Commit graph

357 commits

Author SHA1 Message Date
Claire
c546757cd1 Merge commit '66430cb25c824cfad0394216d8e7a523533bcf4b' into glitch-soc/merge-upstream 2024-07-16 17:54:36 +02:00
Emelia Smith
aa88aca0ad
Add optional OAuth application to reports (#30539) 2024-07-16 13:23:08 +00:00
Claire
64b2c712d4 Merge commit '9d0bce40724eb77b7cc3917091b62e4ab159e29e' into glitch-soc/merge-upstream
Conflicts:
- `app/helpers/theme_helper.rb`:
  Conflict because upstream refactored theme-related code, and glitch-soc has
  a different theming system.
2024-07-15 18:51:38 +02:00
Claire
1dd8262071
Add optional filtered attribute to notification entities in REST API (#31011) 2024-07-15 09:29:57 +00:00
Claire
edec2e9fdf Merge commit '00cb4a0313190bfa118966692a649db9c8328094' into glitch-soc/merge-upstream 2024-07-14 18:43:35 +02:00
David Roetzel
35a437a03f
Destroy NotificationRequests that are dismissed (#31008) 2024-07-12 12:09:52 +00:00
Claire
55cf5e0188 Merge commit 'c929b4cace3f95fe54fdafe449ea7e972c8d61e8' into glitch-soc/merge-upstream 2024-07-12 13:41:54 +02:00
Matt Jankowski
43e24dbb13
Use include_pagination_headers in more places (#30999) 2024-07-12 08:30:52 +00:00
Claire
388672ff0d Merge commit '967505ee9bcacf0e5189aa06c654ff586c198a46' into glitch-soc/merge-upstream 2024-07-09 20:39:09 +02:00
Daniel M Brasil
3875bd138d
Fix HTTP 500 in /api/v1/polls/:id/votes (#25598) 2024-07-09 12:41:49 +00:00
Claire
6a55232988 Merge commit 'fa8e972722fb8fc056aa348dddaee4005b4a8ac4' into glitch-soc/merge-upstream 2024-07-08 19:41:14 +02:00
Matt Jankowski
f1300ad284
Rename jobs/attachments rspec tag names (#29762) 2024-07-08 16:01:08 +00:00
Claire
e61a7794f8 Merge commit 'df9e26158d9787859b24bdc276af478abf05e1af' into glitch-soc/merge-upstream
Conflicts:
- `lib/sanitize_ext/sanitize_config.rb`:
  Conflict because glitch-soc has a different list of allowed tags.
  Added upstream's new allowed tags while keeping ours.
- `spec/requests/api/v1/timelines/public_spec.rb`:
  Conflict because of glitch-soc's default settings.
  Updated accordingly.
2024-07-04 17:12:14 +02:00
Claire
502cf75b16
Merge pull request from GHSA-58x8-3qxw-6hm7
* Fix insufficient permission checking for public timeline endpoints

Note that this changes unauthenticated access failure code from 401 to 422

* Add more tests for public timelines

* Require user token in `/api/v1/statuses/:id/translate` and `/api/v1/scheduled_statuses`
2024-07-04 16:26:49 +02:00
Claire
d2aea85e6c Merge commit '5d4dbbcc67c98007d417cbe67b5a2261889304dc' into glitch-soc/merge-upstream 2024-06-30 11:25:40 +02:00
Claire
7a84b76bb1
Drop favicon.ico generation (#30375) 2024-06-26 13:44:08 +00:00
Claire
b0c979af49 Merge commit '58ace2e45e16a69977267d03874568c11043f04c' into glitch-soc/merge-upstream 2024-06-18 18:20:36 +02:00
Claire
58ace2e45e
Fix SQL error in admin measures API (#30753) 2024-06-18 16:04:58 +00:00
Claire
677f73f793 Merge commit '3a191b3797dde1daf79cd748a14b87240532d543' into glitch-soc/merge-upstream 2024-06-17 13:41:58 +02:00
Claire
45abddb302
Fix pagination attributes not being returned in ungroupable-only pages (#30688) 2024-06-13 14:10:34 +00:00
Claire
4daed855e5 Merge commit 'd818ddd6870094e89e58ef61f37da4cb73935856' into glitch-soc/merge-upstream 2024-06-11 19:46:11 +02:00
Matt Jankowski
b2496177e0
