLink className='tabs-bar__link secondary' to='/timelines/public/local' data-preview-title-id='column.community' data-preview-icon='users' ><i className='fa fa-fw fa-users' /><FormattedMessage id='tabs_bar.local_timeline' defaultMessage='Local' /></NavLink>,
   <NavLink className='tabs-bar__link secondary' exact to='/timelines/public' data-preview-title-id='column.public' data-preview-icon='globe' ><i className='fa fa-fw fa-globe' /><FormattedMessage id='tabs_bar.federated_timeline' defaultMessage='Federated' /></NavLink>,

app/javascript/mastodon/features/ui/index.js

@@ -146,6 +146,8 @@ class SwitchingColumnsArea extends React.PureComponent {
           <WrappedRoute path='/favourites' component={FavouritedStatuses} content={children} />
           <WrappedRoute path='/pinned' component={PinnedStatuses} content={children} />
 
+          <WrappedRoute path='/search' component={Compose} content={children} componentParams={{ isSearchPage: true }} />
+
           <WrappedRoute path='/statuses/new' component={Compose} content={children} />
           <WrappedRoute path='/statuses/:statusId' exact component={Status} content={children} />
           <WrappedRoute path='/statuses/:statusId/reblogs' component={Reblogs} content={children} />

app/javascript/mastodon/locales/defaultMessages.json

@@ -1730,6 +1730,10 @@
         "defaultMessage": "Notifications",
         "id": "tabs_bar.notifications"
       },
+      {
+        "defaultMessage": "Search",
+        "id": "tabs_bar.search"
+      },
       {
         "defaultMessage": "Local",
         "id": "tabs_bar.local_timeline"

app/javascript/mastodon/locales/en.json

@@ -276,6 +276,7 @@
   "tabs_bar.home": "Home",
   "tabs_bar.local_timeline": "Local",
   "tabs_bar.notifications": "Notifications",
+  "tabs_bar.search": "Search",
   "ui.beforeunload": "Your draft will be lost if you leave Mastodon.",
   "upload_area.title": "Drag & drop to upload",
   "upload_button.label": "Add media",

app/javascript/mastodon/locales/pt-BR.json

@@ -189,7 +189,7 @@
   "onboarding.page_one.federation": "Mastodon é uma rede de servidores independentes que se juntam para fazer uma grande rede social. Nós chamamos estes servidores de instâncias.",
   "onboarding.page_one.full_handle": "Seu nome de usuário completo",
   "onboarding.page_one.handle_hint": "Isso é o que você diz aos seus amigos para que eles possam te mandar mensagens ou te seguir a partir de outra instância.",
-  "onboarding.page_one.welcome": "Seja bem-vindo(a) ao Mastodon!",
+  "onboarding.page_one.welcome": "Boas-vindas ao Mastodon!",
   "onboarding.page_six.admin": "O administrador de sua instância é {admin}.",
   "onboarding.page_six.almost_done": "Quase acabando...",
   "onboarding.page_six.appetoot": "Bom Apetoot!",

app/javascript/mastodon/locales/pt.json

@@ -189,7 +189,7 @@
   "onboarding.page_one.federation": "Mastodon é uma rede de servidores independentes ligados entre si para fazer uma grande rede social. Nós chamamos instâncias a estes servidores.",
   "onboarding.page_one.full_handle": "O teu nome de utilizador completo",
   "onboarding.page_one.handle_hint": "Isto é o que dizes aos teus amigos para pesquisar.",
-  "onboarding.page_one.welcome": "Bem-vindo(a) ao Mastodon!",
+  "onboarding.page_one.welcome": "Boas-vindas ao Mastodon!",
   "onboarding.page_six.admin": "O administrador da tua instância é {admin}.",
   "onboarding.page_six.almost_done": "Quase pronto...",
   "onboarding.page_six.appetoot": "Bon Appetoot!",

app/javascript/mastodon/reducers/custom_emojis.js

@@ -1,16 +1,15 @@
-import { List as ImmutableList } from 'immutable';
-import { STORE_HYDRATE } from '../actions/store';
+import { List as ImmutableList, fromJS as ConvertToImmutable } from 'immutable';
+import { CUSTOM_EMOJIS_FETCH_SUCCESS } from '../actions/custom_emojis';
 import { search as emojiSearch } from '../features/emoji/emoji_mart_search_light';
 import { buildCustomEmojis } from '../features/emoji/emoji';
 
