Commit Graph

85 Commits (36ccdcc9e12d35399742cbe05c2589d69dbbbc99)

Author SHA1 Message Date
Emelia Smith b42661ba95
Add missing Appeals link under Moderation in navigiation (#31071) 5 months ago
Emelia Smith d3089018d5
Move Follow Recommendations to Trends menu, rename to Recommendations & Trends (#31292) 5 months ago
Matt Jankowski abc4ed48f2
Replace more `font-awesome` icons in navigation sidebar area (#30974) 5 months ago
Emelia Smith c40e481169
Implement UI for Admin Search of Hashtags (#30880) 5 months ago
Michael Stanclift 2c75cf8599
Add "Warning preset" link to admin navigation (#26199) 7 months ago
Emelia Smith f0d6dc4519
Fix: Mark redirect uris field in Development > Application form as required (#30311) 8 months ago
Emelia Smith 5fd56512de
Improve Report Notes and Account Moderation Notes (#30288) 8 months ago
Claire 44bf7b8128
Add notifications of severed relationships (#27511) 9 months ago
Claire bc6f9befde
Change “Notifications” settings page to “E-mail notifications” (#29646) 10 months ago
Claire 379115e601
Add SELF_DESTRUCT env variable to process self-destructions in the background (#26439) 1 year ago
Claire 16681e0f20
Add admin notifications for new Mastodon versions (#26582) 1 year ago
Claire fc5ab2dc83
Add privacy tab in profile settings (#26484)
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
1 year ago
Emelia Smith e258b4cb64
Refactor: replace whitelist_mode mentions with limited_federation_mode (#26252) 1 year ago
Eugen Rochko bca649ba79
Change edit profile page (#25413) 2 years ago
Claire 32a030dd74
Rewrite import feature (#21054) 2 years ago
Claire 00b2720ef0
Change automatic post deletion configuration to be accessible to redirected users (#20774)
Fixes #20550
2 years ago
Eugen Rochko 7c152acb2c
Change settings area to be separated into categories in admin UI (#19407)
And update all descriptions
2 years ago
Eugen Rochko 44b2ee3485
Add customizable user roles (#18641)
* Add customizable user roles

* Various fixes and improvements

* Add migration for old settings and fix tootctl role management
3 years ago
Eugen Rochko a2871cd747
Add administrative webhooks (#18510)
* Add administrative webhooks

* Fix error when webhook is deleted before delivery worker runs
3 years ago
Eugen Rochko 27965ce5ed
Add trending statuses (#17431)
* Add trending statuses

* Fix dangling items with stale scores in localized sets

* Various fixes and improvements

- Change approve_all/reject_all to approve_accounts/reject_accounts
- Change Trends::Query methods to not mutate the original query
- Change Trends::Query#skip to offset
- Change follow recommendations to be refreshed in a transaction

* Add tests for trending statuses filtering behaviour

* Fix not applying filtering scope in controller
3 years ago
Eugen Rochko 564efd0651
Add appeals (#17364)
* Add appeals

* Add ability to reject appeals and ability to browse pending appeals in admin UI

* Add strikes to account page in settings

* Various fixes and improvements

- Add separate notification setting for appeals, separate from reports
- Fix style of links in report/strike header
- Change approving an appeal to not restore statuses (due to federation complexities)
- Change style of successfully appealed strikes on account settings page
- Change account settings page to only show unappealed or recently appealed strikes

* Change appealed_at to overruled_at

* Fix missing method error
3 years ago
Eugen Rochko 0fb9536d38
Add batch suspend for accounts in admin UI (#17009) 3 years ago
Eugen Rochko 7de0ee7aba
Remove Keybase integration (#17045) 3 years ago
Eugen Rochko 6e50134a42
Add trending links (#16917)
* Add trending links

* Add overriding specific links trendability

* Add link type to preview cards and only trend articles

Change trends review notifications from being sent every 5 minutes to being sent every 2 hours

Change threshold from 5 unique accounts to 15 unique accounts

* Fix tests
3 years ago
Claire 4ac78e2a06
Add feature to automatically delete old toots (#16529)
* Add account statuses cleanup policy model

* Record last inspected toot to delete to speed up successive calls to statuses_to_delete

* Add service to cleanup a given account's statuses within a budget

* Add worker to go through account policies and delete old toots

* Fix last inspected status id logic

All existing statuses older or equal to last inspected status id must be
kept by the current policy. This is an invariant that must be kept so that
resuming deletion from the last inspected status remains sound.

