Commit Graph

7330 Commits

Author SHA1 Message Date
Claire
a63495230a Change percent to rate in retention metrics API (#16910) 2022-01-23 16:01:25 +01:00
Claire
bddd9ba36d Add OMNIAUTH_ONLY environment variable to enforce externa log-in (#17288)
* Remove support for OAUTH_REDIRECT_AT_SIGN_IN

Fixes #15959

Introduced in #6540, OAUTH_REDIRECT_AT_SIGN_IN allowed skipping the log-in form
to instead redirect to the external OmniAuth login provider.

However, it did not prevent the log-in form on /about introduced by #10232 from
appearing, and completely broke with the introduction of #15228.

As I restoring that previous log-in flow without introducing a security
vulnerability may require extensive care and knowledge of how OmniAuth works,
this commit removes support for OAUTH_REDIRECT_AT_SIGN_IN instead for the time
being.

* Add OMNIAUTH_ONLY environment variable to enforce external log-in only

* Disable user registration when OMNIAUTH_ONLY is set to true

* Replace log-in links When OMNIAUTH_ONLY is set with exactly one OmniAuth provider
2022-01-23 15:52:58 +01:00
Claire
cfa583fa71 Remove support for OAUTH_REDIRECT_AT_SIGN_IN (#17287)
Fixes #15959

Introduced in #6540, OAUTH_REDIRECT_AT_SIGN_IN allowed skipping the log-in form
to instead redirect to the external OmniAuth login provider.

However, it did not prevent the log-in form on /about introduced by #10232 from
appearing, and completely broke with the introduction of #15228.

As I restoring that previous log-in flow without introducing a security
vulnerability may require extensive care and knowledge of how OmniAuth works,
this commit removes support for OAUTH_REDIRECT_AT_SIGN_IN instead for the time
being.
2022-01-23 15:50:41 +01:00
Claire
8a07ecd377 Remove leftover database columns from Devise::Models::Rememberable (#17191)
* Remove leftover database columns from Devise::Models::Rememberable

* Update fix-duplication maintenance script

* Improve errors/warnings in the fix-duplicates maintenance script
2022-01-23 15:46:30 +01:00
Claire
3a103cd317 Fix text being incorrectly pre-selected in composer textarea on /share (#17339)
Fixes #17295
2022-01-20 20:56:21 +01:00
Claire
6eea3f8f9c Add post edited notice in admin and public UIs (#17335)
* Add edited toot flag on public pages

* Add toot edit flag to admin pages
2022-01-20 13:37:31 +01:00
Eugen Rochko
9eb775a9d1 Fix error when using raw distribution worker (#17334)
Regression from #16697
2022-01-19 23:05:59 +01:00
Eugen Rochko
d412a8d1f2 Fix error when processing poll updates (#17333)
Regression from #16697
2022-01-19 22:50:01 +01:00
Eugen Rochko
1060666c58 Add support for editing for published statuses (#16697)
* Add support for editing for published statuses

* Fix references to stripped-out code

* Various fixes and improvements

* Further fixes and improvements

* Fix updates being potentially sent to unauthorized recipients

* Various fixes and improvements

* Fix wrong words in test

* Fix notifying accounts that were tagged but were not in the audience

* Fix mistake
2022-01-19 22:37:27 +01:00
Jeong Arm
2d1f082bb6 Fix NameError on ActivityPub::FetchFeaturedCollectionService (#17326)
Related: #16954
2022-01-19 04:08:46 +01:00
Claire
c60f8ce032 Fix pinned attribute not being set for private self-posts (#17304) 2022-01-17 11:59:46 +01:00
Eugen Rochko
14f436c457 Add notifications for statuses deleted by moderators (#17204) 2022-01-17 09:41:33 +01:00
Claire
d5c9feb7b7 Add support for private pinned posts (#16954)
* Add support for private pinned toots

* Allow local user to pin private toots

* Change wording to avoid "direct message"
2022-01-17 00:49:55 +01:00
Claire
081e4426f8 Fix admin interface crash when displaying deleted user (#17301) 2022-01-16 20:57:37 +01:00
Eugen Rochko
8e84ebf0cb Remove IP tracking columns from users table (#16409) 2022-01-16 13:23:50 +01:00
Jeong Arm
bc7a8ae6d6 Gradually increase retry waiting for media processing (#17271) 2022-01-10 14:25:08 +01:00
Jeong Arm
d3db2eb7fb Remove custom emojis on domain purge (#17210) 2021-12-30 08:41:09 +01:00
Claire
37e80994f8 Fix media descriptions not being used for client-side filtering (#17206)
Fix oversight in #13837
2021-12-28 23:25:50 +01:00
Eugen Rochko
fe71548844 Fix warnings on Rails boot (#16946) 2021-12-27 00:47:20 +01:00
Rens Groothuijsen
e65080181a Fix tag rendering error in hashtag column settings (#17184)
* Flatten tags in configuration to regular array before converting to JSON

* Render filter tags using toJS instead of toJSON
2021-12-26 19:22:05 +01:00
Jeong Arm
720e8ab0f5 Fix duplicate record on admin/accounts when searching with IP (#17150) 2021-12-21 00:17:14 +01:00
Claire
76761d5fc0 Add ability for admins to delete canonical email blocks (#16644)
* Add admin option to remove canonical email blocks from a deleted account

* Add tootctl canonical_email_blocks to inspect and remove canonical email blocks
2021-12-17 23:02:14 +01:00
Claire
7f803c41e2 Add ability to purge undeliverable domains from admin interface (#16686)
* Add ability to purge undeliverable domains from admin interface