-const initialState = ImmutableList();
+const initialState = ImmutableList([]);
 
 export default function custom_emojis(state = initialState, action) {
-  switch(action.type) {
-  case STORE_HYDRATE:
-    emojiSearch('', { custom: buildCustomEmojis(action.state.get('custom_emojis', [])) });
-    return action.state.get('custom_emojis');
-  default:
-    return state;
+  if(action.type === CUSTOM_EMOJIS_FETCH_SUCCESS) {
+    state = ConvertToImmutable(action.custom_emojis);
+    emojiSearch('', { custom: buildCustomEmojis(state) });
   }
+
+  return state;
 };

app/javascript/mastodon/service_worker/entry.js

@@ -1,3 +1,4 @@
+import { freeStorage } from '../storage/modifier';
 import './web_push_notifications';
 
 function openSystemCache() {
@@ -42,8 +43,10 @@ self.addEventListener('fetch', function(event) {
 
     event.respondWith(asyncResponse.then(async response => {
       if (response.ok || response.type === 'opaqueredirect') {
-        const cache = await asyncCache;
-        await cache.delete('/');
+        await Promise.all([
+          asyncCache.then(cache => cache.delete('/')),
+          indexedDB.deleteDatabase('mastodon'),
+        ]);
       }
 
       return response;
@@ -56,7 +59,11 @@ self.addEventListener('fetch', function(event) {
         const fetched = await fetch(event.request);
 
         if (fetched.ok) {
-          await cache.put(event.request.url, fetched.clone());
+          try {
+            await cache.put(event.request.url, fetched.clone());
+          } finally {
+            freeStorage();
+          }
         }
 
         return fetched;

app/javascript/mastodon/storage/db.js

@@ -1,15 +1,14 @@
-import { me } from '../initial_state';
-
-export default new Promise((resolve, reject) => {
+export default () => new Promise((resolve, reject) => {
+  // ServiceWorker is required to synchronize the login state.
   // Microsoft Edge 17 does not support getAll according to:
   // Catalog of standard and vendor APIs across browsers - Microsoft Edge Development
   // https://developer.microsoft.com/en-us/microsoft-edge/platform/catalog/?q=specName%3Aindexeddb
-  if (!me || !('getAll' in IDBObjectStore.prototype)) {
+  if (!('caches' in self && 'getAll' in IDBObjectStore.prototype)) {
     reject();
     return;
   }
 
-  const request = indexedDB.open('mastodon:' + me);
+  const request = indexedDB.open('mastodon');
 
   request.onerror = reject;
   request.onsuccess = ({ target }) => resolve(target.result);

app/javascript/mastodon/storage/modifier.js

@@ -1,13 +1,14 @@
-import asyncDB from './db';
-import { autoPlayGif } from '../initial_state';
+import openDB from './db';
 
 const accountAssetKeys = ['avatar', 'avatar_static', 'header', 'header_static'];
-const avatarKey = autoPlayGif ? 'avatar' : 'avatar_static';
-const limit = 1024;
+const storageMargin = 8388608;
+const storeLimit = 1024;
 
-// ServiceWorker and Cache API is not available on iOS 11
-// https://webkit.org/status/#specification-service-workers
-const asyncCache = window.caches ? caches.open('mastodon-system') : Promise.reject();
+function openCache() {
+  // ServiceWorker and Cache API is not available on iOS 11
+  // https://webkit.org/status/#specification-service-workers
+  return self.caches ? caches.open('mastodon-system') : Promise.reject();
+}
 
 function printErrorIfAvailable(error) {
   if (error) {
@@ -16,7 +17,7 @@ function printErrorIfAvailable(error) {
 }
 
 function put(name, objects, onupdate, oncreate) {
-  return asyncDB.then(db => new Promise((resolve, reject) => {
+  return openDB().then(db => (new Promise((resolve, reject) => {
     const putTransaction = db.transaction(name, 'readwrite');
     const putStore = putTransaction.objectStore(name);
     const putIndex = putStore.index('id');
@@ -53,7 +54,7 @@ function put(name, objects, onupdate, oncreate) {
       const count = readStore.count();
 