Use correct params in v1/admin/domain_allows spec (#30378) 2024-06-11 07:35:30 +00:00
Claire
be68f8f4af Merge commit '9cc4040308a758d4b77961f4da79cf63a044fffe' into glitch-soc/merge-upstream 2024-06-10 18:20:08 +02:00
Daniel M Brasil
77c2216e47
fix: Return HTTP 422 when scheduled status time is less than 5 minutes (#30584) 2024-06-10 13:33:48 +00:00
Claire
7277d2f130 Merge commit '496c10542bd39ca86a85d4de81778c134ea4383c' into glitch-soc/merge-upstream 2024-06-07 20:30:51 +02:00
Matt Jankowski
07cc94e05f
Use sidekiq_inline in requests/api/v1/admin/account_actions spec (#30563) 2024-06-06 14:19:22 +00:00
Matt Jankowski
9b9b0e25b6
Use sidekiq_inline in requests/api/v1/reports spec (#30564) 2024-06-06 14:14:33 +00:00
Claire
578b0eae7d Fix /api/v1/timelines/link specs for glitch-soc default settings 2024-06-06 12:52:15 +02:00
Claire
30b00ca2b5 Merge commit '5652ca613582df03e5b838626078981414f3b897' into glitch-soc/merge-upstream 2024-06-06 12:27:26 +02:00
Eugen Rochko
a2505e8611
Add timeline of public posts about a trending link to REST API (#30381) 2024-06-06 08:43:04 +00:00
Emelia Smith
e02d23b549
Change read:me scope to profile scope (#30357)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2024-06-06 07:30:10 +00:00
Emelia Smith
4655be0da6
Fix add validation to webpush subscription keys (#30542) 2024-06-05 19:16:47 +00:00
Emelia Smith
eef2cc054f
Add url validation to Web::PushSubscription endpoints (#30540) 2024-06-05 08:06:06 +00:00
Matt Jankowski
249cbc449c
Use existing config access to local_domain value (#30509) 2024-06-03 09:15:58 +00:00
Claire
974335e414
Add experimental server-side notification grouping (#29889) 2024-06-03 08:35:59 +00:00
Claire
c827a98f19 Merge commit 'd20a5c3ec9ed40a991245fe32d0acb6187dd48c4' into glitch-soc/merge-upstream
Conflicts:
- `yarn.lock`:
  Not a real conflict, just a line adjacent to a glitch-soc only dependency
  getting updated.
  Updated dependencies as upstream did.
2024-05-29 17:03:24 +02:00
Claire
36fe8f8566
Change ids param to id in /api/v1/statuses and /api/v1/accounts for consistency (#30465) 2024-05-29 09:19:17 +00:00
Matt Jankowski
c61e356475
Add Status::MEDIA_ATTACHMENTS_LIMIT configuration constant (#30433) 2024-05-27 09:49:44 +00:00
Claire
0e8633f6c7 Merge commit '3a862439dfc989c6c5741e007c2f4e0335fffe33' into glitch-soc/merge-upstream 2024-05-23 20:11:12 +02:00
Matt Jankowski
3a862439df
Remove unused account record in api/v2/admin/accounts spec (#30397) 2024-05-23 08:26:58 +00:00
Claire
e46321e63d Merge commit 'de4815afda0809bf999519aabda1cd14c67278da' into glitch-soc/merge-upstream 2024-05-20 12:17:36 +02:00
Claire
de4815afda
Add more tests for self-destruct mode (#30374) 2024-05-20 10:06:51 +00:00
Emelia Smith
2da2a1dae9
Support multiple redirect_uris when creating OAuth 2.0 Applications (#29192) 2024-05-17 13:46:12 +00:00
Claire
f35ba6963d Merge commit '1959365c2f410aa82874c5c05ab92c4eca4c4055' into glitch-soc/merge-upstream 2024-05-11 22:10:56 +02:00
Matt Jankowski
0d397db5dd
Consolidate system specs into single directory, use rspec tags for configuration (#30206) 2024-05-10 12:36:09 +00:00
Claire
016d194274 Merge commit '2fe1b8d1695d8faa452a69872fde94ccc4611576' into glitch-soc/merge-upstream
Conflicts:
- `app/helpers/application_helper.rb`:
  Not a real conflict, upstream added helpers right next to glitch-soc only
  helpers.
