Commit graph

574 commits

Author SHA1 Message Date
Mashiro
75d2762fdf
Add "invite request content" display in user account admin page (#15265)
* feat: display `invite_request_text` in admin's user account page

* fix: move invite_request to the bottom of accounts page

* fix: remove time display, remove formate, change code terminology

* fix: remove escape
2020-12-15 06:28:14 +01:00
ThibG
1390cc194b
Add indication to admin UI of whether a report has been forwarded (#13237)
* Add indication to admin UI of whether a report has been forwarded

* Rework how forwarded status is displayed

Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2020-12-15 04:30:15 +01:00
ThibG
47e507fa61
Add ability to require invite request text (#15326)
Fixes #15273

Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2020-12-14 10:03:09 +01:00
Eugen Rochko
216b85b053
Fix performance on instances list in admin UI (#15282)
- Reduce duplicate queries
- Remove n+1 queries
- Add accounts count to detailed view
- Add separate action log entry for updating existing domain blocks
2020-12-14 09:06:34 +01:00
ThibG
49eb4d4ddf
Add honeypot fields and minimum fill-out time for sign-up form (#15276)
* Add honeypot fields to limit non-specialized spam

Add two honeypot fields: a fake website input and a fake password confirmation
one. The label/placeholder/aria-label tells not to fill them, and they are
hidden in CSS, so legitimate users should not fall into these.

This should cut down on some non-Mastodon-specific spambots.

* Require a 3 seconds delay before submitting the registration form

* Fix tests

* Move registration form time check to model validation

* Give people a chance to clear the honeypot fields

* Refactor honeypot translation strings

Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2020-12-10 06:27:26 +01:00
ThibG
96c1e71329
Add import/export feature for bookmarks (#14956)
* Add ability to export bookmarks

* Add support for importing bookmarks

* Add bookmark import tests

* Add bookmarks export test
2020-11-19 17:48:13 +01:00
Takeshi Umeda
2b1a6e734f
Add follow selected followers button (#15148)
* Add follow selected followers button

* Fix unused variable

* Fix i18n normalize
2020-11-12 16:58:00 +01:00
Mélanie Chauvel
bb13276e53
Precise that home timeline filters also apply to lists (#15139) 2020-11-11 01:18:42 +01:00
Mélanie Chauvel
68d4b2b83e
Display “Show newer” and “Show older” instead of “Show more” in public pages (#15052) 2020-11-04 21:15:45 +01:00
Takeshi Umeda
d6fe0c94ca
Add account sensitized (#14361)
* Add account sensitized

* Fix i18n normalize

* Fix description and spec

* Fix spec

* Fix wording
2020-11-04 20:45:01 +01:00
Eugen Rochko
5e1364c448
Add IP-based rules (#14963) 2020-10-12 16:33:49 +02:00
Eugen Rochko
ed099d8bdc
Change account suspensions to be reversible by default (#14726) 2020-09-15 14:37:58 +02:00
santiagorodriguez96
e8d41bc2fe
Add WebAuthn as an alternative 2FA method (#14466)
* feat: add possibility of adding WebAuthn security keys to use as 2FA

This adds a basic UI for enabling WebAuthn 2FA. We did a little refactor
to the Settings page for editing the 2FA methods – now it will list the
methods that are available to the user (TOTP and WebAuthn) and from
there they'll be able to add or remove any of them.
Also, it's worth mentioning that for enabling WebAuthn it's required to
have TOTP enabled, so the first time that you go to the 2FA Settings
page, you'll be asked to set it up.
This work was inspired by the one donde by Github in their platform, and
despite it could be approached in different ways, we decided to go with
this one given that we feel that this gives a great UX.

Co-authored-by: Facundo Padula <facundo.padula@cedarcode.com>

* feat: add request for WebAuthn as second factor at login if enabled

This commits adds the feature for using WebAuthn as a second factor for
login when enabled.
If users have WebAuthn enabled, now a page requesting for the use of a
WebAuthn credential for log in will appear, although a link redirecting
to the old page for logging in using a two-factor code will also be
present.

Co-authored-by: Facundo Padula <facundo.padula@cedarcode.com>

* feat: add possibility of deleting WebAuthn Credentials

Co-authored-by: Facundo Padula <facundo.padula@cedarcode.com>

* feat: disable WebAuthn when an Admin disables 2FA for a user

Co-authored-by: Facundo Padula <facundo.padula@cedarcode.com>

* feat: remove ability to disable TOTP leaving only WebAuthn as 2FA

Following examples form other platforms like Github, we decided to make
Webauthn 2FA secondary to 2FA with TOTP, so that we removed the
possibility of removing TOTP authentication only, leaving users with
just WEbAuthn as 2FA. Instead, users will have to click on 'Disable 2FA'
in order to remove second factor auth.
The reason for WebAuthn being secondary to TOPT is that in that way,
users will still be able to log in using their code from their phone's
application if they don't have their security keys with them – or maybe
even lost them.

* We had to change a little the flow for setting up TOTP, given that now
  it's possible to setting up again if you already had TOTP, in order to
  let users modify their authenticator app – given that now it's not
  possible for them to disable TOTP and set it up again with another
  authenticator app.
  So, basically, now instead of storing the new `otp_secret` in the
  user, we store it in the session until the process of set up is
  finished.
  This was because, as it was before, when users clicked on 'Edit' in
  the new two-factor methods lists page, but then went back without
  finishing the flow, their `otp_secret` had been changed therefore
  invalidating their previous authenticator app, making them unable to
  log in again using TOTP.

Co-authored-by: Facundo Padula <facundo.padula@cedarcode.com>

* refactor: fix eslint errors

The PR build was failing given that linting returning some errors.
This commit attempts to fix them.

* refactor: normalize i18n translations

The build was failing given that i18n translations files were not
normalized.
This commits fixes that.

* refactor: avoid having the webauthn gem locked to a specific version

* refactor: use symbols for routes without '/'

* refactor: avoid sending webauthn disabled email when 2FA is disabled

When an admins disable 2FA for users, we were sending two mails
to them, one notifying that 2FA was disabled and the other to notify
that WebAuthn was disabled.
As the second one is redundant since the first email includes it, we can
remove it and send just one email to users.

* refactor: avoid creating new env variable for webauthn_origin config

* refactor: improve flash error messages for webauthn pages

Co-authored-by: Facundo Padula <facundo.padula@cedarcode.com>
2020-08-24 16:46:27 +02:00
ThibG
8d217d7231
Improve email address validation (#14565)
* Increase DNS timeout from 1 second to 5 seconds for MX check

1 seconds is rather short when using a recursive DNS resolver which
hasn't got a cached result already available. Use 5 seconds instead,
which is the timeout value we use for outgoing HTTP queries.

* Add more precise error messages for invalid e-mail addresses
2020-08-12 12:40:25 +02:00
Eugen Rochko
c158dda796
New Crowdin updates (#14197)
* New translations devise.en.yml (Uyghur)
[ci skip]

* New translations doorkeeper.en.yml (Uyghur)
[ci skip]

* New translations en.json (Sorani (Kurdish))
[ci skip]

* New translations en.yml (Sorani (Kurdish))
[ci skip]

* New translations simple_form.en.yml (Sorani (Kurdish))
[ci skip]

* New translations activerecord.en.yml (Sorani (Kurdish))
[ci skip]

* New translations devise.en.yml (Sorani (Kurdish))
[ci skip]

* New translations doorkeeper.en.yml (Sorani (Kurdish))
[ci skip]

* New translations en.json (Kabyle)
[ci skip]

* New translations en.json (Chinese Traditional, Hong Kong)
[ci skip]

* New translations en.yml (Chinese Simplified)
[ci skip]

* New translations simple_form.en.yml (Chinese Simplified)
[ci skip]

* New translations en.yml (Chinese Simplified)
[ci skip]

* New translations en.json (Kabyle)
[ci skip]

* New translations en.json (Hebrew)
[ci skip]

* New translations en.json (Hebrew)
[ci skip]

* New translations en.json (Hebrew)
[ci skip]

* New translations en.json (Hebrew)
[ci skip]

* New translations en.json (Russian)
[ci skip]

* New translations en.yml (Persian)
[ci skip]

* New translations en.json (Persian)
[ci skip]

* New translations en.json (Croatian)
[ci skip]

* New translations en.json (Marathi)
[ci skip]

* New translations en.json (Norwegian Nynorsk)
[ci skip]

* New translations en.json (Bengali)
[ci skip]

* New translations en.json (Spanish, Argentina)
[ci skip]

* New translations en.json (Hindi)
[ci skip]

* New translations en.json (Latvian)
[ci skip]

* New translations en.json (Estonian)
[ci skip]

* New translations en.json (Kazakh)
[ci skip]

* New translations en.json (Galician)
[ci skip]

* New translations en.json (Vietnamese)
[ci skip]

* New translations en.json (Urdu (Pakistan))
[ci skip]

* New translations en.json (Chinese Traditional)
[ci skip]

* New translations en.json (Icelandic)
[ci skip]

* New translations en.json (Tamil)
[ci skip]

* New translations en.json (Persian)
[ci skip]

* New translations en.json (Indonesian)
[ci skip]

* New translations en.json (Portuguese, Brazilian)
[ci skip]

* New translations en.json (Ido)
[ci skip]

* New translations en.json (Kabyle)
[ci skip]

* New translations en.json (Corsican)
[ci skip]

* New translations en.json (Serbian (Latin))
[ci skip]

* New translations en.json (Uyghur)
[ci skip]

* New translations en.json (Sorani (Kurdish))
[ci skip]

* New translations en.json (Taigi)
[ci skip]

* New translations en.json (Silesian)
[ci skip]

* New translations en.json (Malay)
[ci skip]

* New translations en.json (Welsh)
[ci skip]

* New translations en.json (Esperanto)
[ci skip]

* New translations en.json (Telugu)
[ci skip]

* New translations en.json (Chinese Traditional, Hong Kong)
[ci skip]

* New translations en.json (Asturian)
[ci skip]

* New translations en.json (Kannada)
[ci skip]

* New translations en.json (Breton)
[ci skip]

* New translations en.json (Malayalam)
[ci skip]

* New translations en.json (Catalan)
[ci skip]

* New translations en.json (Bulgarian)
[ci skip]

* New translations en.json (Arabic)
[ci skip]

* New translations en.json (Spanish)
[ci skip]

* New translations en.json (Czech)
[ci skip]

* New translations en.json (Greek)
[ci skip]

* New translations en.json (Basque)
[ci skip]

* New translations en.json (Danish)
[ci skip]

* New translations en.json (German)
[ci skip]

* New translations en.json (Finnish)
[ci skip]

* New translations en.json (Thai)
[ci skip]

* New translations en.json (Slovenian)
[ci skip]

* New translations en.json (Sardinian)
[ci skip]

* New translations en.json (Romanian)
[ci skip]

* New translations en.json (Occitan)
[ci skip]