* Add tests

* Refactor scheduler and add tests

* Add user interface

* Add support for discriminating based on boosts/favs

* Add UI support for min_reblogs and min_favs, rework UI

* Address first round of review comments

* Replace Snowflake#id_at_start with with_random parameter

* Add tests

* Add tests for StatusesCleanupController

* Rework settings page

* Adjust load-avoiding mechanisms

* Please CodeClimate
3 years ago
Eugen Rochko d174d12c83
Add authentication history (#16408) 4 years ago
Eugen Rochko f7117646af
Add cold-start follow recommendations (#15945) 4 years ago
Eugen Rochko 8331fdf7e0
Add server rules (#15769) 4 years ago
Eugen Rochko 5e1364c448
Add IP-based rules (#14963) 4 years ago
Eugen Rochko 4e4b3a0c8e
Refactor settings controllers (#14767)
- Disallow suspended accounts from revoking sessions and apps
- Allow suspended accounts to access exports
4 years ago
santiagorodriguez96 e8d41bc2fe
Add WebAuthn as an alternative 2FA method (#14466)
* feat: add possibility of adding WebAuthn security keys to use as 2FA

This adds a basic UI for enabling WebAuthn 2FA. We did a little refactor
to the Settings page for editing the 2FA methods – now it will list the
methods that are available to the user (TOTP and WebAuthn) and from
there they'll be able to add or remove any of them.
Also, it's worth mentioning that for enabling WebAuthn it's required to
have TOTP enabled, so the first time that you go to the 2FA Settings
page, you'll be asked to set it up.
This work was inspired by the one donde by Github in their platform, and
despite it could be approached in different ways, we decided to go with
this one given that we feel that this gives a great UX.

Co-authored-by: Facundo Padula <facundo.padula@cedarcode.com>

* feat: add request for WebAuthn as second factor at login if enabled

This commits adds the feature for using WebAuthn as a second factor for
login when enabled.
If users have WebAuthn enabled, now a page requesting for the use of a
WebAuthn credential for log in will appear, although a link redirecting
to the old page for logging in using a two-factor code will also be
present.

Co-authored-by: Facundo Padula <facundo.padula@cedarcode.com>

* feat: add possibility of deleting WebAuthn Credentials

Co-authored-by: Facundo Padula <facundo.padula@cedarcode.com>

* feat: disable WebAuthn when an Admin disables 2FA for a user

Co-authored-by: Facundo Padula <facundo.padula@cedarcode.com>

* feat: remove ability to disable TOTP leaving only WebAuthn as 2FA

Following examples form other platforms like Github, we decided to make
Webauthn 2FA secondary to 2FA with TOTP, so that we removed the
possibility of removing TOTP authentication only, leaving users with
just WEbAuthn as 2FA. Instead, users will have to click on 'Disable 2FA'
in order to remove second factor auth.
The reason for WebAuthn being secondary to TOPT is that in that way,
users will still be able to log in using their code from their phone's
application if they don't have their security keys with them – or maybe
even lost them.

* We had to change a little the flow for setting up TOTP, given that now
  it's possible to setting up again if you already had TOTP, in order to
  let users modify their authenticator app – given that now it's not
  possible for them to disable TOTP and set it up again with another
  authenticator app.
  So, basically, now instead of storing the new `otp_secret` in the
  user, we store it in the session until the process of set up is
  finished.
  This was because, as it was before, when users clicked on 'Edit' in
  the new two-factor methods lists page, but then went back without
  finishing the flow, their `otp_secret` had been changed therefore
  invalidating their previous authenticator app, making them unable to
  log in again using TOTP.

Co-authored-by: Facundo Padula <facundo.padula@cedarcode.com>

* refactor: fix eslint errors

The PR build was failing given that linting returning some errors.
This commit attempts to fix them.

* refactor: normalize i18n translations

The build was failing given that i18n translations files were not
normalized.
This commits fixes that.

* refactor: avoid having the webauthn gem locked to a specific version

* refactor: use symbols for routes without '/'

* refactor: avoid sending webauthn disabled email when 2FA is disabled

When an admins disable 2FA for users, we were sending two mails
to them, one notifying that 2FA was disabled and the other to notify
that WebAuthn was disabled.
As the second one is redundant since the first email includes it, we can
remove it and send just one email to users.

* refactor: avoid creating new env variable for webauthn_origin config

* refactor: improve flash error messages for webauthn pages

Co-authored-by: Facundo Padula <facundo.padula@cedarcode.com>
4 years ago
Eugen Rochko f52c988e12
Add announcements (#12662)
* Add announcements

Fix #11006

* Add reactions to announcements

* Add admin UI for announcements

* Add unit tests

* Fix issues

- Add `with_dismissed` param to announcements API
- Fix end date not being formatted when time range is given
- Fix announcement delete causing reactions to send streaming updates
- Fix announcements container growing too wide and mascot too small
- Fix `all_day` being settable when no time range is given
- Change text "Update" to "Announcement"

* Fix scheduler unpublishing announcements before they are due

* Fix filter params not being passed to announcements filter
5 years ago
Eugen Rochko add4d4118c
Fix relays UI being available in whitelist/secure mode (#11963)
Fix relays UI referencing relay that is not functional
5 years ago
Eugen Rochko 3ed94dcc1a
Add account migration UI (#11846)
Fix #10736

- Change data export to be available for non-functional accounts
- Change non-functional accounts to include redirecting accounts
5 years ago
Eugen Rochko 115dab78f1
Change admin UI for hashtags and add back whitelisted trends (#11490)
Fix #271

Add back the `GET /api/v1/trends` API with the caveat that it does
not return tags that have not been allowed to trend by the staff.

