mirror of
https://github.com/glitchbirdnew/glitch-bird.git
synced 2024-05-19 08:08:16 +00:00
commit
9da95cfaaf
65
CHANGELOG.md
65
CHANGELOG.md
|
@ -2,71 +2,6 @@
|
|||
|
||||
All notable changes to this project will be documented in this file.
|
||||
|
||||
## [4.1.2] - 2023-04-04
|
||||
|
||||
### Fixed
|
||||
|
||||
- Fix crash in `tootctl` commands making use of parallelization when Elasticsearch is enabled ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/24182), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/24377))
|
||||
- Fix crash in `db:setup` when Elasticsearch is enabled ([rrgeorge](https://github.com/mastodon/mastodon/pull/24302))
|
||||
- Fix user archive takeout when using OpenStack Swift or S3 providers with no ACL support ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/24200))
|
||||
- Fix invalid/expired invites being processed on sign-up ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/24337))
|
||||
|
||||
### Security
|
||||
|
||||
- Update Ruby to 3.0.6 due to ReDoS vulnerabilities ([saizai](https://github.com/mastodon/mastodon/pull/24334))
|
||||
- Fix unescaped user input in LDAP query ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/24379))
|
||||
|
||||
## [4.1.1] - 2023-03-16
|
||||
|
||||
### Added
|
||||
|
||||
- Add redirection from paths with url-encoded `@` to their decoded form ([thijskh](https://github.com/mastodon/mastodon/pull/23593))
|
||||
- Add `lang` attribute to native language names in language picker in Web UI ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/23749))
|
||||
- Add headers to outgoing mails to avoid auto-replies ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/23597))
|
||||
- Add support for refreshing many accounts at once with `tootctl accounts refresh` ([9p4](https://github.com/mastodon/mastodon/pull/23304))
|
||||
- Add confirmation modal when clicking to edit a post with a non-empty compose form ([PauloVilarinho](https://github.com/mastodon/mastodon/pull/23936))
|
||||
- Add support for the HAproxy PROXY protocol through the `PROXY_PROTO_V1` environment variable ([CSDUMMI](https://github.com/mastodon/mastodon/pull/24064))
|
||||
- Add `SENDFILE_HEADER` environment variable ([Gargron](https://github.com/mastodon/mastodon/pull/24123))
|
||||
- Add cache headers to static files served through Rails ([Gargron](https://github.com/mastodon/mastodon/pull/24120))
|
||||
|
||||
### Changed
|
||||
|
||||
- Increase contrast of upload progress bar background ([toolmantim](https://github.com/mastodon/mastodon/pull/23836))
|
||||
- Change post auto-deletion throttling constants to better scale with server size ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/23320))
|
||||
- Change order of bookmark and favourite sidebar entries in single-column UI for consistency ([TerryGarcia](https://github.com/mastodon/mastodon/pull/23701))
|
||||
- Change `ActivityPub::DeliveryWorker` retries to be spread out more ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/21956))
|
||||
|
||||
### Fixed
|
||||
|
||||
- Fix “Remove all followers from the selected domains” also removing follows and notifications ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/23805))
|
||||
- Fix streaming metrics format ([emilweth](https://github.com/mastodon/mastodon/pull/23519), [emilweth](https://github.com/mastodon/mastodon/pull/23520))
|
||||
- Fix case-sensitive check for previously used hashtags in hashtag autocompletion ([deanveloper](https://github.com/mastodon/mastodon/pull/23526))
|
||||
- Fix focus point of already-attached media not saving after edit ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/23566))
|
||||
- Fix sidebar behavior in settings/admin UI on mobile ([wxt2005](https://github.com/mastodon/mastodon/pull/23764))
|
||||
- Fix inefficiency when searching accounts per username in admin interface ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/23801))
|
||||
- Fix duplicate “Publish” button on mobile ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/23804))
|
||||
- Fix server error when failing to follow back followers from `/relationships` ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/23787))
|
||||
- Fix server error when attempting to display the edit history of a trendable post in the admin interface ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/23574))
|
||||
- Fix `tootctl accounts migrate` crashing because of a typo ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/23567))
|
||||
- Fix original account being unfollowed on migration before the follow request to the new account could be sent ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/21957))
|
||||
- Fix the “Back” button in column headers sometimes leaving Mastodon ([c960657](https://github.com/mastodon/mastodon/pull/23953))
|
||||
- Fix pgBouncer resetting application name on every transaction ([Gargron](https://github.com/mastodon/mastodon/pull/23958))
|
||||
- Fix unconfirmed accounts being counted as active users ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/23803))
|
||||
- Fix `/api/v1/streaming` sub-paths not being redirected ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/23988))
|
||||
- Fix drag'n'drop upload area text that spans multiple lines not being centered ([vintprox](https://github.com/mastodon/mastodon/pull/24029))
|
||||
- Fix sidekiq jobs not triggering Elasticsearch index updates ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/24046))
|
||||
- Fix tags being unnecessarily stripped from plain-text short site description ([c960657](https://github.com/mastodon/mastodon/pull/23975))
|
||||
- Fix HTML entities not being un-escaped in extracted plain-text from remote posts ([c960657](https://github.com/mastodon/mastodon/pull/24019))
|
||||
- Fix dashboard crash on ElasticSearch server error ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/23751))
|
||||
- Fix incorrect post links in strikes when the account is remote ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/23611))
|
||||
- Fix misleading error code when receiving invalid WebAuthn credentials ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/23568))
|
||||
- Fix duplicate mails being sent when the SMTP server is too slow to close the connection ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/23750))
|
||||
|
||||
### Security
|
||||
|
||||
- Change user backups to use expiring URLs for download when possible ([Gargron](https://github.com/mastodon/mastodon/pull/24136))
|
||||
- Add warning for object storage misconfiguration ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/24137))
|
||||
|
||||
## [4.1.0] - 2023-02-10
|
||||
|
||||
### Added
|
||||
|
|
|
@ -1,10 +1,10 @@
|
|||
# Contributing to Mastodon Glitch Edition
|
||||
# Contributing to Mastodon Glitch Edition #
|
||||
|
||||
Thank you for your interest in contributing to the `glitch-soc` project!
|
||||
Here are some guidelines, and ways you can help.
|
||||
|
||||
> (This document is a bit of a work-in-progress, so please bear with us.
|
||||
> If you don't see what you're looking for here, please don't hesitate to reach out!)
|
||||
> (This document is a bit of a work-in-progress, so please bear with us.
|
||||
> If you don't see what you're looking for here, please don't hesitate to reach out!)
|
||||
|
||||
## Translations
|
||||
|
||||
|
@ -12,26 +12,26 @@ You can submit glitch-soc-specific translations via [Crowdin](https://crowdin.co
|
|||
|
||||
[![Crowdin](https://badges.crowdin.net/glitch-soc/localized.svg)](https://crowdin.com/project/glitch-soc)
|
||||
|
||||
## Planning
|
||||
## Planning ##
|
||||
|
||||
Right now a lot of the planning for this project takes place in our development Discord, or through GitHub Issues and Projects.
|
||||
We're working on ways to improve the planning structure and better solicit feedback, and if you feel like you can help in this respect, feel free to give us a holler.
|
||||
|
||||
## Documentation
|
||||
## Documentation ##
|
||||
|
||||
The documentation for this repository is available at [`glitch-soc/docs`](https://github.com/glitch-soc/docs) (online at [glitch-soc.github.io/docs/](https://glitch-soc.github.io/docs/)).
|
||||
Right now, we've mostly focused on the features that make this fork different from upstream in some manner.
|
||||
Adding screenshots, improving descriptions, and so forth are all ways to help contribute to the project even if you don't know any code.
|
||||
|
||||
## Frontend Development
|
||||
## Frontend Development ##
|
||||
|
||||
Check out [the documentation here](https://glitch-soc.github.io/docs/contributing/frontend/) for more information.
|
||||
|
||||
## Backend Development
|
||||
## Backend Development ##
|
||||
|
||||
See the guidelines below.
|
||||
|
||||
---
|
||||
- - -
|
||||
|
||||
You should also try to follow the guidelines set out in the original `CONTRIBUTING.md` from `mastodon/mastodon`, reproduced below.
