Commit graph

1947 commits

Author SHA1 Message Date
Kaspar V
47f0d7021e
refactor(vacuum statuses): reduce amount of db queries and load for each query - improve performance (#21487)
* refactor(statuses_vacuum): remove dead code - unused

Method is not called inside class and private.
Clean up dead code.

* refactor(statuses_vacuum): make retention_period present test explicit

This private method only hides functionality.
It is best practice to be as explicit as possible.

* refactor(statuses_vacuum): improve query performance

- fix statuses_scope having sub-select for Account.remote scope by
  `joins(:account).merge(Account.remote)`
- fix statuses_scope unnecessary use of `Status.arel_table[:id].lt`
  because it is inexplicit, bad practice and even slower than normal
  `.where('statuses.id < ?'`
- fix statuses_scope remove select(:id, :visibility) for having reusable
  active record query batches (no re queries)
- fix vacuum_statuses! to use in_batches instead of find_in_batches,
  because in_batches delivers a full blown active record query result,
  in stead of an array - no requeries necessary
- send(:unlink_from_conversations) not to perform another db query, but
  reuse the in_batches result instead.
- remove now obsolete remove_from_account_conversations method
- remove_from_search_index uses array of ids, instead of mapping
  the ids from an array - this should be more efficient
- use the in_batches scope to call delete_all, instead of running
  another db query for this - because it is again more efficient
- add TODO comment for calling models private method with send

* refactor(status): simplify unlink_from_conversations

- add `has_many through:` relation mentioned_accounts
- use model scope local instead of method call `Status#local?`
- more readable add account to inbox_owners when account.local?

* refactor(status): searchable_by way less sub selects

These queries all included a sub-select. Doing the same with a joins
should be more efficient.
Since this method does 5 such queries, this should be significant,
since it technically halves the query count.

This is how it was:

```ruby
[3] pry(main)> Status.first.mentions.where(account: Account.local, silent: false).explain
  Status Load (1.6ms)  SELECT "statuses".* FROM "statuses" WHERE "statuses"."deleted_at" IS NULL ORDER BY "statuses"."id" DESC LIMIT $1  [["LIMIT", 1]]
  Mention Load (1.5ms)  SELECT "mentions".* FROM "mentions" WHERE "mentions"."status_id" = $1 AND "mentions"."account_id" IN (SELECT "accounts"."id" FROM "accounts" WHERE "accounts"."domain" IS NULL) AND "mentions"."silent" = $2  [["status_id", 109382923142288414], ["silent", false]]
=> EXPLAIN for: SELECT "mentions".* FROM "mentions" WHERE "mentions"."status_id" = $1 AND "mentions"."account_id" IN (SELECT "accounts"."id" FROM "accounts" WHERE "accounts"."domain" IS NULL) AND "mentions"."silent" = $2 [["status_id", 109382923142288414], ["silent", false]]
                                                    QUERY PLAN
------------------------------------------------------------------------------------------------------------------
 Nested Loop  (cost=0.15..23.08 rows=1 width=41)
   ->  Seq Scan on accounts  (cost=0.00..10.90 rows=1 width=8)
         Filter: (domain IS NULL)
   ->  Index Scan using index_mentions_on_account_id_and_status_id on mentions  (cost=0.15..8.17 rows=1 width=41)
         Index Cond: ((account_id = accounts.id) AND (status_id = '109382923142288414'::bigint))
         Filter: (NOT silent)
(6 rows)
```

This is how it is with this change:

```ruby
[4] pry(main)> Status.first.mentions.joins(:account).merge(Account.local).active.explain
  Status Load (1.7ms)  SELECT "statuses".* FROM "statuses" WHERE "statuses"."deleted_at" IS NULL ORDER BY "statuses"."id" DESC LIMIT $1  [["LIMIT", 1]]
  Mention Load (0.7ms)  SELECT "mentions".* FROM "mentions" INNER JOIN "accounts" ON "accounts"."id" = "mentions"."account_id" WHERE "mentions"."status_id" = $1 AND "accounts"."domain" IS NULL AND "mentions"."silent" = $2  [["status_id", 109382923142288414], ["silent", false]]
=> EXPLAIN for: SELECT "mentions".* FROM "mentions" INNER JOIN "accounts" ON "accounts"."id" = "mentions"."account_id" WHERE "mentions"."status_id" = $1 AND "accounts"."domain" IS NULL AND "mentions"."silent" = $2 [["status_id", 109382923142288414], ["silent", false]]
                                                    QUERY PLAN
------------------------------------------------------------------------------------------------------------------
 Nested Loop  (cost=0.15..23.08 rows=1 width=41)
   ->  Seq Scan on accounts  (cost=0.00..10.90 rows=1 width=8)
         Filter: (domain IS NULL)
   ->  Index Scan using index_mentions_on_account_id_and_status_id on mentions  (cost=0.15..8.17 rows=1 width=41)
         Index Cond: ((account_id = accounts.id) AND (status_id = '109382923142288414'::bigint))
         Filter: (NOT silent)
(6 rows)
```
2022-11-27 20:41:18 +01:00
afontenot
f17fc5742e
Clear voter count when poll is reset (#21700)
When a poll is edited, we reset the poll and remove all previous
votes. However, prior to this commit, the voter count on the poll
was not reset. This leads to incorrect percentages being shown in
poll results.

Fixes #21696
2022-11-26 23:08:25 +01:00
Skyler Hawthorne
5b2ff8d32d
fix media uploads with ffmpeg 5 (#21191) 2022-11-25 16:20:47 +01:00
Claire
ff42233aae Merge branch 'main' into glitch-soc/merge-upstream 2022-11-22 10:28:43 +01:00
David Leadbeater
69378eac99
Don't allow URLs that contain non-normalized paths to be verified (#20999)
* Don't allow URLs that contain non-normalized paths to be verified

This stops things like https://example.com/otheruser/../realuser where
"/otheruser" appears to be the verified URL, but the actual URL being
verified is "/realuser" due to the "/../".

Also fix a test to use 'https', so it is testing the right thing, now
that since #20304 https is required.

* missing do
2022-11-20 19:28:13 +01:00
Claire
aec61a703f Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `.github/workflows/build-image.yml`:
  Upstream changed how docker images were built, including how
  they were cached.
  I don't know much about it, so applied upstream's changes.
- `app/controllers/admin/domain_blocks_controller.rb`:
  The feature, that was in glitch-soc, got backported upstream.
  It also had a few fixes upstream, so those have been ported!
- `app/javascript/packs/admin.js`:
  Glitch-soc changes have been backported upstream. As a result,
  some code from `app/javascript/core/admin.js` got added upstream.
  Kept our version since our shared Javascript already has that feature.
- `app/models/user.rb`:
  Upstream added something to distinguish unusable and unusable-because-moved
  accounts, while glitch-soc considers moved accounts usable.
  Took upstream's code for `functional_or_moved?` and made `functional?`
  call it.
- `app/views/statuses/_simple_status.html.haml`:
  Upstream cleaned up code style a bit, on a line that we had custom changes
  for.
  Applied upstream's change while keeping our change.
- `config/initializers/content_security_policy.rb`:
  Upstream adopted one CSP directive we already had.
  The conflict is because of our files being structurally different, but the
  change itself was already part of glitch-soc.
  Kept our version.
2022-11-17 12:01:37 +01:00
Claire
ab7d99e035
Fix various issues with domain block import (#1944)
- stop using Paperclip for processing domain allow/block imports
- stop leaving temporary files
- better error handling
- assume CSV files are UTF-8-encoded
2022-11-17 11:42:20 +01:00
lenore gilbert
c373148b3d
Support for import/export of instance-level domain blocks/allows for 4.x w/ additional fixes (#20597)
* Allow import/export of instance-level domain blocks/allows (#1754)

* Allow import/export of instance-level domain blocks/allows.
Fixes #15095

* Pacify circleci

* Address simple code review feedback

* Add headers to exported CSV

* Extract common import/export functionality to
AdminExportControllerConcern

* Add additional fields to instance-blocked domain export

* Address review feedback

* Split instance domain block/allow import/export into separate pages/controllers

* Address code review feedback

* Pacify DeepSource

* Work around Paperclip::HasAttachmentFile for Rails 6

* Fix deprecated API warning in export tests

* Remove after_commit workaround

(cherry picked from commit 94e98864e3)

* Add confirmation page when importing blocked domains (#1773)

* Move glitch-soc-specific strings to glitch-soc-specific locale files

* Add confirmation page when importing blocked domains

(cherry picked from commit b91196f4b7)

* Fix authorization check in domain blocks controller

(cherry picked from commit 7527937758)

* Fix error strings for domain blocks and email-domain blocks

Corrected issue with non-error message used for Mastodon:NotPermittedError in Domain Blocks
Corrected issue Domain Blocks using the Email Domain Blocks message on ActionContoller::ParameterMissing
Corrected issue with Email Domain Blocks using the not_permitted string from "custom emojii's"

* Ran i18n-tasks normalize to address test failure

* Removed unused admin.export_domain_blocks.not_permitted string

Removing unused string as indicated by Check i18n

* Fix tests

(cherry picked from commit 9094c2f52c)

* Fix domain block export not exporting blocks with only media rejection

(cherry picked from commit 26ff48ee48)

* Fix various issues with domain block import

- stop using Paperclip for processing domain allow/block imports
- stop leaving temporary files
- better error handling
- assume CSV files are UTF-8-encoded

(cherry picked from commit cad824d8f501b95377e4f0a957e5a00d517a1902)