  Added upstream's helpers.
- `spec/models/status_spec.rb`:
  Not a real conflict, upstream added specs right next to glitch-soc only
  specs.
  Added upstream's tests.
2024-05-06 17:53:51 +02:00
Claire
2fe1b8d169
Add API to get multiple accounts and statuses (#27871)
Co-authored-by: noellabo <noel.yoshiba@gmail.com>
2024-05-06 15:19:15 +00:00
Emelia Smith
116f01ec7d
Implement RFC 8414 for OAuth 2.0 server metadata (#29191) 2024-05-06 13:17:56 +00:00
Claire
3789d9f825 Merge commit 'b7902225d698a107df2cf8b4ca221caad38fa464' into glitch-soc/merge-upstream
Conflicts:
- `spec/validators/status_length_validator_spec.rb`:
  Upstream refactored tests to stub `StatusLengthValidator::MAX_CHARS`
  while glitch-soc had custom code to read from `MAX_TOOT_CHARS`.
  Switched to using upstream's implementation of the tests.
2024-05-04 16:28:30 +02:00
Claire
f09f5b35f2 Merge commit 'd97d31cce664281d868e4c661451687a301c97c8' into glitch-soc/merge-upstream
Conflicts:
- `app/models/account.rb`:
  Upstream refactored this file a bit, moving validation limits to constants.
  We already had a similar change, although with different constant names.
  Updated to match upstream's code.

The following files were also modified accordingly:
- `app/views/settings/profiles/show.html.haml`
- `spec/requests/api/v1/accounts/credentials_spec.rb`
2024-05-04 16:12:51 +02:00
Claire
253ead3aa7
Fix not being able to block a subdomain of an already-blocked domain through the API (#30119) 2024-05-02 20:56:21 +00:00
Claire
b039e62194 Merge commit 'a2399046ca600d492b492b8dae88011de687bece' into glitch-soc/merge-upstream 2024-05-01 19:49:59 +02:00
Claire
6f342a6d4c Merge commit '34e826f373d20f6230d1ef0aa03ad41a3bdf5998' into glitch-soc/merge-upstream
Conflicts:
- `app/helpers/theme_helper.rb`:
  Conflict caused by our different theme systems.
  Ported upstream's changes.
- `app/models/account.rb`:
  Upstream basically made a change we already made.
  Moved constant declaration to match upstream.
2024-05-01 18:56:48 +02:00
Claire
0fb469e2f3 Merge commit '52ab8a59c6e77b6409a7d4d81b15751732b3af91' into glitch-soc/merge-upstream 2024-05-01 17:30:52 +02:00
Claire
15f6d2d038 Merge commit 'd27eb181f6ab419d1745a1fe9b94094be17a618f' into glitch-soc/merge-upstream
Conflicts:
- `spec/requests/api/v2/instance_spec.rb`:
  Conflict due to glitch-soc having a different default site name.
  Updated the tests as upstream did, keeping glitch-soc's default name.
2024-05-01 17:22:02 +02:00
Claire
2c386d4cfe Merge commit 'c70c39cad03824c64564fa7d241e6bf01acbab76' into glitch-soc/merge-upstream 2024-05-01 17:06:49 +02:00
Emelia Smith
049b159beb
Add read:me OAuth 2.0 scope, allowing more limited access to user data (#29087) 2024-04-23 11:47:00 +00:00
Matt Jankowski
449f99e168
Fix repeated concat output buffer duplicating layout markup (#29918) 2024-04-11 23:37:07 +00:00
Claire
1d1c3a808a Merge commit '6c381f20b1d52c96525cbd5c41b0c972c3394a48' into glitch-soc/merge-upstream
Conflicts:
- `app/models/user_settings.rb`:
  Upstream removed a setting textually adjacent to a glitch-soc-only setting.