|
||||
|
||||
|
|
17
Dockerfile
17
Dockerfile
|
@ -1,8 +1,8 @@
|
|||
# syntax=docker/dockerfile:1.4
|
||||
# This needs to be bullseye-slim because the Ruby image is built on bullseye-slim
|
||||
ARG NODE_VERSION="16.20-bullseye-slim"
|
||||
ARG NODE_VERSION="16.19-bullseye-slim"
|
||||
|
||||
FROM ghcr.io/moritzheiber/ruby-jemalloc:3.2.2-slim as ruby
|
||||
FROM ghcr.io/moritzheiber/ruby-jemalloc:3.2.1-slim as ruby
|
||||
FROM node:${NODE_VERSION} as build
|
||||
|
||||
COPY --link --from=ruby /opt/ruby /opt/ruby
|
||||
|
@ -18,6 +18,7 @@ COPY Gemfile* package.json yarn.lock /opt/mastodon/
|
|||
# hadolint ignore=DL3008
|
||||
RUN apt-get update && \
|
||||
apt-get install -y --no-install-recommends build-essential \
|
||||
ca-certificates \
|
||||
git \
|
||||
libicu-dev \
|
||||
libidn11-dev \
|
||||
|
@ -36,15 +37,11 @@ RUN apt-get update && \
|
|||
bundle config set --local without 'development test' && \
|
||||
bundle config set silence_root_warning true && \
|
||||
bundle install -j"$(nproc)" && \
|
||||
yarn install --pure-lockfile --production --network-timeout 600000 && \
|
||||
yarn install --pure-lockfile --network-timeout 600000 && \
|
||||
yarn cache clean
|
||||
|
||||
FROM node:${NODE_VERSION}
|
||||
|
||||
# Use those args to specify your own version flags & suffixes
|
||||
ARG MASTODON_VERSION_FLAGS=""
|
||||
ARG MASTODON_VERSION_SUFFIX=""
|
||||
|
||||
ARG UID="991"
|
||||
ARG GID="991"
|
||||
|
||||
|
@ -55,7 +52,7 @@ SHELL ["/bin/bash", "-o", "pipefail", "-c"]
|
|||
ENV DEBIAN_FRONTEND="noninteractive" \
|
||||
PATH="${PATH}:/opt/ruby/bin:/opt/mastodon/bin"
|
||||
|
||||
# Ignoring these here since we don't want to pin any versions and the Debian image removes apt-get content after use
|
||||
# Ignoreing these here since we don't want to pin any versions and the Debian image removes apt-get content after use
|
||||
# hadolint ignore=DL3008,DL3009
|
||||
RUN apt-get update && \
|
||||
echo "Etc/UTC" > /etc/localtime && \
|
||||
|
@ -88,9 +85,7 @@ COPY --chown=mastodon:mastodon --from=build /opt/mastodon /opt/mastodon
|
|||
ENV RAILS_ENV="production" \
|
||||
NODE_ENV="production" \
|
||||
RAILS_SERVE_STATIC_FILES="true" \
|
||||
BIND="0.0.0.0" \
|
||||
MASTODON_VERSION_FLAGS="${MASTODON_VERSION_FLAGS}" \
|
||||
MASTODON_VERSION_SUFFIX="${MASTODON_VERSION_SUFFIX}"
|
||||
BIND="0.0.0.0"
|
||||
|
||||
# Set the run user
|
||||
USER mastodon
|
||||
|
|
120
Gemfile
120
Gemfile
|
@ -1,26 +1,26 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
source 'https://rubygems.org'
|
||||
ruby '>= 3.0.0'
|
||||
ruby '>= 2.7.0', '< 3.3.0'
|
||||
|
||||
gem 'pkg-config', '~> 1.5'
|
||||
|
||||
gem 'puma', '~> 6.3'
|
||||
gem 'puma', '~> 6.1'
|
||||
gem 'rails', '~> 6.1.7'
|
||||
gem 'sprockets', '~> 3.7.2'
|
||||
gem 'thor', '~> 1.2'
|
||||
gem 'rack', '~> 2.2.7'
|
||||
gem 'rack', '~> 2.2.6'
|
||||
|
||||
gem 'haml-rails', '~>2.0'
|
||||
gem 'pg', '~> 1.5'
|
||||
gem 'pg', '~> 1.4'
|
||||
gem 'makara', '~> 0.5'
|
||||
gem 'pghero'
|
||||
gem 'dotenv-rails', '~> 2.8'
|
||||
|
||||
gem 'aws-sdk-s3', '~> 1.123', require: false
|
||||
gem 'aws-sdk-s3', '~> 1.119', require: false
|
||||
gem 'fog-core', '<= 2.4.0'
|
||||
gem 'fog-openstack', '~> 0.3', require: false
|
||||
gem 'kt-paperclip', '~> 7.2'
|
||||
gem 'kt-paperclip', '~> 7.1', github: 'kreeti/kt-paperclip', ref: '11abf222dc31bff71160a1d138b445214f434b2b'
|
||||
gem 'blurhash', '~> 0.1'
|
||||
|
||||
gem 'active_model_serializers', '~> 0.10'
|
||||
|
@ -28,15 +28,15 @@ gem 'addressable', '~> 2.8'
|
|||
gem 'bootsnap', '~> 1.16.0', require: false
|
||||
gem 'browser'
|
||||
gem 'charlock_holmes', '~> 0.7.7'
|
||||
gem 'chewy', '~> 7.3'
|
||||
gem 'chewy', '~> 7.2'
|
||||
gem 'devise', '~> 4.9'
|
||||
gem 'devise-two-factor', '~> 4.1'
|
||||
gem 'devise-two-factor', '~> 4.0'
|
||||
|
||||
group :pam_authentication, optional: true do
|
||||
gem 'devise_pam_authenticatable2', '~> 9.2'
|
||||
end
|
||||
|
||||
gem 'net-ldap', '~> 0.18'
|
||||
gem 'net-ldap', '~> 0.17'
|
||||
gem 'omniauth-cas', '~> 2.0'
|
||||
gem 'omniauth-saml', '~> 1.10'
|
||||
gem 'omniauth_openid_connect', '~> 0.6.1'
|
||||
|
@ -59,7 +59,8 @@ gem 'idn-ruby', require: 'idn'
|
|||
gem 'kaminari', '~> 1.2'
|
||||
gem 'link_header', '~> 0.0'
|
||||
gem 'mime-types', '~> 3.4.1', require: 'mime/types/columnar'
|
||||
gem 'nokogiri', '~> 1.15'
|
||||
gem 'nokogiri', '~> 1.14'
|
||||
gem 'nsa', '~> 0.2'
|
||||
gem 'oj', '~> 3.14'
|
||||
gem 'ox', '~> 2.14'
|
||||
gem 'parslet'
|
||||
|
@ -68,14 +69,14 @@ gem 'public_suffix', '~> 5.0'
|
|||
gem 'pundit', '~> 2.3'
|
||||
gem 'premailer-rails'
|
||||
gem 'rack-attack', '~> 6.6'
|
||||
gem 'rack-cors', '~> 2.0', require: 'rack/cors'
|
||||
gem 'rack-cors', '~> 1.1', require: 'rack/cors'
|
||||
gem 'rails-i18n', '~> 6.0'
|
||||
gem 'rails-settings-cached', '~> 0.6', git: 'https://github.com/mastodon/rails-settings-cached.git', branch: 'v0.6.6-aliases-true'
|
||||
gem 'redcarpet', '~> 3.6'
|
||||
gem 'redis', '~> 4.5', require: ['redis', 'redis/connection/hiredis']
|
||||
gem 'mario-redis-lock', '~> 1.2', require: 'redis_lock'
|
||||
gem 'rqrcode', '~> 2.2'
|
||||
gem 'ruby-progressbar', '~> 1.13'
|
||||
gem 'rqrcode', '~> 2.1'
|
||||
gem 'ruby-progressbar', '~> 1.11'
|
||||
gem 'sanitize', '~> 6.0'
|
||||
gem 'scenic', '~> 1.7'
|
||||
gem 'sidekiq', '~> 6.5'
|
||||
|
@ -86,10 +87,10 @@ gem 'simple-navigation', '~> 4.4'
|
|||
gem 'simple_form', '~> 5.2'
|
||||
gem 'sprockets-rails', '~> 3.4', require: 'sprockets/railtie'
|
||||
gem 'stoplight', '~> 3.0.1'
|
||||
gem 'strong_migrations', '~> 0.8'
|
||||
gem 'strong_migrations', '~> 0.7'
|
||||
gem 'tty-prompt', '~> 0.23', require: false
|
||||
gem 'twitter-text', '~> 3.1.0'
|
||||
gem 'tzinfo-data', '~> 1.2023'
|
||||
gem 'tzinfo-data', '~> 1.2022'
|
||||
gem 'webpacker', '~> 5.4'
|
||||
gem 'webpush', github: 'ClearlyClaire/webpush', ref: 'f14a4d52e201128b1b00245d11b6de80d6cfdcd9'
|
||||
gem 'webauthn', '~> 3.0'
|
||||
|
@ -98,87 +99,54 @@ gem 'json-ld'
|
|||
gem 'json-ld-preloaded', '~> 3.2'
|
||||
gem 'rdf-normalize', '~> 0.5'
|
||||
|
||||
gem 'private_address_check', '~> 0.5'
|
||||
|
||||
group :test do
|
||||
# RSpec runner for rails
|
||||
group :development, :test do
|
||||
gem 'fabrication', '~> 2.30'