* Add tests
2021-12-17 23:01:21 +01:00
Claire
0c17fd9109 Change title of retention chart (#16909)
Changes from “Retention” to “User retention rate by month after sign-up”.
This should make it much clearer to people not familiar with retention charts
what it actually means.
2021-12-17 23:00:41 +01:00
Claire
40f202c1e5 Change list title input styling (#17092) 2021-12-17 23:00:05 +01:00
David Sterry
2aafa5b4e7 ignore hashtag suggestions if they vary only in case (#16460)
* ignore hashtag suggestions if they vary only in case

* remove console.logs and unused args

* consistently add space when dismissing suggestions

* linting
2021-12-15 23:47:19 +01:00
Takeshi Umeda
bda8e4f815 Fix follow recommendation biased towards older accounts (#17126) 2021-12-13 23:21:14 +01:00
Eugen Rochko
fe45184b36 Change trending hashtags threshold back from 15 to 5 (#17122) 2021-12-13 05:32:29 +01:00
heguro
41503507ec Fix redirection when succeeded WebAuthn (#17098) 2021-12-05 21:50:12 +01:00
Rens Groothuijsen
66baa629ea Show correct error message if chosen password is too long (#17082)
* Add correct error message for exceeding max length on password confirmation field

* Code style fixes
2021-12-05 21:49:50 +01:00
Eugen Rochko
0fb9536d38 Add batch suspend for accounts in admin UI (#17009) 2021-12-05 21:48:39 +01:00
Eugen Rochko
a458b74c7e Fix error on trending mailer due to missing constant (#17072) 2021-11-29 17:39:40 +01:00
Jeong Arm
4a109ec1ba Fix server graph on admin/tags/:id (#17066) 2021-11-28 23:13:07 +01:00
Jeong Arm
1c826471e7 Fix admin statuses order(#16937) (#16969)
* Fix #16937

* Add test for statuses order
2021-11-26 22:12:27 +01:00
Claire
3f382e337d Fix searching for additional hashtags in hashtag column (#17054) 2021-11-26 22:11:09 +01:00
Claire
1630807ee2 Fix color of hashtag column settings inputs (#17058)
Fixes #17057
2021-11-26 22:09:11 +01:00
Claire
ddcb9da74f Fix opening wrong profile when clicking on username of boosting user in WebUI (#17060)
Fixes #16799
2021-11-26 22:04:09 +01:00
Eugen Rochko
7de0ee7aba Remove Keybase integration (#17045) 2021-11-26 05:58:18 +01:00
Eugen Rochko
12b3ff6c6d Fix error on trending hashtags/links pages in admin UI due to missing constant (#17044) 2021-11-26 01:12:39 +01:00
Claire
b1fd6d4490 Fix handling of recursive toots in WebUI (#17041) 2021-11-25 23:46:39 +01:00
Claire
013bee6afb Fix filtering DMs from non-followed users (#17042) 2021-11-25 23:46:30 +01:00
Eugen Rochko
6e50134a42 Add trending links (#16917)
* Add trending links

* Add overriding specific links trendability

* Add link type to preview cards and only trend articles

Change trends review notifications from being sent every 5 minutes to being sent every 2 hours

Change threshold from 5 unique accounts to 15 unique accounts

* Fix tests
2021-11-25 13:07:38 +01:00
Claire
02a87431cf Fix error when suspending user with an already-existing canonical email block (#17036)
* Fix error when suspending user with an already-existing canonical email block

Fixes #17033

While attempting to create a `CanonicalEmailBlock` with an existing hash would
raise an `ActiveRecord::RecordNotUnique` error, this being done within a
transaction would cancel the whole transaction. For this reason, checking for
uniqueness in Rails would query the database within the transaction and avoid
invalidating the whole transaction for this reason.

A race condition is still possible, where multiple accounts sharing a canonical
email would be blocked in concurrent transactions, in which only one would
succeed, but that is way less likely to happen that the current issue, and can
always be retried after the first failure, unlike the current situation.

* Add tests
2021-11-24 17:41:03 +01:00
Claire
db32835338 Fix overflow of long profile fields in admin view (#17010) 2021-11-19 18:22:49 +01:00
Claire
6159020617 Fix background-color of emoji-mart selector (#17011)
Reverts part of #16907 to fix hardcoded color
2021-11-19 18:21:37 +01:00
Takeshi Umeda
3419d3ec84 Bump chewy from 5.2.0 to 7.2.3 (supports Elasticsearch 7.x) (#16915)
* Bump chewy from 5.2.0 to 7.2.2

* fix style (codeclimate)

* fix style

* fix style

* Bump chewy from 7.2.2 to 7.2.3
2021-11-18 22:02:08 +01:00
Mashiro
2b6a25c609 Add lazy load to emoji-mart (#16907)
* perf: lazyload emoji-mart!

* Bump lazyload
2021-11-18 22:01:31 +01:00
Claire
3517867b76 Fix confusing error when webfinger request returns empty document (#16986)
For some reason, some misconfigured servers return an empty document when
queried over webfinger. Since an empty document does not lead to a parse
error, the error is not caught properly and triggers uncaught exceptions
later on.

This PR fixes that by immediately erroring out with `Webfinger::Error` on
getting an empty response.
2021-11-14 21:55:40 +01:00
Eugen Rochko
5d7c852283 Fix no link previews being generated for pages with invalid structured data (#16979)
Fix #16955
2021-11-13 23:07:13 +01:00
Claire
ef8deb0878 Fix OpenGraph/LinkedData embeds having incorrectly-generated iframes (#16978) 2021-11-13 03:30:27 +01:00