Co-authored-by: Levi Bard <taktaktaktaktaktaktaktaktaktak@gmail.com>
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2022-11-17 11:05:09 +01:00
Claire
00b2720ef0
Change automatic post deletion configuration to be accessible to redirected users (#20774)
Fixes #20550
2022-11-17 10:55:23 +01:00
Claire
0cc77263fc
Change batch account suspension to create a strike (#20897) 2022-11-17 10:52:51 +01:00
Claire
32c70d2f09 Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `app/views/admin/announcements/edit.html.haml`:
  Upstream change too close to theming-related glitch-soc change.
  Ported upstream changes.
- `app/views/admin/announcements/new.html.haml`
  Upstream change too close to theming-related glitch-soc change.
  Ported upstream changes.
2022-11-14 08:35:55 +01:00
Eugen Rochko
552d69ad96
Fix error when invalid domain name is submitted (#19474)
Fix #19175
2022-11-14 08:07:14 +01:00
Eugen Rochko
b31afc6294
Fix error when passing unknown filter param in REST API (#20626)
Fix #19156
2022-11-14 08:06:06 +01:00
Eugen Rochko
5c826c408d
Fix image type not being set after conversion for convertible image types (#20624) 2022-11-14 07:13:14 +01:00
Eugen Rochko
2e2ba39abf
Fix rules with same priority being sorted non-deterministically (#20623) 2022-11-14 06:28:19 +01:00
Claire
93912f0498 Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `app/models/account.rb`:
  Conflict because we (glitch-soc) have disabled trending of posts without
  review.
  Discarded that upstream change.
- `app/views/admin/settings/discovery/show.html.haml`:
  Just an extra setting in glitch-soc.
  Kept that extra setting.
2022-11-12 13:28:03 +01:00
Jeong Arm
c4c1bee880
Fix trendable status without review (#20214) 2022-11-11 21:24:10 +01:00
Emily Strickland
96f51e593f
Guard against error extracting body from URL (#20428)
If `Nokogiri::HTML(value).at_xpath('//body')` fails to find the `body` element, it will return `nil`. We can guard against that with an early return. Avoids calling `children` on `Nilclass` in those cases.
2022-11-11 21:22:28 +01:00
Eugen Rochko
9bc0a6c861
Fix metadata scrubbing removing color profile from images (#20389) 2022-11-11 09:20:10 +01:00
Claire
86f6631d28
Remove dead code and refactor status threading code (#20357)
* Remove dead code

* Remove unneeded/broken parameters and refactor descendant computation
2022-11-10 22:30:00 +01:00
Eugen Rochko
c6c7c6223d
Change verification to only work for https links (#20304)
Fix #20242
2022-11-10 21:09:03 +01:00
Claire
c118918520 Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `app/models/custom_emoji.rb`:
  Not a real conflict, just upstream changing a line too close to
  a glitch-soc-specific validation.
  Applied upstream changes.
- `app/models/public_feed.rb`:
  Not a real conflict, just upstream changing a line too close to
  a glitch-soc-specific parameter documentation.
  Applied upstream changes.
2022-11-10 09:36:47 +01:00
Eugen Rochko
9965a23b04
Change link verification to ignore IDN domains (#20295)
Fix #3833
2022-11-10 06:27:45 +01:00
James Tucker
78a6b871fe
Improve performance by avoiding regex construction (#20215)
```ruby
10.times { p /#{FOO}/.object_id }
10.times { p FOO_RE.object_id }
```
2022-11-10 05:49:30 +01:00
Eugen Rochko
0cd0786aef
Revert filtering public timelines by locale by default (#20294) 2022-11-10 05:34:42 +01:00
Eugen Rochko
e98833748e
Fix being able to spoof link verification (#20217)
- Change verification to happen in `default` queue
- Change verification worker to only be queued if there's something to do
- Add `link` tags from metadata fields to page header of profiles
2022-11-09 08:24:21 +01:00
Claire
a8c854b3ea Merge branch 'main' into glitch-soc/merge-upstream 2022-11-08 15:44:57 +01:00
Postmodern
ca80beb653
Micro-optimization: use if/else instead of Array#compact and Array#min (#19906)
* Technically `if`/`else` is faster than using `[value1, value2].compact.min` to find the lesser of two values, one of which may be `nil`.
2022-11-08 03:50:47 +01:00
Claire
bbf74498f5
Fix validation error in SynchronizeFeaturedTagsCollectionWorker (#20018)
* Fix followers count not being updated when migrating follows

Fixes #19900

* Fix validation error in SynchronizeFeaturedTagsCollectionWorker

Also saves remote user's chosen case for hashtags

* Limit remote featured tags before validation
2022-11-07 22:35:53 +01:00
Claire
be7032b9cf Merge branch 'main' into glitch-soc/merge-upstream 2022-11-07 19:53:30 +01:00
Postmodern
106648b456
Micro-optimization: only split acct into two Strings (#19901)
* Since `acct` is split by `@` and assigned to `username` and `domain`, we only need to split `acct` into two Strings.
2022-11-07 16:17:55 +01:00
Claire
6c0a6097ff Merge branch 'main' into glitch-soc/merge-upstream 2022-11-07 07:50:47 +01:00
nightpool
54f0f1b9ef
Skip Webfinger cache during migrations as well (#19883) 2022-11-07 03:31:38 +01:00
Claire
0ad919b192 Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `app/javascript/mastodon/features/compose/components/poll_form.js`:
  glitch-soc change because of having changed the default number of
  available poll options.
  Applied upstream's changes while keeping glitch-soc's default number of
  poll options.
- `public/oops.png`:
  We had a minor graphics change, probably not worth diverging from upstream.
  Took upstream version.
2022-11-06 09:50:41 +01:00
Eugen Rochko
3151b260e2
Fix not using GIN index for account search queries (#19830) 2022-11-06 06:16:34 +01:00
Claire
c2170991c7
Fix reblogs being discarded after the reblogged status (#19731) 2022-11-04 16:31:44 +01:00
Eugen Rochko
b1a219552e
Fix featured tags not saving preferred casing (#19732) 2022-11-04 16:08:29 +01:00
Claire
125322718b
Fix inaccurate admin log entry for re-sending confirmation e-mails (#19674)
Fixes #19593
2022-11-02 18:50:21 +01:00
txt-file
0f5e6dd02b
Add support for AVIF uploads (#19647) 2022-11-01 22:08:41 +01:00
Eugen Rochko
ae07cfb868
Add support for HEIC uploads (#19618) 2022-11-01 16:26:25 +01:00
Eugen Rochko
15bae3e0e4
Change post-processing to be deferred only for large media types (#19617) 2022-11-01 15:27:58 +01:00
Eugen Rochko
d0ba77047e
Change max. thumbnail dimensions to 640x360px (360p) (#19619) 2022-11-01 13:01:39 +01:00
Claire
1fe4e5e38c Merge branch 'main' into glitch-soc/merge-upstream 2022-10-31 08:37:32 +01:00
Eugen Rochko
26478f461c
Remove language filtering from hashtag timelines (#19563) 2022-10-30 21:29:23 +01:00
Claire
eee36267d6 Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `app/javascript/mastodon/locales/ja.json`:
  Upstream change too close to a glitch-soc-specific string.
  The glitch-soc-specific string should not have been in this file, so it
  has been moved to `app/javascript/flavours/glitch/locales/ja.js`.
- `app/javascript/packs/public.js`:
  Upstream refactored a part, that as usual is split and duplicated in various
  pack files. Updated those pack files accordingly.
- `app/views/layouts/application.html.haml`:
  Upstream fixed custom.css path in a different way than we did, went with
  upstream's change.
2022-10-30 18:15:28 +01:00
Eugen Rochko
ac9fb0d654
Add reputation and followers score boost to SQL-only account search (#19251) 2022-10-30 13:23:05 +01:00
Eugen Rochko
40c7f3e830
Fix account action type validation (#19476)
* Fix account action type validation

Fix #19143

* Fix #19145

* Fix code style issues
2022-10-30 02:44:32 +02:00
Eugen Rochko
3b024c563c
Fix not being able to input featured tag with # (#19535) 2022-10-30 02:43:20 +02:00
Eugen Rochko
dc5c86add7
Fix account migration form ever using outdated account data (#18429) 2022-10-29 01:31:45 +02:00
Claire
26ff48ee48 Fix domain block export not exporting blocks with only media rejection 2022-10-28 20:14:25 +02:00
Claire
b514998dc1 Merge branch 'main' into glitch-soc/merge-upstream 2022-10-28 19:49:42 +02:00
Claire
cb19be67d1 Merge branch 'main' into glitch-soc/merge-upstream 2022-10-28 19:23:58 +02:00
Claire
d9d722d74b
Change admin announcement edition interface to use datetime-local (#18321)
* Change admin announcement edition interface to use datetime-local

* Dynamically set announcement stop date as required if start date is set, set minimum date for stop date

* Change `all_day` to not be bound to presence of time-range

* Add pattern and placeholder as minimal fallback for browsers not supporting datetime-local

* Display datetime-local inputs as local time

Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
2022-10-28 12:56:32 +02:00
Eugen Rochko
07cc201acc
Fix using wrong policy on status-related actions in admin UI (#19490) 2022-10-28 00:48:30 +02:00
Eugen Rochko
5f733ad83a
Remove unused method searchable? on accounts (#19489)
It called the wrong methods, but nothing uses it
2022-10-27 19:30:08 +02:00
Eugen Rochko
d2eb726962
Fix notifications about deleted reports not being also deleted (#19475)
* Fix notifications about deleted reports not being also deleted

* Fix notification with empty report crashing web UI

Fix #18909
2022-10-27 02:10:54 +02:00
zunda
52ebfb7792
Store integer settings as integer (#19478) 2022-10-26 22:14:07 +02:00
Eugen Rochko
f8ca3bb2a1
Add ability to view previous edits of a status in admin UI (#19462)
* Add ability to view previous edits of a status in admin UI