When a hashtag begins to trend (internally) and that hashtag has
not been previously reviewed by the staff, the staff is notified.

The new admin UI for hashtags allows filtering hashtags by where
they are used (e.g. in the profile directory), whether they have
been reviewed or are pending reviewal, they show by how many people
the hashtag is used in the directory, how many people used it
today, how many statuses with it have been created today, and it
allows fixing the name of the hashtag to make it more readable.

The disallowed hashtags feature has been reworked. It is now
controlled from the admin UI for hashtags instead of from
the file `config/settings.yml`
5 years ago
Eugen Rochko 24552b5160
Add whitelist mode (#11291) 5 years ago
ThibG d0c25584b8 Change settings to show restricted accounts only what they have access to (#11394)
Follow-up to 964ae8eee5
6 years ago
Eugen Rochko 23aeef52cc
Remove Salmon and PubSubHubbub (#11205)
* Remove Salmon and PubSubHubbub endpoints

* Add error when trying to follow OStatus accounts

* Fix new accounts not being created in ResolveAccountService
6 years ago
Eugen Rochko 560ec24e58
Change /settings/preferences to redirect to appearance, add /settings/preferences/other (#10988) 6 years ago
Eugen Rochko 1db4117030
Change preferences page into appearance, notifications, and other (#10977) 6 years ago
Eugen Rochko 9b0d8f74cb
Change the groupings of menu items in settings navigation (#10533)
* Change the groupings of menu items in settings navigation

Fix #10307

* Remove unused translations
6 years ago
Eugen Rochko e1d0390e29
Add batch actions for approving and rejecting pending accounts (#10469) 6 years ago
Eugen Rochko 08c3ce51aa
Do not show identity proofs menu item unless there are identity proofs (#10350) 6 years ago
Eugen Rochko 555c4e11ba
Add validations to admin settings (#10348)
* Add validations to admin settings

- Validate correct HTML markup
- Validate presence of contact username & e-mail
- Validate that all usernames are valid
- Validate that enums have expected values

* Fix code style issue

* Fix tests
6 years ago
Eugen Rochko 9c4cbdbafb
Add Keybase integration (#10297)
* create account_identity_proofs table

* add endpoint for keybase to check local proofs

* add async task to update validity and liveness of proofs from keybase

* first pass keybase proof CRUD

* second pass keybase proof creation

* clean up proof list and add badges

* add avatar url to keybase api

* Always highlight the “Identity Proofs” navigation item when interacting with proofs.

* Update translations.

* Add profile URL.

* Reorder proofs.

* Add proofs to bio.

* Update settings/identity_proofs front-end.

* Use `link_to`.

* Only encode query params if they exist.

URLs without params had a trailing `?`.

* Only show live proofs.

* change valid to active in proof list and update liveness before displaying

* minor fixes

* add keybase config at well-known path

* extremely naive feature flagging off the identity proof UI

* fixes for rubocop

* make identity proofs page resilient to potential keybase issues

* normalize i18n

* tweaks for brakeman

* remove two unused translations

* cleanup and add more localizations

* make keybase_contacts an admin setting

* fix ExternalProofService my_domain

* use Addressable::URI in identity proofs

* use active model serializer for keybase proof config

* more cleanup of keybase proof config

* rename proof is_valid and is_live to proof_valid and proof_live

* cleanup

* assorted tweaks for more robust communication with keybase

* Clean up

* Small fixes

* Display verified identity identically to verified links

* Clean up unused CSS

* Add caching for Keybase avatar URLs

* Remove keybase_contacts setting
6 years ago
Eugen Rochko 1c113fd72d
Add relationship manager UI (#10268) 6 years ago
Eugen Rochko 364f2ff9aa
Add featured hashtags to profiles (#9755)
* Add hashtag filter to profiles

GET /@:username/tagged/:hashtag
GET /api/v1/accounts/:id/statuses?tagged=:hashtag

* Display featured hashtags on public profile

* Use separate model for featured tags

* Update featured hashtag counters on-write

* Limit featured tags to 10
6 years ago
Eugen Rochko a269ffdfa5
Change "federation" admin UI link to point to "limited" domains (#9762) 6 years ago
Eugen Rochko 1c6588accc
Redesign admin instances area (#9645) 6 years ago
Eugen Rochko 73be8f38c1
Add profile directory (#9427)
Fix #5578
6 years ago