  Removed the setting glitch-soc removed.
2024-04-06 21:01:40 +02:00
Claire
777984faeb Merge commit '119c7aa0df1e1d26bdee1701250d23a7af9e9136' into glitch-soc/merge-upstream 2024-04-06 20:34:07 +02:00
Claire
903dc53522 Merge commit '05eda8d19330a9c27c0cf07de19a87edff269057' into glitch-soc/merge-upstream 2024-04-06 20:01:25 +02:00
Claire
67842ffb22 Merge commit '01464074c91f9b7a720928fc4ee912be3d8002d2' into glitch-soc/merge-upstream 2024-04-06 19:54:11 +02:00
Claire
f2b23aa5f3 Merge commit '954b470fbce3fbe4b9b42992b03425fa24d6a2ad' into glitch-soc/merge-upstream
Conflicts:
- `config/navigation.rb`:
  Upstream added a navigation item while glitch-soc had an additional one.
  Ported upstream changes.
2024-04-06 19:35:21 +02:00
Matt Jankowski
191bf5876e
Add coverage for sanitize failure path in api/web/embeds spec (#29851) 2024-04-04 16:07:16 +00:00
Matt Jankowski
f87959ab50
Fix RSpec/LetSetup cop in api/v1/timelines/public spec (#28972) 2024-04-02 14:05:02 +00:00
Matt Jankowski
34489591ec
Add max_pinned_statuses to instances serializer and api response (#29441) 2024-04-02 13:54:11 +00:00
Renaud Chaput
b4d991adaa
Use integers and not numbers in notification policy API counters (#29810) 2024-04-02 10:06:26 +00:00
Claire
81a04ac25c
Improve specs for severed relationships (#29688) 2024-03-22 16:25:36 +00:00
Matt Jankowski
34f293475e
Fix results/query in api/v1/featured_tags/suggestions (#29597) 2024-03-22 15:08:27 +00:00
Claire
814a48517f
Add some more tests for notification policies (#29698) 2024-03-21 16:46:38 +00:00
Claire
7434c9c276
Fix the relationships controller spec, since it requires an extra model now (#29671) 2024-03-21 08:28:37 +00:00
Claire
44bf7b8128
Add notifications of severed relationships (#27511) 2024-03-20 15:37:21 +00:00
Claire
2e49bc97b0 Merge commit '7720c684c5bf54e73e8815defe15473777d1c201' into glitch-soc/merge-upstream 2024-03-15 12:20:32 +01:00
Matt Jankowski
2e91a9bd34
Add include_pagination_headers matcher to check Link header in api specs (#29596) 2024-03-15 10:17:45 +00:00
Claire
08b10cce52 Merge commit 'b43eaa4517107326c7e73b949cec759f841b4a30' into glitch-soc/merge-upstream
Conflicts:
- `spec/controllers/api/v1/accounts/credentials_controller_spec.rb`
  Conflict due to glitch-soc's different note length handling.
  Ported the changes in `spec/requests/api/v1/accounts/credentials_spec.rb` instead.
2024-03-13 20:12:58 +01:00
Claire
06881a8669 Merge commit '2c0441acd7f943a9873b650cf75d33c73d545acf' into glitch-soc/merge-upstream 2024-03-13 19:16:47 +01:00
Matt Jankowski
46e902f1f3
Merge api/v1/accounts/credentials controller spec into existing request spec (#29006) 2024-03-13 09:22:43 +00:00
Matt Jankowski
71eecbfa1f
Move api/v2/filters/* to request spec (#28956) 2024-03-13 08:47:09 +00:00
Matt Jankowski
3eaac3af73
Use before_all block to setup requests/cache_spec data (#29437) 2024-03-13 08:38:57 +00:00
Matt Jankowski
96013cd576
Reduce RSpec/ExampleLength in CSP request spec (#29104) 2024-03-13 08:22:32 +00:00
Claire
a5127d0ef8 Merge commit '24319836de6046fb2985ec1a24c30ad7d47584d7' into glitch-soc/merge-upstream
Conflicts:
- `config/routes/api.rb`:
  glitch-soc has an extra `:destroy` action on notifications for historical reasons.