* Change moderator access to posts to be controlled by a separate policy
2022-10-26 13:42:29 +02:00
Eugen Rochko
487d81fb92
Fix IP blocks not having a unique index (#19456) 2022-10-25 21:43:44 +02:00
Takeshi Umeda
74ead7d106
Change featured tag updates to add/remove activity (#19409)
* Change featured tag updates to add/remove activity

* Fix to check for the existence of feature tag

* Rename service and worker

* Merge AddHashtagSerializer with AddSerializer

* Undo removal of sidekiq_options
2022-10-22 18:30:55 +02:00
Takeshi Umeda
53e86747e4
Fix duplicate featured tags (#19403)
* Fix duplicate featured tags

* Add unique tag name validator

* Fix error message
2022-10-22 14:30:59 +02:00
Takeshi Umeda
1d34eff63f
Add featured tag add/remove activity handler (#19408) 2022-10-22 11:49:41 +02:00
Eugen Rochko
7c152acb2c
Change settings area to be separated into categories in admin UI (#19407)
And update all descriptions
2022-10-22 11:44:41 +02:00
Eugen Rochko
839f893168
Change public accounts pages to mount the web UI (#19319)
* Change public accounts pages to mount the web UI

* Fix handling of remote usernames in routes

- When logged in, serve web app
- When logged out, redirect to permalink
- Fix `app-body` class not being set sometimes due to name conflict

* Fix missing `multiColumn` prop

* Fix failing test

* Use `discoverable` attribute to control indexing directives

* Fix `<ColumnLoading />` not using `multiColumn`

* Add `noindex` to accounts in REST API

* Change noindex directive to not be rendered by default before a route is mounted

* Add loading indicator for detailed status in web UI

* Fix missing indicator appearing while account is loading in web UI
2022-10-20 14:35:29 +02:00
Takeshi Umeda
b0e3f0312c
Add synchronization of remote featured tags (#19380)
* Add LIMIT of featured tag to instance API response

* Add featured_tags_collection_url to Account

* Add synchronization of remote featured tags

* Deliver update activity when updating featured tag

* Remove featured_tags_collection_url

* Revert "Add featured_tags_collection_url to Account"

This reverts commit cff349fc27b104ded2df6bb5665132dc24dab09c.

* Add hashtag sync from featured collections

* Fix tag name normalize

* Add target option to fetch featured collection

* Refactor fetch_featured_tags_collection_service

* Add LIMIT of featured tag to v1/instance API response
2022-10-20 09:15:52 +02:00
Eugen Rochko
f01310dadb
Fix trending statuses returning more than one post by the same author (#19349) 2022-10-14 01:44:23 +02:00
Eugen Rochko
1bd00036c2
Change about page to be mounted in the web UI (#19345) 2022-10-13 14:42:37 +02:00
Eugen Rochko
b04633a961
Add image processing and generate blurhash for server thumbnail (#19348)
Remove separate server hero setting
2022-10-13 11:29:19 +02:00
Yamagishi Kazutoshi
05148e2c77
Fix missing skip_review? (#19335) 2022-10-10 08:03:19 +02:00
Eugen Rochko
45ebdb72ca
Add support for language preferences for trending statuses and links (#18288) 2022-10-08 16:45:40 +02:00
Eugen Rochko
678fc4d292
Fix privacy policy being empty if custom setting exists but is empty (#19318) 2022-10-08 08:34:00 +02:00
Eugen Rochko
a2ba011326
Change privacy policy to be rendered in web UI, add REST API (#19310)
Source string no longer localized, Markdown instead of raw HTML
2022-10-08 06:01:11 +02:00
Eugen Rochko
93f340a4bf
Remove setting that disables account deletes (#17683) 2022-10-06 10:16:47 +02:00
Eugen Rochko
9f65909f42
Change public timelines to be filtered by current locale by default (#19291)
In the absence of an opt-in to multiple specific languages in the
preferences, it makes more sense to filter by the user's presumed
language only (interface language or `lang` override)
2022-10-05 03:48:06 +02:00
Eugen Rochko
02ba9cfa35
Remove code for rendering public and hashtag timelines outside the web UI (#19257) 2022-10-04 20:13:46 +02:00
Claire
bfc539cfb4 Revert "Change "Allow trends without prior review" setting to include statuses (#17977)"
This reverts commit 546672e292.
2022-10-02 18:46:28 +02:00
Claire
221580a3af Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `app/controllers/home_controller.rb`:
  Upstream made it so `/web` is available to non-logged-in users
  and `/` redirects to `/web` instead of `/about`.
  Kept our version since glitch-soc's WebUI doesn't have what's
  needed yet and I think /about is still a much better landing
  page anyway.
- `app/models/form/admin_settings.rb`:
  Upstream added new settings, and glitch-soc had an extra setting.
  Not really a conflict.
  Added upstream's new settings.
- `app/serializers/initial_state_serializer.rb`:
  Upstream added a new `server` initial state object.
  Not really a conflict.
  Merged upstream's changes.
- `app/views/admin/settings/edit.html.haml`:
  Upstream added new settings.
  Not really a conflict.
  Merged upstream's changes.
- `app/workers/scheduler/feed_cleanup_scheduler.rb`:
  Upstream refactored that part and removed the file.
  Ported our relevant changes into `app/lib/vacuum/feeds_vacuum.rb`
- `config/settings.yml`:
  Upstream added new settings.
  Not a real conflict.
  Added upstream's new settings.
2022-10-02 18:46:22 +02:00
Eugen Rochko
1a5150e9c3
Fix content retention policy settings not accepting a blank value (#19248) 2022-09-29 01:15:09 +02:00
Eugen Rochko
0d0f3c15d3
Fix language dropdown sometimes not appearing in web UI (#19246)
When user has no locale preference saved (such as never changing it
from the default), the preferred posting language is nil, and
the dropdown is not visible
2022-09-28 01:02:15 +02:00
Eugen Rochko
5c9abdeff1
Add retention policy for cached content and media (#19232) 2022-09-27 03:08:19 +02:00
Eugen Rochko
50948b46aa
Add ability to filter followed accounts' posts by language (#19095) 2022-09-20 23:51:21 +02:00
Claire
077183a121 Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `app/controllers/settings/preferences_controller.rb`:
  Upstream dropping `digest` from notifications emails while we have more
  notification emails settings.
  Removed `digest` from our list while keeping our extra settings.
- `app/javascript/packs/admin.js`:
  Conflicts caused by glitch-soc's theming system.
  Applied the changes to `app/javascript/core/admin.js`.
- `app/views/settings/preferences/other/show.html.haml`:
  Upstream removed a setting close to a glitch-soc-only setting.
  Applied upstream's change.
2022-08-28 11:31:00 +02:00
Eugen Rochko
546672e292
Change "Allow trends without prior review" setting to include statuses (#17977)
* Change "Allow trends without prior review" setting to include posts

* Fix i18n-tasks
2022-08-28 04:00:39 +02:00
Eugen Rochko
2a7766dcc9
Add admin API for managing e-mail domain blocks (#19066) 2022-08-28 03:37:55 +02:00
Eugen Rochko
c556c3a0d1
Add admin API for managing canonical e-mail blocks (#19067) 2022-08-28 03:31:54 +02:00
Eugen Rochko
b399d79545
Add admin API for managing IP blocks (#19065) 2022-08-27 20:56:47 +02:00
Eugen Rochko
0b3e4fd5de
Remove digest e-mails (#17985)
* Remove digest e-mails

* Remove digest-related code
2022-08-25 23:38:22 +02:00
Eugen Rochko
5b0e8cc92b
Add ability to select all accounts matching search for batch actions (#19053) 2022-08-25 23:33:34 +02:00
Eugen Rochko
0396acf39e
Add audit log entries for user roles (#19040)
* Refactor audit log schema

* Add audit log entries for user roles
2022-08-25 20:39:40 +02:00
Claire
2d1d4210f9 Merge branch 'main' into glitch-soc/merge-upstream 2022-08-25 05:07:39 +02:00
Claire
03241d884e
Add option for EMAIL_DOMAIN_DENYLIST/EMAIL_DOMAIN_ALLOWLIST to apply after confirmation (#18642)
Fixes #18620
2022-08-25 04:31:10 +02:00
Claire
50487db122
Add ability to filter individual posts (#18945)
* Add database table for status-specific filters

* Add REST endpoints, entities and attributes

* Show status filters in /filters interface

* Perform server-side filtering for individual posts filters

* Fix filtering on context mismatch

* Refactor `toServerSideType` by moving it to its own module

* Move loupe and delete icons to their own module

* Add ability to filter individual posts from WebUI

* Replace keyword list by warnings (expired, context mismatch)

