447d7e6127
Merge remote-tracking branch 'tootsuite/master' into glitchsoc/master
2018-03-09 00:17:17 +00:00
dd9d00d293
Add additional first_name and last_name SAML attribute statement options, and modify Omniauthable concern to use full_name or first_name + last_name if not available ( #6669 )
2018-03-07 06:19:10 +01:00
1b8fcd4df5
Merge remote-tracking branch 'origin/master' into merge-upstream
...
Conflicts:
README.md
app/controllers/follower_accounts_controller.rb
app/controllers/following_accounts_controller.rb
app/serializers/rest/instance_serializer.rb
app/views/stream_entries/_simple_status.html.haml
config/locales/simple_form.ja.yml
2018-03-02 21:46:44 -06:00
42fe05dea1
fix logic for pam_controlled_service ( #6599 )
2018-03-02 19:02:50 +01:00
47bdb9b33b
Fix #942 : Seamless LDAP login ( #6556 )
2018-02-28 19:04:53 +01:00
2e8a492e88
Raise Mastodon::HostValidationError when host for HTTP request is private ( #6410 )
2018-02-24 19:16:11 +01:00
bb6988a7ac
Merge branch 'master' of https://github.com/tootsuite/mastodon
...
# Conflicts:
# app/controllers/settings/exports_controller.rb
# app/models/media_attachment.rb
# app/models/status.rb
# app/views/about/show.html.haml
# docker_entrypoint.sh
# spec/views/about/show.html.haml_spec.rb
2018-02-23 23:28:31 +09:00
e668180044
New variable OAUTH_REDIRECT_AT_SIGN_IN + Ref #6538 (not only SAML strategies) ( #6540 )
2018-02-23 01:16:17 +01:00
3084fe4959
New env variable: SAML_SECURITY_ASSUME_EMAIL_IS_VERIFIED + fixes #6533 ( #6538 )
2018-02-22 23:31:25 +01:00
02856073f7
Fix #6509 : Use pull queue for chewy jobs ( #6513 )
2018-02-20 17:25:16 +01:00
e9052ceaaf
Merge remote-tracking branch 'tootsuite/master' into glitchsoc/master
2018-02-11 23:17:11 +00:00
6ef3874b2e
Fix URLs incorrectly having trailing hyphen removed ( #6465 )
...
In cases where a URL has a trailing hyphen the FetchLinkCardService incorrectly removes the hyphen when it is parsed
The hyphen is not a reserved character in the URI spec https://tools.ietf.org/html/rfc3986#section-2.2
2018-02-11 23:49:18 +01:00
e20700fe8f
Fix Chewy trying to update index with the wrong strategy ( #6464 )
2018-02-11 22:59:44 +01:00
efc9ffcb80
Merge remote-tracking branch 'tootsuite/master' into glitchsoc/master
2018-02-11 04:10:16 +00:00
3ebc0ad4d3
Full-text search for authorized statuses ( #6423 )
...
* Add full-text search for authorized statuses
- Search API will return statuses that match the query
- Only for logged in users
- Only if you are author of the status,
- Or you were mentioned in it
- Or you favourited or reblogged it
- Configuration over `ES_ENABLED`, `ES_HOST`, `ES_PORT`, `ES_PREFIX`
- Run `rails chewy:deploy` to create & populate index
Fix #5880
Fix #4293
Fix #1152
* Add commented out docker-compose configuration for ES container
* Optimize index import, filter search results
* Add basic normalization to the index
* Add better stemming and normalization to the index
* Skip webfinger request if search query includes both @ and a space
* Fix code style
* Visually separate search result sections
* Fix code style issues
2018-02-09 23:04:47 +01:00
a6fb1c58ee
Merge remote-tracking branch 'origin/master' into merge-upstream
...
Conflicts:
.env.production.sample
app/controllers/auth/confirmations_controller.rb
db/schema.rb
2018-02-04 16:36:19 -06:00
38e0133e1b
Make PAM gem optional, allow configuration over environment ( #6415 )
2018-02-04 15:05:53 +01:00
26f21fd5a0
CAS + SAML authentication feature ( #6425 )
...
* Cas authentication feature
* Config
* Remove class_eval + Omniauth initializer
* Codeclimate review
* Codeclimate review 2
* Codeclimate review 3
* Remove uid/email reconciliation
* SAML authentication
* Clean up code
* Improve login form
* Fix code style issues
* Add locales
2018-02-04 05:42:13 +01:00
4c1fd9a19c
Merge remote-tracking branch 'tootsuite/master' into merge-upstream
...
Conflicts:
app/javascript/styles/mastodon/components.scss
2018-02-02 08:39:52 -06:00
04fef7b888
pam authentication ( #5303 )
...
* add pam support, without extra column
* bugfixes for pam login
* document options
* fix code style
* fix codestyle
* fix tests
* don't call remember_me without password
* fix codestyle
* improve checks for pam usage (should fix tests)
* fix remember_me part 1
* add remember_token column because :rememberable requires either a password or this column.
* migrate db for remember_token
* move pam_authentication to the right place, fix logic bug in edit.html.haml
* fix tests
* fix pam authentication, improve username lookup, add comment
* valid? is sometimes not honored, return nil instead trying to authenticate with pam
* update devise_pam_authenticatable2 and adjust code. Fixes sideeffects observed in tests
* update devise_pam_authenticatable gem, fixes for codeconventions, fix finding user
* codeconvention fixes
* code convention fixes
* fix idention
* update dependency, explicit conflict check
* fix disabled password updates if in pam mode
* fix check password if password is present, fix templates
* block registration if account is maintained by pam
* Revert "block registration if account is maintained by pam"
This reverts commit 8e7a083d650240b6fac414926744b4b90b435f20.
