Commit Graph

87 Commits (d58173e45bf0fdf5a6015d40eb88c313a3d99e5c)

Author SHA1 Message Date
Matt Jankowski ebdeac0731
Add coverage for missing status scenario in NotificationMailer (#32256) 3 months ago
Matt Jankowski 83574f641a
Add coverage and use mailer callback to check functional user in notification mailer (#32055) 3 months ago
Matt Jankowski 19dedd7cfd
Set important mailer headers with `after_action` callback (#32057) 3 months ago
Matt Jankowski 2946a9286b
Use `headers` shorthand in mailers (#31956) 3 months ago
Claire 559958f8c5
Fix email language when recipient has no selected locale (#31747) 4 months ago
Matt Jankowski a6d12299f2
Remove duplicate method def `ApplicationHelper#instance_presenter` (#30331) 7 months ago
Matt Jankowski c4feba4347
Use existing `MascotHelper#instance_presenter` instead of local var in `welcome` email template (#29759) 9 months ago
Claire cfea9cc172
Add list of pending releases directly in mail notifications for version updates (#29436) 9 months ago
HTeuMeuLeu 934cab7508
New welcome email (#28883)
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
10 months ago
Claire 2751acb6cd
Automatically switch from open to approved registrations in absence of moderators (#29318) 10 months ago
Claire e2d9635074
Add notification email on invalid second authenticator (#28822) 11 months ago
HTeuMeuLeu 7f471e70c0
Update new email templates (#28416)
Co-authored-by: Matt Jankowski <matt@jankowski.online>
12 months ago
Matt Jankowski 7cfc078198
Fix rails mailer preview not honouring locale (#28418) 1 year ago
Matt Jankowski 2d536bb05f
Use `admin_mailer` layout with initial salutation (#28085) 1 year ago
Matt Jankowski 9b8ba9b350
Remove unused `plain_mailer` layout (#28065) 1 year ago
Matt Jankowski 1f5187e2e2
Misc spec/refactor to user mailer and user mailer spec (#27486) 1 year ago
Claire 16681e0f20
Add admin notifications for new Mastodon versions (#26582) 1 year ago
Christian Schmidt ca342d4838
Add List-Unsubscribe email header (#26085) 1 year ago
Matt Jankowski f3fca78756
Refactor `NotificationMailer` to use parameterization (#25718) 1 year ago
Matt Jankowski cf33028f35
Admin mailer parameterization (#25759) 1 year ago
Eugen Rochko 6637ef7852
Add unsubscribe link to e-mails (#25378) 2 years ago
Heitor de Melo Cardozo 4601e0dcbb
Add user handle to notification mail recipient address (#24240)
Co-authored-by: luccamps <luccamps@users.noreply.github.com>
Co-authored-by: Leonardo Negreiros de Oliveira <negreirosleo12@gmail.com>
Co-authored-by: Marcio Flavio <mflaviof1995@gmail.com>
Co-authored-by: Gabriel Quaresma <j.quaresmasantos_98@hotmail.com>
2 years ago
Claire d6679d1751
Add mail headers to avoid auto-replies (#23597) 2 years ago
Nick Schonning f0e1b12c10
Autofix Rubocop Style/ExplicitBlockArgument (#23704) 2 years ago
zunda 09191dee66
Add single splat to callback method definitions to avoid ArgumentError (#22246)
It looks like a [bug](https://bugs.ruby-lang.org/issues/18633) around
autosplat is [fixed](fbaadd1cfe)
on ruby-3.2.0-rc1 and breaks a test (but not on ruby <= 3.1.3):

```
$ bundle exec rspec ./spec/controllers/api/v1/emails/confirmations_controller_spec.rb:41
  :
  1) Api::V1::Emails::ConfirmationsController#create with an oauth token from an app that created the account when the account is already confirmed but user changed e-mail and has not confirmed it returns http success
     Failure/Error:
         def email_changed(user, **)
           @resource = user
           @instance = Rails.configuration.x.local_domain

           return unless @resource.active_for_authentication?

           I18n.with_locale(locale) do
             mail to: @resource.email, subject: I18n.t('devise.mailer.email_changed.subject')
           end
         end

     ArgumentError:
       wrong number of arguments (given 2, expected 1)
     # ./app/mailers/user_mailer.rb:51:in `email_changed'
     # ./app/models/user.rb:444:in `render_and_send_devise_message'
     # ./app/models/user.rb:430:in `block in send_pending_devise_notifications'
     # ./app/models/user.rb:429:in `each'
     # ./app/models/user.rb:429:in `send_pending_devise_notifications'
     # ./spec/controllers/api/v1/emails/confirmations_controller_spec.rb:38:in `block (7 levels) in <top (required)>'
```
2 years ago
Eugen Rochko 45ebdb72ca
Add support for language preferences for trending statuses and links (#18288) 2 years ago
Eugen Rochko 0b3e4fd5de
Remove digest e-mails (#17985)
* Remove digest e-mails