* New translations en.json (Chinese Simplified)
[ci skip]

* New translations en.json (Ukrainian)
[ci skip]

* New translations en.json (French)
[ci skip]

* New translations en.json (Hungarian)
[ci skip]

* New translations en.json (Slovak)
[ci skip]

* New translations en.json (Russian)
[ci skip]

* New translations en.json (Portuguese)
[ci skip]

* New translations en.json (Polish)
[ci skip]

* New translations en.json (Norwegian)
[ci skip]

* New translations en.json (Turkish)
[ci skip]

* New translations en.json (Swedish)
[ci skip]

* New translations en.json (Serbian (Cyrillic))
[ci skip]

* New translations en.json (Albanian)
[ci skip]

* New translations en.json (Italian)
[ci skip]

* New translations en.json (Armenian)
[ci skip]

* New translations en.json (Hebrew)
[ci skip]

* New translations en.json (Japanese)
[ci skip]

* New translations en.json (Dutch)
[ci skip]

* New translations en.json (Macedonian)
[ci skip]

* New translations en.json (Lithuanian)
[ci skip]

* New translations en.json (Georgian)
[ci skip]

* New translations en.json (Korean)
[ci skip]

* New translations en.json (Portuguese)
[ci skip]

* New translations en.json (Spanish)
[ci skip]

* New translations en.json (Korean)
[ci skip]

* New translations en.json (German)
[ci skip]

* New translations en.json (Japanese)
[ci skip]

* New translations en.json (Russian)
[ci skip]

* New translations en.json (French)
[ci skip]

* New translations en.json (Vietnamese)
[ci skip]

* New translations en.json (Catalan)
[ci skip]

* New translations en.json (Galician)
[ci skip]

* New translations en.json (Kabyle)
[ci skip]

* New translations en.json (Kabyle)
[ci skip]

* New translations en.json (Kabyle)
[ci skip]

* New translations en.json (Kabyle)
[ci skip]

* New translations en.json (Spanish, Argentina)
[ci skip]

* New translations en.json (Hungarian)
[ci skip]

* New translations en.json (Albanian)
[ci skip]

* New translations en.json (Corsican)
[ci skip]

* New translations simple_form.en.yml (Dutch)
[ci skip]

* New translations simple_form.en.yml (Dutch)
[ci skip]

* New translations en.json (Dutch)
[ci skip]

* New translations en.json (Dutch)
[ci skip]

* New translations en.json (Dutch)
[ci skip]

* New translations en.json (Dutch)
[ci skip]

* New translations en.json (Dutch)
[ci skip]

* New translations en.yml (Dutch)
[ci skip]

* New translations en.yml (Dutch)
[ci skip]

* New translations en.yml (Dutch)
[ci skip]

* New translations en.yml (Dutch)
[ci skip]

* New translations en.json (Thai)
[ci skip]

* New translations en.yml (Thai)
[ci skip]

* New translations en.yml (Dutch)
[ci skip]

* New translations en.yml (Dutch)
[ci skip]

* New translations en.yml (Dutch)
[ci skip]

* New translations en.yml (Dutch)
[ci skip]

* New translations en.yml (Dutch)
[ci skip]

* New translations en.json (Portuguese, Brazilian)
[ci skip]

* New translations en.json (Occitan)
[ci skip]

* New translations en.json (Occitan)
[ci skip]

* New translations en.yml (Occitan)
[ci skip]

* New translations en.json (Italian)
[ci skip]

* New translations en.json (Persian)
[ci skip]

* New translations en.json (French)
[ci skip]

* New translations en.yml (French)
[ci skip]

* New translations en.json (Arabic)
[ci skip]

* New translations en.json (Kabyle)
[ci skip]

* New translations en.json (Kabyle)
[ci skip]

* New translations en.yml (Kabyle)
[ci skip]

* New translations en.json (Icelandic)
[ci skip]

* New translations en.json (Portuguese, Brazilian)
[ci skip]

* New translations en.json (Indonesian)
[ci skip]

* New translations en.json (Persian)
[ci skip]

* New translations en.json (Galician)
[ci skip]

* New translations en.json (Tamil)
[ci skip]

* New translations en.json (Spanish, Argentina)
[ci skip]

* New translations en.json (Bengali)
[ci skip]

* New translations en.json (Marathi)
[ci skip]

* New translations en.json (Albanian)
[ci skip]

* New translations en.json (Serbian (Cyrillic))
[ci skip]

* New translations en.json (Swedish)
[ci skip]

* New translations en.json (Turkish)
[ci skip]

* New translations en.json (Chinese Traditional)
[ci skip]

* New translations en.json (Urdu (Pakistan))
[ci skip]

* New translations en.json (Vietnamese)
[ci skip]

* New translations en.json (Welsh)
[ci skip]

* New translations en.json (Esperanto)
[ci skip]

* New translations en.json (Chinese Traditional, Hong Kong)
[ci skip]

* New translations en.json (Malayalam)
[ci skip]

* New translations en.json (Telugu)
[ci skip]

* New translations en.json (Breton)
[ci skip]

* New translations en.json (Kannada)
[ci skip]

* New translations en.json (Uyghur)
[ci skip]

* New translations en.json (Croatian)
[ci skip]

* New translations en.json (Norwegian Nynorsk)
[ci skip]

* New translations en.json (Kazakh)
[ci skip]

* New translations en.json (Estonian)
[ci skip]

* New translations en.json (Latvian)
[ci skip]

* New translations en.json (Hindi)
[ci skip]

* New translations en.json (Malay)
[ci skip]

* New translations en.json (Spanish)
[ci skip]

* New translations en.json (Arabic)
[ci skip]

* New translations en.json (Bulgarian)
[ci skip]

* New translations en.json (Catalan)
[ci skip]

* New translations en.json (Czech)
[ci skip]

* New translations en.json (Danish)
[ci skip]

* New translations en.json (German)
[ci skip]

* New translations en.json (Greek)
[ci skip]

* New translations en.json (Romanian)
[ci skip]

* New translations en.json (Slovenian)
[ci skip]

* New translations en.json (Thai)
[ci skip]

* New translations en.json (Chinese Simplified)
[ci skip]

* New translations en.json (Slovak)
[ci skip]

* New translations en.json (Hungarian)
[ci skip]

* New translations en.json (French)
[ci skip]

* New translations en.json (Ukrainian)
[ci skip]

* New translations en.json (Norwegian)
[ci skip]

* New translations en.json (Lithuanian)
[ci skip]

* New translations en.json (Macedonian)
[ci skip]

* New translations en.json (Dutch)
[ci skip]

* New translations en.json (Polish)
[ci skip]

* New translations en.json (Basque)
[ci skip]

* New translations en.json (Portuguese)
[ci skip]

* New translations en.json (Russian)
[ci skip]

* New translations en.json (Armenian)
[ci skip]

* New translations en.json (Korean)
[ci skip]

* New translations en.json (Finnish)
[ci skip]

* New translations en.json (Hebrew)
[ci skip]

* New translations en.json (Georgian)
[ci skip]

* New translations en.json (Japanese)
[ci skip]

* New translations en.json (Italian)
[ci skip]

* New translations en.json (Ido)
[ci skip]

* New translations en.json (Taigi)
[ci skip]

* New translations en.json (Silesian)
[ci skip]

* New translations en.json (Sardinian)
[ci skip]

* New translations en.json (Occitan)
[ci skip]

* New translations en.json (Sorani (Kurdish))
[ci skip]

* New translations en.json (Asturian)
[ci skip]

* New translations en.json (Kabyle)
[ci skip]

* New translations en.json (Serbian (Latin))
[ci skip]

* New translations en.json (Corsican)
[ci skip]

* New translations en.json (Korean)
[ci skip]

* New translations en.json (Russian)
[ci skip]

* New translations en.json (Korean)
[ci skip]

* New translations en.json (Russian)
[ci skip]

* New translations en.json (Spanish)
[ci skip]

* New translations en.json (Korean)
[ci skip]

* New translations en.json (Portuguese)
[ci skip]

* New translations en.json (Portuguese)
[ci skip]

* New translations en.json (German)
[ci skip]

* New translations en.json (French)
[ci skip]

* New translations en.json (Korean)
[ci skip]

* New translations en.json (French)
[ci skip]

* New translations en.json (Esperanto)
[ci skip]

* New translations en.yml (Esperanto)
[ci skip]

* New translations en.json (Esperanto)
[ci skip]

* New translations en.json (Japanese)
[ci skip]

* New translations en.json (Vietnamese)
[ci skip]

* New translations en.json (Japanese)
[ci skip]

* New translations en.json (Spanish)
[ci skip]

* New translations en.json (Italian)
[ci skip]

* New translations en.json (Italian)
[ci skip]

* New translations en.json (Corsican)
[ci skip]

* New translations en.json (Corsican)
[ci skip]

* New translations en.json (Persian)
[ci skip]

* New translations en.json (Hungarian)
[ci skip]

* New translations en.json (Portuguese, Brazilian)
[ci skip]

* New translations en.json (Spanish)
[ci skip]

* New translations en.json (French)
[ci skip]

* New translations en.json (Spanish, Argentina)
[ci skip]

* New translations en.json (Galician)
[ci skip]

* New translations en.json (Galician)
[ci skip]

* New translations en.json (Portuguese)
[ci skip]

* New translations en.json (Portuguese)
[ci skip]

* New translations en.json (Albanian)
[ci skip]

* i18n-tasks normalize

* yarn manage:translations
2020-07-10 20:57:21 +02:00
ThibG
a80fd8c79b
Change the about.instance_actor_flash to be single-line (#14200)
Some translations of that string are single-line, which somehow seems to make
Crowdin issue a blank newline at the end of those translations.

This, in turns, leads to different results when running “i18n-tasks normalize”
depending on the version of libyaml installed, making the CI fail if it
runs a different version than whoever ran “i18n-tasks normalize”.

Since there is no real reason for that source string to be multi-line (it is
only displayed in HTML, without replacing newlines by <br/> tags),
attempt to fix Crowdin export by making the source string single-line.
2020-07-03 03:06:08 +02:00
ThibG
35cedc922c
Change move handler to carry blocks over (#14144)
* Change move handler to carry blocks and mutes over

When user A blocks user B and B moves to a new account C, make A block C
accordingly.

Note that it only works if A's instance is aware of the Move, that is,
if B is on A's instance or has followers there.