  Kept it for now, while otherwise updating as upstream did.
2024-03-11 17:29:07 +01:00
Matt Jankowski
24319836de
Convert request-based setup into factory setup in push/subscriptions request spec (#29489) 2024-03-11 15:46:25 +00:00
Eugen Rochko
50b17f7e10
Add notification policies and notification requests (#29366) 2024-03-07 14:53:37 +00:00
Claire
159e500749 Merge commit '18945f62e07617ac44b7a25a61799b0959fe67f7' into glitch-soc/merge-upstream 2024-03-01 18:34:48 +01:00
Matt Jankowski
18945f62e0
Convert more API specs from controller->request style (#29004) 2024-03-01 16:24:45 +00:00
Claire
67ca8bb56a Merge commit '8156113d58db851d00f8052e66459e6dafb71e82' into glitch-soc/merge-upstream
Conflicts:
- `app/javascript/packs/admin.jsx`:
  Change applied to `app/javascript/core/admin.js` instead.
2024-02-26 17:43:16 +01:00
Matt Jankowski
8156113d58
Use response_vary_headers method in requests/cache_spec (#29411) 2024-02-26 16:27:07 +00:00
Claire
d2cfc6e5e2 Merge commit '08342ad40c1b92caf873282190efe8533a7d6e2e' into glitch-soc/merge-upstream 2024-02-24 15:02:28 +01:00
Claire
ab2f0daa10 Merge commit 'aaa58d4807377e04649499ebee91757b16b9a007' into glitch-soc/merge-upstream
Conflicts:
- `.github/workflows/build-security.yml`:
  Changes were already cherry-picked and adapted in glitch-soc.
  Kept glitch-soc's version.
- `Gemfile.lock`:
  Changes were already cherry-picked and updated further in glitch-soc.
  Kept glitch-soc's version.
- `lib/mastodon/version.rb`:
  Changes were already cherry-picked and updated further in glitch-soc.
  Kept glitch-soc's version.
2024-02-24 14:27:43 +01:00
Claire
dfd74f0dae Merge commit '1467f1e1e1c18dc4b310862ff1f719165a24cfb6' into glitch-soc/merge-upstream 2024-02-24 14:15:49 +01:00
Claire
73de36318e Move api/v1/timelines/direct to request spec 2024-02-24 14:10:05 +01:00
Claire
9903e6beab Merge commit '0b0ca6f3b85c9d08e4642e49d743f8d060632293' into glitch-soc/merge-upstream
Conflicts:
- `spec/controllers/api/v1/timelines/direct_controller_spec.rb`:
  `spec/controllers/api/v1/timelines` has been renamed, but we had an extra
  spec here for a glitch-soc-only endpoint.
  Kept glitch-soc's file unchanged (will port to a request spec later).
2024-02-24 14:05:26 +01:00
Claire
c297d999ba Merge commit '87ad398ddc78f2da5746774960690661e8e57335' into glitch-soc/merge-upstream 2024-02-24 14:02:01 +01:00
Matt Jankowski
64f9939e39
Use capture_emails helper to improve email assertions in specs (#29245) 2024-02-19 15:57:47 +00:00
Wolfgang Fournès
86627ea2e4
Add a missing thread example to the statuses spec (#29278) 2024-02-19 13:35:58 +00:00
Claire
e7ca82762d Fix user creation failure handling in OAuth paths (#29207) 2024-02-14 23:12:59 +01:00
Claire
d4d0565b0f
Fix user creation failure handling in OAuth paths (#29207) 2024-02-14 21:49:45 +00:00
Claire
486e4bc7d3 Fix OmniAuth tests (#29201) 2024-02-14 16:07:28 +01:00
Claire
bbbbf00084
Fix OmniAuth tests (#29201) 2024-02-14 14:57:49 +00:00
Claire
53b73ed6a2 Merge pull request from GHSA-vm39-j3vx-pch3
* Prevent different identities from a same SSO provider from accessing a same account

* Lock auth provider changes behind `ALLOW_UNSAFE_AUTH_PROVIDER_REATTACH=true`

* Rename methods to avoid confusion between OAuth and OmniAuth
2024-02-14 15:25:15 +01:00