* Refactor server-side filtering code

* Add tests
2022-08-25 04:27:47 +02:00
Eugen Rochko
0412a4d03e
Change e-mail domain blocks to match subdomains of blocked domains (#18979) 2022-08-24 19:00:55 +02:00
Eugen Rochko
d83faa1a89
Add ability to block sign-ups from IP (#19037) 2022-08-24 19:00:37 +02:00
Claire
d799fe2082 Merge branch 'main' into glitch-soc/merge-upstream 2022-07-22 09:58:35 +02:00
Eugen Rochko
76ff452306
Fix unicode regression in #18809 (#18863) 2022-07-22 03:17:56 +02:00
Claire
cd87d7dcef Merge branch 'main' into glitch-soc/merge-upstream
- `.env.production.sample`:
  Our sample config file is very different from upstream since it is much more
  complete. Upstream added documentation for a few env variables.
  Copied the new variables/documentation from upstream.
- `app/lib/feed_manager.rb`:
  Upstream added a timeline type (hashtags), while glitch-soc already had an
  extra one (direct messages). Not really a conflict but textually close
  changes.
  Ported upstream's changes.
- `app/models/custom_emoji.rb`:
  Upstream upped the custom emoji size limit, while glitch-soc had configurable
  limits.
  Upped the default limits accordingly.
- `streaming/index.js`:
  Upstream reworked how hastags were normalized. Minor conflict due to
  glitch-soc's handling of instance-local posts.
  Ported upstream's changes.
2022-07-17 22:07:20 +02:00
Eugen Rochko
c3f0621a59
Add ability to follow hashtags (#18809) 2022-07-17 13:49:29 +02:00
Claire
ecb3bb3256
Add support for editing labelling of one's own role (#18812)
Still disallow edition of rank or permissions
2022-07-17 13:37:30 +02:00
Eugen Rochko
6ca0de9494
Fix nil error when rendering featured hashtags on profile (#18808)
Regression from #18795
2022-07-14 01:23:10 +02:00
Eugen Rochko
e7aa2be828
Change how hashtags are normalized (#18795)
* Change how hashtags are normalized

* Fix tests
2022-07-13 15:03:28 +02:00
Eugen Rochko
12ed2d793b
Change custom emoji file size limit from 50 KB to 256 KB (#18788) 2022-07-09 22:07:17 +02:00
Claire
92c06a1113 Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `app/controllers/admin/base_controller.rb`:
  Minor conflict caused by glitch-soc's theming system.
- `app/javascript/mastodon/initial_state.js`:
  Minor conflict caused by glitch-soc making use of max_toot_chars.
- `app/models/form/admin_settings.rb`:
  Minor conflict caused by glitch-soc's theming system.
- `app/models/trends.rb`:
  Minor conflict caused by glitch-soc having more granular
  notification settings for trends.
- `app/views/admin/accounts/index.html.haml`:
  Minor conflict caused by glitch-soc's theming system.
- `app/views/admin/instances/show.html.haml`:
  Minor conflict caused by glitch-soc's theming system.
- `app/views/layouts/application.html.haml`:
  Minor conflict caused by glitch-soc's theming system.
- `app/views/settings/preferences/notifications/show.html.haml`:
  Minor conflict caused by glitch-soc having more granular
  notification settings for trends.
- `config/navigation.rb`:
  Minor conflict caused by glitch-soc having additional
  navigation items for the theming system while upstream
  slightly changed every line.
2022-07-05 09:33:44 +02:00
Eugen Rochko
44b2ee3485
Add customizable user roles (#18641)
* Add customizable user roles

* Various fixes and improvements

* Add migration for old settings and fix tootctl role management
2022-07-05 02:41:40 +02:00
Claire
1418574447 Merge branch 'main' into glitch-soc/merge-upstream 2022-07-03 21:36:15 +02:00
Jeong Arm
df27953f96
Support audio/vnd.wave (#18737)
See: https://datatracker.ietf.org/doc/html/rfc2361
And Misskey uses this mime type for wav file.
2022-06-28 19:49:35 +02:00
Claire
fe5f6bc7ed Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `.github/workflows/build-image.yml`:
  Fix erroneous deletion in a previous merge.
- `Gemfile`:
  Conflict caused by glitch-soc-only hCaptcha dependency
- `app/controllers/auth/sessions_controller.rb`:
  Minor conflict due to glitch-soc's theming system.
- `app/controllers/filters_controller.rb`:
  Minor conflict due to glitch-soc's theming system.
- `app/serializers/rest/status_serializer.rb`:
  Minor conflict due to glitch-soc having an extra `local_only` property
2022-06-28 11:11:18 +02:00
Claire
02851848e9
Revamp post filtering system (#18058)
* Add model for custom filter keywords

* Use CustomFilterKeyword internally

Does not change the API

* Fix /filters/edit and /filters/new

* Add migration tests

* Remove whole_word column from custom_filters (covered by custom_filter_keywords)

* Redesign /filters

Instead of a list, present a card that displays more information and handles
multiple keywords per filter.

* Redesign /filters/new and /filters/edit to add and remove keywords

This adds a new gem dependency: cocoon, as well as a npm dependency:
cocoon-js-vanilla. Those are used to easily populate and remove form fields
from the user interface when manipulating multiple keyword filters at once.

* Add /api/v2/filters to edit filter with multiple keywords

Entities:
- `Filter`: `id`, `title`, `filter_action` (either `hide` or `warn`), `context`
  `keywords`
- `FilterKeyword`: `id`, `keyword`, `whole_word`

API endpoits:
- `GET /api/v2/filters` to list filters (including keywords)
- `POST /api/v2/filters` to create a new filter
  `keywords_attributes` can also be passed to create keywords in one request
- `GET /api/v2/filters/:id` to read a particular filter
- `PUT /api/v2/filters/:id` to update a new filter
  `keywords_attributes` can also be passed to edit, delete or add keywords in
   one request
- `DELETE /api/v2/filters/:id` to delete a particular filter
- `GET /api/v2/filters/:id/keywords` to list keywords for a filter
- `POST /api/v2/filters/:filter_id/keywords/:id` to add a new keyword to a
   filter
- `GET /api/v2/filter_keywords/:id` to read a particular keyword
- `PUT /api/v2/filter_keywords/:id` to edit a particular keyword
- `DELETE /api/v2/filter_keywords/:id` to delete a particular keyword

* Change from `irreversible` boolean to `action` enum

* Remove irrelevent `irreversible_must_be_within_context` check

* Fix /filters/new and /filters/edit with update for filter_action

* Fix Rubocop/Codeclimate complaining about task names

* Refactor FeedManager#phrase_filtered?

This moves regexp building and filter caching to the `CustomFilter` class.

This does not change the functional behavior yet, but this changes how the
cache is built, doing per-custom_filter regexps so that filters can be matched
independently, while still offering caching.

* Perform server-side filtering and output result in REST API

* Fix numerous filters_changed events being sent when editing multiple keywords at once

* Add some tests

* Use the new API in the WebUI

- use client-side logic for filters we have fetched rules for.
  This is so that filter changes can be retroactively applied without
  reloading the UI.
- use server-side logic for filters we haven't fetched rules for yet
  (e.g. network error, or initial timeline loading)

* Minor optimizations and refactoring

* Perform server-side filtering on the streaming server

* Change the wording of filter action labels

* Fix issues pointed out by linter

* Change design of “Show anyway” link in accordence to review comments

* Drop “irreversible” filtering behavior

* Move /api/v2/filter_keywords to /api/v1/filters/keywords

* Rename `filter_results` attribute to `filtered`

* Rename REST::LegacyFilterSerializer to REST::V1::FilterSerializer

* Fix systemChannelId value in streaming server

* Simplify code by removing client-side filtering code

The simplifcation comes at a cost though: filters aren't retroactively
applied anymore.
2022-06-28 09:42:13 +02:00
Eugen Rochko
2936f42a14
Add notifications for new reports (#18697) 2022-06-27 09:30:15 +02:00
Claire
35588d09e2
Add /api/v1/admin/domain_allows (#18668)
- `GET /api/v1/admin/domain_allows` lists allowed domains
- `GET /api/v1/admin/domain_allows/:id` shows one by ID
- `DELETE /api/v1/admin/domain_allows/:id` deletes a given domain from the list
  of allowed domains
- `POST /api/v1/admin/domain_allows` to allow a new domain:
  if that domain is already allowed, the existing DomainAllow will be returned
2022-06-23 23:12:01 +02:00
Claire
edaaf6a5e9 Merge branch 'main' into glitch-soc/merge-upstream 2022-06-10 11:51:43 +02:00
Eugen Rochko
a2871cd747
Add administrative webhooks (#18510)
* Add administrative webhooks

* Fix error when webhook is deleted before delivery worker runs
2022-06-09 21:57:36 +02:00
Claire
25a46d9e59 Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `app/javascript/styles/fonts/montserrat.scss`:
  Code style changes upstream, path changes in glitch-soc.
  Applied upstream's code style changes.
- `app/javascript/styles/fonts/roboto-mono.scss`:
  Code style changes upstream, path changes in glitch-soc.
  Applied upstream's code style changes.
- `app/javascript/styles/fonts/roboto.scss`:
  Code style changes upstream, path changes in glitch-soc.
  Applied upstream's code style changes.
- `app/models/account.rb`:
  Textual conflict only caused by glitch-soc using a different value
  for character limits in a nearby line.
  Applied upstream's changes.
- `app/views/statuses/_simple_status.html.haml`:
  Attribute added to a tag modified by glitch-soc.
  Added upstream's attributes.
- `yarn.lock`:
  Upstream added/updated dependencies close to glitch-soc-only ones.
  Updated/added upstream dependencies.
2022-06-02 09:49:38 +02:00
Claire
9d4861b498
Remove dependency on running Redis server for db:setup (#18560) 2022-06-01 19:23:31 +02:00
Claire
28329ba62f
Add /api/v1/admin/domain_blocks (#18247)
* Add /api/v1/admin/domain_blocks

Fixes #18140

- `GET /api/v1/admin/domain_blocks` lists domain blocks
- `GET /api/v1/admin/domain_blocks/:id` shows one by ID
- `DELETE /api/v1/admin/domain_blocks/:id` deletes a given domain block
- `POST /api/v1/admin/domain_blocks` to create a new domain block:
  if it conflicts with an existing one, returns an error with
  an attribute `existing_domain_block` with the rendered domain block

* Simplify conflict handling as suggested in review
2022-06-01 17:31:36 +02:00
Alexander Ivanov
379a7a7ca7
Add support for webp uploads (#18506) 2022-05-27 20:06:40 +02:00
Claire
e34dd3644c
Remove unused filtered_languages column (#18533)
* Remove unused `filtered_languages` column