|
||||
gem 'fuubar', '~> 2.5'
|
||||
gem 'i18n-tasks', '~> 1.0', require: false
|
||||
gem 'rspec-rails', '~> 6.0'
|
||||
|
||||
# Used to split testing into chunks in CI
|
||||
gem 'rspec_chunked', '~> 0.6'
|
||||
|
||||
# RSpec progress bar formatter
|
||||
gem 'fuubar', '~> 2.5'
|
||||
|
||||
# Extra RSpec extenion methods and helpers for sidekiq
|
||||
gem 'rspec-sidekiq', '~> 3.1'
|
||||
|
||||
# Browser integration testing
|
||||
gem 'capybara', '~> 3.39'
|
||||
|
||||
# Used to mock environment variables
|
||||
gem 'climate_control', '~> 0.2'
|
||||
|
||||
# Generating fake data for specs
|
||||
gem 'faker', '~> 3.2'
|
||||
|
||||
# Generate test objects for specs
|
||||
gem 'fabrication', '~> 2.30'
|
||||
|
||||
# Add back helpers functions removed in Rails 5.1
|
||||
gem 'rails-controller-testing', '~> 1.0'
|
||||
|
||||
# Validate schemas in specs
|
||||
gem 'json-schema', '~> 4.0'
|
||||
|
||||
# Test harness fo rack components
|
||||
gem 'rack-test', '~> 2.1'
|
||||
|
||||
# Coverage formatter for RSpec test if DISABLE_SIMPLECOV is false
|
||||
gem 'simplecov', '~> 0.22', require: false
|
||||
|
||||
# Stub web requests for specs
|
||||
gem 'webmock', '~> 3.18'
|
||||
end
|
||||
|
||||
group :development do
|
||||
# Code linting CLI and plugins
|
||||
gem 'rubocop', require: false
|
||||
gem 'rubocop-capybara', require: false
|
||||
gem 'rubocop-performance', require: false
|
||||
gem 'rubocop-rails', require: false
|
||||
gem 'rubocop-rspec', require: false
|
||||
gem 'rubocop', require: false
|
||||
end
|
||||
|
||||
# Annotates modules with schema
|
||||
group :production, :test do
|
||||
gem 'private_address_check', '~> 0.5'
|
||||
end
|
||||
|
||||
group :test do
|
||||
gem 'capybara', '~> 3.38'
|
||||
gem 'climate_control'
|
||||
gem 'faker', '~> 3.1'
|
||||
gem 'json-schema', '~> 3.0'
|
||||
gem 'rack-test', '~> 2.1'
|
||||
gem 'rails-controller-testing', '~> 1.0'
|
||||
gem 'rspec_junit_formatter', '~> 0.6'
|
||||
gem 'rspec-sidekiq', '~> 3.1'
|
||||
gem 'simplecov', '~> 0.22', require: false
|
||||
gem 'webmock', '~> 3.18'
|
||||
end
|
||||
|
||||
group :development do
|
||||
gem 'annotate', '~> 3.2'
|
||||
|
||||
# Enhanced error message pages for development
|
||||
gem 'better_errors', '~> 2.9'
|
||||
gem 'binding_of_caller', '~> 1.0'
|
||||
|
||||
# Preview mail in the browser
|
||||
gem 'letter_opener', '~> 1.8'
|
||||
gem 'letter_opener_web', '~> 2.0'
|
||||
|
||||
# Security analysis CLI tools
|
||||
gem 'memory_profiler'
|
||||
gem 'brakeman', '~> 5.4', require: false
|
||||
gem 'bundler-audit', '~> 0.9', require: false
|
||||
|
||||
# Linter CLI for HAML files
|
||||
gem 'haml_lint', require: false
|
||||
|
||||
# Deployment automation
|
||||
gem 'capistrano', '~> 3.17'
|
||||
gem 'capistrano-rails', '~> 1.6'
|
||||
gem 'capistrano-rbenv', '~> 2.2'
|
||||
gem 'capistrano-yarn', '~> 2.0'
|
||||
|
||||
# Validate missing i18n keys
|
||||
gem 'i18n-tasks', '~> 1.0', require: false
|
||||
|
||||
# Profiling tools
|
||||
gem 'memory_profiler', require: false
|
||||
gem 'stackprof', require: false
|
||||
gem 'stackprof'
|
||||
end
|
||||
|
||||
group :production do
|
||||
|
@ -189,9 +157,7 @@ gem 'concurrent-ruby', require: false
|
|||
gem 'connection_pool', require: false
|
||||
gem 'xorcist', '~> 1.1'
|
||||
|
||||
gem 'hcaptcha', '~> 7.1'
|
||||
gem 'cocoon', '~> 1.2'
|
||||
|
||||
gem 'net-http', '~> 0.3.2'
|
||||
gem 'rubyzip', '~> 2.3'
|
||||
|
||||
gem 'hcaptcha', '~> 7.1'
|
||||
|
|
240
Gemfile.lock
240
Gemfile.lock
|
@ -7,6 +7,18 @@ GIT
|
|||
hkdf (~> 0.2)
|
||||
jwt (~> 2.0)
|
||||
|
||||
GIT
|
||||
remote: https://github.com/kreeti/kt-paperclip.git
|
||||
revision: 11abf222dc31bff71160a1d138b445214f434b2b
|
||||
ref: 11abf222dc31bff71160a1d138b445214f434b2b
|
||||
specs:
|
||||
kt-paperclip (7.1.1)
|
||||
activemodel (>= 4.2.0)
|
||||
activesupport (>= 4.2.0)
|
||||
marcel (~> 1.0.1)
|
||||
mime-types
|
||||
terrapin (~> 0.6.0)
|
||||
|
||||
GIT
|
||||
remote: https://github.com/mastodon/rails-settings-cached.git
|
||||
revision: 86328ef0bd04ce21cc0504ff5e334591e8c2ccab
|
||||
|
@ -82,7 +94,7 @@ GEM
|
|||
minitest (>= 5.1)
|
||||
tzinfo (~> 2.0)
|
||||
zeitwerk (~> 2.3)
|
||||
addressable (2.8.4)
|
||||
addressable (2.8.1)
|
||||
public_suffix (>= 2.0.2, < 6.0)
|
||||
aes_key_wrap (1.1.0)
|
||||
airbrussh (1.4.1)
|
||||
|
@ -92,22 +104,22 @@ GEM
|
|||
activerecord (>= 3.2, < 8.0)
|
||||
rake (>= 10.4, < 14.0)
|
||||
ast (2.4.2)
|
||||
attr_encrypted (4.0.0)
|
||||
attr_encrypted (3.1.0)
|
||||
encryptor (~> 3.0.0)
|
||||
attr_required (1.0.1)
|
||||
awrence (1.2.1)
|
||||
aws-eventstream (1.2.0)
|
||||
aws-partitions (1.772.0)
|
||||
aws-sdk-core (3.174.0)
|
||||
aws-partitions (1.711.0)
|
||||
aws-sdk-core (3.170.0)
|
||||
aws-eventstream (~> 1, >= 1.0.2)
|
||||
aws-partitions (~> 1, >= 1.651.0)
|
||||
aws-sigv4 (~> 1.5)
|
||||
jmespath (~> 1, >= 1.6.1)
|
||||
aws-sdk-kms (1.65.0)
|
||||
aws-sdk-core (~> 3, >= 3.174.0)
|
||||
aws-sdk-kms (1.62.0)
|
||||
aws-sdk-core (~> 3, >= 3.165.0)
|
||||
aws-sigv4 (~> 1.1)
|
||||
aws-sdk-s3 (1.123.0)
|
||||
aws-sdk-core (~> 3, >= 3.174.0)
|
||||
aws-sdk-s3 (1.119.1)
|
||||
aws-sdk-core (~> 3, >= 3.165.0)
|
||||
aws-sdk-kms (~> 1)
|
||||
aws-sigv4 (~> 1.4)
|
||||
aws-sigv4 (1.5.2)
|
||||
|
@ -130,7 +142,7 @@ GEM
|
|||
blurhash (0.1.7)
|
||||
bootsnap (1.16.0)
|
||||
msgpack (~> 1.2)
|
||||
brakeman (5.4.1)
|
||||
brakeman (5.4.0)
|
||||
browser (5.3.1)
|
||||
brpoplpush-redis_script (0.1.3)
|
||||
concurrent-ruby (~> 1.0, >= 1.0.5)
|
||||
|
@ -139,12 +151,12 @@ GEM
|
|||
bundler-audit (0.9.1)
|
||||
bundler (>= 1.2.0, < 3)
|
||||
thor (~> 1.0)
|
||||
capistrano (3.17.3)
|
||||
capistrano (3.17.2)
|
||||
airbrussh (>= 1.0.0)
|
||||
i18n
|
||||
rake (>= 10.0.0)
|
||||
sshkit (>= 1.9.0)
|
||||
capistrano-bundler (2.1.0)
|
||||
capistrano-bundler (2.0.1)
|
||||
capistrano (~> 3.1)
|
||||
capistrano-rails (1.6.2)
|
||||
capistrano (~> 3.1)
|
||||
|
@ -154,7 +166,7 @@ GEM
|
|||
sshkit (~> 1.3)
|
||||
capistrano-yarn (2.0.2)
|
||||
capistrano (~> 3.0)
|
||||
capybara (3.39.1)
|
||||
capybara (3.38.0)
|
||||
addressable
|
||||
matrix
|
||||
mini_mime (>= 0.1.3)
|
||||
|
@ -167,7 +179,7 @@ GEM
|
|||
activesupport
|
||||
cbor (0.5.9.6)
|
||||
charlock_holmes (0.7.7)