       count.onsuccess = () => {
-        const excess = count.result - limit;
+        const excess = count.result - storeLimit;
 
         if (excess > 0) {
           const retrieval = readStore.getAll(null, excess);
@@ -69,11 +70,17 @@ function put(name, objects, onupdate, oncreate) {
     };
 
     putTransaction.onerror = reject;
+  })).then(resolved => {
+    db.close();
+    return resolved;
+  }, error => {
+    db.close();
+    throw error;
   }));
 }
 
 function evictAccountsByRecords(records) {
-  asyncDB.then(db => {
+  return openDB().then(db => {
     const transaction = db.transaction(['accounts', 'statuses'], 'readwrite');
     const accounts = transaction.objectStore('accounts');
     const accountsIdIndex = accounts.index('id');
@@ -83,7 +90,7 @@ function evictAccountsByRecords(records) {
 
     function evict(toEvict) {
       toEvict.forEach(record => {
-        asyncCache
+        openCache()
           .then(cache => accountAssetKeys.forEach(key => cache.delete(records[key])))
           .catch(printErrorIfAvailable);
 
@@ -98,6 +105,8 @@ function evictAccountsByRecords(records) {
     }
 
     evict(records);
+
+    db.close();
   }).catch(printErrorIfAvailable);
 }
 
@@ -106,8 +115,9 @@ export function evictStatus(id) {
 }
 
 export function evictStatuses(ids) {
-  asyncDB.then(db => {
-    const store = db.transaction('statuses', 'readwrite').objectStore('statuses');
+  return openDB().then(db => {
+    const transaction = db.transaction('statuses', 'readwrite');
+    const store = transaction.objectStore('statuses');
     const idIndex = store.index('id');
     const reblogIndex = store.index('reblog');
 
@@ -118,14 +128,17 @@ export function evictStatuses(ids) {
       idIndex.getKey(id).onsuccess =
         ({ target }) => target.result && store.delete(target.result);
     });
+
+    db.close();
   }).catch(printErrorIfAvailable);
 }
 
 function evictStatusesByRecords(records) {
-  evictStatuses(records.map(({ id }) => id));
+  return evictStatuses(records.map(({ id }) => id));
 }
 
-export function putAccounts(records) {
+export function putAccounts(records, avatarStatic) {
+  const avatarKey = avatarStatic ? 'avatar_static' : 'avatar';
   const newURLs = [];
 
   put('accounts', records, (newRecord, oldKey, store, oncomplete) => {
@@ -135,7 +148,7 @@ export function putAccounts(records) {
         const oldURL = target.result[key];
 
         if (newURL !== oldURL) {
-          asyncCache
+          openCache()
             .then(cache => cache.delete(oldURL))
             .catch(printErrorIfAvailable);
         }
@@ -153,11 +166,12 @@ export function putAccounts(records) {
   }, (newRecord, oncomplete) => {
     newURLs.push(newRecord[avatarKey]);
     oncomplete();
-  }).then(records => {
-    evictAccountsByRecords(records);
-    asyncCache
-      .then(cache => cache.addAll(newURLs))
-      .catch(printErrorIfAvailable);
+  }).then(records => Promise.all([
+    evictAccountsByRecords(records),
+    openCache().then(cache => cache.addAll(newURLs)),
+  ])).then(freeStorage, error => {
+    freeStorage();
+    throw error;
   }).catch(printErrorIfAvailable);
 }
 