* Also notify instances with known people blocking you when moving

* Add automatic account notes when blocking/muting an account that had no note
2020-07-01 13:51:15 +02:00
ThibG
65506bac3f
Add user notes on accounts (#14148)
* Add UserNote model

* Add UI for user notes

* Put comment in relationships entity

* Add API to create user notes

* Copy user notes to new account when receiving a Move activity

* Address some of the review remarks

* Replace modal by inline edition

* Please CodeClimate

* Button design changes

* Change design again

* Cancel note edition when pressing Escape

* Fixes

* Tweak design again

* Move “Add note” item, and allow users to add notes to themselves

* Rename UserNote into AccountNote, rename “comment” Relationship attribute to “note”
2020-06-30 19:19:50 +02:00
Eugen Rochko
8c04e37b03
Remove the terms blacklist and whitelist from UX (#14149)
Localization strings:

- "Whitelist mode" -> "Limited federation mode"
- "Blacklist e-mail domain" -> "Block e-mail domain"
- "Whitelist domain" -> "Allow domain for federation"

...And so on

Environment variables (backwards-compatible):

- `WHITELIST_MODE` -> `LIMITED_FEDERATION_MODE`
- `EMAIL_DOMAIN_BLACKLIST` -> `EMAIL_DOMAIN_DENYLIST`
- `EMAIL_DOMAIN_WHITELIST` -> `EMAIL_DOMAIN_ALLOWLIST`

tootctl:

- `tootctl domains purge --whitelist-mode` -> `tootctl domains purge --limited-federation-mode`

Removed badly maintained and no longer relevant .env.production.sample file
2020-06-27 20:20:11 +02:00
Eugen Rochko
662a49dc3f
Fix various issues around OpenGraph representation of media (#14133)
- Fix audio attachments not being represented in OpenGraph tags
- Fix audio being represented as "1 image" in OpenGraph descriptions
- Fix video metadata being overwritten by paperclip-av-transcoder
- Fix embedded player not using Mastodon's UI
- Fix audio/video progress bars not moving smoothly
- Fix audio/video buffered bars not displaying correctly
2020-06-25 01:33:01 +02:00
Mélanie Chauvel
ac3c83ef6f
Improve wording and add titles on moderated servers section in /about/more (#13930) 2020-06-09 10:28:02 +02:00
Eugen Rochko
72a7cfaa39
Add e-mail-based sign in challenge for users with disabled 2FA (#14013) 2020-06-09 10:23:06 +02:00
ThibG
bf6745b9c3
Fix unpermitted operations on custom emojis leading to cryptic errors (#13951)
* Display appropriate error when performing unpermitted operation on custom emoji

Fixes #13897

* Remove links to custom emoji actions not performable by moderators
2020-06-05 15:23:27 +02:00
ThibG
bf94934623
Fix account redirect confirmation message talking about moved followers (#13950)
Fixes #13949
2020-06-03 20:18:19 +02:00
Eugen Rochko
5d8398c8b8
Add E2EE API (#13820) 2020-06-02 19:24:53 +02:00
TheMainOne
be1e2594fb
Clarified "missing_also_known_as" (#13746)
Fixes the confusion mentioned in https://github.com/tootsuite/mastodon/issues/12216. Suggestion of this fix provided by https://github.com/tootsuite/mastodon/issues/12216#issuecomment-564918757.
2020-05-12 21:38:24 +02:00
Eugen Rochko
8be4c2ba21
Add ability to remove identity proofs from account (#13682)
Fix #12613
2020-05-10 11:21:10 +02:00
ThibG
f7e011919e
Fix account aliases page (#13452)
* Fix error not being displayed when adding an account alias, add error for self-references

Co-Authored-By: Mélanie Chauvel (ariasuni) <perso@hack-libre.org>

* Add “You have no aliases.” note in confusing empty aliases table

Co-Authored-By: Mélanie Chauvel (ariasuni) <perso@hack-libre.org>

Co-authored-by: Mélanie Chauvel (ariasuni) <perso@hack-libre.org>
2020-04-13 06:41:43 +02:00
Eugen Rochko
f65568f1d4
Add ability to filter audit log in admin UI (#13381) 2020-04-03 13:06:34 +02:00
ThibG
0d117c106a
Fix 404 and 410 API errors being silently discarded in WebUI (#13279)
* Fix 404 and 410 API errors being silently discarded in WebUI

Fixes #13278

* Return more appropriate error when user replies to a deleted toot

* Please CodeClimate

* Fix 404/410 errors on fetching account timelines & identity proofs

* Refactor error handling

* Move error message string to statuses.errors
2020-03-28 17:59:45 +01:00
Eugen Rochko
bea0bb39d6
Add option to include resolved DNS records when blacklisting e-mail domains in admin UI (#13254)
* Add shortcuts to blacklist a user's e-mail domain in admin UI

* Add option to blacklist resolved MX and IP records for e-mail domains
2020-03-12 22:35:20 +01:00
Eugen Rochko
f556f79b77
Add titles to warning presets in admin UI (#13252) 2020-03-12 17:57:59 +01:00
Eugen Rochko
9660aa4543
Change local media attachments to perform heavy processing asynchronously (#13210)
Fix #9106
2020-03-08 23:56:18 +01:00
ThibG
2423d2f677
Add ability to delete files uploaded for settings in admin UI (#13192)
* Allow deleting site uploads

* Refactor and move links into hints

* Fix i18n tests

* Fix HTML output of site_upload_delete_hint
2020-03-08 16:00:24 +01:00
Eugen Rochko
339ce1c4e9
Add specific rate limits for posting and following (#13172) 2020-03-08 15:17:39 +01:00
ThibG
cf4fe6caef
Fix misleading error when attempting to re-send a pending follow request (#13133)
Fixes #13131
2020-02-24 21:19:19 +01:00
ThibG
aeb6efbb03
Fix typo in about page (#13038) 2020-02-03 23:29:42 +01:00
Sasha Sorokin
50cd73e5d7
Add "Show thread" button to public profiles (#13000)
This adds "Show thread" button to the status view which is used in
profiles. The logic to display the button is mimicking logic in
web app available at app/javascript/mastodon/components/status.js#L439.

* The little change in components CSS required to remove enforced
  underline for all links on public pages on our button.
2020-01-29 17:35:54 +01:00
Eugen Rochko
305abc9e05
Fix design of announcements in admin UI (#12989) 2020-01-28 02:21:00 +01:00
Eugen Rochko
663ea84b08
Add publish/unpublish controls to announcements in admin UI (#12967) 2020-01-27 11:05:33 +01:00
Eugen Rochko
f816da9c64
Add limit of 8 different reaction types per announcement (#12950) 2020-01-25 05:23:33 +01:00
koyu
dd4738a3f2 Mac is now known as macOS (#12935) 2020-01-24 00:21:13 +01:00
Eugen Rochko
f52c988e12
Add announcements (#12662)
* Add announcements

Fix #11006

* Add reactions to announcements

* Add admin UI for announcements

* Add unit tests

* Fix issues

- Add `with_dismissed` param to announcements API
- Fix end date not being formatted when time range is given
- Fix announcement delete causing reactions to send streaming updates
- Fix announcements container growing too wide and mascot too small
- Fix `all_day` being settable when no time range is given
- Change text "Update" to "Announcement"

* Fix scheduler unpublishing announcements before they are due

* Fix filter params not being passed to announcements filter
2020-01-23 22:00:13 +01:00
ThibG
43daeccccb Add “account timeline” filter category (#12918)
* Add “account timeline” filter category

Previously, no filter category applied to account timelines.

* Rename “Account timelines” into “Profiles”
2020-01-23 21:32:00 +01:00
Eugen Rochko
c0006a004d
Change followers page to relationships page in admin UI (#12927)
Allow browsing and filtering all relationships instead of just
followers, unify the codebase with the user-facing relationship
manager, add ability to see who the user invited
2020-01-23 20:33:20 +01:00
ThibG
d386d89179 Fix invalid votes from the API being accepted (#12601)
* Fix invalid votes from the API being accepted

Fixes #12556

- Ensure `choice` is an integer instead of silently converting to 0
- Ensure `choice` corresponds to an actual choice of the poll

* Please CodeClimate
2020-01-12 14:17:03 +01:00
koyu
5b9f01aec0 Fix spelling mistake (#12817) 2020-01-11 11:32:25 +09:00
Sasha Sorokin
36426ed4ad Use heading actions and placeholders in settings (#12801)
This commit:

- Refactors centered text blocks currently used for placeholders
  for empty tables and puts styles for it in separate class -
  .centered-text, simply aliasing text-align: center. Which is
  furtherly used in this commit.

- Improves applications settings page to use heading actions, moving
  "New application" button there, and displaying placeholder "You
  have no applications" in place of empty table.

- Improves custom emoji settings page to use heading action
  for "Upload" button, making it more easily accessible without
  need to scroll through all of the emojis.

- Improves email domain blocks settings page, moving "Add new" to the
  heading actions and using placeholder "No e-mail domains currently
  blacklisted" instead of showing empty table.
2020-01-11 02:14:45 +01:00
Sasha Sorokin
345dd93310 Little improvements to filters settings page (#12793)
When you have many filters, it may be hard for you to reach the button
to create yet another one. This commit moves creation button to the
heading, leaving the page just for the list.

On the other hand, when there are no filters, page looks kind of
strange with the empty table. So text stating obvious fact that user
has no filters was added in this commit too.

Closes #11020
Closes #12790
2020-01-07 10:41:19 +01:00
Sasha Sorokin
9edab7afaf Add translation project promotion link (#12736)
This commit adds promotional notice on appearance settings about
translation project if any other locale than English is used. It
allows users to learn and contribute translations to Mastodon.

Step ahead, in this commit one unusual string is added - link to a
guide. By default it refers to Crowdin project itself, but if any of
Mastodon localization teams established their own guide, they can
refer it. Or, if Crowdin supports localized domain for language, it
can also be put there (e.g. https://fr.crowdin.com/...).
2019-12-31 22:15:05 +01:00
Sasha Sorokin
902c6bed5a Use different strings on exports page (#12569)
Currently the page re-uses strings from other contexts which doesn't fit
very well - strings incorrectly lowercase-d and pluralized, when they
don't need to be, because it's a table.

This commit changes page to re-use accounts.posts_tab_heading for toots,
and admin.accounts for "Following" and "Follows". This all should look
more aesthetically pleasing.
2019-12-19 12:47:55 +01:00
ThibG
fb9137752a Remove unused translatable strings (#12643)
* Remove unused “salmon_url” string

* Remove more unused translatable strings

The following strings all used to be on the admin account page
but aren't used anymore: profile_url, outbox_url, followers_url, feed_url
2019-12-18 16:56:39 +01:00
Alice Gaudon
668f698077 Admin setting to disable default follows (#12566) 2019-12-16 23:55:50 +01:00
Sasha Sorokin
d5b7a4b116 Avoid using pluralize on moderation pages (#12589)
Pluralize function from Rails framework does not work with other
languages than English, moreover it does not even work properly with
English [1]. Not that the latest applies to this context, it's just
a sign that we best to avoid this function, especially when there are
more reliable ways.

This commit changes how reports pages generated in order to avoid usage
of pluralize function, replacing it with default translation function,
called with given counter. On top of that, we have to make strings
pluralizable, so have to change locale files.

