Claire
a745854557
Fix user creation failure handling in OmniAuth paths ( #29207 )
...
Co-authored-by: Matt Jankowski <matt@jankowski.online>
2024-02-14 23:21:52 +01:00
Claire
1f0e040cb8
Merge pull request from GHSA-vm39-j3vx-pch3
...
* Prevent different identities from a same SSO provider from accessing a same account
* Lock auth provider changes behind `ALLOW_UNSAFE_AUTH_PROVIDER_REATTACH=true`
* Rename methods to avoid confusion between OAuth and OmniAuth
2024-02-14 15:16:07 +01:00
Claire
befd534eb8
Merge pull request from GHSA-3fjr-858r-92rw
...
Build container release images / build-image (push) Failing after 4m15s
* Fix insufficient origin validation
* Bump version to v4.0.13
2024-02-01 15:56:46 +01:00
Daniel M Brasil
db8db60244
Fix /api/v1/timelines/tag/:hashtag
allowing for unauthenticated access when public preview is disabled ( #26237 )
2023-09-05 18:51:01 +02:00
Claire
d30fbc0900
Fix blocking subdomains of an already-blocked domain ( #26392 )
2023-09-05 18:51:01 +02:00
Claire
0bcb4f73f1
Change /api/v1/statuses/:id/history to always return at least one item ( #25510 )
2023-07-06 13:45:58 +02:00
Claire
04f76675d1
Add finer permission requirements for managing webhooks ( #25463 )
2023-07-06 13:45:58 +02:00
Claire
53acab6d2b
Fix wrong view being displayed when a webhook fails validation ( #25464 )
2023-07-06 13:45:58 +02:00
Daniel M Brasil
c285f9d1a1
Fix incorrect pagination headers in /api/v2/admin/accounts
( #25477 )
2023-07-06 13:45:58 +02:00
Claire
a3f58ceea4
Fix race condition when reblogging a status ( #25016 )
2023-07-06 13:45:58 +02:00
Claire
37972fe3c7
Fix “Authorized applications” inefficiently and incorrectly getting last use date ( #25060 )
2023-07-06 13:45:58 +02:00
Claire
64416e4000
Remove invalid X-Frame-Options: ALLOWALL ( #25070 )
2023-07-06 13:45:58 +02:00
Claire
2617c33fc3
Fix ArgumentError when loading newer Private Mentions ( #25399 )
2023-07-06 13:45:58 +02:00
Claire
d81b891fa8
Fix multiple N+1s in ConversationsController ( #25134 )
2023-07-06 13:45:58 +02:00
Claire
a705bb84e6
Fix user archive takeouts when using OpenStack Swift ( #24431 )
2023-07-06 13:45:58 +02:00
Claire
274bb193b2
Fix invalid/expired invites being processed on sign-up ( #24337 )
2023-04-04 12:39:56 +02:00
Claire
aa37eeadf3
Fix user archive takeout when using OpenStack Swift or S3 providers with no ACL support ( #24200 )
2023-04-04 12:39:56 +02:00
Eugen Rochko
a6217bd035
Change user backups to use expiring URLs for download when possible ( #24136 )
2023-03-16 22:49:35 +01:00
Claire
2c3cb903ad
Fix misleading error code when receiving invalid WebAuthn credentials ( #23568 )
2023-03-16 11:58:46 +01:00
Claire
c22c4247d9
Fix server error when failing to follow back followers from /relationships
( #23787 )
2023-03-14 09:58:26 +01:00
Claire
e2103c9175
Fix “Remove all followers from the selected domains” being more destructive than it claims ( #23805 )
2023-03-14 09:50:57 +01:00
trwnh
b59ce0a60f
Move V2 Filter methods under /api/v2 prefix ( #20622 )
...
* Move V2 Filter methods under /api/v2 prefix
* move over the tests too
2022-11-14 08:34:07 +01:00
Eugen Rochko
b31afc6294
Fix error when passing unknown filter param in REST API ( #20626 )
...
Fix #19156
2022-11-14 08:06:06 +01:00
Eugen Rochko
167d86d21d
Fix role_ids
not accepting arrays in admin API ( #20625 )
...
Fix #19157
2022-11-14 06:56:15 +01:00
Claire
86f6631d28
Remove dead code and refactor status threading code ( #20357 )
...
* Remove dead code
* Remove unneeded/broken parameters and refactor descendant computation
2022-11-10 22:30:00 +01:00
Claire
1615c3eb6e
Change logged out /api/v1/statuses/:id/context logged out limits ( #20355 )
2022-11-10 21:06:08 +01:00
James Tucker
78a6b871fe
Improve performance by avoiding regex construction ( #20215 )
...
```ruby
10.times { p /#{FOO}/.object_id }
10.times { p FOO_RE.object_id }
```
2022-11-10 05:49:30 +01:00
Eugen Rochko
0cd0786aef
Revert filtering public timelines by locale by default ( #20294 )
2022-11-10 05:34:42 +01:00
trwnh
89e1974f30
Make account endorsements idempotent ( fix #19045 ) ( #20118 )
...
