bb26cdda24
add parameter locked to /api/v1/update_credentials ( #6506 )
2018-02-18 22:57:53 +01:00
3d033a4687
Merge remote-tracking branch 'tootsuite/master' into merge-upstream
...
Conflicts:
Gemfile
config/locales/simple_form.pl.yml
2018-02-17 00:02:37 -06:00
9dbae6e8a1
Save video metadata and improve video OpenGraph tags ( #6481 )
...
* Save metadata from video attachments, put correct dimensions into OG tags
* Add twitter:player for videos
* Fix code style and test
2018-02-16 07:22:20 +01:00
020b40efdb
Merge remote-tracking branch 'origin/master' into merge-upstream
...
Conflicts:
.travis.yml
app/lib/user_settings_decorator.rb
app/models/user.rb
app/serializers/initial_state_serializer.rb
app/views/stream_entries/_detailed_status.html.haml
app/views/stream_entries/_simple_status.html.haml
config/locales/simple_form.en.yml
2018-02-09 09:25:53 -06:00
76f3d5d16b
Add preference to always display sensitive media ( #6448 )
2018-02-09 00:26:57 +01:00
5ba2c300d8
Merge remote-tracking branch 'tootsuite/master' into glitchsoc/master
2018-02-08 23:17:14 +00:00
cf32f7da5c
Fix response of signature_verification_failure_reason ( #6441 )
2018-02-08 05:00:45 +01:00
a6fb1c58ee
Merge remote-tracking branch 'origin/master' into merge-upstream
...
Conflicts:
.env.production.sample
app/controllers/auth/confirmations_controller.rb
db/schema.rb
2018-02-04 16:36:19 -06:00
3f35d43222
Exclude nil from relationships array ( #6427 )
2018-02-04 12:32:10 +01:00
4e4f1b0dcb
Add option to show only local toots in timeline preview ( #6292 )
...
* Add option to show only local toots in timeline preview
Right know, toots from all the known fediverse are shown in the main
page of an instance. That however doesn't reflect the instance itself.
With this option the admin may choose to display only local toots so
that users checking the instance get a better idea of internal
conversations.
* Fix issues pointed by codeclimate and eslint
* Add default message for community timeline
* Update pl.yml
2018-02-04 06:00:10 +01:00
26f21fd5a0
CAS + SAML authentication feature ( #6425 )
...
* Cas authentication feature
* Config
* Remove class_eval + Omniauth initializer
* Codeclimate review
* Codeclimate review 2
* Codeclimate review 3
* Remove uid/email reconciliation
* SAML authentication
* Clean up code
* Improve login form
* Fix code style issues
* Add locales
2018-02-04 05:42:13 +01:00
4c1fd9a19c
Merge remote-tracking branch 'tootsuite/master' into merge-upstream
...
Conflicts:
app/javascript/styles/mastodon/components.scss
2018-02-02 08:39:52 -06:00
ac1093256c
Allow HTTP caching of atom-rendered public toots (OStatus compatibility) ( #6207 )
2018-02-02 10:54:04 +01:00
8e4cf6282b
Allow retrieval of private statuses (single or in outbox) using HTTP signatures ( #6225 )
2018-02-02 10:19:59 +01:00
04fef7b888
pam authentication ( #5303 )
...
* add pam support, without extra column
* bugfixes for pam login
* document options
* fix code style
* fix codestyle
* fix tests
* don't call remember_me without password
* fix codestyle
* improve checks for pam usage (should fix tests)
* fix remember_me part 1
* add remember_token column because :rememberable requires either a password or this column.
* migrate db for remember_token
* move pam_authentication to the right place, fix logic bug in edit.html.haml
* fix tests
* fix pam authentication, improve username lookup, add comment
* valid? is sometimes not honored, return nil instead trying to authenticate with pam
* update devise_pam_authenticatable2 and adjust code. Fixes sideeffects observed in tests
* update devise_pam_authenticatable gem, fixes for codeconventions, fix finding user
* codeconvention fixes
* code convention fixes
* fix idention
* update dependency, explicit conflict check
* fix disabled password updates if in pam mode
* fix check password if password is present, fix templates
* block registration if account is maintained by pam
* Revert "block registration if account is maintained by pam"
This reverts commit 8e7a083d650240b6fac414926744b4b90b435f20.
* fix identation error introduced by rebase
* block usernames maintained by pam
* document pam settings better
* fix code style
2018-02-02 10:18:55 +01:00
0e10667fbe
Merge remote-tracking branch 'tootsuite/master' into glitchsoc/master
2018-01-24 19:17:11 +00:00
1cc44cba81
Fix #6331 ( #6341 )
...
UserTrackingConcern is circumvented by SessionsController#create
because it calls warden, which calls the User#update_tracked_fields!
method directly. Move returning user logic to that method.
2018-01-23 20:52:30 +01:00
613e7c7521
Rename ResolveRemoteAccountService to ResolveAccountService ( #6327 )
...
The service used to be named ResolveRemoteAccountService resolves local
accounts as well.
2018-01-22 14:25:09 +01:00
1253279feb
Merge remote-tracking branch 'origin/master' into merge-upstream
...