[1]: https://medium.com/@anna7/b3927de2ca8e#6a60
2019-12-12 19:50:23 +01:00
Takeshi Umeda
f43f1e0184 Add basic support for group actors (#12071)
* Show badge on group actor in WebUI

* Do not notify in case of  by following group actor

* If you mention group actor, also mention group actor followers

* Relax characters that can be used in username (same as Application)

* Revert "Relax characters that can be used in username (same as Application)"

This reverts commit 7e10a137b878d0db1b5252c52106faef5e09ca4b.

* Delete display_name method
2019-12-04 20:36:33 +01:00
Sasha Sorokin
c8d82ef3c3 Split relationships page strings (#12502)
Before this moment relationships managing page was using strings from
other context - from counters, but in order for translators to be able
to translate it relatively to the page, it must use separate strings.

I've split the strings for "Following" and "Followers" and put them to
"relationships" keyset in localization file. This should solve this
issue.

Fixes #10863
2019-12-01 07:08:40 +01:00
ThibG
d8f96028c5 Add ability to filter reports by target account domain (#12154)
* Add ability to filter reports by target account domain

* Reword by_target_domain label
2019-11-30 19:53:58 +01:00
Sasha Sorokin
fd45f5bbaa Improve notifications page (#12497)
Currently notifications page seems a bit cluttered with no clear
separation between e-mail and filtering settings. This commit tries to
address them by adding clear separation with headers, hints and removing
continuously reused texts for events checkboxes.
2019-11-29 17:03:06 +01:00
ThibG
a2014830c2 Fix broken admin audit log in whitelist mode (#12303) 2019-11-11 00:05:15 +02:00
Yamagishi Kazutoshi
7512f3a3e0 Change message of public timeline for local only (#12224) 2019-10-27 12:45:33 +01:00
Faye Duxovni
48f75b86ae Add setting for whether to crop images in unexpanded toots (#12126) 2019-10-24 22:51:41 +02:00
ThibG
15c192ce40 Add link to search for users connected from the same IP address (#12157)
* Add link to search for users connected from the same IP address

Fixes #11949

* Fix missing cell in admin account view table
2019-10-24 22:49:26 +02:00
Eugen Rochko
aa509a3d8a
Fix auto-report string saying the account has been auto-silenced (#12142) 2019-10-10 18:47:24 +02:00
Eugen Rochko
b5f7e12817
Remove auto-silence behaviour from spam check (#12117)
Fix #12113
2019-10-09 07:11:23 +02:00
Eugen Rochko
c8bcf5cbfd
Add admin setting to auto-approve hashtags (#12122)
Change inaccurate labels on other admin settings
2019-10-09 00:30:15 +02:00
Eugen Rochko
19cdc62765
Remove fallback to long description on sidebar and meta description (#12119)
Fix #12114
2019-10-08 22:08:55 +02:00
Eugen Rochko
740c9cb3ee
Remove invite comments from UI (#12068)
Due to UX confusion and insufficient time to fix it
2019-10-03 22:37:13 +02:00
mayaeh
b258583d2b Fix hashtag link to directory in AdminUI (#12005)
* Fixed not to generate link if no user used hashtag in directory

* Added missing translation for AdminUI custom emojis

* run yarn manage:translations en
2019-10-01 01:20:22 +02:00
ThibG
3babf8464b Add voters count support (#11917)
* Add voters count to polls

* Add ActivityPub serialization and parsing of voters count

* Add support for voters count in WebUI

* Move incrementation of voters count out of redis lock

* Reword “voters” to “people”
2019-09-29 22:58:01 +02:00
Eugen Rochko
bd9685f798
Fix public list of domain blocks being too verbose on about page (#11967) 2019-09-29 16:23:01 +02:00
Eugen Rochko
163ed91af3
Add (back) option to set redirect notice on account without moving followers (#11994)
Fix #11913
2019-09-29 05:03:19 +02:00
mayaeh
05ad7d606c Add translation strings for AdminUI custom emojis (#11970) 2019-09-27 03:07:19 +02:00
Eugen Rochko
add4d4118c
Fix relays UI being available in whitelist/secure mode (#11963)
Fix relays UI referencing relay that is not functional
2019-09-27 02:13:34 +02:00
Eugen Rochko
3ed94dcc1a
Add account migration UI (#11846)
Fix #10736

- Change data export to be available for non-functional accounts
- Change non-functional accounts to include redirecting accounts
2019-09-19 20:58:19 +02:00
Eugen Rochko
d930eb88b6
Add table of contents to about page (#11885)
Move public domain blocks information to about page
2019-09-19 11:09:05 +02:00
Eugen Rochko
e1066cd431
Add password challenge to 2FA settings, e-mail notifications (#11878)
Fix #3961
2019-09-18 16:37:27 +02:00
mayaeh
ef0d22f232 Add search and sort functions to hashtag admin UI (#11829)
* Add search and sort functions to hashtag admin UI

* Move scope processing from tags_controller to tag_filter

* Fix based on method naming conventions

* Fixed not to get 500 errors for invalid requests
2019-09-16 14:27:29 +02:00
Eugen Rochko
c707ef49d9
Fix 2FA challenge and password challenge for non-database users (#11831)
* Fix 2FA challenge not appearing for non-database users

Fix #11685

* Fix account deletion not working when using external login

Fix #11691
2019-09-15 21:08:39 +02:00
Tao Bror Bojlén
4fe127664b add admin setting for default search engine indexing (fix #11750) (#11804) 2019-09-11 08:44:58 +02:00
Eugen Rochko
1110ea1a91
Add batch actions and categories to admin UI for custom emojis (#11793) 2019-09-09 22:44:17 +02:00
Eugen Rochko
261e52268c
Add batch approve/reject for pending hashtags in admin UI (#11791) 2019-09-09 12:50:09 +02:00
Eugen Rochko
43f56f1291
Change account deletion page to have better explanations (#11753)
Fix deletion of unconfirmed account not freeing up the username

Add prefill of logged-in user's email in the reconfirmation form
2019-09-04 04:13:54 +02:00
Eugen Rochko
3221f998dd
Change OpenGraph description on sign-up page to reflect invite (#11744) 2019-09-03 04:56:54 +02:00
mayaeh
1f22b8197c Integrate translation strings for the Profile Directory. (#11722)
Run `yarn manage:translations en`
2019-09-02 18:12:27 +02:00
Eugen Rochko
22ce4778eb
Fix uncaught parameter missing exceptions and missing error templates (#11702) 2019-08-30 01:34:47 +02:00
Eugen Rochko
cb447b28c4
Add profile directory to web UI (#11688)
* Add profile directory to web UI

* Add a line of bio to the directory
2019-08-30 00:14:36 +02:00
Eugen Rochko
73ca0bb925
Add option to include reported statuses in warning e-mail (#11639) 2019-08-23 22:37:23 +02:00
Eugen Rochko
282ea17078
Add soft delete for statuses for instant deletes through API (#11623)
* Add soft delete for statuses to allow them to appear instant

* Allow reporting soft-deleted statuses and show them in the admin UI

* Change index for getting an account's statuses
2019-08-22 21:55:56 +02:00
ThibG
9b6a5ed109 Add public blocks to /about/blocks (#11298)
* Add automatic blocklist display in /about/blocks

Inspired by https://github.com/Gargron/mastodon.social-misc

* Add admin option to set who can see instance blocks

* Normalize locales files

* Rename “Sandbox” to “Silence” for consistency

* Disable /about/blocks when in whitelist mode

* Optionally display rationale for domain blocks

* Only display domain blocks that have user-facing limitations, and order them

* Redesign table of blocked domains to better handle long domain names and rationales

* Change domain blocks ordering now that rationales aren't displayed right away

* Only show explanation for block severities actually in use

* Reword instance block explanations and add disclaimer for public fetch mode
2019-08-19 11:35:48 +02:00
Eugen Rochko
c6b4b923e6
Add trends to public pages sidebar (#11594) 2019-08-18 14:55:32 +02:00
Eugen Rochko
b348c9b0db
Add explanation to featured hashtags page and profile (#11586) 2019-08-17 18:07:52 +02:00
Eugen Rochko
7a1f8a58df
Fix crash when saving invalid domain name (#11528)
Fix #7629
2019-08-08 23:04:19 +02:00
Eugen Rochko
3a6b6c63f2
Add breakdown of usage by source to admin UI for hashtags (#11517)
Allows determining where the majority of posts in a hashtag come
from on a given day at a glance.
2019-08-07 20:20:39 +02:00
ThibG
bced70469a Add domain block notes (#11515)
* Add database columns for adding notes to domain blocks/restrctions

* Add admin UI to set private and public comments when blocking a domain

* Add text for private and public comments on domain blocks

* Show domain block comments in admin UI

* Add comments to the domain block undo page

* Make UnblockDomainService more robust regarding upgraded domain blocks

* Allow editing domain blocks

* Rename button from “undo domain block” to “view domain block” in account admin UI

* Change test to unsilence silenced users from upgraded blocks
2019-08-07 20:20:23 +02:00
Eugen Rochko
94c54997cf
Fix trending tags returning less items than requested sometimes (#11513)
Add better sorting defaults to the hashtags admin UI

Add "not reviewed" filter to hashtags admin UI
2019-08-07 17:08:30 +02:00
Eugen Rochko
7a737c79cc
Add number of pending accounts and pending hashtags to admin dashboard (#11514) 2019-08-07 16:13:34 +02:00
Eugen Rochko
ac33f1aedd
Fix account tags not being saved correctly (#11507)
* Fix account tags not being saved correctly

Regression from f371b32

Fix Tag#discoverable not returning tags where listable is nil instead of true

Add notice when saving hashtags in admin UI

Change public hashtag and directory pages to return 404 for forbidden tags

* Remove unused locale string
2019-08-07 10:01:55 +02:00
Eugen Rochko
dd38c280a5
Fix admin dashboard missing latest features (#11505)
Fix redis-namespace deprecation warning about administrative commands
2019-08-06 19:40:06 +02:00
Eugen Rochko
9072fe5ab6
Add trends UI with admin and user settings (#11502) 2019-08-06 17:57:52 +02:00
Eugen Rochko
115dab78f1
Change admin UI for hashtags and add back whitelisted trends (#11490)
Fix #271

Add back the `GET /api/v1/trends` API with the caveat that it does
not return tags that have not been allowed to trend by the staff.

When a hashtag begins to trend (internally) and that hashtag has
not been previously reviewed by the staff, the staff is notified.

The new admin UI for hashtags allows filtering hashtags by where
they are used (e.g. in the profile directory), whether they have
been reviewed or are pending reviewal, they show by how many people
the hashtag is used in the directory, how many people used it
today, how many statuses with it have been created today, and it
allows fixing the name of the hashtag to make it more readable.