|
||||
chewy (7.3.2)
|
||||
chewy (7.2.7)
|
||||
activesupport (>= 5.2)
|
||||
elasticsearch (>= 7.12.0, < 7.14.0)
|
||||
elasticsearch-dsl
|
||||
|
@ -177,26 +189,26 @@ GEM
|
|||
coderay (1.1.3)
|
||||
color_diff (0.1)
|
||||
concurrent-ruby (1.2.2)
|
||||
connection_pool (2.4.1)
|
||||
connection_pool (2.3.0)
|
||||
cose (1.3.0)
|
||||
cbor (~> 0.5.9)
|
||||
openssl-signature_algorithm (~> 1.0)
|
||||
crack (0.4.5)
|
||||
rexml
|
||||
crass (1.0.6)
|
||||
css_parser (1.14.0)
|
||||
css_parser (1.12.0)
|
||||
addressable
|
||||
date (3.3.3)
|
||||
debug_inspector (1.1.0)
|
||||
devise (4.9.2)
|
||||
debug_inspector (1.0.0)
|
||||
devise (4.9.0)
|
||||
bcrypt (~> 3.0)
|
||||
orm_adapter (~> 0.1)
|
||||
railties (>= 4.1.0)
|
||||
responders
|
||||
warden (~> 1.2.3)
|
||||
devise-two-factor (4.1.0)
|
||||
devise-two-factor (4.0.2)
|
||||
activesupport (< 7.1)
|
||||
attr_encrypted (>= 1.3, < 5, != 2)
|
||||
attr_encrypted (>= 1.3, < 4, != 2)
|
||||
devise (~> 4.0)
|
||||
railties (< 7.1)
|
||||
rotp (~> 6.0)
|
||||
|
@ -209,7 +221,7 @@ GEM
|
|||
docile (1.4.0)
|
||||
domain_name (0.5.20190701)
|
||||
unf (>= 0.0.5, < 1.0.0)
|
||||
doorkeeper (5.6.6)
|
||||
doorkeeper (5.6.5)
|
||||
railties (>= 5)
|
||||
dotenv (2.8.1)
|
||||
dotenv-rails (2.8.1)
|
||||
|
@ -229,9 +241,9 @@ GEM
|
|||
erubi (1.12.0)
|
||||
et-orbi (1.2.7)
|
||||
tzinfo
|
||||
excon (0.99.0)
|
||||
excon (0.95.0)
|
||||
fabrication (2.30.0)
|
||||
faker (3.2.0)
|
||||
faker (3.1.1)
|
||||
i18n (>= 1.8.11, < 2)
|
||||
faraday (1.10.3)
|
||||
faraday-em_http (~> 1.0)
|
||||
|
@ -257,7 +269,7 @@ GEM
|
|||
faraday-rack (1.0.0)
|
||||
faraday-retry (1.0.3)
|
||||
fast_blank (1.0.1)
|
||||
fastimage (2.2.7)
|
||||
fastimage (2.2.6)
|
||||
ffi (1.15.5)
|
||||
ffi-compiler (1.0.1)
|
||||
ffi (>= 1.0.0)
|
||||
|
@ -302,7 +314,7 @@ GEM
|
|||
hashie (5.0.0)
|
||||
hcaptcha (7.1.0)
|
||||
json
|
||||
highline (2.1.0)
|
||||
highline (2.0.3)
|
||||
hiredis (0.6.3)
|
||||
hkdf (0.3.0)
|
||||
htmlentities (4.3.4)
|
||||
|
@ -319,7 +331,7 @@ GEM
|
|||
httplog (1.6.2)
|
||||
rack (>= 2.0)
|
||||
rainbow (>= 2.0.0)
|
||||
i18n (1.13.0)
|
||||
i18n (1.12.0)
|
||||
concurrent-ruby (~> 1.0)
|
||||
i18n-tasks (1.0.12)
|
||||
activesupport (>= 4.0.2)
|
||||
|
@ -336,23 +348,23 @@ GEM
|
|||
ipaddress (0.8.3)
|
||||
jmespath (1.6.2)
|
||||
json (2.6.3)
|
||||
json-canonicalization (0.3.2)
|
||||
json-canonicalization (0.3.0)
|
||||
json-jwt (1.15.3)
|
||||
activesupport (>= 4.2)
|
||||
aes_key_wrap
|
||||
bindata
|
||||
httpclient
|
||||
json-ld (3.2.5)
|
||||
json-ld (3.2.3)
|
||||
htmlentities (~> 4.3)
|
||||
json-canonicalization (~> 0.3, >= 0.3.2)
|
||||
json-canonicalization (~> 0.3)
|
||||
link_header (~> 0.0, >= 0.0.8)
|
||||
multi_json (~> 1.15)
|
||||
rack (>= 2.2, < 4)
|
||||
rdf (~> 3.2, >= 3.2.10)
|
||||
rack (~> 2.2)
|
||||
rdf (~> 3.2, >= 3.2.9)
|
||||
json-ld-preloaded (3.2.2)
|
||||
json-ld (~> 3.2)
|
||||
rdf (~> 3.2)
|
||||
json-schema (4.0.0)
|
||||
json-schema (3.0.0)
|
||||
addressable (>= 2.8)
|
||||
jsonapi-renderer (0.2.2)
|
||||
jwt (2.7.0)
|
||||
|
@ -368,14 +380,8 @@ GEM
|
|||
activerecord
|
||||
kaminari-core (= 1.2.2)
|
||||
kaminari-core (1.2.2)
|
||||
kt-paperclip (7.2.0)
|
||||
activemodel (>= 4.2.0)
|
||||
activesupport (>= 4.2.0)
|
||||
marcel (~> 1.0.1)
|
||||
mime-types
|
||||
terrapin (~> 0.6.0)
|
||||
launchy (2.5.2)
|
||||
addressable (~> 2.8)
|
||||
launchy (2.5.0)
|
||||
addressable (~> 2.7)
|
||||
letter_opener (1.8.1)
|
||||
launchy (>= 2.2, < 3)
|
||||
letter_opener_web (2.0.0)
|
||||
|
@ -392,9 +398,9 @@ GEM
|
|||
activesupport (>= 4)
|
||||
railties (>= 4)
|
||||
request_store (~> 1.0)
|
||||
loofah (2.21.3)
|
||||
loofah (2.19.1)
|
||||
crass (~> 1.0.2)
|
||||
nokogiri (>= 1.12.0)
|
||||
nokogiri (>= 1.5.9)
|
||||
mail (2.8.1)
|
||||
mini_mime (>= 0.1.1)
|
||||
net-imap
|
||||
|
@ -410,11 +416,11 @@ GEM
|
|||
method_source (1.0.0)
|
||||
mime-types (3.4.1)
|
||||
mime-types-data (~> 3.2015)
|
||||
mime-types-data (3.2023.0218.1)
|
||||
mime-types-data (3.2022.0105)
|
||||
mini_mime (1.1.2)
|
||||
mini_portile2 (2.8.2)
|
||||
mini_portile2 (2.8.1)
|
||||
minitest (5.18.0)
|
||||
msgpack (1.7.0)
|
||||
msgpack (1.6.0)
|
||||
multi_json (1.15.0)
|
||||
multipart-post (2.3.0)
|
||||
net-http (0.3.2)
|
||||
|
@ -422,7 +428,7 @@ GEM
|
|||
net-imap (0.3.4)
|
||||
date
|
||||
net-protocol
|
||||
net-ldap (0.18.0)
|
||||
net-ldap (0.17.1)
|
||||
net-pop (0.1.2)
|
||||
net-protocol
|
||||
net-protocol (0.2.1)
|
||||
|
@ -431,12 +437,17 @@ GEM
|
|||
net-ssh (>= 2.6.5, < 8.0.0)
|
||||
net-smtp (0.3.3)
|
||||
net-protocol
|
||||
net-ssh (7.1.0)
|
||||
nio4r (2.5.9)
|
||||
nokogiri (1.15.2)
|
||||
mini_portile2 (~> 2.8.2)
|
||||
net-ssh (7.0.1)
|
||||
nio4r (2.5.8)
|
||||
nokogiri (1.14.2)
|
||||
mini_portile2 (~> 2.8.0)
|
||||
racc (~> 1.4)
|
||||
oj (3.14.3)
|
||||
nsa (0.2.8)
|
||||
activesupport (>= 4.2, < 7)
|
||||
concurrent-ruby (~> 1.0, >= 1.0.2)
|
||||
sidekiq (>= 3.5)
|
||||
statsd-ruby (~> 1.4, >= 1.4.0)
|
||||
oj (3.14.2)
|
||||
omniauth (1.9.2)
|
||||
hashie (>= 3.4.6)
|
||||
rack (>= 1.6.2, < 3)
|
||||
|
@ -468,20 +479,19 @@ GEM
|
|||
openssl-signature_algorithm (1.3.0)
|
||||
openssl (> 2.0)
|
||||
orm_adapter (0.5.0)
|
||||
ox (2.14.16)
|
||||
parallel (1.23.0)
|
||||
parser (3.2.2.3)
|
||||
ox (2.14.14)
|
||||
parallel (1.22.1)
|
||||
parser (3.2.1.1)
|
||||
ast (~> 2.4.1)
|
||||
racc
|
||||
parslet (2.0.0)
|
||||
pastel (0.8.0)
|
||||
tty-color (~> 0.5)
|
||||
pg (1.5.3)
|
||||
pghero (3.3.3)
|
||||
pg (1.4.6)
|
||||
pghero (3.3.0)
|
||||
activerecord (>= 6)
|
||||
pkg-config (1.5.1)
|
||||
posix-spawn (0.3.15)
|
||||
premailer (1.21.0)
|
||||
premailer (1.18.0)
|
||||
addressable
|
||||
css_parser (>= 1.12.0)
|
||||
htmlentities (>= 4.0.0)
|
||||
|
@ -491,16 +501,16 @@ GEM
|
|||
premailer (~> 1.7, >= 1.7.9)
|
||||
private_address_check (0.5.0)
|
||||
public_suffix (5.0.1)
|
||||
puma (6.3.0)
|
||||
puma (6.1.1)
|
||||
nio4r (~> 2.0)
|
||||
pundit (2.3.0)
|
||||
activesupport (>= 3.0.0)
|
||||
raabro (1.4.0)
|
||||
racc (1.7.0)
|
||||
rack (2.2.7)
|
||||
racc (1.6.2)
|
||||
rack (2.2.6.4)
|
||||
rack-attack (6.6.1)
|
||||
rack (>= 1.0, < 3)
|
||||
rack-cors (2.0.1)
|
||||
rack-cors (1.1.1)
|
||||
rack (>= 2.0.0)
|
||||