@@ -166,3 +180,27 @@ export function putStatuses(records) {
     .then(evictStatusesByRecords)
     .catch(printErrorIfAvailable);
 }
+
+export function freeStorage() {
+  return navigator.storage.estimate().then(({ quota, usage }) => {
+    if (usage + storageMargin < quota) {
+      return null;
+    }
+
+    return openDB().then(db => new Promise((resolve, reject) => {
+      const retrieval = db.transaction('accounts', 'readonly').objectStore('accounts').getAll(null, 1);
+
+      retrieval.onsuccess = () => {
+        if (retrieval.result.length > 0) {
+          resolve(evictAccountsByRecords(retrieval.result).then(freeStorage));
+        } else {
+          resolve(caches.delete('mastodon-system'));
+        }
+      };
+
+      retrieval.onerror = reject;
+
+      db.close();
+    }));
+  });
+}

app/javascript/styles/mastodon/about.scss

@@ -322,6 +322,11 @@ $small-breakpoint: 960px;
     border: 0;
     border-bottom: 1px solid rgba($ui-base-lighter-color, .6);
     margin: 20px 0;
+
+    &.spacer {
+      height: 1px;
+      border: 0;
+    }
   }
 
   .container-alt {

app/lib/activitypub/activity/delete.rb

@@ -17,21 +17,25 @@ class ActivityPub::Activity::Delete < ActivityPub::Activity
   end
 
   def delete_note
-    status   = Status.find_by(uri: object_uri, account: @account)
-    status ||= Status.find_by(uri: @object['atomUri'], account: @account) if @object.is_a?(Hash) && @object['atomUri'].present?
+    @status   = Status.find_by(uri: object_uri, account: @account)
+    @status ||= Status.find_by(uri: @object['atomUri'], account: @account) if @object.is_a?(Hash) && @object['atomUri'].present?
 
     delete_later!(object_uri)
 
-    return if status.nil?
+    return if @status.nil?
 
-    forward_for_reblogs(status)
-    delete_now!(status)
+    if @status.public_visibility? || @status.unlisted_visibility?
+      forward_for_reply
+      forward_for_reblogs
+    end
+
+    delete_now!
   end
 
-  def forward_for_reblogs(status)
+  def forward_for_reblogs
     return if @json['signature'].blank?
 
-    rebloggers_ids = status.reblogs.includes(:account).references(:account).merge(Account.local).pluck(:account_id)
+    rebloggers_ids = @status.reblogs.includes(:account).references(:account).merge(Account.local).pluck(:account_id)
     inboxes        = Account.where(id: ::Follow.where(target_account_id: rebloggers_ids).select(:account_id)).inboxes - [@account.preferred_inbox_url]
 
     ActivityPub::DeliveryWorker.push_bulk(inboxes) do |inbox_url|
@@ -39,8 +43,22 @@ class ActivityPub::Activity::Delete < ActivityPub::Activity
     end
   end
 
-  def delete_now!(status)
-    RemoveStatusService.new.call(status)
+  def replied_to_status
+    return @replied_to_status if defined?(@replied_to_status)
+    @replied_to_status = @status.thread
+  end
+
+  def reply_to_local?
+    !replied_to_status.nil? && replied_to_status.account.local?
+  end
+
+  def forward_for_reply
+    return unless @json['signature'].present? && reply_to_local?
+    ActivityPub::RawDistributionWorker.perform_async(Oj.dump(@json), replied_to_status.account_id, [@account.preferred_inbox_url])
+  end
+
+  def delete_now!
+    RemoveStatusService.new.call(@status)
   end
 
   def payload

app/lib/user_settings_decorator.rb

@@ -93,7 +93,7 @@ class UserSettingsDecorator
   end
 
   def boolean_cast_setting(key)
-    settings[key] == '1'
+    ActiveModel::Type::Boolean.new.cast(settings[key])
   end
 
   def coerced_settings(key)
@@ -101,7 +101,7 @@ class UserSettingsDecorator
   end
 
   def coerce_values(params_hash)
-    params_hash.transform_values { |x| x == '1' }
+    params_hash.transform_values { |x| ActiveModel::Type::Boolean.new.cast(x) }
   end
 
   def change?(key)