* Make account endorsements idempotent (fix #19045 )
* Accept suggestion to use exists? instead of find_by + nil check
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
* fix logic (unless, not if)
* switch to using `find_or_create_by!`
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
2022-11-08 16:39:15 +01:00
trwnh
68d9dcd425
Fix uncaught 500 error on invalid replies_policy
( Fix #19097 ) ( #20126 )
2022-11-08 16:37:28 +01:00
Claire
1e1289b024
Fix crash when external auth provider has no display_name set ( #19962 )
...
Fixes #19913
2022-11-07 15:43:24 +01:00
Claire
4cb2323458
Fix crash in legacy filter creation controller ( #19878 )
2022-11-07 03:38:53 +01:00
Eugen Rochko
3a41fccc43
Change AUTHORIZED_FETCH
to not block unauthenticated REST API access ( #19803 )
...
New environment variable `DISALLOW_UNAUTHENTICATED_API_ACCESS`
2022-11-05 22:56:03 +01:00
Claire
c2170991c7
Fix reblogs being discarded after the reblogged status ( #19731 )
2022-11-04 16:31:44 +01:00
Claire
125322718b
Fix inaccurate admin log entry for re-sending confirmation e-mails ( #19674 )
...
Fixes #19593
2022-11-02 18:50:21 +01:00
Eugen Rochko
15bae3e0e4
Change post-processing to be deferred only for large media types ( #19617 )
2022-11-01 15:27:58 +01:00
Claire
bb1ef11c30
Change featured hashtag deletion to be done synchronously ( #19590 )
2022-10-31 16:31:44 +01:00
Eugen Rochko
26478f461c
Remove language filtering from hashtag timelines ( #19563 )
2022-10-30 21:29:23 +01:00
Claire
a529d6d93e
Fix invites ( #19560 )
...
Fixes #19507
Fix regression from #19296
2022-10-30 19:04:39 +01:00
Eugen Rochko
276b85bc91
Fix admin APIs returning deleted object instead of empty object upon delete ( #19479 )
...
Fix #19153
2022-10-30 02:43:57 +02:00
Eugen Rochko
5724da0780
Fix language not being saved when editing status ( #19543 )
...
Fix #19542
2022-10-30 02:43:27 +02:00
Eugen Rochko
3e18e05330
Fix uncaught error when invalid date is supplied to API ( #19480 )
...
Fix #19213
2022-10-27 14:30:52 +02:00
Eugen Rochko
f8ca3bb2a1
Add ability to view previous edits of a status in admin UI ( #19462 )
...
* Add ability to view previous edits of a status in admin UI
* Change moderator access to posts to be controlled by a separate policy
2022-10-26 13:42:29 +02:00
Eugen Rochko
1ae508bf2f
Change unauthenticated search to not support pagination in REST API ( #19326 )
...
- Only exact search matches for queries with < 5 characters
- Do not support queries with `offset` (pagination)
- Return HTTP 401 on truthy `resolve` instead of overriding to false
2022-10-26 12:10:02 +02:00
Eugen Rochko
487d81fb92
Fix IP blocks not having a unique index ( #19456 )
2022-10-25 21:43:44 +02:00
Yamagishi Kazutoshi
45d3b32488
Fix Settings::FeaturedTagsController
( #19418 )
...
Regression from #19409
2022-10-22 23:14:58 +02:00
Takeshi Umeda
74ead7d106
Change featured tag updates to add/remove activity ( #19409 )
...
* Change featured tag updates to add/remove activity
* Fix to check for the existence of feature tag
* Rename service and worker
* Merge AddHashtagSerializer with AddSerializer
* Undo removal of sidekiq_options
2022-10-22 18:30:55 +02:00
Eugen Rochko
7c152acb2c
Change settings area to be separated into categories in admin UI ( #19407 )
...
And update all descriptions
2022-10-22 11:44:41 +02:00
Eugen Rochko
839f893168
Change public accounts pages to mount the web UI ( #19319 )
...
* Change public accounts pages to mount the web UI
* Fix handling of remote usernames in routes
- When logged in, serve web app
- When logged out, redirect to permalink
- Fix `app-body` class not being set sometimes due to name conflict
* Fix missing `multiColumn` prop
* Fix failing test
* Use `discoverable` attribute to control indexing directives
* Fix `<ColumnLoading />` not using `multiColumn`
* Add `noindex` to accounts in REST API
* Change noindex directive to not be rendered by default before a route is mounted
* Add loading indicator for detailed status in web UI
* Fix missing indicator appearing while account is loading in web UI
2022-10-20 14:35:29 +02:00
Takeshi Umeda
b0e3f0312c
Add synchronization of remote featured tags ( #19380 )
...
* Add LIMIT of featured tag to instance API response
* Add featured_tags_collection_url to Account
* Add synchronization of remote featured tags
* Deliver update activity when updating featured tag
* Remove featured_tags_collection_url
* Revert "Add featured_tags_collection_url to Account"
This reverts commit cff349fc27
.
* Add hashtag sync from featured collections
* Fix tag name normalize
* Add target option to fetch featured collection
* Refactor fetch_featured_tags_collection_service
* Add LIMIT of featured tag to v1/instance API response
2022-10-20 09:15:52 +02:00