rack-oauth2 (1.21.3)
|
||||
activesupport
|
||||
|
@ -534,9 +544,8 @@ GEM
|
|||
rails-dom-testing (2.0.3)
|
||||
activesupport (>= 4.2.0)
|
||||
nokogiri (>= 1.6)
|
||||
rails-html-sanitizer (1.6.0)
|
||||
loofah (~> 2.21)
|
||||
nokogiri (~> 1.14)
|
||||
rails-html-sanitizer (1.5.0)
|
||||
loofah (~> 2.19, >= 2.19.1)
|
||||
rails-i18n (6.0.0)
|
||||
i18n (>= 0.7, < 2)
|
||||
railties (>= 6.0.0, < 7)
|
||||
|
@ -548,7 +557,7 @@ GEM
|
|||
thor (~> 1.0)
|
||||
rainbow (3.1.1)
|
||||
rake (13.0.6)
|
||||
rdf (3.2.10)
|
||||
rdf (3.2.9)
|
||||
link_header (~> 0.0, >= 0.0.8)
|
||||
rdf-normalize (0.5.1)
|
||||
rdf (~> 3.2)
|
||||
|
@ -558,58 +567,60 @@ GEM
|
|||
redis (>= 4)
|
||||
redlock (1.3.2)
|
||||
redis (>= 3.0.0, < 6.0)
|
||||
regexp_parser (2.8.1)
|
||||
regexp_parser (2.7.0)
|
||||
request_store (1.5.1)
|
||||
rack (>= 1.4)
|
||||
responders (3.1.0)
|
||||
actionpack (>= 5.2)
|
||||
railties (>= 5.2)
|
||||
rexml (3.2.5)
|
||||
rotp (6.2.2)
|
||||
rotp (6.2.0)
|
||||
rpam2 (4.0.2)
|
||||
rqrcode (2.2.0)
|
||||
rqrcode (2.1.2)
|
||||
chunky_png (~> 1.0)
|
||||
rqrcode_core (~> 1.0)
|
||||
rqrcode_core (1.2.0)
|
||||
rspec-core (3.12.2)
|
||||
rspec-core (3.12.1)
|
||||
rspec-support (~> 3.12.0)
|
||||
rspec-expectations (3.12.3)
|
||||
rspec-expectations (3.12.2)
|
||||
diff-lcs (>= 1.2.0, < 2.0)
|
||||
rspec-support (~> 3.12.0)
|
||||
rspec-mocks (3.12.5)
|
||||
rspec-mocks (3.12.3)
|
||||
diff-lcs (>= 1.2.0, < 2.0)
|
||||
rspec-support (~> 3.12.0)
|
||||
rspec-rails (6.0.3)
|
||||
rspec-rails (6.0.1)
|
||||
actionpack (>= 6.1)
|
||||
activesupport (>= 6.1)
|
||||
railties (>= 6.1)
|
||||
rspec-core (~> 3.12)
|
||||
rspec-expectations (~> 3.12)
|
||||
rspec-mocks (~> 3.12)
|
||||
rspec-support (~> 3.12)
|
||||
rspec-core (~> 3.11)
|
||||
rspec-expectations (~> 3.11)
|
||||
rspec-mocks (~> 3.11)
|
||||
rspec-support (~> 3.11)
|
||||
rspec-sidekiq (3.1.0)
|
||||
rspec-core (~> 3.0, >= 3.0.0)
|
||||
sidekiq (>= 2.4.0)
|
||||
rspec-support (3.12.0)
|
||||
rspec_chunked (0.6)
|
||||
rubocop (1.52.1)
|
||||
rspec_junit_formatter (0.6.0)
|
||||
rspec-core (>= 2, < 4, != 2.12.0)
|
||||
rubocop (1.48.1)
|
||||
json (~> 2.3)
|
||||
parallel (~> 1.10)
|
||||
parser (>= 3.2.2.3)
|
||||
parser (>= 3.2.0.0)
|
||||
rainbow (>= 2.2.2, < 4.0)
|
||||
regexp_parser (>= 1.8, < 3.0)
|
||||
rexml (>= 3.2.5, < 4.0)
|
||||
rubocop-ast (>= 1.28.0, < 2.0)
|
||||
rubocop-ast (>= 1.26.0, < 2.0)
|
||||
ruby-progressbar (~> 1.7)
|
||||
unicode-display_width (>= 2.4.0, < 3.0)
|
||||
rubocop-ast (1.29.0)
|
||||
rubocop-ast (1.27.0)
|
||||
parser (>= 3.2.1.0)
|
||||
rubocop-capybara (2.18.0)
|
||||
rubocop-capybara (2.17.1)
|
||||
rubocop (~> 1.41)
|
||||
rubocop-performance (1.18.0)
|
||||
rubocop-performance (1.16.0)
|
||||
rubocop (>= 1.7.0, < 2.0)
|
||||
rubocop-ast (>= 0.4.0)
|
||||
rubocop-rails (2.19.1)
|
||||
rubocop-rails (2.18.0)
|
||||
activesupport (>= 4.2.0)
|
||||
rack (>= 1.1)
|
||||
rubocop (>= 1.33.0, < 2.0)
|
||||
|
@ -621,7 +632,6 @@ GEM
|
|||
nokogiri (>= 1.10.5)
|
||||
rexml
|
||||
ruby2_keywords (0.0.5)
|
||||
rubyzip (2.3.2)
|
||||
rufus-scheduler (3.8.2)
|
||||
fugit (~> 1.1, >= 1.1.6)
|
||||
safety_net_attestation (0.4.0)
|
||||
|
@ -633,13 +643,13 @@ GEM
|
|||
activerecord (>= 4.0.0)
|
||||
railties (>= 4.0.0)
|
||||
semantic_range (3.0.0)
|
||||
sidekiq (6.5.9)
|
||||
sidekiq (6.5.8)
|
||||
connection_pool (>= 2.2.5, < 3)
|
||||
rack (~> 2.0)
|
||||
redis (>= 4.5.0, < 5)
|
||||
sidekiq-bulk (0.2.0)
|
||||
sidekiq
|
||||
sidekiq-scheduler (5.0.3)
|
||||
sidekiq-scheduler (5.0.2)
|
||||
rufus-scheduler (~> 3.2)
|
||||
sidekiq (>= 6, < 8)
|
||||
tilt (>= 1.4.0)
|
||||
|
@ -671,11 +681,12 @@ GEM
|
|||
sshkit (1.21.4)
|
||||
net-scp (>= 1.1.2)
|
||||
net-ssh (>= 2.8.0)
|
||||
stackprof (0.2.25)
|
||||
stackprof (0.2.23)
|
||||
statsd-ruby (1.5.0)
|
||||
stoplight (3.0.1)
|
||||
redlock (~> 1.0)
|
||||
strong_migrations (0.8.0)
|
||||
activerecord (>= 5.2)
|
||||
strong_migrations (0.7.9)
|
||||
activerecord (>= 5)
|
||||
swd (1.3.0)
|
||||
activesupport (>= 3)
|
||||
attr_required (>= 0.0.5)
|
||||
|
@ -686,7 +697,7 @@ GEM
|
|||
unicode-display_width (>= 1.1.1, < 3)
|
||||
terrapin (0.6.0)
|
||||
climate_control (>= 0.0.3, < 1.0)
|
||||
thor (1.2.2)
|
||||
thor (1.2.1)
|
||||
tilt (2.1.0)
|
||||
timeout (0.3.2)
|
||||
tpm-key_attestation (0.12.0)
|
||||
|
@ -708,13 +719,13 @@ GEM
|
|||
unf (~> 0.1.0)
|
||||
tzinfo (2.0.6)
|
||||
concurrent-ruby (~> 1.0)
|
||||
tzinfo-data (1.2023.3)
|
||||
tzinfo-data (1.2022.7)
|
||||
tzinfo (>= 1.0.0)
|
||||
unf (0.1.4)
|
||||
unf_ext
|
||||
unf_ext (0.0.8.2)
|
||||
unicode-display_width (2.4.2)
|
||||
uri (0.12.1)
|
||||
uri (0.12.0)
|
||||
validate_email (0.1.6)
|
||||
activemodel (>= 3.0)
|
||||
mail (>= 2.2.5)
|
||||
|
@ -751,7 +762,7 @@ GEM
|
|||
xorcist (1.1.3)
|
||||
xpath (3.2.0)
|
||||
nokogiri (~> 1.8)
|
||||
zeitwerk (2.6.8)
|
||||
zeitwerk (2.6.7)
|
||||
|
||||
PLATFORMS
|
||||
ruby
|
||||
|
@ -760,7 +771,7 @@ DEPENDENCIES
|
|||
active_model_serializers (~> 0.10)
|
||||
addressable (~> 2.8)
|
||||
annotate (~> 3.2)
|
||||
aws-sdk-s3 (~> 1.123)
|
||||
aws-sdk-s3 (~> 1.119)
|
||||
better_errors (~> 2.9)
|
||||
binding_of_caller (~> 1.0)
|
||||
blurhash (~> 0.1)
|
||||
|
@ -772,23 +783,23 @@ DEPENDENCIES
|
|||
capistrano-rails (~> 1.6)
|
||||
capistrano-rbenv (~> 2.2)
|
||||
capistrano-yarn (~> 2.0)
|
||||
capybara (~> 3.39)
|
||||
capybara (~> 3.38)
|
||||
charlock_holmes (~> 0.7.7)
|
||||
chewy (~> 7.3)
|
||||
climate_control (~> 0.2)
|
||||
chewy (~> 7.2)
|
||||
climate_control
|
||||
cocoon (~> 1.2)
|
||||
color_diff (~> 0.1)
|
||||
concurrent-ruby
|
||||
connection_pool
|
||||
devise (~> 4.9)
|
||||
devise-two-factor (~> 4.1)
|
||||
devise-two-factor (~> 4.0)
|
||||
devise_pam_authenticatable2 (~> 9.2)
|
||||
discard (~> 1.2)
|
||||
doorkeeper (~> 5.6)
|
||||
dotenv-rails (~> 2.8)
|
||||
ed25519 (~> 1.3)
|
||||
fabrication (~> 2.30)
|
||||
faker (~> 3.2)
|
||||
faker (~> 3.1)
|
||||
fast_blank (~> 1.0)
|
||||
fastimage
|
||||
fog-core (<= 2.4.0)
|
||||
|
@ -806,9 +817,9 @@ DEPENDENCIES
|
|||
idn-ruby
|
||||
json-ld
|
||||
json-ld-preloaded (~> 3.2)
|
||||
json-schema (~> 4.0)
|
||||
json-schema (~> 3.0)
|
||||
kaminari (~> 1.2)
|
||||
kt-paperclip (~> 7.2)
|
||||
kt-paperclip (~> 7.1)!