The disallowed hashtags feature has been reworked. It is now
controlled from the admin UI for hashtags instead of from
the file `config/settings.yml`
2019-08-05 19:54:29 +02:00
Eugen Rochko
24552b5160
Add whitelist mode (#11291) 2019-07-30 11:10:46 +02:00
Eugen Rochko
964ae8eee5
Change unconfirmed user login behaviour (#11375)
Allow access to account settings, 2FA, authorized applications, and
account deletions to unconfirmed and pending users, as well as
users who had their accounts disabled. Suspended users cannot update
their e-mail or password or delete their account.

Display account status on account settings page, for example, when
an account is frozen, limited, unconfirmed or pending review.

After sign up, login users straight away and show a simple page that
tells them the status of their account with links to account settings
and logout, to reduce onboarding friction and allow users to correct
wrongly typed e-mail addresses.

Move the final sign-up step of SSO integrations to be the same
as above to reduce code duplication.
2019-07-22 10:48:50 +02:00
ThibG
730c4053d6 Add ActivityPub actor representing the entire server (#11321)
* Add support for an instance actor

* Skip username validation for local Application accounts

* Add migration script to create instance actor

* Make Codeclimate happy

* Switch to id -99 for instance actor

* Remove unused `icon` and `image` attributes from instance actor

* Use if/elsif/else instead of return + ternary operator

* Add instance actor to fresh installs

* Use instance actor as instance representative

Use instance actor for forwarding reports, relay operations, and spam
auto-reporting.

* Seed database in test environment

* Fix single-user mode

* Fix tests

* Fix specs to accomodate for an extra `Account`

* Auto-reject follows on instance actor

Following an instance actor might make sense, but we are not handling that
right now, so auto-reject.

* Fix webfinger lookup and serialization for instance actor

* Rename instance actor

* Make it clear in the HTML view that the instance actor should not be blocked

* Raise cache time for instance actor as there's no dynamic content

* Re-use /about/more with a flash message for instance actor profile
2019-07-19 01:44:42 +02:00
ThibG
7e2b6da57f Add setting to disable the anti-spam (#11296)
* Add environment variable to disable the anti-spam

* Move antispam setting to admin settings

* Fix typo

* antispam → spam_check
2019-07-17 21:09:15 +02:00
Eugen Rochko
6ff67be0f6
Add a spam check (#11217)
* Add a spam check

* Use Nilsimsa to generate locality-sensitive hashes and compare using Levenshtein distance

* Add more tests

* Add exemption when the message is a reply to something that mentions the sender

* Use Nilsimsa Compare Value instead of Levenshtein distance

* Use MD5 for messages shorter than 10 characters

* Add message to automated report, do not add non-public statuses to
automated report, add trust level to accounts and make unsilencing
raise the trust level to prevent repeated spam checks on that account

* Expire spam check data after 3 months

* Add support for local statuses, reduce expiration to 1 week, always create a report

* Add content warnings to the spam check and exempt empty statuses

* Change Nilsimsa threshold to 95 and make sure removed statuses are removed from the spam check

* Add all matched statuses into automatic report
2019-07-13 16:45:50 +02:00
Eugen Rochko
ef15246397
Remove unused remote unfollow controller (#11250) 2019-07-08 12:04:06 +02:00
Eugen Rochko
23aeef52cc
Remove Salmon and PubSubHubbub (#11205)
* Remove Salmon and PubSubHubbub endpoints

* Add error when trying to follow OStatus accounts

* Fix new accounts not being created in ResolveAccountService
2019-07-06 23:26:16 +02:00
Eugen Rochko
1db4117030
Change preferences page into appearance, notifications, and other (#10977) 2019-06-07 03:39:24 +02:00
Eugen Rochko
a60364ca7d
Add waiting time to list of pending accounts in admin UI (#10985) 2019-06-07 03:24:10 +02:00
ThibG
14f6ce2885 Record account suspend/silence time and keep track of domain blocks (#10660)
* Record account suspend/silence time and keep track of domain blocks

* Also unblock users who were suspended/silenced before dates were recorded

* Add tests

* Keep track of suspending date for users suspended through the CLI

* Show accurate number of accounts that would be affected by unsuspending an instance

* Change migration to set silenced_at and suspended_at

* Revert "Also unblock users who were suspended/silenced before dates were recorded"

This reverts commit a015c65d2d1e28c7b7cfab8b3f8cd5fb48b8b71c.

* Switch from using suspended and silenced to suspended_at and silenced_at

* Add post-deployment migration script to remove `suspended` and `silenced` columns

* Use Account#silence! and Account#suspend! instead of updating the underlying property

* Add silenced_at and suspended_at migration to post-migration

* Change account fabricator to translate suspended and silenced attributes

* Minor fixes

* Make unblocking domains always retroactive
2019-05-14 19:05:02 +02:00
ThibG
011b032300 Provide a link to existing domain block when trying to block an already-blocked domain (#10663)
* When trying to block an already-blocked domain, provide a link to the block

* Fix styling for links in flash messages

* Allow blocks to be upgraded but not downgraded
2019-05-03 20:36:36 +02:00
mayaeh
9e2a1f1838 i18n: Update Japanese translations (#10536)
* run i18n-tasks add-missing

* Update Japanese translations.
2019-04-10 17:36:45 +02:00
Eugen Rochko
9b0d8f74cb
Change the groupings of menu items in settings navigation (#10533)
* Change the groupings of menu items in settings navigation

Fix #10307

* Remove unused translations
2019-04-10 03:47:11 +02:00
Eugen Rochko
8b69a66380 Add "why do you want to join" field to invite requests (#10524)
* Add "why do you want to join" field to invite requests

Fix #10512

* Remove unused translations

* Fix broken registrations when no invite request text is submitted
2019-04-09 23:06:30 +09:00
ThibG
5247ea4efd Fix batch actions not working on pending accounts (#10508) 2019-04-08 18:35:41 +02:00
mayaeh
a265696991 i18n: Update Japanese translations (#10494)
* Update Japanese translations

* Update Japanese translations.
2019-04-08 09:16:14 +09:00
Eugen Rochko
67b3b62b98
Improve blocked view of profiles (#10491)
* Revert "Fix filtering of favourited_by, reblogged_by, followers and following (#10447)"

This reverts commit 120544067f.

* Revert "Hide blocking accounts from blocked users (#10442)"

This reverts commit 62bafa20a1.

* Improve blocked view of profiles

- Change "You are blocked" to "Profile unavailable"
- Hide following/followers in API when blocked
- Disable follow button and show "Profile unavailable" on public profile as well
2019-04-07 04:59:13 +02:00
Eugen Rochko
e1d0390e29
Add batch actions for approving and rejecting pending accounts (#10469) 2019-04-06 17:53:45 +02:00
mayaeh
abdf225353 i18n: Update Japanese translations (#10427)
* Update Japanese translations.

run yarn manage:translations && i18n-tasks add-missing

* Update Japanese translations.

* Fix mistake

* Change to be concise.
2019-04-01 05:50:05 +02:00
Alex Gessner
69141dca26 squashed identity proof updates (#10375) 2019-03-28 18:01:09 +01:00
Eugen Rochko
08ec7435ce
Add order options to relationship manager UI (#10404) 2019-03-28 02:16:01 +01:00
ThibG
0c46bd11aa Fix HTML validation (#10354)
* Fix HTML validation

* Report first HTML error instead on validation error
2019-03-26 17:33:26 +01:00
Eugen Rochko
e117964325
Change icons of features on admin dashboard to remove bias (#10366)
Red crosses implied that it was bad/unexpected that certain features
were not enabled. In reality, they are options, so showing a green
or grey power-off icon is more appropriate.

Add status of timeline preview as well

Fix sample accounts changing too frequently due to wrong query

Sample accounts are intended to be sorted by popularity
2019-03-26 01:24:19 +01:00
Jeong Arm
9ec98893f4 Change settings description (#10312)
- site_description is no longer visible on front page
- short_description is not fallback to site_description
2019-03-23 16:11:58 +01:00
Eugen Rochko
555c4e11ba
Add validations to admin settings (#10348)
* Add validations to admin settings

- Validate correct HTML markup
- Validate presence of contact username & e-mail
- Validate that all usernames are valid
- Validate that enums have expected values

* Fix code style issue

* Fix tests
2019-03-23 14:07:04 +01:00
Eugen Rochko
9c4cbdbafb
Add Keybase integration (#10297)
* create account_identity_proofs table

* add endpoint for keybase to check local proofs

* add async task to update validity and liveness of proofs from keybase

* first pass keybase proof CRUD

* second pass keybase proof creation

* clean up proof list and add badges

* add avatar url to keybase api

* Always highlight the “Identity Proofs” navigation item when interacting with proofs.

* Update translations.

* Add profile URL.

* Reorder proofs.

* Add proofs to bio.

* Update settings/identity_proofs front-end.

* Use `link_to`.

* Only encode query params if they exist.

URLs without params had a trailing `?`.

* Only show live proofs.

* change valid to active in proof list and update liveness before displaying

* minor fixes

* add keybase config at well-known path

* extremely naive feature flagging off the identity proof UI

* fixes for rubocop

* make identity proofs page resilient to potential keybase issues

* normalize i18n

* tweaks for brakeman

* remove two unused translations

* cleanup and add more localizations

* make keybase_contacts an admin setting

* fix ExternalProofService my_domain

* use Addressable::URI in identity proofs

* use active model serializer for keybase proof config

* more cleanup of keybase proof config

* rename proof is_valid and is_live to proof_valid and proof_live

* cleanup

* assorted tweaks for more robust communication with keybase

* Clean up

* Small fixes

* Display verified identity identically to verified links

* Clean up unused CSS

* Add caching for Keybase avatar URLs

* Remove keybase_contacts setting
2019-03-18 21:00:55 +01:00
Eugen Rochko
b8e4c85e69
Add dormant filter to relationship manager, rename other filters (#10308)
Rename "abandoned" to "moved", and "active" to "primary"
2019-03-18 03:53:17 +01:00
Eugen Rochko
1c113fd72d
Add relationship manager UI (#10268) 2019-03-16 11:23:22 +01:00
Eugen Rochko
51e154f5e8
Admission-based registrations mode (#10250)
Fix #6856
Fix #6951
2019-03-14 05:28:30 +01:00
Eugen Rochko
65fffeac3f
Redesign landing page (#10232) 2019-03-12 17:34:00 +01:00
Eugen Rochko
5996be994d
Fix poll validation issues (#10186)
- Fix missing interpolation argument in PollValidator
- Fix PollValidator rejecting exact allowed min/max durations
2019-03-06 04:54:11 +01:00
ThibG
3de71887d8 Add non-JS fallback for polls on public pages (#10155) 2019-03-04 18:03:12 +01:00
Eugen Rochko
230a012f00
Add polls (#10111)
* Add polls