Conflicts:
app/controllers/settings/two_factor_authentication/confirmations_controller.rb
2018-01-21 13:36:10 -06:00
112b1fa265
Redirect to 2FA creation page when otp_secret is not available ( #6314 )
2018-01-21 13:21:28 +01:00
2ca965c704
Merge remote-tracking branch 'origin/master' into merge-upstream
...
Conflicts:
app/javascript/styles/mastodon/components.scss
app/javascript/styles/mastodon/modal.scss
2018-01-19 15:22:10 -06:00
9b3b40df66
Fix regeneration marker not expiring ( #6290 )
...
* Fix regeneration key not getting expired
* Add rake task to remove old regeneration markers
2018-01-18 20:29:56 +01:00
201e82686f
Merge remote-tracking branch 'origin/master' into merge-upstream
...
Conflicts:
app/javascript/styles/mastodon/components.scss
2018-01-17 18:37:09 -06:00
7badad7797
Fix home regeneration ( #6251 )
...
* Fix regeneration marker not being removed after completion
* Return HTTP 206 from /api/v1/timelines/home if regeneration in progress
Prioritize RegenerationWorker by putting it into default queue
* Display loading indicator and poll home timeline while it regenerates
* Add graphic to regeneration message
* Make "not found" indicator consistent with home regeneration
2018-01-17 23:56:03 +01:00
aa2bf07281
Merge remote-tracking branch 'tootsuite/master' into glitchsoc/master
2018-01-17 16:17:10 +00:00
fbe7756da6
implement web share target ( #6278 )
...
* web share target
* fix
* fix
2018-01-17 17:08:10 +01:00
0c7dc6c781
Merge remote-tracking branch 'tootsuite/master' into glitchsoc/master
2018-01-15 06:17:15 +00:00
537d2939b1
Suppress CSRF token warnings ( #6240 )
...
CSRF token checking was enabled for API controllers in #6223 ,
producing "Can't verify CSRF token authenticity" log spam. This
disables logging of failed CSRF checks.
This also changes the protection strategy for
PushSubscriptionsController to use exceptions, making it consistent
with other controllers that use sessions.
2018-01-15 06:51:23 +01:00
395e64e858
Thank you, Officer Murphy
2018-01-10 12:10:43 -06:00
514db316f7
The flavour parameter is unused, so omit it ( #317 )
2018-01-10 12:09:42 -06:00
6fcb870d96
Allow for user object to be empty. Fixes #317 .
...
If a flavour has only one skin, the skin selector will be omitted. This
omits the user[setting_skin] field, and because that's the only
user[...] field on the page, the entire user object will not be present
in the request handler's params object.
This commit accounts for that scenario by avoiding params.require(:user)
and instead picking out what we need from the params hash.
2018-01-10 12:09:42 -06:00
7c719c567c
Merge remote-tracking branch 'tootsuite/master' into glitchsoc/master
2018-01-09 05:17:13 +00:00
c235711ffe
Refactor /api/web APIs to use the centralized axios instance ( #6223 )
...
Also adds the ability to decouple the centralized axios logic from the
state dispatcher
2018-01-08 20:01:33 +01:00
f839ac694c
Merge remote-tracking branch 'tootsuite/master' into glitchsoc/master
2018-01-08 10:17:15 +00:00
dbda87c31f
Revert #5772 ( #6221 )
2018-01-08 10:57:52 +01:00
f7c4d4464b
Merge remote-tracking branch 'personal/merge/tootsuite/master' into gs-master
2018-01-07 13:30:52 -06:00
70c99a9f34
Use error pack when rendering error pages. Fixes #305 .
2018-01-07 13:30:17 -06:00
c2e1bfd9ae
Merge remote-tracking branch 'tootsuite/master' into glitchsoc/master
2018-01-07 15:17:13 +00:00
1d92b90be9
Fix force_ssl conditional ( #6201 )
2018-01-07 15:19:23 +01:00
da809f9eec
Fix unintended cache ( #6214 )
2018-01-07 15:12:59 +01:00
5083311d64
Merge remote-tracking branch 'ykzts/fix-unintended-cache' into gs-master
2018-01-07 00:32:24 -06:00
2af307bce4
Fix unintended cache
2018-01-07 14:59:12 +09:00
f6adb409fd
Merge remote-tracking branch 'tootsuite/master' into glitchsoc/master
2018-01-05 22:17:12 +00:00
95bd85d9e8
Represent numbers by strings in instance activity API ( #6198 )
...
Fixes #6197 .
2018-01-05 22:38:33 +01:00
c69a23ae46
Merge remote-tracking branch 'tootsuite/master' into glitchsoc/master
2018-01-04 23:17:11 +00:00
3bee0996c5
Make sure private toots remain private and do not end up in HTTP caches ( #6175 )
2018-01-04 14:39:38 +01:00
c10f4bdb03
Cache JSON of immutable ActivityPub representations ( #6171 )
2018-01-04 01:21:38 +01:00
fc884d015a
Merge remote-tracking branch 'tootsuite/master' into glitchsoc/master
2018-01-03 20:17:13 +00:00
161c72d66d
Allow to dereference Follow object for ActivityPub ( #5772 )
...
* Allow to dereference Follow object for ActivityPub
* Accept IRI as object representation for Accept activity
2018-01-03 18:08:57 +01:00
933840bebf
Merge remote-tracking branch 'tootsuite/master' into glitchsoc/master
2018-01-03 04:17:11 +00:00