Fixes #18522

* Fix tests
2022-05-27 20:05:22 +02:00
Claire
7c6fff34d0 Merge branch 'main' into glitch-soc/merge-upstream 2022-05-26 22:49:47 +02:00
Eugen Rochko
c4d2c39a75
Fix being able to report otherwise inaccessible statuses (#18528) 2022-05-26 22:08:02 +02:00
Eugen Rochko
3e0e7a1cfb
Fix follower and other counters being able to go negative (#18517) 2022-05-26 20:32:48 +02:00
Claire
f13d910f3e Merge branch 'main' into glitch-soc/merge-upstream 2022-05-26 18:34:27 +02:00
Eugen Rochko
088dc0ec5a
Fix regression in tootctl search deploy caused by unloaded attribute (#18514) 2022-05-26 18:05:47 +02:00
Claire
440eb71310
Change unapproved and unconfirmed account to not be accessible in the REST API (#17530)
* Change unapproved and unconfirmed account to not be accessible in the REST API

* Change Account#searchable? to reject unconfirmed and unapproved users

* Disable search for unapproved and unconfirmed users in Account.search_for

* Disable search for unapproved and unconfirmed users in Account.advanced_search_for

* Remove unconfirmed and unapproved accounts from Account.searchable scope

* Prevent mentions to unapproved/unconfirmed accounts

* Fix some old tests for Account.advanced_search_for

* Add some Account.advanced_search_for tests for existing behaviors

* Add some tests for Account.search_for

* Add Account.advanced_search_for tests unconfirmed and unapproved accounts

* Add Account.searchable tests

* Fix Account.without_unapproved scope potentially messing with previously-applied scopes

* Allow lookup of unconfirmed/unapproved accounts through /api/v1/accounts/lookup

This is so that the API can still be used to check whether an username is free
to use.
2022-05-26 15:50:33 +02:00
Claire
25dda3061e
Fix unnecessary query on status creation (#17901) 2022-05-26 00:20:30 +02:00
Claire
3fd2aadb23
Various code cleanup (#1782)
* Remove duplicate in_chosen_languages definition

* Use `DEFAULT_FIELDS_SIZE` instead of `MAX_FIELDS` to reduce code differences with upstream

* Remove duplicate annotation

* Fix incorrect cross-flavor imports

* Remove deprecated `hide_network` setting (replaced by account column)

* Remove unused KeywordMutesHelper

* Remove trailing spaces

* Remove commit_hash from InstancePresenter, as it has been unused since mid-2017
2022-05-25 12:27:11 +02:00
Claire
22111914bf Merge branch 'main' into glitch-soc/merge-upstream 2022-05-24 13:59:21 +02:00
Claire
e5997a1956
Fix warning an account outside of a report closing all reports for that account (#18387)
* Fix warning an account outside of a report closing all reports for that account

* Make it clear what actions solve other reports

* Revert "Make it clear what actions solve other reports"

This reverts commit ad006de821f72e75480701298d13f0945b509059.
2022-05-23 20:38:29 +02:00
Eugen Rochko
a9b64b24d6
Change algorithm of tootctl search deploy to improve performance (#18463) 2022-05-22 22:16:43 +02:00
Claire
4415005de7 Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `app/javascript/mastodon/features/compose/components/compose_form.js`:
  Conflict caused because of minor code style change upstream, while glitch-soc
  has different code for handling variable maximum chars.
  Ported the change.
- `app/serializers/initial_state_serializer.rb`:
  Conflict because glitch-soc had two extra attributes where upstream added
  one.
  Added upstream's attribute.
2022-05-16 22:29:05 +02:00
Eugen Rochko
6c699b1723
Fix preferred posting language returning unusable value in REST API (#18428) 2022-05-16 19:13:36 +02:00
Claire
b91196f4b7
Add confirmation page when importing blocked domains (#1773)
* Move glitch-soc-specific strings to glitch-soc-specific locale files

* Add confirmation page when importing blocked domains
2022-05-16 18:26:49 +02:00
Claire
040b7d37a4 Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `app/services/remove_status_service.rb`:
  Conflict due to glitch-soc having extra code for a proper direct visibility
  timeline, in a part of the code upstream refactored.
  Restored glitch-soc's extra code in the refactored bit.
2022-05-16 09:42:32 +02:00
Levi Bard
94e98864e3
Allow import/export of instance-level domain blocks/allows (#1754)
* Allow import/export of instance-level domain blocks/allows.
Fixes #15095

* Pacify circleci

* Address simple code review feedback

* Add headers to exported CSV

* Extract common import/export functionality to
AdminExportControllerConcern

* Add additional fields to instance-blocked domain export

* Address review feedback

* Split instance domain block/allow import/export into separate pages/controllers

* Address code review feedback

* Pacify DeepSource

* Work around Paperclip::HasAttachmentFile for Rails 6

* Fix deprecated API warning in export tests

* Remove after_commit workaround
2022-05-16 09:29:01 +02:00
Claire
aa08399e6f
Fix setting for trending tags and trending links notifications being swapped (#1771) 2022-05-13 22:57:47 +02:00
Eugen Rochko
6cf57c6765
Refactor how Redis locks are created (#18400)
* Refactor how Redis locks are created

* Fix autorelease duration on account deletion lock
2022-05-13 00:02:35 +02:00
Claire
22080786df Merge branch 'main' into glitch-soc/merge-upstream 2022-05-08 21:00:49 +02:00
Claire
a53003c6f1
Fix account warnings not being recorded in audit log (#18338)
* Fix account warnings not being recorded in audit log

Fixes #18334

* Only record warnings if they are not associated to another action
2022-05-06 21:40:20 +02:00
Claire
392ca0472a Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `app/javascript/packs/admin.js`:
  Conflicts due to glitch-soc's theming system.
  Upstream changes have been ported to `app/javascript/core/admin.js`
- `app/models/trends/statuses.rb`:
  Minor conflict due to glitch-soc's option to allow CWed toots in trends.
  Ported upstream changes.
2022-05-01 16:52:27 +02:00
Claire
6e4d932da5
Fix possible crash when a post references an invalid media attachment (#18211) 2022-05-01 00:55:26 +02:00
Eugen Rochko
f6d35ed57d
Remove IP matching from e-mail domain blocks (#18190)
Clear out e-mail domain blocks created from automatically resolved DNS records
2022-04-29 23:27:03 +02:00
Eugen Rochko
7b0fe4aef9
Fix opening and closing Redis connections instead of using a pool (#18171)
* Fix opening and closing Redis connections instead of using a pool

* Fix Redis connections not being returned to the pool in CLI commands
2022-04-29 22:43:07 +02:00
Eugen Rochko
6476f7e4da
Change trending statuses to only show one status from each account (#18181)
Calculate trends in temporary sets to avoid having to manage items
that go below the decay threshold while not having any moments
where a half-processed set is accessible to end-users
2022-04-29 22:42:42 +02:00
Eugen Rochko
6726d2933a
Change half-life of trending status scores from 6 hours to 2 hours (#18182) 2022-04-29 11:46:59 +02:00
Claire
f23f784f18 Merge branch 'main' into glitch-soc/merge-upstream 2022-04-28 18:16:42 +02:00
Eugen Rochko
3917353645
Fix single Redis connection being used across all threads (#18135)
* Fix single Redis connection being used across all Sidekiq threads

* Fix tests
2022-04-28 17:47:34 +02:00
Claire
fc1dd81ea5 Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `package.json`:
  Not a real conflict, upstream dependency updated textually too close to a
  glitch-soc-only dependency.
  Updated the upstream dependency.
2022-04-27 08:48:21 +02:00
Claire
33cd80d69c
Fix instance actor being incorrectly created when running migrations (#18109)
* Add migration test about instance actor key

* Fix old migration

* Work around incorrect database state
2022-04-26 21:22:09 +02:00
Claire
002d2729fb Merge branch 'main' into glitch-soc/merge-upstream 2022-04-25 17:09:32 +02:00
Jeong Arm
ea38327816
Let votes statuses are also searchable (#18070) 2022-04-23 21:47:27 +02:00
Claire
5c808ee0de Revert support from loading Home timeline from database
Unfortunately, the database query could turn out very inefficient and I did not
manage to find a way to improve that. Furthermore, there were still behavior
inconsistencies between fetching the timeline from Redis and fetching it from
Postgres.
2022-04-19 15:06:38 +02:00
Claire
ec4a8d81b1 Revert DM support in HomeFeed#from_database
Fixes #1746

Queries could get prohibitively expensive.
2022-04-16 21:28:46 +02:00
Claire
5db3a14388
Fix loading Home TL from database not respecting min_id and not including DMs (#1744)
* Rework tests

* Add tests

* Fix HomeFeed#get with min_id fetching from database

* Minor code cleanup and optimizations

* Add tests

* Take DMs into account when fetching home TL from database

* Fix not listing own DMs in Home timeline

* Add tests

* Please CodeClimate
2022-04-14 17:44:21 +02:00
Jeong Arm
d353bb5ee3
Implement infinity home timeline (#1610)
* Implement infinity home timeline