|
||||
letter_opener (~> 1.8)
|
||||
letter_opener_web (~> 2.0)
|
||||
link_header (~> 0.0)
|
||||
|
@ -818,8 +829,9 @@ DEPENDENCIES
|
|||
memory_profiler
|
||||
mime-types (~> 3.4.1)
|
||||
net-http (~> 0.3.2)
|
||||
net-ldap (~> 0.18)
|
||||
nokogiri (~> 1.15)
|
||||
net-ldap (~> 0.17)
|
||||
nokogiri (~> 1.14)
|
||||
nsa (~> 0.2)
|
||||
oj (~> 3.14)
|
||||
omniauth (~> 1.9)
|
||||
omniauth-cas (~> 2.0)
|
||||
|
@ -828,18 +840,18 @@ DEPENDENCIES
|
|||
omniauth_openid_connect (~> 0.6.1)
|
||||
ox (~> 2.14)
|
||||
parslet
|
||||
pg (~> 1.5)
|
||||
pg (~> 1.4)
|
||||
pghero
|
||||
pkg-config (~> 1.5)
|
||||
posix-spawn
|
||||
premailer-rails
|
||||
private_address_check (~> 0.5)
|
||||
public_suffix (~> 5.0)
|
||||
puma (~> 6.3)
|
||||
puma (~> 6.1)
|
||||
pundit (~> 2.3)
|
||||
rack (~> 2.2.7)
|
||||
rack (~> 2.2.6)
|
||||
rack-attack (~> 6.6)
|
||||
rack-cors (~> 2.0)
|
||||
rack-cors (~> 1.1)
|
||||
rack-test (~> 2.1)
|
||||
rails (~> 6.1.7)
|
||||
rails-controller-testing (~> 1.0)
|
||||
|
@ -849,17 +861,17 @@ DEPENDENCIES
|
|||
redcarpet (~> 3.6)
|
||||
redis (~> 4.5)
|
||||
redis-namespace (~> 1.10)
|
||||
rqrcode (~> 2.2)
|
||||
rqrcode (~> 2.1)
|
||||
rspec-rails (~> 6.0)
|
||||
rspec-sidekiq (~> 3.1)
|
||||
rspec_chunked (~> 0.6)
|
||||
rspec_junit_formatter (~> 0.6)
|
||||
rubocop
|
||||
rubocop-capybara
|
||||
rubocop-performance
|
||||
rubocop-rails
|
||||
rubocop-rspec
|
||||
ruby-progressbar (~> 1.13)
|
||||
rubyzip (~> 2.3)
|
||||
ruby-progressbar (~> 1.11)
|
||||
sanitize (~> 6.0)
|
||||
scenic (~> 1.7)
|
||||
sidekiq (~> 6.5)
|
||||
|
@ -873,11 +885,11 @@ DEPENDENCIES
|
|||
sprockets-rails (~> 3.4)
|
||||
stackprof
|
||||
stoplight (~> 3.0.1)
|
||||
strong_migrations (~> 0.8)
|
||||
strong_migrations (~> 0.7)
|
||||
thor (~> 1.2)
|
||||
tty-prompt (~> 0.23)
|
||||
twitter-text (~> 3.1.0)
|
||||
tzinfo-data (~> 1.2023)
|
||||
tzinfo-data (~> 1.2022)
|
||||
webauthn (~> 3.0)
|
||||
webmock (~> 3.18)
|
||||
webpacker (~> 5.4)
|
||||
|
@ -885,7 +897,7 @@ DEPENDENCIES
|
|||
xorcist (~> 1.1)
|
||||
|
||||
RUBY VERSION
|
||||
ruby 3.2.2p53
|
||||
ruby 3.2.1p31
|
||||
|
||||
BUNDLED WITH
|
||||
2.4.13
|
||||
2.4.6
|
||||
|
|
15
README.md
15
README.md
|
@ -1,13 +1,13 @@
|
|||
# Mastodon Glitch+Urusai Edition #
|
||||
# Mastodon Glitch, Urusai+Sakurajima Edition
|
||||
|
||||
This is the repo for the fork of Mastodon used by [Urusai! Social](https://urusai.social/).
|
||||
This is the repo for the fork of Mastodon used by [Sakurajima](https://sakurajima.moe) which is a fork of[Urusai! Social](https://urusai.social/). This repo exists so I don't have to copy and paste the customizations when I update Mastodon.
|
||||
|
||||
Added features:
|
||||
# Added features from [Urusai fork](https://github.com/neatchee/mastodon):
|
||||
|
||||
- Flavours/styles from @chikorita157@sakurajima.moe
|
||||
- Emoji enhancements
|
||||
- Enlarge emoji in post content on mouse-over/tap
|
||||
- Collapsed post improvements
|
||||
- Collapsed post improvements
|
||||
- show > 1 line for better visual parsing
|
||||
- customize height of posts to trigger lengthy toot collapse, etc)
|
||||
- Option to merge boosts and favorites into a single notification for the same status
|
||||
|
@ -18,3 +18,10 @@ So here's the deal: we all work on this code, and anyone who uses that does so a
|
|||
|
||||
- You can view documentation for the original glitch-soc project at [glitch-soc.github.io/docs/](https://glitch-soc.github.io/docs/).
|
||||
- And contributing guidelines are available [here](CONTRIBUTING.md) and [here](https://glitch-soc.github.io/docs/contributing/).
|
||||
|
||||
# Our Additional Changes
|
||||
- Add Mastodon Modern Theme by [Freeplay](https://codeberg.org/Freeplay/Mastodon-Modern) with color variants we have already
|
||||
- Footer links and login tweaks
|
||||
- Holiday Themes Added
|
||||
- Mastodon-bird-ui theme by [ronilaukkarinen](https://github.com/ronilaukkarinen/mastodon-bird-ui/blob/master/style.css)
|
||||
- Add Quote Toots (cherrypicked from Treehouse fork by [Ariadne Conill ](https://gitea.treehouse.systems/treehouse/mastodon/pulls/36))
|
||||
|
|
|
@ -8,7 +8,7 @@ class AboutController < ApplicationController
|
|||
before_action :set_instance_presenter
|
||||
|
||||
def show
|
||||
expires_in(15.seconds, public: true, stale_while_revalidate: 30.seconds, stale_if_error: 1.day) unless user_signed_in?
|
||||
expires_in 0, public: true unless user_signed_in?
|
||||
end
|
||||
|
||||
private
|
||||
|
|
|
@ -7,9 +7,8 @@ class AccountsController < ApplicationController
|
|||
include AccountControllerConcern
|
||||
include SignatureAuthentication
|
||||
|
||||
vary_by -> { public_fetch_mode? ? 'Accept, Accept-Language, Cookie' : 'Accept, Accept-Language, Cookie, Signature' }
|
||||
|
||||
before_action :require_account_signature!, if: -> { request.format == :json && authorized_fetch_mode? }
|
||||
before_action :set_cache_headers
|
||||
|
||||
skip_around_action :set_locale, if: -> { [:json, :rss].include?(request.format&.to_sym) }
|
||||
skip_before_action :require_functional!, unless: :whitelist_mode?
|
||||
|
@ -17,7 +16,7 @@ class AccountsController < ApplicationController
|
|||
def show
|
||||
respond_to do |format|
|
||||
format.html do
|
||||
expires_in(15.seconds, public: true, stale_while_revalidate: 30.seconds, stale_if_error: 1.hour) unless user_signed_in?
|
||||
expires_in 0, public: true unless user_signed_in?
|
||||
|
||||
@rss_url = rss_url
|
||||
end
|
||||
|
|
|
@ -7,6 +7,10 @@ class ActivityPub::BaseController < Api::BaseController
|
|||
|
||||
private
|
||||
|
||||
def set_cache_headers
|
||||
response.headers['Vary'] = 'Signature' if authorized_fetch_mode?
|
||||
end
|
||||
|
||||
def skip_temporary_suspension_response?
|
||||
false
|
||||
end
|
||||
|
|
|
@ -4,12 +4,11 @@ class ActivityPub::CollectionsController < ActivityPub::BaseController
|
|||
include SignatureVerification
|
||||
include AccountOwnedConcern
|
||||
|
||||
vary_by -> { 'Signature' if authorized_fetch_mode? }
|
||||
|
||||
before_action :require_account_signature!, if: :authorized_fetch_mode?
