Commit Graph

57 Commits (938cd2875b14db3655a6c9f82f672f4baf7720a3)

Author SHA1 Message Date
masarakki 649a20ab46 authorize-follow-requests-after-unlocking (#4658) 7 years ago
nullkal 80393a23d0 Use checkboxes for application scope setting (#4671) 7 years ago
Eugen Rochko c1b086a538 Fix up the applications area (#4664)
- Section it into "Development" area
- Improve UI of application form, index, and details
7 years ago
Colin Mitchell 871c0d251a Application prefs section (#2758)
* Add code for creating/managing apps to settings section

* Add specs for app changes

* Fix controller spec

* Fix view file I pasted over by mistake

* Add locale strings. Add 'my apps' to nav

* Add Client ID/Secret to App page. Add some visual separation

* Fix rubocop warnings

* Fix embarrassing typo

I lost an `end` statement while fixing a merge conflict.

* Add code for creating/managing apps to settings section

- Add specs for app changes
- Add locale strings. Add 'my apps' to nav
- Add Client ID/Secret to App page. Add some visual separation
- Fix some bugs/warnings

* Update to match code standards

* Trigger notification

* Add warning about not sharing API secrets

* Tweak spec a bit

* Cleanup fixture creation by using let!

* Remove unused key

* Add foreign key for application<->user
7 years ago
Eugen Rochko b7370ac8ba ActivityPub delivery (#4566)
* Deliver ActivityPub Like

* Deliver ActivityPub Undo-Like

* Deliver ActivityPub Create/Announce activities

* Deliver ActivityPub creates from mentions

* Deliver ActivityPub Block/Undo-Block

* Deliver ActivityPub Accept/Reject-Follow

* Deliver ActivityPub Undo-Follow

* Deliver ActivityPub Follow

* Deliver ActivityPub Delete activities

Incidentally fix #889

* Adjust BatchedRemoveStatusService for ActivityPub

* Add tests for ActivityPub workers

* Add tests for FollowService

* Add tests for FavouriteService, UnfollowService and PostStatusService

* Add tests for ReblogService, BlockService, UnblockService, ProcessMentionsService

* Add tests for AuthorizeFollowService, RejectFollowService, RemoveStatusService

* Add tests for BatchedRemoveStatusService

* Deliver updates to a local account to ActivityPub followers

* Minor adjustments
7 years ago
Eugen Rochko 92cb451da8 Fix #4026 - Accept backup codes for disabling 2FA (#4382) 8 years ago
Yamagishi Kazutoshi 716f4cb11c Add feature to revoke sessions (#4259) 8 years ago
Yamagishi Kazutoshi 3267e4a785 Add unfollow modal (optional) (#4246)
* Add unfollow modal

* unfollowing someone

* remove unnecessary prop
8 years ago
Eugen Rochko c42092ba7a Add option to opt out of search engines on public profile/status pages (#4199) 8 years ago
Yamagishi Kazutoshi 2b9721d1b3 Add setting a always mark media as sensitive (#4136) 8 years ago
Damien Erambert 18d3fa953b Add a setting allowing the use of system's default font in Web UI (#4033)
* add a system_font_ui setting on the server

* Plug the system_font_ui on the front-end

* add EN/FR locales for the new setting

* put Roboto after all other fonts

* remove trailing whitespace so CodeClimate is happy

* fix user_spec.rb

* correctly write user_spect this time

* slightly better way of adding the classes

* add comments to the system-font stack for clarification

* use .system-font for the class instead

* don't use multiple lines for comments

* remove trailing whitespace

* use the classnames module for consistency

* use `mastodon-font-sans-serif` instead of Roboto directly
8 years ago
Eugen Rochko 5e8d037e27 Fix #3910 - Require OTP authentication to disable 2FA (#3935)
* Fix #3910 - Require OTP authentication to disable 2FA. Also, remove ability
to generate new OTP backup codes *after* initial backup codes were handed
out during activation