* Fix test for infinite home timeline

* Fix infinity home timeline with min_id

* Fix infinite home timeline duplicated statuses

* Codeclimate for infinite home timeline

* Refactor code as reviewed

* Fix redis sufficient check

* Fix typo on variable name
2022-04-12 17:52:14 +02:00
Claire
f9fbff8539 Merge branch 'main' into glitch-soc/merge-upstream 2022-04-11 16:16:33 +02:00
Claire
dc50347247
Fix crash in alias settings page (#18004) 2022-04-09 20:11:06 +02:00
Claire
ff73d43b35 Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `Gemfile.lock`:
  Not a real conflict, just an upstream dependency udpated
  textually too close to a glitch-soc-only dependency.
  Updated dependencies like upstream.
- `app/controllers/settings/preferences_controller.rb`:
  Upstream added settings where we had extra glitch-soc-specific settings.
  Added upstream's new settings.
- `app/models/user.rb`:
  Upstream added settings where we had extra glitch-soc-specific settings.
  Added upstream's new settings.
- `config/i18n-tasks.yml`:
  Not a real conflict, just a new upstream line too textually close to
  a glitch-soc-only line.
  Ported upstream's change.
2022-04-08 19:53:32 +02:00
Eugen Rochko
68273a7c6d
Fix dangling language-specific trends (#17997)
- Change score half-life for trending statuses from 2 to 6 hours
- Change score threshold for trimming old items from 1 to 0.3
2022-04-08 19:35:31 +02:00
Eugen Rochko
8e20e16cf0
Change e-mail notifications to only be sent when recipient is offline (#17984)
* Change e-mail notifications to only be sent when recipient is offline

Change the default for follow and mention notifications back on

* Add preference to always send e-mail notifications

* Change wording
2022-04-08 18:03:31 +02:00
Eugen Rochko
fd9a9b07c2
Fix trends returning less results per page when filtered in REST API (#17996)
- Change filtering and pagination to occur in SQL instead of Redis
- Change rank/score displayed on trends in admin UI to be locale-specific
2022-04-08 17:10:53 +02:00
Eugen Rochko
465ee7792f
Fix pagination header on empty trends responses in REST API (#17986) 2022-04-07 18:06:15 +02:00
Claire
b368c75029 Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `app/controllers/concerns/sign_in_token_authentication_concern.rb`:
  Upstream removed this file, while glitch-soc had changes to deal with
  its theming system.
  Removed the file like upstream did.
2022-04-06 21:10:23 +02:00
Eugen Rochko
6221b36b27
Remove sign-in token authentication, instead send e-mail about new sign-in (#17970) 2022-04-06 20:58:12 +02:00
Claire
6bdec0aec9 Merge branch 'main' into glitch-soc/merge-upstream 2022-03-31 10:36:23 +02:00
Claire
ef196c913c
Fix error MethodError in Chewy::Strategy::Sidekiq::Worker (#17912)
Also refactor a bit to reduce code duplication.
2022-03-31 00:49:24 +02:00
Claire
fc5dd0c538 Merge branch 'main' into glitch-soc/merge-upstream 2022-03-30 15:02:56 +02:00
Eugen Rochko
5554ff2a1d
Fix being able to bypass e-mail restrictions (#17909) 2022-03-30 14:45:52 +02:00
Claire
51a297e128 Merge branch 'main' into glitch-soc/merge-upstream 2022-03-30 13:40:10 +02:00
Claire
894956e20c
Fix /api/v1/admin/accounts (#17887)
* Fix /api/v1/admin/accounts

Compatibility was broken since #17009 which changed the underlying filter class
without changing the controller.

This commits restore support for the old parameters.

* Add /api/v2/admin/accounts with the new parameters

* Add tests

* Add missing filter for `silenced` status

Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>

Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
2022-03-28 23:57:38 +02:00
Claire
aaa9ec340b Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `app/lib/formatter.rb`:
  Upstream completely refactored the formatting code and removed that file,
  while glitch-soc had code for Markdown and HTML toots.
  Took upstream code, glitch-soc changes will be re-implemented on top of the
  refactored classes in a later commit.
- `app/models/status.rb`:
  Upstream refactored status edit handling and moved code to
  `app/models/concerns/status_snapshot_concern.rb`.
  Applied glitch-soc's changes to that file.
- `app/serializers/activitypub/note_serializer.rb`:
  Not really a conflict, just a line added too close to one modified by
  glitch-soc.
  Applied upstream changes while keeping the glitch-soc-modified one.
- `app/services/update_status_service.rb`:
  Not really a conflict, upstream modified a line adjacent to one added by
  glitch-soc.
  Applied upstream changes while keeping the glitch-soc line.
- `app/views/statuses/_simple_status.html.haml`:
  Upstream refactored formatting, glitch-soc changed the markup slightly.
  Applied upstream changes.
- `spec/lib/formatter_spec.rb`:
  Upstream completely refactored the formatting code and removed that file,
  while glitch-soc had code for Markdown and HTML toots.
  Took upstream code, glitch-soc changes will be re-implemented on top of the
  refactored classes in a later commit.
2022-03-26 19:18:55 +01:00
Eugen Rochko
2dd30804b6
Change how unconfirmed accounts are displayed in admin UI (#17874)
Fix #17815
2022-03-26 02:53:13 +01:00
Eugen Rochko
71f2b95106
Fix edits with no actual changes being allowed (#17843)
* Fix edits with no actual changes being allowed locally

* Fix edits with no actual changes being allowed through ActivityPub

* Fix false positive changes caused by description processing in model

* Fix not recording poll expiration update

* Fix test

* Revert changes to ProcessStatusUpdateService

* Various fixes and improvements

* Fix code style issues

* Various changes and improvements

* Add guard clause
2022-03-26 00:38:44 +01:00
Eugen Rochko
e3a2203061
Add offset pagination to trends in REST API (#17872) 2022-03-26 00:26:50 +01:00
Claire
c79a03b319 Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `README.md`:
  Upstream changed their README, we have a completely different one.
  Kept our README.
2022-03-15 20:45:27 +01:00
Eugen Rochko
a794117679
Fix individually approved/rejected statuses/links showing as pending review (#17787) 2022-03-15 07:51:55 +01:00
Eugen Rochko
e6ffbfb5e7
Add types param to GET /api/v1/notifications in REST API (#17767)
* Add `types` param to `GET /api/v1/notifications` in REST API

* Improve tests
2022-03-15 04:11:29 +01:00
Eugen Rochko
eebafe24a8
Fix statuses not being referenced in strike when category is spam (#17786) 2022-03-15 04:11:13 +01:00
Claire
a945182b56 Merge branch 'main' into glitch-soc/merge-upstream 2022-03-14 16:44:35 +01:00
Eugen Rochko
5db1f377ea
Fix nil error when viewing suspended domain in admin UI (#17765) 2022-03-14 05:27:37 +01:00
Claire
bb9a6fb5c2 Merge branch 'main' into glitch-soc/merge-upstream 2022-03-12 11:51:25 +01:00
Claire
642528f455
Update fix-duplicates maintenance task (#17731)
* Update fix-duplicates task to 2022_02_10_153119

Also add support for Appeal to AccountMerging#merge_with!

* Update fix-duplicates task to 2022_03_07_094650

* Update fix-duplicates task to 2022_03_09_213005

* Update fix-duplicates task to 2022_03_07_083603

* Update fix-duplicates task to 2022_03_10_060626

* Update fix-duplicates script to 2022_03_07_083603

* Update fix-duplicates task to 2022_03_10_060706

* Update fix-duplicates task to 2022_03_10_060959

* Silence CodeClimate
2022-03-12 08:33:11 +01:00
Eugen Rochko
ee8d4dd056
Fix moderator account leak in status edit history (#17746) 2022-03-12 08:23:03 +01:00
Jeong Arm
18e27e0488
Enable domain purge button on suspended domains too (#17741)
Related: #17209
2022-03-11 04:58:09 +01:00
Claire
24e83246f9 Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `app/models/status.rb`:
  Upstream updated media and edit-related code textually close to glitch-soc
  additions (local-only and content-type).
  Ported upstream changes.
- `app/models/status_edit.rb`:
  Upstream changes textually close to glitch-soc additions (content-type).
  Ported upstream changes.
- `app/serializers/activitypub/note_serializer.rb`:
  Upstream changed how media attachments are handled. Not really a conflict,
  but textually close to glitch-soc additions (directMessage attribute).
  Ported upstream changes.
- `app/services/remove_status_service.rb`:
  Upstream changed how media attachments are handled. Not really a conflict,
  but textually close to glitch-soc additions (DM timeline).
  Ported upstream changes.
- `app/services/update_status_service.rb`:
  Upstream fixed an issue with language selection. Not really a conflict,
  but textually close to glitch-soc additions (content-type).
  Ported upstream changes.
- `db/schema.rb`:
  Upstream added columns to the `status_edits` table, the conflict is because
  of an additional column (`content-type`) in glitch-soc.
  Ported upstream changes.
- `package.json`:
  Upstream dependency (express) textually adjacent to a glitch-soc-specific one
  (favico.js) got updated.
  Updated it as well.
2022-03-10 09:52:45 +01:00
Takeshi Umeda
d7fab238a8
Fix a type error in domain_block policies (#17735) 2022-03-10 04:10:20 +01:00
Eugen Rochko
9f2791eb64
Add polls and media attachments to edit comparison modal in web UI (#17727) 2022-03-09 21:15:24 +01:00
Claire
2a56a890da
Fix rare race condition when rebloged status is deleted (#17693)
* Fix rare race condition when rebloged status is deleted

* Use INSERT INTO … SELECT
2022-03-09 20:49:14 +01:00
Eugen Rochko
b2cd34474b
Add rate limit for editing (#17728) 2022-03-09 20:06:51 +01:00
chandrn7
a6ed6845c9
Allow login through OpenID Connect (#16221)
* added OpenID Connect as an SSO option

* minor fixes

* added comments, removed an option that shouldn't be set

* fixed Gemfile.lock

* added newline to end of Gemfile.lock

* removed tab from Gemfile.lock

* remove chomp

* codeclimate changes and small name change to make function's purpose clearer

* codeclimate fix

* added SSO buttons to /about page

* minor refactor

* minor style change

* removed spurious change

* removed unecessary conditional from ensure_valid_username and added support for auth.info.name in user_params_from_auth