|
||||
before_action :set_items
|
||||
before_action :set_size
|
||||
before_action :set_type
|
||||
before_action :set_cache_headers
|
||||
|
||||
def show
|
||||
expires_in 3.minutes, public: public_fetch_mode?
|
||||
|
|
|
@ -4,10 +4,9 @@ class ActivityPub::FollowersSynchronizationsController < ActivityPub::BaseContro
|
|||
include SignatureVerification
|
||||
include AccountOwnedConcern
|
||||
|
||||
vary_by -> { 'Signature' if authorized_fetch_mode? }
|
||||
|
||||
before_action :require_account_signature!
|
||||
before_action :set_items
|
||||
before_action :set_cache_headers
|
||||
|
||||
def show
|
||||
expires_in 0, public: false
|
||||
|
|
|
@ -6,10 +6,9 @@ class ActivityPub::OutboxesController < ActivityPub::BaseController
|
|||
include SignatureVerification
|
||||
include AccountOwnedConcern
|
||||
|
||||
vary_by -> { 'Signature' if authorized_fetch_mode? || page_requested? }
|
||||
|
||||
before_action :require_account_signature!, if: :authorized_fetch_mode?
|
||||
before_action :set_statuses
|
||||
before_action :set_cache_headers
|
||||
|
||||
def show
|
||||
if page_requested?
|
||||
|
@ -17,7 +16,6 @@ class ActivityPub::OutboxesController < ActivityPub::BaseController
|
|||
else
|
||||
expires_in(3.minutes, public: public_fetch_mode?)
|
||||
end
|
||||
|
||||
render json: outbox_presenter, serializer: ActivityPub::OutboxSerializer, adapter: ActivityPub::Adapter, content_type: 'application/activity+json'
|
||||
end
|
||||
|
||||
|
@ -82,4 +80,8 @@ class ActivityPub::OutboxesController < ActivityPub::BaseController
|
|||
def set_account
|
||||
@account = params[:account_username].present? ? Account.find_local!(username_param) : Account.representative
|
||||
end
|
||||
|
||||
def set_cache_headers
|
||||
response.headers['Vary'] = 'Signature' if authorized_fetch_mode? || page_requested?
|
||||
end
|
||||
end
|
||||
|
|
|
@ -7,10 +7,9 @@ class ActivityPub::RepliesController < ActivityPub::BaseController
|
|||
|
||||
DESCENDANTS_LIMIT = 60
|
||||
|
||||
vary_by -> { 'Signature' if authorized_fetch_mode? }
|
||||
|
||||
before_action :require_account_signature!, if: :authorized_fetch_mode?
|
||||
before_action :set_status
|
||||
before_action :set_cache_headers
|
||||
before_action :set_replies
|
||||
|
||||
def index
|
||||
|
|
|
@ -14,10 +14,6 @@ class Admin::AnnouncementsController < Admin::BaseController
|
|||
@announcement = Announcement.new
|
||||
end
|
||||
|
||||
def edit
|
||||
authorize :announcement, :update?
|
||||
end
|
||||
|
||||
def create
|
||||
authorize :announcement, :create?
|
||||
|
||||
|
@ -32,6 +28,10 @@ class Admin::AnnouncementsController < Admin::BaseController
|
|||
end
|
||||
end
|
||||
|
||||
def edit
|
||||
authorize :announcement, :update?
|
||||
end
|
||||
|
||||
def update
|
||||
authorize :announcement, :update?
|
||||
|
||||
|
|
|
@ -9,8 +9,6 @@ module Admin
|
|||
|
||||
before_action :set_pack
|
||||
before_action :set_body_classes
|
||||
before_action :set_cache_headers
|
||||
|
||||
after_action :verify_authorized
|
||||
|
||||
private
|
||||
|
@ -23,10 +21,6 @@ module Admin
|
|||
use_pack 'admin'
|
||||
end
|
||||
|
||||
def set_cache_headers
|
||||
response.cache_control.replace(private: true, no_store: true)
|
||||
end
|
||||
|
||||
def set_user
|
||||
@user = Account.find(params[:account_id]).user || raise(ActiveRecord::RecordNotFound)
|
||||
end
|
||||
|
|
|
@ -14,5 +14,15 @@ module Admin
|
|||
@pending_tags_count = Tag.pending_review.count
|
||||
@pending_appeals_count = Appeal.pending.count
|
||||
end
|
||||
|
||||
private
|
||||
|
||||
def redis_info
|
||||
@redis_info ||= if redis.is_a?(Redis::Namespace)
|
||||
redis.redis.info
|
||||
else
|
||||
redis.info
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
|
||||
module Admin
|
||||
class DomainBlocksController < BaseController
|
||||
before_action :set_domain_block, only: [:destroy, :edit, :update]
|
||||
before_action :set_domain_block, only: [:show, :destroy, :edit, :update]
|
||||
|
||||
def batch
|
||||
authorize :domain_block, :create?
|
||||
|
@ -31,41 +31,31 @@ module Admin
|
|||
@domain_block = DomainBlock.new(resource_params)
|
||||
existing_domain_block = resource_params[:domain].present? ? DomainBlock.rule_for(resource_params[:domain]) : nil
|
||||
|
||||
# Disallow accidentally downgrading a domain block
|
||||
if existing_domain_block.present? && !@domain_block.stricter_than?(existing_domain_block)
|
||||
@domain_block.save
|
||||
flash.now[:alert] = I18n.t('admin.domain_blocks.existing_domain_block_html', name: existing_domain_block.domain, unblock_url: admin_domain_block_path(existing_domain_block)).html_safe
|
||||
flash.now[:alert] = I18n.t('admin.domain_blocks.existing_domain_block_html', name: existing_domain_block.domain, unblock_url: admin_domain_block_path(existing_domain_block)).html_safe # rubocop:disable Rails/OutputSafety
|
||||
@domain_block.errors.delete(:domain)
|
||||
return render :new
|
||||
end
|
||||
|
||||
# Allow transparently upgrading a domain block
|
||||
if existing_domain_block.present?
|
||||
@domain_block = existing_domain_block
|
||||
@domain_block.assign_attributes(resource_params)
|
||||
end
|
||||
|
||||
# Require explicit confirmation when suspending
|
||||
return render :confirm_suspension if requires_confirmation?
|
||||
|
||||
if @domain_block.save
|
||||
DomainBlockWorker.perform_async(@domain_block.id)
|
||||
log_action :create, @domain_block
|
||||
redirect_to admin_instances_path(limited: '1'), notice: I18n.t('admin.domain_blocks.created_msg')
|
||||
else
|
||||
render :new
|
||||
else
|
||||
if existing_domain_block.present?
|
||||
@domain_block = existing_domain_block
|
||||
@domain_block.update(resource_params)
|
||||
end
|
||||
|
||||
if @domain_block.save
|
||||
DomainBlockWorker.perform_async(@domain_block.id)
|
||||
log_action :create, @domain_block
|
||||
redirect_to admin_instances_path(limited: '1'), notice: I18n.t('admin.domain_blocks.created_msg')
|
||||
else
|
||||
render :new
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
def update
|
||||
authorize :domain_block, :update?
|
||||
|
||||
@domain_block.assign_attributes(update_params)
|
||||
|
||||
# Require explicit confirmation when suspending
|
||||
return render :confirm_suspension if requires_confirmation?
|
||||
|
||||
if @domain_block.save
|
||||
if @domain_block.update(update_params)
|
||||
DomainBlockWorker.perform_async(@domain_block.id, @domain_block.severity_previously_changed?)
|
||||
log_action :update, @domain_block
|
||||
redirect_to admin_instances_path(limited: '1'), notice: I18n.t('admin.domain_blocks.created_msg')
|
||||
|
@ -102,9 +92,5 @@ module Admin
|
|||
def action_from_button
|
||||
'save' if params[:save]
|
||||
end
|
||||
|
||||
def requires_confirmation?
|
||||
@domain_block.valid? && (@domain_block.new_record? || @domain_block.severity_changed?) && @domain_block.severity.to_s == 'suspend' && !params[:confirm]
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -2,6 +2,8 @@
|
|||
|
||||
module Admin
|
||||
class EmailDomainBlocksController < BaseController
|
||||
before_action :set_email_domain_block, only: [:show, :destroy]
|
||||
|
||||
def index
|
||||
authorize :email_domain_block, :index?
|
||||
|
||||
|
@ -57,6 +59,10 @@ module Admin
|
|||
|
||||
private
|
||||
|
||||
def set_email_domain_block
|
||||
@email_domain_block = EmailDomainBlock.find(params[:id])
|
||||
end
|
||||
|
||||
def set_resolved_records
|
||||
Resolv::DNS.open do |dns|
|
||||
dns.timeouts = 5
|
||||
|
|
|
@ -16,10 +16,6 @@ module Admin
|
|||
@role = UserRole.new
|
||||
end
|
||||
|
||||
def edit
|
||||
authorize @role, :update?
|
||||
end
|
||||
|
||||
def create
|
||||
authorize :user_role, :create?
|
||||
|
||||
|
@ -34,6 +30,10 @@ module Admin
|
|||
end
|
||||
end
|
||||
|
||||
def edit
|
||||
authorize @role, :update?
|
||||
end
|
||||
|
||||
def update
|
||||
authorize @role, :update?
|
||||
|
||||
|
|
|
@ -11,10 +11,6 @@ module Admin
|
|||
@rule = Rule.new
|
||||
end
|
||||
|
||||
def edit
|
||||
authorize @rule, :update?