Fix #1629

* Add tests

* Fixes

* Change API for creating polls

* Use name instead of content for votes

* Remove poll validation for remote polls

* Add polls to public pages

* When updating the poll, update options just in case they were changed

* Fix public pages showing both poll and other media
2019-03-03 22:18:23 +01:00
ThibG
6840a77711 Add domain search/filter to the "Federation" (/admin/instances) page (#10071) 2019-02-18 14:59:19 +01:00
mayaeh
46e806cd2f Rename from instance to server. (#9938) 2019-02-05 19:11:24 +01:00
Eugen Rochko
364f2ff9aa
Add featured hashtags to profiles (#9755)
* Add hashtag filter to profiles

GET /@:username/tagged/:hashtag
GET /api/v1/accounts/:id/statuses?tagged=:hashtag

* Display featured hashtags on public profile

* Use separate model for featured tags

* Update featured hashtag counters on-write

* Limit featured tags to 10
2019-02-04 04:25:59 +01:00
Eugen Rochko
d14c276e58
Add option to overwrite imported data (#9962)
* Add option to overwrite imported data

Fix #7465

* Add import for domain blocks
2019-02-03 03:59:51 +01:00
Eugen Rochko
ad8c71c985
Fix link color in high-contrast theme, add underlines (#9949)
Improve sorting of default themes in the dropdown
2019-02-01 00:15:38 +01:00
Marek Ľach
0167659f5f Distinguish error messaging for mystyped URLs and deleted accounts (#9957) 2019-02-01 00:07:08 +01:00
Eugen Rochko
a492a9bcd3
Add information about how to opt-in to the directory on the directory (#9834)
Fix #9833
2019-01-18 10:25:44 +01:00
Eugen Rochko
1c6588accc
Redesign admin instances area (#9645) 2019-01-08 13:39:49 +01:00
Eugen Rochko
5654535728
Change remote interaction dialog to use specific actions (#9743)
* Change remote interaction dialog to use specific actions

Instead of just "interact", use different strings based on whether
it's a reply, reblog or favourite. Add explanation why the step
is necessary in the first place

* Remove obsolete strings
2019-01-07 15:36:26 +01:00
Eugen Rochko
c73653ce23
Add missing locale strings (#9723) 2019-01-05 19:13:11 +01:00
Eugen Rochko
a49d43d112
Add scheduled statuses (#9706)
Fix #340
2019-01-05 12:43:28 +01:00
Eugen Rochko
6e49907ecf
Improve admin UI for account view (#9643) 2018-12-28 03:38:41 +01:00
chr v1.x
c3465f699e Add local followers page to admin account UI (#9610)
* Add local followers page to admin account UI

For moderation, I often find myself wondering who, locally, is following
a remote user. Currently, to see this, I have to go back to the web UI,
paste in their full handle, click their profile, and go to the
"Followers" tab (plus, this information is incidental, and if mastodon
ever decides to resolve all of the follower information, there will be
no place local followers are shown). This PR adds a new page which is
accessible via the "following" count on the admin's account view
page, which shows the local followers. (It has filter parameters for
account location to indicate that only local followers are shown, and
leave room for expansion if mastodon ever decides to store the entire
remote follow list).

* Normalize en.yml
2018-12-27 13:15:39 +01:00
Eugen Rochko
bb62827c16
Remove links to bridge.joinmastodon.org (non-functional) (#9608)
Add link to profile directory
2018-12-22 23:32:00 +01:00
Eugen Rochko
3c033c4352
Add moderation warnings (#9519)
* Add moderation warnings

Replace individual routes for disabling, silencing, and suspending
a user, as well as the report update route, with a unified account
action controller that allows you to select an action (none,
disable, silence, suspend) as well as whether it should generate an
e-mail notification with optional custom text. That notification,
with the optional custom text, is saved as a warning.

Additionally, there are warning presets you can configure to save
time when performing the above.

* Use Account#local_username_and_domain
2018-12-22 20:02:09 +01:00
mayaeh
ff472d2cfb Update Japanese translations. (#9574) 2018-12-19 08:51:02 +01:00
Eugen Rochko
087e118971
Remove "most popular" tab from profile directory, add responsive design (#9539)
* Remove "most popular" tab from profile directory, add responsive design

* Remove unused translations
2018-12-17 03:14:28 +01:00
ThibG
720daa8143 Add instance-wide setting to disable profile directory (#9497)
* Add instance-wide setting to disable profile directory

Fixes #9496

When the profile directory is disabled:
- The “discoverable” setting is hidden from users
- The “profile directory” link is not shown on public pages
- /explore returns 404

* Move Setting.profile_directory check to a before_action filter
2018-12-11 19:18:29 +01:00
Eugen Rochko
73be8f38c1
Add profile directory (#9427)
Fix #5578
2018-12-06 17:36:11 +01:00
Eugen Rochko
73faadad28
Redesign admin accounts index (#9340)
* Improve overview of accounts in admin UI

- Display suspended status, role, last activity and IP prominently
- Default to showing local accounts
- Default to not showing suspended accounts

* Remove unused strings

* Fix tests

* Allow filtering accounts by IP mask
2018-11-26 15:53:27 +01:00
Eugen Rochko
fd5285658f
Add option to block reports from domain (#8830) 2018-10-20 08:02:44 +02:00
Eugen Rochko
9486f0ca77
Add "disable" button to report screen (#9024)
* Add "disable" button to report screen

* i18n-tasks remove-unused
2018-10-20 02:39:39 +02:00
Gomasy
7085b21f70 Add destroy_custom_emoji translation (#8997)
Includes Japanese and English
2018-10-17 16:54:59 +02:00
mayaeh
47bca33945 Fix description about custom mascot. (#8974) 2018-10-13 17:00:15 +02:00
mayaeh
87abbb07f3 Add Japanese translations. (#8927) 2018-10-09 07:12:37 +09:00
ashleyhull-versent
2dba313100 Replace SVG asset with Custom mascot (#8766) 2018-10-08 00:20:45 +02:00
Eugen Rochko
28401962ca Change documentation URL (#8898)
* Change documentation URL

* Fix hardcoded documentation URL in locales
2018-10-06 14:33:36 +09:00
Eugen Rochko
a46ab86adf
Limit the number of people that can be followed from one account (#8807)
Configurable soft limit of 7,500, and above that, configurable
ratio of 1.1 * followers, controlled by:

- MAX_FOLLOWS_THRESHOLD
- MAX_FOLLOWS_RATIO

Fix #2311
2018-10-04 17:36:11 +02:00
Eugen Rochko
f4d549d300
Redesign forms, verify link ownership with rel="me" (#8703)
* Verify link ownership with rel="me"

* Add explanation about verification to UI

* Perform link verifications

* Add click-to-copy widget for verification HTML

* Redesign edit profile page

* Redesign forms

* Improve responsive design of settings pages

* Restore landing page sign-up form

* Fix typo

* Support <link> tags, add spec

* Fix links not being verified on first discovery and passive updates
2018-09-18 16:45:58 +02:00
Eugen Rochko
011437dcb5
Group reports by target account (#8674)
* Group reports by target account

* Improve CSS
2018-09-13 03:44:08 +02:00
Yamagishi Kazutoshi
50d8cf8aed Save button for relays translatable (#8539) 2018-08-31 15:15:21 +02:00
Eugen Rochko
5e1767173f
Display pending message on admin relays UI (#8494)
* Add missing specs for relay accept/reject

* Display pending message on admin relays UI
2018-08-28 05:39:43 +02:00
M Somerville
b31449cd77 Better singulars of account followers/toots. (#8471) 2018-08-26 21:30:53 +02:00
Eugen Rochko
22e46ebad8
Add theme identifier to body classes for easier custom CSS styling (#8439)
Add forgotten custom CSS admin setting strings
2018-08-25 22:55:25 +02:00
M Somerville
ad41806e53 Allow use of plurals on about page stats. (#8363) 2018-08-22 19:42:47 +02:00
Eugen Rochko
2374a00c10
Add confirmation step to account suspensions (#8353)
* Add confirmation page for suspensions

* Suspension confirmation closes reports, linked from report UI

* Fix tests
2018-08-22 11:53:41 +02:00
Eugen Rochko
0fc0980de1
Link to mobile apps page (#8278)
Fix #8269
2018-08-19 01:17:44 +02:00
Eugen Rochko
9dd5639f90
Add admin function to deactivate all invites (#8279)
Fix #8261
2018-08-19 00:58:53 +02:00
Eugen Rochko
85bb32c410
Add "sign in to participate" message to public toot page (#8200) 2018-08-18 12:48:27 +02:00
Eugen Rochko
78fa926ed5
Add remote interaction dialog for toots (#8202)
* Add remote interaction dialog for toots

* Change AuthorizeFollow into AuthorizeInteraction, support statuses

* Update brakeman.ignore

* Adjust how interaction buttons are display on public pages

* Fix tests
2018-08-18 03:03:12 +02:00
ThibG
106fa28a00 Prevent actions log from crashing when displaying deleted status (fixes #8133) (#8219) 2018-08-16 20:05:26 +02:00
ThibG
c98681c358 Do not error out when performing admin actions on no statuses (#8220)
Fixes the other issue with #8168
2018-08-16 20:02:52 +02:00
Eugen Rochko
0dcc1950d1
Update /terms and /about/more to use public layout (#8142) 2018-08-09 12:58:20 +02:00
Eugen Rochko
f2404de871
Public profile endorsements (accounts picked by profile owner) (#8146) 2018-08-09 09:56:53 +02:00
Eugen Rochko
cc56f2230a
Add separate setting for sidebar text (site_short_description) (#8107)
* Add separate setting for sidebar text (site_short_description)

* Fix tests
2018-07-31 18:59:34 +02:00
Eugen Rochko
bb71538bb5
Redesign public profiles and toots (#8068) 2018-07-28 19:25:33 +02:00
Eugen Rochko
2bcdfcdee3 Add missing translation for admin dashboard trends section (#8040) 2018-07-17 07:15:17 +09:00
Eugen Rochko
2354b10eb5
Add admin dashboard (#8029) 2018-07-16 01:11:53 +02:00
Eugen Rochko
e55dce3176
Add federation relay support (#7998)
* Add federation relay support

* Add admin UI for managing relays

* Include actor on relay-related activities

* Fix i18n
2018-07-13 02:16:06 +02:00
Eugen Rochko
f89c595ea0
Add admin setting to enable OG previews for sensitive media (#7962) 2018-07-06 02:15:56 +02:00
Eugen Rochko
2092d5c0ad
Improve embeds (#7919)
* Make embeds cacheable by reverse proxy

* Make follow button on embeds open remote follow modal

Instead of web+mastodon://, also, turn the button blue, and add a
sign up prompt to the remote follow modal
2018-07-01 04:12:34 +02:00
Eugen Rochko
cdb101340a
Keyword/phrase filtering (#7905)
* Add keyword filtering

    GET|POST       /api/v1/filters
    GET|PUT|DELETE /api/v1/filters/:id

- Irreversible filters can drop toots from home or notifications
- Other filters can hide toots through the client app
- Filters use a phrase valid in particular contexts, expiration

* Make sure expired filters don't get applied client-side

* Add missing API methods

* Remove "regex filter" from column settings

* Add tests

* Add test for FeedManager

* Add CustomFilter test

* Add UI for managing filters

* Add streaming API event to allow syncing filters

* Fix tests
2018-06-29 15:34:36 +02:00
Eugen Rochko
a58ec29631
Allow selecting default posting language instead of auto-detect (#7828)
* Allow selecting default posting language instead of auto-detect

* Enable default language setting in credentials API

* Fix form saving
2018-06-17 18:57:31 +02:00
Eugen Rochko
ca85658975
Add autofollow option to invites (#7805)
* Add autofollow option to invites

* Trigger CodeClimate rebuild
2018-06-15 18:00:23 +02:00
Eugen Rochko
6b2f4f8c09
"Show" instead of "return to" after (remote)-following (#7718)
Resolve #6326
2018-06-04 03:00:36 +02:00
Jeroen
3f8f5642a1 Added the law requirements for the EU/EEA (#7605)
* Added the law requirements for the EU/EEA

See article 8 of the GDPR

* fix

* i18n-tasks normalize
2018-05-25 14:27:14 +02:00
SerCom_KC
4c9d5a500d [WIP] i18n: Update Simplified Chinese translations (#7576)
* i18n: (zh-CN) #7027

* Rewording
This placeholder is also seen on single user page at Moderation > Accounts, where "this report" doesn't make sense.