* fix identation error introduced by rebase
* block usernames maintained by pam
* document pam settings better
* fix code style
2018-02-02 10:18:55 +01:00
89a9d629f7
Merge remote-tracking branch 'origin/master' into gs-master
...
Conflicts:
Gemfile.lock
2018-01-15 22:17:48 -06:00
5276c0a090
HTML e-mails for UserMailer ( #6256 )
...
- premailer gem to turn CSS into inline styles automatically
- rework UserMailer templates
- reword UserMailer templates
2018-01-16 03:29:11 +01:00
0c7dc6c781
Merge remote-tracking branch 'tootsuite/master' into glitchsoc/master
2018-01-15 06:17:15 +00:00
537d2939b1
Suppress CSRF token warnings ( #6240 )
...
CSRF token checking was enabled for API controllers in #6223 ,
producing "Can't verify CSRF token authenticity" log spam. This
disables logging of failed CSRF checks.
This also changes the protection strategy for
PushSubscriptionsController to use exceptions, making it consistent
with other controllers that use sessions.
2018-01-15 06:51:23 +01:00
991371af5f
Merge remote-tracking branch 'origin/master' into merge-upstream
...
Conflicts:
db/schema.rb
2018-01-09 14:16:45 -06:00
921b781909
Increase rate limit on protected paths ( #6229 )
...
Previously each protected path had a separate rate limit. Now they're all in the same bucket, so people are more likely to hit one with register->login. Increasing to 25 per 5 minutes should be fine.
2018-01-09 17:07:54 +01:00
f6adb409fd
Merge remote-tracking branch 'tootsuite/master' into glitchsoc/master
2018-01-05 22:17:12 +00:00
8d51ce4290
Fix enforce HTTPS in production. ( #6180 )
2018-01-05 20:04:22 +01:00
933840bebf
Merge remote-tracking branch 'tootsuite/master' into glitchsoc/master
2018-01-03 04:17:11 +00:00
04ecf44c2f
Add confirmation step for email changes ( #6071 )
...
* Add confirmation step for email changes
This adds a confirmation step for email changes of existing users.
Like the initial account confirmation, a confirmation link is sent
to the new address.
Additionally, a notification is sent to the existing address when
the change is initiated. This message includes instruction to reset
the password immediately or to contact the instance admin if the
change was not initiated by the account owner.
Fixes #3871
* Add review fixes
2018-01-02 16:55:00 +01:00
6d00ca1c71
Merge remote-tracking branch 'tootsuite/master' into glitchsoc/master
2017-12-22 04:17:14 +00:00
9592b5e31e
enforce LOCAL_HTTPS=true in production ( #6061 )
...
* enforce https in production
* note changes in production env sample
* typo fix
2017-12-22 02:17:59 +01:00
82236a3703
Merge remote-tracking branch 'tootsuite/master' into glitchsoc/master
2017-12-13 18:17:16 +00:00
6855baa0c5
Change streaming API URL when remote development ( #5942 )
...
* Change streaming API URL when remote development
* Use STREAMING_API_BASE_URL when dev env
2017-12-13 12:43:54 +01:00
a057ed5cfe
Merge remote-tracking branch 'tootsuite/master' into merge-upstream
2017-12-12 02:54:13 -06:00
feed07227b
Apply a 25x rate limit by IP even to authenticated requests ( #5948 )
2017-12-11 15:32:29 +01:00
d08d0f9f33
Ruby intl8n for themes
2017-12-10 11:08:04 -08:00
4bce376fdc
Missing require 'authorization_decorator'. ( #5947 )
2017-12-09 15:12:10 +01:00
a865b62efc
Rate limit by user instead of IP when API user is authenticated ( #5923 )
...
* Fix #668 - Rate limit by user instead of IP when API user is authenticated
* Fix code style issue
* Use request decorator provided by Doorkeeper
2017-12-09 14:20:02 +01:00
17e26f8afe
Fix typo in paperclip.rb ( #5936 )
2017-12-09 13:59:59 +09:00
b0db4dad79
Revert fog-aws (ref #5604 ) ( #5934 )
2017-12-09 00:47:52 +01:00
42bcbd36b7
Remove rabl dependency ( #5894 )
...
* Remove rabl dependency
* Replicate old Oj configuration
2017-12-06 15:04:49 +09:00
546257bc7f
Allow specifying STATSD_NAMESPACE ( #5700 )
2017-11-15 07:22:43 +09:00
cbbeec05be
Fix spell miss (SWIIFT_OBJECT_URL -> SWIFT_OBJECT_URL) ( #5617 )
2017-11-07 19:06:30 +01:00
47b0c61853
Unify file upload to using fog ( #5604 )
2017-11-07 14:30:31 +01:00
9d97054fe6
Remove timestamps on any option ( #5282 )
2017-10-09 17:52:02 +02:00
7fd66cf2fe
Fix migration failure due to StrongMigrations on production env ( #5283 )
2017-10-09 10:05:35 +02:00
32e8a87830
adjust public profile pages 2 ( #5223 )
2017-10-04 22:49:36 +02:00
83ffc4dc07
Fix Paperclip::Fog always responds Not Found in OpenStack-v2 like ConoHa ( #5155 )
2017-09-30 14:28:29 +02:00
35a8cafa35
Replace self-rolled statsd instrumention with localshred/nsa ( #5118 )
2017-09-29 03:16:44 +02:00