app/views/accounts/_follow_button.html.haml

@@ -8,16 +8,16 @@
   - if user_signed_in? && current_account.id != account.id && !requested
     .controls
       - if following
-        = link_to account_unfollow_path(account), data: { method: :post }, class: 'icon-button' do
+        = link_to (account.local? ? account_unfollow_path(account) : remote_unfollow_path(acct: account.acct)), data: { method: :post }, class: 'icon-button' do
           = fa_icon 'user-times'
           = t('accounts.unfollow')
       - else
-        = link_to account_follow_path(account), data: { method: :post }, class: 'icon-button' do
+        = link_to (account.local? ? account_follow_path(account) : authorize_follow_path(acct: account.acct)), data: { method: :post }, class: 'icon-button' do
           = fa_icon 'user-plus'
           = t('accounts.follow')
   - elsif !user_signed_in?
     .controls
       .remote-follow
-        = link_to account_remote_follow_path(account), class: 'icon-button' do
+        = link_to (account.local? ? account_remote_follow_path(account) : "web+mastodon://follow?uri=#{account.uri}"), class: 'icon-button' do
           = fa_icon 'user-plus'
           = t('accounts.remote_follow')

app/views/accounts/_follow_grid.html.haml

@@ -2,6 +2,6 @@
   - if accounts.empty?
     = render partial: 'accounts/nothing_here'
   - else
-    = render partial: 'accounts/grid_card', collection: accounts, as: :account, cached: true
+    = render partial: 'accounts/grid_card', collection: accounts, as: :account, cached: !user_signed_in?
 
 = paginate follows

app/views/remote_unfollows/_card.html.haml

@@ -0,0 +1,13 @@
+.account-card
+  .detailed-status__display-name
+    %div
+      = image_tag account.avatar.url(:original), alt: '', width: 48, height: 48, class: 'avatar'
+
+    %span.display-name
+      - account_url = local_assigns[:admin] ? admin_account_path(account.id) : TagManager.instance.url_for(account)
+      = link_to account_url, class: 'detailed-status__display-name p-author h-card', target: '_blank', rel: 'noopener' do
+        %strong.emojify= display_name(account)
+        %span @#{account.acct}
+
+  - if account.note?
+    .account__header__content.emojify= Formatter.instance.simplified_format(account)

app/views/remote_unfollows/_post_follow_actions.html.haml

@@ -0,0 +1,4 @@
+.post-follow-actions
+  %div= link_to t('authorize_follow.post_follow.web'), web_url("accounts/#{@account.id}"), class: 'button button--block'
+  %div= link_to t('authorize_follow.post_follow.return'), TagManager.instance.url_for(@account), class: 'button button--block'
+  %div= t('authorize_follow.post_follow.close')

app/views/remote_unfollows/error.html.haml

@@ -0,0 +1,3 @@
+.form-container
+  .flash-message#error_explanation
+    = t('remote_unfollow.error')

app/views/remote_unfollows/success.html.haml

@@ -0,0 +1,10 @@
+- content_for :page_title do
+  = t('remote_unfollow.title', acct: @account.acct)
+
+.form-container
+  .follow-prompt
+    %h2= t('remote_unfollow.unfollowed')
+
+    = render 'card', account: @account
+
+  = render 'post_follow_actions'

app/workers/activitypub/delivery_worker.rb

@@ -12,9 +12,7 @@ class ActivityPub::DeliveryWorker
     @source_account = Account.find(source_account_id)
     @inbox_url      = inbox_url
 
-    perform_request do |response|
-      raise Mastodon::UnexpectedResponseError, response unless response_successful? response
-    end
+    perform_request
 
     failure_tracker.track_success!
   rescue => e
@@ -30,8 +28,14 @@ class ActivityPub::DeliveryWorker
     request.add_headers(HEADERS)
   end
 
-  def perform_request(&block)
-    build_request.perform(&block)
+  def perform_request
+    light = Stoplight(@inbox_url) do
+      build_request.perform do |response|
+        raise Mastodon::UnexpectedResponseError, response unless response_successful?(response)
+      end
+    end
+
+    light.run
   end
 
   def response_successful?(response)

app/workers/scheduler/ip_cleanup_scheduler.rb

@@ -4,8 +4,10 @@ require 'sidekiq-scheduler'
 class Scheduler::IpCleanupScheduler
   include Sidekiq::Worker
 
+  RETENTION_PERIOD = 1.year
+
   def perform
-    time_ago = 5.years.ago
+    time_ago = RETENTION_PERIOD.ago
     SessionActivation.where('updated_at < ?', time_ago).destroy_all
     User.where('last_sign_in_at < ?', time_ago).update_all(last_sign_in_ip: nil)
   end