* Remove digest-related code
2 years ago
Jeong Arm fed7380e9f
Prevent use locale with empty string (#18543)
Somehow user's locale could be an empty string, And empty string itself
are treated as true value.
3 years ago
Claire ce9dcbea32
Fix failure when sending warning emails with custom text (#17983)
* Add tests

* Fix failure when sending warning emails with custom text
3 years ago
Eugen Rochko 6221b36b27
Remove sign-in token authentication, instead send e-mail about new sign-in (#17970) 3 years ago
Eugen Rochko cefa526c6d
Refactor formatter (#17828)
* Refactor formatter

* Move custom emoji pre-rendering logic to view helpers

* Move more methods out of Formatter

* Fix code style issues

* Remove Formatter

* Add inline poll options to RSS feeds

* Remove unused helper method

* Fix code style issues

* Various fixes and improvements

* Fix test
3 years ago
Eugen Rochko 27965ce5ed
Add trending statuses (#17431)
* Add trending statuses

* Fix dangling items with stale scores in localized sets

* Various fixes and improvements

- Change approve_all/reject_all to approve_accounts/reject_accounts
- Change Trends::Query methods to not mutate the original query
- Change Trends::Query#skip to offset
- Change follow recommendations to be refreshed in a transaction

* Add tests for trending statuses filtering behaviour

* Fix not applying filtering scope in controller
3 years ago
helloworldstack 2426577a91
Fix sign in token and warning emails failed to send in some cases (#17589) 3 years ago
Eugen Rochko 564efd0651
Add appeals (#17364)
* Add appeals

* Add ability to reject appeals and ability to browse pending appeals in admin UI

* Add strikes to account page in settings

* Various fixes and improvements

- Add separate notification setting for appeals, separate from reports
- Fix style of links in report/strike header
- Change approving an appeal to not restore statuses (due to federation complexities)
- Change style of successfully appealed strikes on account settings page
- Change account settings page to only show unappealed or recently appealed strikes

* Change appealed_at to overruled_at

* Fix missing method error
3 years ago
Eugen Rochko 14f436c457
Add notifications for statuses deleted by moderators (#17204) 3 years ago
Eugen Rochko a458b74c7e
Fix error on trending mailer due to missing constant (#17072) 3 years ago
Eugen Rochko 6e50134a42
Add trending links (#16917)
* Add trending links

* Add overriding specific links trendability

* Add link type to preview cards and only trend articles

Change trends review notifications from being sent every 5 minutes to being sent every 2 hours

Change threshold from 5 unique accounts to 15 unique accounts

* Fix tests
3 years ago
Claire 43eff898a0
Prepare Mastodon for Rails 6 (#15911)
* Fix misuse of foreign_type

* Fix use of removed "add_template_helper"

* Use response.media_type instead of response.content_type in tests

* Fix CSV export controller test on Rails 6

Rails 6 sets a "filename*" field in the Content-Disposition header to
explicitly encode the filename as UTF-8.

This changes checks the first part of the Content-Disposition header so
it matches in both Rails 5 and Rails 6.

* Fix emoji formatting with Rails 6

* Make emoji output more idiomatic and robust

* Switch from redis-rails gem to built-in Rails redis cache storage
4 years ago
Eugen Rochko ed099d8bdc
Change account suspensions to be reversible by default (#14726) 4 years ago
santiagorodriguez96 e8d41bc2fe
Add WebAuthn as an alternative 2FA method (#14466)
* feat: add possibility of adding WebAuthn security keys to use as 2FA

This adds a basic UI for enabling WebAuthn 2FA. We did a little refactor
to the Settings page for editing the 2FA methods – now it will list the
methods that are available to the user (TOTP and WebAuthn) and from
there they'll be able to add or remove any of them.
Also, it's worth mentioning that for enabling WebAuthn it's required to
have TOTP enabled, so the first time that you go to the 2FA Settings
page, you'll be asked to set it up.
This work was inspired by the one donde by Github in their platform, and
despite it could be approached in different ways, we decided to go with
this one given that we feel that this gives a great UX.

Co-authored-by: Facundo Padula <facundo.padula@cedarcode.com>

* feat: add request for WebAuthn as second factor at login if enabled

This commits adds the feature for using WebAuthn as a second factor for
login when enabled.
If users have WebAuthn enabled, now a page requesting for the use of a
WebAuthn credential for log in will appear, although a link redirecting
to the old page for logging in using a two-factor code will also be
present.