* Restore recovery code re-generation

* Improve display of some 2FA elements
8 years ago
masarakki ff142eb64d setting-for-account-deletable (#3852) 8 years ago
Eugen Rochko 91c71471ab Fix account delete form not accepting password, update suspended (#3745)
account before removing content for quicker feedback to end-users
8 years ago
Eugen Rochko 4a618908e8 Account deletion (#3728)
* Add form for account deletion

* If avatar or header are gone from source, remove them

* Add option to have SuspendAccountService remove user record, add tests

* Exclude suspended accounts from search
8 years ago
takayamaki 3eedad2737 change sidekiq queueing to bulk push (#3536) 8 years ago
Matt Jankowski 0ebe7d6d23 Remove exports/base controller in favor of shared concern (#3444) 8 years ago
Atsushi Yamamoto 402c19a924 Add preference setting for delete toot modal (#3368)
* Set delete_modal preference to true by default
* Does not show confirmation modal if delete_modal is false
* Add ja translation for preference setting page
8 years ago
Tomonori Murakami 7966d3a872 Fix locale bug when change it on preferences (#3223) (#3232) 8 years ago
Matt Jankowski 8f4b7c1820 Filter languages with opt out (#3175)
* Remove allowed_languages and add filtered_languages

* Use filtered_languages instead of allowed_languages
8 years ago
Matt Jankowski f025cc6782 Filter on allowed user language preferences (#2361)
* Naive approached to timeline filtering

* Convert allowed_languages into a db column

* Allow users to choose languages to see statuses in

* Style list items as two columns

* Add a hint to explain language filtering preference
8 years ago
Eugen 501514960a Followers-only post federation (#2111)
* Make private toots get PuSHed to subscription URLs that belong to domains where you have approved followers

* Authorized followers controller, stub for bulk action

* Soft block in the background

* Add simple test for new controller

* Rename Settings::FollowersController to Settings::FollowerDomainsController, paginate results,
rename "private" post setting to "followers-only", fix pagination style, improve post privacy
preferences style, improve warning style

* Extract compose form warnings into own container, show warning when posting to followers-only with unlocked account
8 years ago
Matt Jankowski 67dea31b0f 2FA controller cleanup (#2296)
* Add spec coverage for settings/two_factor_auth area

* extract setup method for qr code

* Move otp required check to before action

* Merge method only used once

* Remove duplicate view

* Consolidate creation of @codes for backup

* Move settings/2fq#recovery_codes to settings/recovery_codes#create

* Rename settings/two_factor_auth#disable to #destroy

* Add coverage for the otp required path on 2fa#show

* Clean up the recovery codes list styles

* Move settings/two_factor_auth to settings/two_factor_authentication

* Reorganize the settings two factor auth area

Updated to use a flow like:

- settings/two_factor_authentication goes to a #show view which has a button
  either enable or disable 2fa on the account
- the disable button turns off the otp requirement for the user
- the enable button cycles the user secret and redirects to a confirmation page
- the confirmation page is a #new view which shows the QR code for user
- that page posts to #create which verifies the code, and creates the recovery
  codes
- that create action shares a view with a recovery codes controller which can be
  used separately to reset codes if needed
8 years ago
Matt Jankowski 2dda356e3f Clean up settings/preferences controller (#2237)
* Add missing fields group on preferences page

* Clean up settings/preferences controller

* Extract a UserSettingsDecorator
8 years ago
Matt Jankowski a8e1afc30a Simplify render in controllers (#2144) 8 years ago
Eugen Rochko 42d54dc9ea Adjust visuals of non-autoplaying GIFV 8 years ago
Patrick Figel ffb99325ca Add gif auto-play/pause preference
This introduces a new per-user preference called
"Auto-play animated GIFs", which is enabled by default. When a
user disables this setting, gifs in toots become click-to-play.

Previews of animated gifs were changed to display the video play
button so that users can distinguish them from regular images.

This setting also affects account avatars in the detailed account
view, which was changed to use the same hover-to-play mechanism
that is used for animated avatars in timelines.