* i18n: (zh-CN) #6425

* i18n: (zh-CN) #6497

* i18n: (zh-CN) #6246

* i18n: (zh-CN) Improvements
2018-05-22 15:26:42 +02:00
Sylvhem
ea969000a5 Add a light theme (#7027)
* Add a light theme to Mastodon

This add a second default theme to Mastodon. This new theme is supposed to be a light version of the dark original one.

* Update locales

Update the English and French locales.

* Change capitalization of hexadecimal triplets

Change capitalization of hexadecimal color codes to match Code Climate's recomandation.

* Add variable

Add a new variable to use instead of hardcoding a color. Change made to match Code Climate's recomandation.

* Use Mastodon branding palette

Replace the colors previously used by the ones found in Mastodon branding palette.
The resulting theme is lighter than the previous version.

* Make the overlay background white

Make the overly background used on on sensitive medias white instead of black

* Change the color used on the envelop icon

Change the color used on the envelop icon for a darker one. The same color is now used on both the envelop icon and the padlock icon.

* Add contrast

Add contrast to various places inside the main interface and the profile pages.

* Change the text color used in the compose form

Change the text color used in the compose form for a darker one.

* Make the code easier to read

Add some blank lines to make the code easier to parse for a human eye.

* Change columns' background default colors

Change columns' background default colors, making the composition column the darker one.

* Change the color of the log in button

Change the log in button's text color to make it more readable.

* Fix the color of the boost buttons on the landing page

The disabled boost buttons on the landing page are now of the same color that the other disabled buttons.

* Change the colors used in the dropdown menu

Make the dropdown menu light instead of dark.
2018-05-21 13:40:31 +02:00
Eugen Rochko
4b94e9c65e
Improve payload format of Web Push API now that it's open (#7521)
> Good lord what is happening in there

Previously the contents of the Web Push API payloads closely resembled the structure of JavaScript's [Notification](https://developer.mozilla.org/en-US/docs/Web/API/Notification). But now that the API is open to non-browser apps, and given that there is no required coupling between contents of the payload and a Notification object, here is how I changed the payload:

```json
{ 
  "access_token": "...",
  "preferred_locale": "en",
  "notification_id": "12345",
  "notification_type": "follow",
  "title": "So and so followed you",
  "body": "This is my bio",
  "icon": "https://example.com/avatar.png"
}
```

The title, body and icon attributes are included as a fallback so you can construct a minimal notification if you cannot perform a network request to the API to get more data.
2018-05-19 14:46:47 +02:00
Eugen Rochko
1e02dc8715
Add preference to hide following/followers lists (#7532)
* Add preference to hide following/followers lists

- Public pages
- ActivityPub collections (does not return pages but does give total)
- REST API (unless it's your own) (does not federate)

Fix #6901

* Add preference

* Add delegation

* Fix issue

* Fix issue
2018-05-18 02:26:51 +02:00
ThibG
0f2fbf7d05 Improvements to toots display in admin view (#7452)
* Distinguish boosts from original statuses in the admin panel (fixes #7449)

* Show the “show more” button in admin view to make CWs clearer (fixes #7451)

* Make content warnings swag
2018-05-12 17:44:15 +02:00
Eugen Rochko
42cd363542
Bot nameplates (#7391)
* Store actor type in database

* Add bot nameplate to web UI, add setting to preferences, API, AP
Fix #7365

* Fix code style issues
2018-05-07 09:31:07 +02:00
Shuhei Kitagawa
bd10a7e480 Add resend confirmation for admin (#7378)
* Add confirmations_controller#resend

* Add tests for confirmations_controller#resend

* Add translations
2018-05-06 10:59:03 +02:00
Eugen Rochko
39efc6d533
Add hint about 7 day cooldown for archive takeout (#7375) 2018-05-06 10:53:10 +02:00
Eugen Rochko
b611dbac79
Add contact e-mail hint to 2FA login form (#7376) 2018-05-06 10:52:36 +02:00
Eugen Rochko
c7d1a2e400
Improve admin UI for accounts (#7360)
* Improve design of account statuses admin UI (consistent with reports)

* Make account moderation notes look consistent with report notes

* i18n-tasks remove-unused

* Fix code style issues

* Fix tests
2018-05-05 23:06:29 +02:00
Eugen Rochko
251bbf9728
Show remote reports in admin UI as coming from domain rather than user (#7347)
Fix #6994
2018-05-04 13:26:25 +02:00
Emelia Smith
60b871d56c Implement the ability for instances to define a list of disallowed hashtags (#7176)
The goal here isn't to prevent these hashtags from existing, but just to strongly curtail their usage; The hashtags may still exist in the database via federated status, or from being created prior to this feature.
2018-04-23 23:52:58 +02:00
Lynx Kotoura
a4a36d994b Separate high contrast theme (#7213) 2018-04-21 21:35:55 +02:00
Eugen Rochko
a9c440637c
Improve report layout (#7188)
* Use table for statuses in report

* Display reported account and reporter in the same table

* Split accounts and general report info into two tables again

* Redesign report statuses table, notes, merge notes and action log

* Remove unused translations

* Fix code style issue

* Fix code style issue

* Fix code style issue
2018-04-20 02:28:48 +02:00
Emelia Smith
204d72fbe4 Feature: add count of account notes to reports (#7130)
* Reports: Colocate account details with reports

* Reports: Add count of account moderation notes

Sometimes an account will be left with a note instead of the report, this adds a way to quickly see from a given report if this is the case.
2018-04-17 14:58:11 +02:00
Marcin Mikołajczak
fed0b5ed04 i18n: Update Polish translation (#7131)
Signed-off-by: Marcin Mikołajczak <me@m4sk.in>
2018-04-15 14:12:41 +09:00
Emelia Smith
d9b62e34da Feature: Improve reports ui (#7032)
* Further improvements to Reports UI

- Clean up notes display
- Clean up add new note form
- Simplify controller
- Allow reopening a report with a note
- Show created at date for reports
- Fix report details table formatting

* Show history of report using Admin::ActionLog beneath the report

* Fix incorrect log message when reopening a report

* Implement fetching of all ActionLog items that could be related to the report

* Ensure adding a report_note updates the report's updated_at

* Limit Report History to actions that happened between the report being created and the report being resolved

* Fix linting issues

* Improve report history builder

Thanks @gargron for the improvements
2018-04-10 20:27:59 +02:00
Emelia Smith
219a4423d8 Feature: Allow staff to change user emails (#7074)
* Admin: Show unconfirmed email address on account page

* Admin: Allow staff to change user email addresses

* ActionLog: On change_email, log current email address and new unconfirmed email address
2018-04-10 09:16:06 +02:00
Eugen Rochko
f1867a7388
Adjust privacy policy (#6666)
* Adjust privacy policy to be more specific to Mastodon

Fix #6613

* Change data retention of IP addresses from 5 years to 1 year

* Add even more information

* Remove all (now invalid) translations of the privacy policy

* Add information about archive takeout, remove pointless consent section

* Emphasis on DM privacy

* Improve wording

* Add line about data use for moderation purposes
2018-04-04 21:47:39 +02:00
Eugen Rochko
07176fed37
Add contact account to landing page ("Administered by") (#6984) 2018-04-04 01:11:26 +02:00
Emelia Smith
e85cffb236 Feature: Report improvements (#6967) (#7000)
* Implement Assignment of Reports (#6967)

* Change translation of admin.report.comment.label to "Report Comment" for clarity

As we'll soon add the ability for reports to have comments on them, this clarification makes sense.

* Implement notes for Reports

This enables moderators to leave comments about a report whilst they work on it

* Fix display of report moderation notes

* Allow reports to be reopened / marked as unresolved

* Redirect to reports listing upon resolution of report

* Implement "resolve with note" functionality

* Add inverse relationship for report notes

* Remove additional database querying when loading report notes

* Fix tests for reports

* Fix localisations for report notes / reports
2018-04-02 22:04:14 +02:00
Emelia Smith
e7a1716701 Implement the ability for an Administrator or Moderator to remove an account avatar (#6998) 2018-04-02 13:45:07 +02:00
Akihiko Odaki
fa310695fa Note if the user is already following the target when authorizing follow (#6325) 2018-03-24 12:50:41 +01:00
Jeroen
580835ab69 Invites: Add '1 week' as expire option (#6872)
* Invites: Add '1 week' as expire option

IMO a max. of 1 day is too short. Not everyone has the time and motivation to use an invite in a 24 hour period. 1 week as a max. is I think a good compromise between convenience and security.

* Invites: Add '1 week' as expire option

IMO a max. of 1 day is too short. Not everyone has the time and motivation to use an invite in a 24 hour period. 1 week as a max. is I think a good compromise between convenience and security.

* Update en.yml
2018-03-24 12:50:14 +01:00
Eugen Rochko
a568e3ca8e
Revert #6479, hide sensitive text/images from OpenGraph previews (#6818)
Display summary of attachments in description, and mark up content
warning if present, e.g.:

    Attached: 3 images · Content warning: Dota 2

When text is not supposed to be hidden, it looks more like:

    Attached: 3 images

    Here is the text of the toot

With #6817, multilinguagility should be assured...
2018-03-18 20:33:07 +01:00
Eugen Rochko
5acd5315f2
Improve styling of closed registrations message, rename button (#6695)
* Improve styling of closed registrations message, rename button

"Sign up on another server"

Fix #6683

* Adjust styling of closed registrations message
2018-03-08 11:10:37 +01:00
Sylvhem
cb74c0cfe4 Add headings to the security settings page (#6661)
* Changes the headings' rank of the security settings section

This commit changes the existing headings' rank of the security settings section from level 6 to level 4.