* minor changes
2022-03-09 12:07:35 +01:00
Eugen Rochko
d17fb70131
Change how changes to media attachments are stored for edits (#17696)
* Change how changes to media attachments are stored for edits

Fix not being able to re-order media attachments

* Fix not broadcasting updates when polls/media is changed through ActivityPub

* Various fixes and improvements

* Update app/models/report.rb

Co-authored-by: Claire <claire.github-309c@sitedethib.com>

* Add tracking of media attachment description changes

* Change poll in status edit to have a structure closer to the real one

Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2022-03-09 09:06:17 +01:00
Eugen Rochko
bd53dd5210
Change design of federation pages in admin UI (#17704)
* Change design of federation pages in admin UI

* Fix query performance in instance media attachments measure

* Fix reblogs being included in instance languages dimension
2022-03-09 08:52:32 +01:00
Eugen Rochko
318d34d528
Fix data integrity of featured tags (#17712) 2022-03-09 08:51:12 +01:00
Claire
1fbd1fa5c4 Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `app/controllers/settings/preferences_controller.rb`:
  Conflicts due to us having more user settings and upstream dropping
  `hide_network` (to replace it with an account attribute, properly migrated).
  Dropped `hide_network` like upstream.
- `app/lib/user_settings_decorator.rb`:
  Conflicts due to us having more user settings and upstream dropping
  `hide_network` (to replace it with an account attribute, properly migrated).
  Dropped `hide_network` like upstream.
- `app/models/status.rb`:
  Conflict because of slight change in how glitch-soc handles the scope to
  filter out local-only posts for anonymous viewers.
  Took upstream's changes and re-applied glitch-soc's change.
- `app/models/user.rb`:
  Conflicts due to us having more user settings and upstream dropping
  `hide_network` (to replace it with an account attribute, properly migrated).
  Dropped `hide_network` like upstream.
- `app/views/directories/index.html.haml`:
  Conflict because upstream redesigned that page while glitch-soc had a minor
  change to support hiding the number of followers.
  Ported glitch-soc's change on top of upstream's redesign.

Additional changes:
- `app/models/account_statuses_filter.rb`:
  See change to `app/models/status.rb`.
2022-03-08 20:22:54 +01:00
Eugen Rochko
8f6c67bfde
Fix performance of account timelines (#17709)
* Fix performance of account timelines

* Various fixes and improvements

* Fix duplicate results being returned

Co-authored-by: Claire <claire.github-309c@sitedethib.com>

* Fix grouping for pinned statuses scope

Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2022-03-08 09:14:39 +01:00
Eugen Rochko
292c75aa31
Fix nil error when submitting report without rule_ids (#17713) 2022-03-07 11:21:27 +01:00
Eugen Rochko
edf09ec747
Add /api/v1/accounts/familiar_followers to REST API (#17700)
* Add `/api/v1/accounts/familiar_followers` to REST API

* Change hide network preference to be stored consistently for local and remote accounts

* Add dummy classes to migration

* Apply suggestions from code review

Co-authored-by: Claire <claire.github-309c@sitedethib.com>

Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2022-03-07 09:36:47 +01:00
Claire
d9c3109bb6 Merge branch 'main' into glitch-soc/merge-upstream 2022-03-04 01:07:49 +01:00
Claire
02dbc59c91
Add option to automatically delete toots after one week (#17691)
Fixes #17658
2022-03-03 16:18:58 +01:00
Claire
425a6c90c4 Merge branch 'main' into glitch-soc/merge-upstream 2022-03-02 18:02:48 +01:00
Eugen Rochko
25d3dc4373
Add ability to mark statuses as sensitive from reports in admin UI (#17668)
* Add ability to mark statuses as sensitive from reports in admin UI

* Allow mark as sensitive action on statuses with preview cards
2022-03-01 22:20:29 +01:00
Claire
14919fe11e
Change old moderation strikes to be displayed in a separate page (#17566)
* Change old moderation strikes to be displayed in a separate page

Fixes #17552

This changes the moderation strikes displayed on `/auth/edit` to be those from
the past 3 months, and make all moderation strikes targeting the current user
available in `/disputes`.

* Add short description of what the strikes page is for

* Move link to list of strikes to “Account status” instead of navigation item

* Normalize i18n file

* Fix layout and styling of strikes link

* Revert highlights_on regexp

* Reintroduce account status summary

- this way, “Account status” is never empty
- account status is not necessarily bound to strikes, or recent strikes
2022-03-01 19:37:47 +01:00
Claire
756f1b6615 Add option (on by default) to allow toots with content warnings to trend 2022-02-26 10:46:26 +01:00
Claire
c6df6686af Disable notifications for trending links and trending statuses by default 2022-02-26 10:46:26 +01:00
Claire
be493b6c0d Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `app/models/account.rb`:
  Not a real conflict, just upstream getting rid of unused constants too close
  to glitch-soc-specific contents.
  Removed unused constants like upstream did.
- `app/models/trends.rb`:
  Conflict because glitch-soc disabled email notifications for trending links.
  Upstream has refactored this quite a bit and added trending posts.
  Took upstream code, but disabling the extra trending stuff will come in
  another commit.
- `app/views/admin/trends/links/index.html.haml`:
  Conflict due to glitch-soc's theming system.
  Ported upstream changes accordingly.
2022-02-26 09:29:23 +01:00
Eugen Rochko
27965ce5ed
Add trending statuses (#17431)
* Add trending statuses

* Fix dangling items with stale scores in localized sets

* Various fixes and improvements

- Change approve_all/reject_all to approve_accounts/reject_accounts
- Change Trends::Query methods to not mutate the original query
- Change Trends::Query#skip to offset
- Change follow recommendations to be refreshed in a transaction

* Add tests for trending statuses filtering behaviour

* Fix not applying filtering scope in controller
2022-02-25 00:34:14 +01:00
Eugen Rochko
a29a982eaa
Change e-mail domain blocks to block IPs dynamically (#17635)
* Change e-mail domain blocks to block IPs dynamically

* Update app/workers/scheduler/email_domain_block_refresh_scheduler.rb

Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>

* Update app/workers/scheduler/email_domain_block_refresh_scheduler.rb

Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>

Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
2022-02-24 17:28:23 +01:00
Claire
3d25fe0426 Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `.github/workflows/build-image.yml`:
  Upstream changed the workflow a bit.
  Conflict comes from us pushing to ghcr while upstream pushes to dockerhub.
  Ported the upstream changes while still pushing to ghcr.
2022-02-23 18:13:12 +01:00
Eugen Rochko
7b816eb5ae
Add notifications for new sign-ups (#16953) 2022-02-23 16:45:22 +01:00
Claire
954e052b07 Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `app/models/media_attachment.rb`:
  Upstream moved hardcoded values around, while in glitch-soc they are
  configurable.
  Moved them like upstream, but keeping glitch-soc's ability to configure
  them through env vars.
2022-02-22 18:06:29 +01:00
Claire
166f6e4b50
Fix some media attachments being converted with too high framerates (#17619)
Video files with variable framerates are converted to constant framerate videos
and the output framerate picked by ffmpeg is based on the original file's
container framerate (which can be different from the average framerate).

This means that an input video with variable framerate with about 30 frames per
second on average, but a maximum of 120 fps will be converted to a constant 120
fps file, which won't be processed by other Mastodon servers.

This commit changes it so that input files with VFR and a maximum framerate
above the framerate threshold are converted to VFR files with the maximum frame
rate enforced.
2022-02-22 17:11:22 +01:00
Claire
f224237862 Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `db/schema.rb`:
  Conflict due to glitch-soc adding the `content_type` column on status edits
  and thus having a different schema version number.
  Solved by taking upstream's schema version number, as it is higher than
  glitch-soc's.
2022-02-17 10:58:44 +01:00
Claire
ac99f586bb
Fix issues when attempting to appeal an old strike (#17554)
* Display an error when an appeal could not be submitted

* Do not offer users to appeal old strikes

* Fix 500 error when trying to appeal a strike that is too old

* Avoid using an extra translatable string
2022-02-16 22:29:48 +01:00
Eugen Rochko
564efd0651
Add appeals (#17364)
* Add appeals

* Add ability to reject appeals and ability to browse pending appeals in admin UI

* Add strikes to account page in settings

* Various fixes and improvements

- Add separate notification setting for appeals, separate from reports
- Fix style of links in report/strike header
- Change approving an appeal to not restore statuses (due to federation complexities)
- Change style of successfully appealed strikes on account settings page
- Change account settings page to only show unappealed or recently appealed strikes

* Change appealed_at to overruled_at

* Fix missing method error
2022-02-14 21:27:53 +01:00
Jeong Arm
d39df35441
Fix admin statuses page order with media (#17538) 2022-02-14 16:07:04 +01:00
Eugen Rochko
6240466866
Fix duplicate accounts when searching by IP range in admin UI (#17524) 2022-02-13 01:58:26 +01:00
Claire
d9379f5331 Merge branch 'main' into glitch-soc/merge-upstream 2022-02-12 11:12:41 +01:00
Eugen Rochko
8f03b7a2fb
Add notifications when a reblogged status has been updated (#17404)
* Add notifications when a reblogged status has been updated