Co-authored-by: Facundo Padula <facundo.padula@cedarcode.com>

* feat: add possibility of deleting WebAuthn Credentials

Co-authored-by: Facundo Padula <facundo.padula@cedarcode.com>

* feat: disable WebAuthn when an Admin disables 2FA for a user

Co-authored-by: Facundo Padula <facundo.padula@cedarcode.com>

* feat: remove ability to disable TOTP leaving only WebAuthn as 2FA

Following examples form other platforms like Github, we decided to make
Webauthn 2FA secondary to 2FA with TOTP, so that we removed the
possibility of removing TOTP authentication only, leaving users with
just WEbAuthn as 2FA. Instead, users will have to click on 'Disable 2FA'
in order to remove second factor auth.
The reason for WebAuthn being secondary to TOPT is that in that way,
users will still be able to log in using their code from their phone's
application if they don't have their security keys with them – or maybe
even lost them.

* We had to change a little the flow for setting up TOTP, given that now
  it's possible to setting up again if you already had TOTP, in order to
  let users modify their authenticator app – given that now it's not
  possible for them to disable TOTP and set it up again with another
  authenticator app.
  So, basically, now instead of storing the new `otp_secret` in the
  user, we store it in the session until the process of set up is
  finished.
  This was because, as it was before, when users clicked on 'Edit' in
  the new two-factor methods lists page, but then went back without
  finishing the flow, their `otp_secret` had been changed therefore
  invalidating their previous authenticator app, making them unable to
  log in again using TOTP.

Co-authored-by: Facundo Padula <facundo.padula@cedarcode.com>

* refactor: fix eslint errors

The PR build was failing given that linting returning some errors.
This commit attempts to fix them.

* refactor: normalize i18n translations

The build was failing given that i18n translations files were not
normalized.
This commits fixes that.

* refactor: avoid having the webauthn gem locked to a specific version

* refactor: use symbols for routes without '/'

* refactor: avoid sending webauthn disabled email when 2FA is disabled

When an admins disable 2FA for users, we were sending two mails
to them, one notifying that 2FA was disabled and the other to notify
that WebAuthn was disabled.
As the second one is redundant since the first email includes it, we can
remove it and send just one email to users.

* refactor: avoid creating new env variable for webauthn_origin config

* refactor: improve flash error messages for webauthn pages

Co-authored-by: Facundo Padula <facundo.padula@cedarcode.com>
4 years ago
Eugen Rochko 72a7cfaa39
Add e-mail-based sign in challenge for users with disabled 2FA (#14013) 5 years ago
Renato "Lond" Cerqueira 37dc12dd53
Fix error when sending moderation notification (#13014)
Since the statuses helper is not loaded, the rtl helper cannot be found
and the email cannot be sent.
5 years ago
Takeshi Umeda a6269b2f83 Split AccountsHelper from StatusesHelper (#12078) 5 years ago
Eugen Rochko e1066cd431
Add password challenge to 2FA settings, e-mail notifications (#11878)
Fix #3961
5 years ago
Eugen Rochko 73ca0bb925
Add option to include reported statuses in warning e-mail (#11639) 5 years ago
Eugen Rochko 115dab78f1
Change admin UI for hashtags and add back whitelisted trends (#11490)
Fix #271

Add back the `GET /api/v1/trends` API with the caveat that it does
not return tags that have not been allowed to trend by the staff.

When a hashtag begins to trend (internally) and that hashtag has
not been previously reviewed by the staff, the staff is notified.

The new admin UI for hashtags allows filtering hashtags by where
they are used (e.g. in the profile directory), whether they have
been reviewed or are pending reviewal, they show by how many people
the hashtag is used in the directory, how many people used it
today, how many statuses with it have been created today, and it
allows fixing the name of the hashtag to make it more readable.

The disallowed hashtags feature has been reworked. It is now
controlled from the admin UI for hashtags instead of from
the file `config/settings.yml`
5 years ago
Eugen Rochko b851456139
Remove Atom feeds and old URLs in the form of `GET /:username/updates/:id` (#11247) 6 years ago
Eugen Rochko 874bd3ac0c
Fix error in AdminMailer#new_pending_account (#10264) 6 years ago
Eugen Rochko 51e154f5e8
Admission-based registrations mode (#10250)
Fix #6856
Fix #6951
6 years ago
Eugen Rochko 66436d0895
Improve e-mail digest (#9689)
- Reduce time-to-digest from 20 to 7 days
- Fetch mentions starting from +1 day since last login
- Fix case when last login is more recent than last e-mail
- Do not render all mentions, only 40, but show number in subject
- Do not send digest to moved accounts
- Do send digest to silenced accounts
6 years ago