* Renames the auth.change_password string into auth.security

The "Security" preferences' section used to be called "Change password". When it was renamed, the string name wasn't changed.
This commits changes auth.change_password to auth.security.

* Adds a heading to the password change form

There was previously no heading for the part of the "Security" page that contain the password change form.
This commit adds a rank 4 heading to this section and reintroduces an "auth.change_password" string to be used inside it.

* Removes useless HR elements

The various sections of the "Security" settings page were previously separated by HR elements.
Now that there is proper headings, they're not required anymore.

* Updates CSS

This commit updates CSS in such a way that the same style is applied to all the H4 elements of the settings.

* Correct a mistake

A character went missing on one of the previous commits, broking the CSS.
This new commit fixes it.
2018-03-07 01:39:40 +01:00
Yamagishi Kazutoshi
ecf06d7e82 Change "or" translatable (#6597) 2018-03-02 19:03:21 +01:00
Eugen Rochko
47bdb9b33b
Fix #942: Seamless LDAP login (#6556) 2018-02-28 19:04:53 +01:00
Ian McCowan
c33931b613 Fix prev/next links on public profile page (#6497)
* Fix prev/next links on public profile page

* Don't make pagination urls if no available statuses

* Fix empty check method

* Put left chevron before prev page link

* Add scope for pagination "starting at" a given id

* Status pagination try 2:

s/prev/older and s/next/newer
"older" on left, "newer" on right
Use new scope for "newer" link
Extract magic 20 page size to constant
Remove max_id from feed pagination as it's not respected

* Reinstate max_id for accounts atom stream

* normalize
2018-02-26 03:31:28 +01:00
Eugen Rochko
c71aa468b5
Redesign landing page (again) (#6486)
* Redesign landing page (again)

* Move login form in small version to the right column

* Display closed registrations message

* Add site setting for the hero image

* Fix test

* Increase spacing, maximum width, change call to action section
2018-02-22 01:03:48 +01:00
Eugen Rochko
61ed133fea
Account archive download (#6460)
* Fix #201: Account archive download

* Export actor and private key in the archive

* Optimize BackupService

- Add conversation to cached associations of status, because
  somehow it was forgotten and is source of N+1 queries
- Explicitly call GC between batches of records being fetched
  (Model class allocations are the worst offender)
- Stream media files into the tar in 1MB chunks
  (Do not allocate media file (up to 8MB) as string into memory)
- Use #bytesize instead of #size to calculate file size for JSON
  (Fix FileOverflow error)
- Segment media into subfolders by status ID because apparently
  GIF-to-MP4 media are all named "media.mp4" for some reason

* Keep uniquely generated filename in Paperclip::GifTranscoder

* Ensure dumped files do not overwrite each other by maintaing directory partitions

* Give tar archives a good name

* Add scheduler to remove week-old backups

* Fix code style issue
2018-02-21 23:21:32 +01:00
Renato "Lond" Cerqueira
4e4f1b0dcb Add option to show only local toots in timeline preview (#6292)
* Add option to show only local toots in timeline preview
Right know, toots from all the known fediverse are shown in the main
page of an instance. That however doesn't reflect the instance itself.
With this option the admin may choose to display only local toots so
that users checking the instance get a better idea of internal
conversations.

* Fix issues pointed by codeclimate and eslint

* Add default message for community timeline

* Update pl.yml
2018-02-04 06:00:10 +01:00
Eugen Rochko
26f21fd5a0
CAS + SAML authentication feature (#6425)
* Cas authentication feature

* Config

* Remove class_eval + Omniauth initializer

* Codeclimate review

* Codeclimate review 2

* Codeclimate review 3

* Remove uid/email reconciliation

* SAML authentication

* Clean up code

* Improve login form

* Fix code style issues

* Add locales
2018-02-04 05:42:13 +01:00
Eugen Rochko
d799921c75
Replace tutorial modal with welcome e-mail (#6273)
* Remove onboarding modal

* Welcome e-mail

* Send welcome e-mail after confirmation

* Remove obsolete translations
2018-01-18 19:17:25 +01:00
mayaeh
eed7484cd6 Change mailer image url (#6279)
* Change image URL in mailer to full path

* Add application_mailer.view_profile localization.
2018-01-17 12:41:24 +01:00
Eugen Rochko
02194838dd
HTML e-mails for NotificationMailer (#6263)
* HTML e-mails for NotificationMailer (except digest)

* Add HTML template for digest

* Fix build
2018-01-16 20:20:15 +01:00
Eugen Rochko
5276c0a090
HTML e-mails for UserMailer (#6256)
- premailer gem to turn CSS into inline styles automatically
- rework UserMailer templates
- reword UserMailer templates
2018-01-16 03:29:11 +01:00
Jeong Arm
dcc614f869 Add some browsers (#6246)
Related: #6165
2018-01-15 06:50:29 +01:00
Eugen Rochko
38fc1b498d
Add more instance stats APIs (#6125)
* Add GET /api/v1/instance/peers API to reveal known domains

* Add GET /api/v1/instance/activity API

* Make new APIs disableable, exclude private statuses from activity stats

* Fix code style issue

* Fix week timestamps
2017-12-29 19:52:04 +01:00
Eugen Rochko
ad75ec8b5b
Add filters to admin UI for custom emojis (#6003) 2017-12-13 13:28:31 +01:00
Eugen Rochko
20a6584d2d
Clean up admin UI for accounts (#6004)
* Add staff filter to admin UI for accounts, remove obsolete columns

* Only display OStatus section in admin UI for accounts when OStatus data
2017-12-13 12:15:10 +01:00
Eugen Rochko
81923f88ba Shorten English title for 2FA to avoid line-break (#6001) 2017-12-13 15:42:22 +09:00
Eugen Rochko
30d2ea03b0
Improve public status page title (#5985) 2017-12-12 03:56:30 +01:00
Sylvhem
84d5bfb35e Change the disclaimer under the sign up form (#5817)
* Change the disclaimer below the sign up form

Change the disclaimer below the sign up form on the home page. The current text is linking to the /about/more page under "our terms of service" and to the /terms page under "privacy policy". This change intend to make the message more coherent.

Change l’avertissement en-dessous du formulaire d’inscription sur la page d’accueil. Le texte actuel redirige vers /about/more sous un lien intitulé "nos conditions d’utilisation" et vers /terms via "notre politique de confidentialité". Ce changement vise à rendre le message plus cohérent.

* Second take on the disclaimer

A new version of the disclaimer, based on feedback.

Une nouvelle version de l’avertissement, basé sur les premiers retours.
2017-12-11 02:30:43 +01:00
Eugen Rochko
2f4c5f504f
Limit users to 50 lists, remove pagination from lists API (#5933) 2017-12-09 01:32:29 +01:00
Yamagishi Kazutoshi
74320971e2 Add invite filter (#5862) 2017-12-01 16:40:02 +01:00
Yamagishi Kazutoshi
15fab79cfa Show "expired" in invite index (#5838)
* Show "expired" in invite index

* "Force expire" -> "Deactivate"
2017-11-28 15:41:02 +01:00
nullkal
1b57d4dd3a Fix account migration feature (#5837)
* Make removable account migration

* Fix error during update of account migration setting

* Add notice when update account migration setting
2017-11-28 14:31:23 +01:00
Eugen Rochko
706e534455
Add UI for setting up account migration (#5832) 2017-11-27 22:47:06 +01:00
Eugen Rochko
740f8a95a9
Add consumable invites (#5814)
* Add consumable invites

* Add UI for generating invite codes

* Add tests

* Display max uses and expiration in invites table, delete invite

* Remove unused column and redundant validator

- Default follows not used, probably bad idea
- InviteCodeValidator is redundant because RegistrationsController
  checks invite code validity

* Add admin setting to disable invites

* Add admin UI for invites, configurable role for invite creation

- Admin UI that lists everyone's invites, always available
- Admin setting min_invite_role to control who can invite people
- Non-admin invite UI only visible if users are allowed to

* Do not remove invites from database, expire them instantly
2017-11-27 16:07:59 +01:00
Eugen Rochko
e84fecb7e9
Add logging of admin actions (#5757)
* Add logging of admin actions

* Update brakeman whitelist

* Log creates, updates and destroys with history of changes

* i18n: Update Polish translation (#5782)

Signed-off-by: Marcin Mikołajczak <me@m4sk.in>

* Split admin navigation into moderation and administration

* Redesign audit log page

* 🇵🇱 (#5795)

* Add color coding to audit log

* Change dismiss->resolve, log all outcomes of report as resolve

* Update terminology (e-mail blacklist) (#5796)

* Update terminology (e-mail blacklist)

imho looks better

* Update en.yml

* Fix code style issues

* i18n-tasks normalize
2017-11-24 02:05:53 +01:00
Yamagishi Kazutoshi
bfdcf76a64 Add “staff” badge to admin user pages (#5735)
* Allow staff badge to change from setting to hidden

* i18n: Update Polish translation
2017-11-19 04:13:57 +01:00
Eugen Rochko
58cede4808
Profile redirect notes (#5746)
* Serialize moved accounts into REST and ActivityPub APIs

* Parse federated moved accounts from ActivityPub

* Add note about moved accounts to public profiles

* Add moved account message to web UI

* Fix code style issues
2017-11-18 19:39:02 +01:00
Eugen Rochko
2151fd3150
Display moderator badge (green), admin badge changed to red (#5728) 2017-11-17 01:22:38 +01:00
Eugen Rochko
7bb8b0b2fc
Add moderator role and add pundit policies for admin actions (#5635)
* Add moderator role and add pundit policies for admin actions

* Add rake task for turning user into mod and revoking it again

* Fix handling of unauthorized exception

* Deliver new report e-mails to staff, not just admins

* Add promote/demote to admin UI, hide some actions conditionally

* Fix unused i18n
2017-11-11 20:23:33 +01:00
Matt
e5aa4128f6 Update en.yml (#5648)
Changed "Toots with replies" to read "Toots and replies"
2017-11-10 02:58:33 +01:00
Eugen Rochko
1032f3994f
Add ability to disable login and mark accounts as memorial (#5615)
Fix #5597
2017-11-07 19:06:44 +01:00
nullkal
b6e2e999bd Show the local couterpart of emoji when it exists in /admin/custom_emojis (#5467)
* Show the local couterpart of emoji when it exists in admin/custom_emojis

* Fix indentation

* Fix error

* Add class table-action-link to Overwrite link

* Make it enable to overwrite emojis

* Make Code Climate happy
2017-11-07 14:49:32 +01:00
MitarashiDango
38d072446b add account search condition (instance domain) (#5577) 2017-11-01 14:46:05 +01:00
nullkal
781105293c Feature: Unlisted custom emojis (#5485) 2017-10-27 16:11:30 +02:00