* Change wording to say "edit" instead of "update" and add missing controls

* Replace previous update notifications with the most up-to-date one
2022-02-11 22:20:19 +01:00
Claire
51cad4f7fb Merge branch 'main' into glitch-soc/merge-upstream 2022-02-11 21:53:20 +01:00
Eugen Rochko
d0fcf07436
Change actions in reports to require only one click (#17487) 2022-02-11 21:51:57 +01:00
Eugen Rochko
a27729ee48
Change reblogs to not count towards hashtag trends anymore (#17501) 2022-02-11 21:16:23 +01:00
Claire
abd113167b Add ability to change content-type when editing a toot
Content-type defaults to edited toot's content-type to avoid surprising
behaviors when using clients that do not support this feature.
2022-02-10 19:10:14 +01:00
Claire
f1a6f9062e Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `app/controllers/api/v1/statuses_controller.rb`:
  Upstream moved things around in a place where glitch-soc had support for
  an extra parameter (`content_type`).
  Follow upstream but reintroduce `content_type`.
2022-02-10 19:09:27 +01:00
Claire
63854bee6c
Fix poll votes not being properly reset on poll change (#17498)
* Fix poll votes not being properly reset on poll change

* Fix and add tests

* Fix poll update handling when the number of options changes
2022-02-10 14:26:54 +01:00
Eugen Rochko
63002cde03
Add editing for published statuses (#17320)
* Add editing for published statuses

* Fix change of multiple-choice boolean in poll not resetting votes

* Remove the ability to update existing media attachments for now
2022-02-10 00:15:30 +01:00
Eugen Rochko
2f8159baad
Add category and rule_ids params to POST /api/v1/reports (#17492) 2022-02-10 00:10:16 +01:00
Claire
d90da7d080 Add content_type to status_edits 2022-02-09 18:02:31 +01:00
Claire
322e907e04 Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `app/views/settings/preferences/appearance/show.html.haml`:
  Upstream renamed some helper functions that were used in a part of the
  settings page which glitch-soc slightly changed the layout of.
  Ported the change.
2022-02-09 17:28:33 +01:00
Eugen Rochko
fd3a45e348
Add edit history to web UI (#17390)
* Add edit history to web UI

* Change history reducer to store items per status

* Fix missing loading prop
2022-02-09 01:17:07 +01:00
Eugen Rochko
2adcad04ff
Fix error in suggestions API due to typo (#17486)
Regression from #17479
2022-02-08 22:23:04 +01:00
Claire
692963d43b Merge branch 'main' into glitch-soc/merge-upstream 2022-02-08 18:23:53 +01:00
Eugen Rochko
b6d7726ecb
Remove language detection through cld3 (#17478)
* Remove language detection through cld3

* Update app/helpers/languages_helper.rb

Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>

Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
2022-02-08 02:41:17 +01:00
Eugen Rochko
35850f8195
Fix localization of cold-start follow recommendations (#17479) 2022-02-08 01:53:49 +01:00
Claire
098f2bc1e1 Merge branch 'main' into glitch-soc/merge-upstream 2022-02-01 20:59:28 +01:00
Claire
987d88ea56
Fix requiring an extra restart after recent post-deployment migrations (#17422)
Follow-up to #16409
2022-02-01 20:57:39 +01:00
Claire
b2915613fb Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `Gemfile.lock`:
  Upstream-updated lib textually too close to glitch-soc-only dep.
  Updated like upstream.
2022-01-28 08:58:32 +01:00
Claire
03d59340da
Fix Sidekiq warnings about JSON serialization (#17381)
* Fix Sidekiq warnings about JSON serialization

This occurs on every symbol argument we pass, and every symbol key in hashes,
because Sidekiq expects strings instead.

See https://github.com/mperham/sidekiq/pull/5071

We do not need to change how workers parse their arguments because this has
not changed and we were already converting to symbols adequately or using
`with_indifferent_access`.

* Set Sidekiq to raise on unsafe arguments in test mode

In order to more easily catch issues that would produce warnings in production
code.
2022-01-28 00:43:56 +01:00
Claire
b7cf3941b3 Change CAPTCHA handling to be only on email verification
This simplifies the implementation considerably, and while not providing
ideal UX, it's the most flexible approach.
2022-01-25 23:56:57 +01:00
Claire
0fb907441c Add ability to set hCaptcha either on registration form or on e-mail validation
Upshot of CAPTCHA on e-mail validation is it does not need to break the in-band
registration API.
2022-01-25 23:09:48 +01:00
Claire
1b493c9fee Add optional hCaptcha support
Fixes #1649

This requires setting `HCAPTCHA_SECRET_KEY` and `HCAPTCHA_SITE_KEY`, then
enabling the admin setting at
`/admin/settings/edit#form_admin_settings_captcha_enabled`

Subsequently, a hCaptcha widget will be displayed on `/about` and
`/auth/sign_up` unless:
- the user is already signed-up already
- the user has used an invite link
- the user has already solved the captcha (and registration failed for another
  reason)

The Content-Security-Policy headers are altered automatically to allow the
third-party hCaptcha scripts on `/about` and `/auth/sign_up` following the same
rules as above.
2022-01-24 21:22:13 +01:00
Claire
61ef81c548 Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `spec/models/status_spec.rb`:
  Upstream added tests too close to glitch-soc-specific tests.
  Kept both tests.
2022-01-23 18:24:01 +01:00
Claire
0a120d86d2
Fix error-prone SQL queries (#15828)
* Fix error-prone SQL queries in Account search

While this code seems to not present an actual vulnerability, one could
easily be introduced by mistake due to how the query is built.

This PR parameterises the `to_tsquery` input to make the query more robust.

* Harden code for Status#tagged_with_all and Status#tagged_with_none

Those two scopes aren't used in a way that could be vulnerable to an SQL
injection, but keeping them unchanged might be a hazard.

* Remove unneeded spaces surrounding tsquery term

* Please CodeClimate

* Move advanced_search_for SQL template to its own function

This avoids one level of indentation while making clearer that the SQL template
isn't build from all the dynamic parameters of advanced_search_for.

* Add tests covering tagged_with, tagged_with_all and tagged_with_none

* Rewrite tagged_with_none to avoid multiple joins and make it more robust

* Remove obsolete brakeman warnings

* Revert "Remove unneeded spaces surrounding tsquery term"

The two queries are not strictly equivalent.

This reverts commit 86f16c537e06c6ba4a8b250f25dcce9f049023ff.
2022-01-23 18:10:10 +01:00
Claire
8a07ecd377
Remove leftover database columns from Devise::Models::Rememberable (#17191)
* Remove leftover database columns from Devise::Models::Rememberable

* Update fix-duplication maintenance script

* Improve errors/warnings in the fix-duplicates maintenance script
2022-01-23 15:46:30 +01:00
Claire
fe89554a54 Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `app/lib/activitypub/activity/create.rb`:
  Upstream refactored how `Create` activities are handled and how values are
  extracted from `Create`d objects. This conflicted with how glitch-soc
  supported the `directMessage` flag to explicitly distinguish between
  limited and direct messages.
  Ported glitch-soc's changes to latest upstream changes.
- `app/services/fan_out_on_write_service.rb`:
  Upstream largely refactored that file and changed some of the logic.
  This conflicted with glitch-soc's handling of the direct timeline and
  the options to allow replies and boosts in public feeds.
  Ported those glitch-soc changes on top of latest upstream changes.
- `app/services/process_mentions_service.rb`:
  Upstream refactored to move mention-related ActivityPub deliveries to
  `ActivityPub::DeliveryWorker`, while glitch-soc contained an extra check
  to not send local-only toots to remote mentioned users.
  Took upstream's version, as the check is not needed anymore, since it is
  performed at the `ActivityPub::DeliveryWorker` call site already.
- `app/workers/feed_insert_worker.rb`:
  Upstream added support for `update` toot events, while glitch-soc had
  support for an extra timeline support, `direct`.
  Ported upstream changes and extended them to the `direct` timeline.

Additional changes:
- `app/lib/activitypub/parser/status_parser.rb`:
  Added code to handle the `directMessage` flag and take it into account
  to compute visibility.
- `app/lib/feed_manager.rb`:
  Extended upstream's support of `update` toot events to glitch-soc's
  `direct` timeline.
2022-01-19 23:52:48 +01:00
Eugen Rochko
1060666c58
Add support for editing for published statuses (#16697)
* Add support for editing for published statuses

* Fix references to stripped-out code

* Various fixes and improvements

* Further fixes and improvements

* Fix updates being potentially sent to unauthorized recipients

* Various fixes and improvements

* Fix wrong words in test

* Fix notifying accounts that were tagged but were not in the audience

* Fix mistake
2022-01-19 22:37:27 +01:00
Claire
b3bf32a21e Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `app/views/admin/reports/show.html.haml`:
  Conflicts due to glitch-soc's theming system.
2022-01-17 10:45:25 +01:00
Eugen Rochko
14f436c457
Add notifications for statuses deleted by moderators (#17204) 2022-01-17 09:41:33 +01:00
Claire
b61c3ddff8 Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `README.md`:
  Upstream added some text, but our README is completely different.
  Kept our README unchanged.
2022-01-16 18:11:20 +01:00
Eugen Rochko
8e84ebf0cb
Remove IP tracking columns from users table (#16409) 2022-01-16 13:23:50 +01:00
Claire
09c61e1376 Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `README.md`:
  We have completely different contents. Kept our version.
- `package.json`:
  Not a real conflict, just an upstream dependency udpated
  textually too close to a glitch-soc-only dependency.
  Updated dependencies like upstream.
- `streaming/index.js`:
  Conflict due to code style changes on parts that were
  modified in glitch-soc to handle local-only toots.
  Changed style according to upstream.
2021-12-27 15:16:18 +01:00
Jeong Arm
720e8ab0f5
Fix duplicate record on admin/accounts when searching with IP (#17150) 2021-12-21 00:17:14 +01:00
Claire
d4f315f304 Merge branch 'main' into glitch-soc/merge-upstream 2021-12-18 11:44:54 +01:00