Fixes #1652
8 years ago
Patrick Figel df4ff9a8e1 Add recovery code support for two-factor auth (#1773)
* Add recovery code support for two-factor auth

When users enable two-factor auth, the app now generates ten
single-use recovery codes. Users are encouraged to print the codes
and store them in a safe place.

The two-factor prompt during login now accepts both OTP codes and
recovery codes.

The two-factor settings UI allows users to regenerated lost
recovery codes. Users who have set up two-factor auth prior to
this feature being added can use it to generate recovery codes
for the first time.

Fixes #563 and fixes #987

* Set OTP_SECRET in test enviroment

* add missing .html to view file names
8 years ago
Matt Jankowski 0e39cc6a35 Settings export refactor (#1646)
* Refactor Export to take an account and know about the export types

* Use Export instance in settings/exports#show
8 years ago
Matt Jankowski 7f0a865b05 Allow import/export of mutes list (#1541)
* Allow export of mutes list

* Allow importing of mutes list

* Refactor to use Settings::Exports::BaseController and DRY up exports code
8 years ago
Matt Jankowski 3ddd936b03 Refactor exports controller (#1567)
* Add basic coverage for settings/exports controller

* Remove unused @account variable from settings/exports controller

* Add coverage for download export actions

* Remove deprecated `render :text` in favor of `send_data` for csv downloads

* Add model to handle exports

* Use Export class in settings/exports controller

* Simplify settings/exports controller methods

* Move settings/export to more restful routes
8 years ago
Eugen Rochko 2a7602cad4 Merge branch 'master' of https://github.com/blackle/mastodon into blackle-master 8 years ago
blackle 06444bf050 Allow user to disable the boost confirm dialog in preferences 8 years ago
Matt Jankowski 0687ab8ae3 Clean up generation of account webfinger string (#1477)
* Consolidate webfinger string creation under Account#to_webfinger_s

* Introduce Account#local_username_and_domain for consolidation
8 years ago
Eugen 9acdb166e8 Fix #795, fix #704, fix #835 - 2FA requires confirmation to be enabled (#1278)
* Fix #795, fix #704, fix #835 - 2FA requires confirmation to be enabled
TOTP secret is not shown again after 2FA is enabled

* Clean up
8 years ago
Eugen Rochko e8875c6046 Import feature for following/blocking lists (addresses #62, #177, #201, #454) 8 years ago
Eugen Rochko 56d998cbdb Export follow/block lists as CSV 8 years ago
Eugen Rochko 6b81d10030 Add digest e-mails 8 years ago
Eugen Rochko 175a9b9caa Fix #104 - Style OAuth authorized applications page
Add ability to search accounts by display name
8 years ago
Eugen Rochko 63886bdc59 Fix #587 - Display TOTP secret next to QR code 8 years ago
Eugen Rochko 714e41d472 Fix preferences save 8 years ago
Eugen Rochko 347a153b3d Add API modifiers to limit returned toots from public/hashtag timelines
to only those from local users; Add link to "extended information" to
getting started in the UI; Add defaults for posting privacy; Change
how publish button looks depending on posting privacy chosen
8 years ago
Eugen Rochko f4bc9620a9 Update settings to re-use admin layout, one big navigation tree, improve settings forms 8 years ago
Eugen Rochko ba192f12e3 Added optional two-factor authentication 8 years ago
Eugen Rochko b11fdc3ae3 Migrate from ledermann/rails-settings to rails-settings-cached which allows global settings
with YAML-defined defaults. Add admin page for editing global settings. Add "site_description"
setting that would show as a paragraph on the frontpage
8 years ago
Eugen Rochko eca6110fc4 Add preferences for follow request notification e-mails 8 years ago
Eugen Rochko 2d2154ba75 Add "locked" flag to accounts, prevent blocked users from following, force-unfollow blocked users 8 years ago
Eugen Rochko f406e01fcf Add filters for suspended accounts 8 years ago
Eugen Rochko 14bd46946d Per-status control for unlisted mode, also federation for unlisted mode
Fix #233, fix #268
8 years ago
Eugen Rochko 71401659b8 Fix #65 - Options to block notifications from people you don't follow/who don't follow you 8 years ago