|
||||
end
|
||||
|
||||
def create
|
||||
authorize :rule, :create?
|
||||
|
||||
|
@ -28,6 +24,10 @@ module Admin
|
|||
end
|
||||
end
|
||||
|
||||
def edit
|
||||
authorize @rule, :update?
|
||||
end
|
||||
|
||||
def update
|
||||
authorize @rule, :update?
|
||||
|
||||
|
|
|
@ -11,10 +11,6 @@ module Admin
|
|||
@warning_preset = AccountWarningPreset.new
|
||||
end
|
||||
|
||||
def edit
|
||||
authorize @warning_preset, :update?
|
||||
end
|
||||
|
||||
def create
|
||||
authorize :account_warning_preset, :create?
|
||||
|
||||
|
@ -28,6 +24,10 @@ module Admin
|
|||
end
|
||||
end
|
||||
|
||||
def edit
|
||||
authorize @warning_preset, :update?
|
||||
end
|
||||
|
||||
def update
|
||||
authorize @warning_preset, :update?
|
||||
|
||||
|
|
|
@ -10,20 +10,12 @@ module Admin
|
|||
@webhooks = Webhook.page(params[:page])
|
||||
end
|
||||
|
||||
def show
|
||||
authorize @webhook, :show?
|
||||
end
|
||||
|
||||
def new
|
||||
authorize :webhook, :create?
|
||||
|
||||
@webhook = Webhook.new
|
||||
end
|
||||
|
||||
def edit
|
||||
authorize @webhook, :update?
|
||||
end
|
||||
|
||||
def create
|
||||
authorize :webhook, :create?
|
||||
|
||||
|
@ -36,6 +28,14 @@ module Admin
|
|||
end
|
||||
end
|
||||
|
||||
def show
|
||||
authorize @webhook, :show?
|
||||
end
|
||||
|
||||
def edit
|
||||
authorize @webhook, :update?
|
||||
end
|
||||
|
||||
def update
|
||||
authorize @webhook, :update?
|
||||
|
||||
|
@ -71,7 +71,7 @@ module Admin
|
|||
end
|
||||
|
||||
def resource_params
|
||||
params.require(:webhook).permit(:url, :template, events: [])
|
||||
params.require(:webhook).permit(:url, events: [])
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -6,14 +6,13 @@ class Api::BaseController < ApplicationController
|
|||
|
||||
include RateLimitHeaders
|
||||
include AccessTokenTrackingConcern
|
||||
include ApiCachingConcern
|
||||
|
||||
skip_before_action :store_current_location
|
||||
skip_before_action :require_functional!, unless: :whitelist_mode?
|
||||
|
||||
before_action :require_authenticated_user!, if: :disallow_unauthenticated_api_access?
|
||||
before_action :require_not_suspended!
|
||||
|
||||
vary_by 'Authorization'
|
||||
before_action :set_cache_headers
|
||||
|
||||
protect_from_forgery with: :null_session
|
||||
|
||||
|
@ -149,6 +148,10 @@ class Api::BaseController < ApplicationController
|
|||
doorkeeper_authorize!(*scopes) if doorkeeper_token
|
||||
end
|
||||
|
||||
def set_cache_headers
|
||||
response.headers['Cache-Control'] = 'private, no-store'
|
||||
end
|
||||
|
||||
def disallow_unauthenticated_api_access?
|
||||
ENV['DISALLOW_UNAUTHENTICATED_API_ACCESS'] == 'true' || Rails.configuration.x.whitelist_mode
|
||||
end
|
||||
|
|
|
@ -13,7 +13,7 @@ class Api::V1::Accounts::CredentialsController < Api::BaseController
|
|||
def update
|
||||
@account = current_account
|
||||
UpdateAccountService.new.call(@account, account_params, raise_error: true)
|
||||
current_user.update(user_params) if user_params
|
||||
UserSettingsDecorator.new(current_user).update(user_settings_params) if user_settings_params
|
||||
ActivityPub::UpdateDistributionWorker.perform_async(@account.id)
|
||||
render json: @account, serializer: REST::CredentialAccountSerializer
|
||||
end
|
||||
|
@ -34,17 +34,15 @@ class Api::V1::Accounts::CredentialsController < Api::BaseController
|
|||
)
|
||||
end
|
||||
|
||||
def user_params
|
||||
def user_settings_params
|
||||
return nil if params[:source].blank?
|
||||
|
||||
source_params = params.require(:source)
|
||||
|
||||
{
|
||||
settings_attributes: {
|
||||
default_privacy: source_params.fetch(:privacy, @account.user.setting_default_privacy),
|
||||
default_sensitive: source_params.fetch(:sensitive, @account.user.setting_default_sensitive),
|
||||
default_language: source_params.fetch(:language, @account.user.setting_default_language),
|
||||
},
|
||||
'setting_default_privacy' => source_params.fetch(:privacy, @account.user.setting_default_privacy),
|
||||
'setting_default_sensitive' => source_params.fetch(:sensitive, @account.user.setting_default_sensitive),
|
||||
'setting_default_language' => source_params.fetch(:language, @account.user.setting_default_language),
|
||||
}
|
||||
end
|
||||
end
|
||||
|
|
|
@ -6,7 +6,6 @@ class Api::V1::Accounts::FollowerAccountsController < Api::BaseController
|
|||
after_action :insert_pagination_headers
|
||||
|
||||
def index
|
||||
cache_if_unauthenticated!
|
||||
@accounts = load_accounts
|
||||
render json: @accounts, each_serializer: REST::AccountSerializer
|
||||
end
|
||||
|
|
|
@ -6,7 +6,6 @@ class Api::V1::Accounts::FollowingAccountsController < Api::BaseController
|
|||
after_action :insert_pagination_headers
|
||||
|
||||
def index
|
||||
cache_if_unauthenticated!
|
||||
@accounts = load_accounts
|
||||
render json: @accounts, each_serializer: REST::AccountSerializer
|
||||
end
|
||||
|
|
|
@ -5,7 +5,6 @@ class Api::V1::Accounts::LookupController < Api::BaseController
|
|||
before_action :set_account
|
||||
|
||||
def show
|
||||
cache_if_unauthenticated!
|
||||
render json: @account, serializer: REST::AccountSerializer
|
||||
end
|
||||
|
||||
|
|
|
@ -7,7 +7,6 @@ class Api::V1::Accounts::StatusesController < Api::BaseController
|
|||
after_action :insert_pagination_headers, unless: -> { truthy_param?(:pinned) }
|
||||
|
||||
def index
|
||||
cache_if_unauthenticated!
|
||||
@statuses = load_statuses
|
||||
render json: @statuses, each_serializer: REST::StatusSerializer, relationships: StatusRelationshipsPresenter.new(@statuses, current_user&.account_id)
|
||||
end
|
||||
|
|
|
@ -18,7 +18,6 @@ class Api::V1::AccountsController < Api::BaseController
|
|||
override_rate_limit_headers :follow, family: :follows
|
||||
|
||||
def show
|
||||
cache_if_unauthenticated!
|
||||
render json: @account, serializer: REST::AccountSerializer
|
||||
end
|
||||
|
||||
|
@ -90,7 +89,7 @@ class Api::V1::AccountsController < Api::BaseController
|
|||
end
|
||||
|
||||
def account_params
|
||||
params.permit(:username, :email, :password, :agreement, :locale, :reason, :time_zone)
|
||||
params.permit(:username, :email, :password, :agreement, :locale, :reason)
|
||||
end
|
||||
|
||||
def check_enabled_registrations
|
||||
|
|
|
@ -58,7 +58,7 @@ class Api::V1::Admin::CanonicalEmailBlocksController < Api::BaseController
|
|||
end
|
||||
|
||||
def set_canonical_email_blocks_from_test
|
||||
@canonical_email_blocks = CanonicalEmailBlock.matching_email(params.require(:email))
|
||||
@canonical_email_blocks = CanonicalEmailBlock.matching_email(params[:email])
|
||||
end
|
||||
|
||||
def set_canonical_email_block
|
||||
|
|
|
@ -16,6 +16,19 @@ class Api::V1::Admin::DomainAllowsController < Api::BaseController
|
|||
|
||||
PAGINATION_PARAMS = %i(limit).freeze
|
||||
|
||||
def create
|
||||
authorize :domain_allow, :create?
|
||||
|
||||
@domain_allow = DomainAllow.find_by(resource_params)
|
||||
|
||||
if @domain_allow.nil?
|
||||
@domain_allow = DomainAllow.create!(resource_params)
|
||||
log_action :create, @domain_allow
|
||||
end
|
||||
|
||||
render json: @domain_allow, serializer: REST::Admin::DomainAllowSerializer
|
||||
end
|
||||
|
||||
def index
|
||||
authorize :domain_allow, :index?
|
||||
render json: @domain_allows, each_serializer: REST::Admin::DomainAllowSerializer
|
||||
|
@ -26,19 +39,6 @@ class Api::V1::Admin::DomainAllowsController < Api::BaseController
|
|||
render json: @domain_allow, serializer: REST::Admin::DomainAllowSerializer
|
||||
end
|
||||
|
||||
def create
|
||||
authorize :domain_allow, :create?
|
||||
|
||||
@domain_allow = DomainAllow.find_by(domain: resource_params[:domain])
|
||||
|
||||
if @domain_allow.nil?
|
||||
@domain_allow = DomainAllow.create!(resource_params)
|
||||
log_action :create, @domain_allow
|
||||
end
|
||||
|
||||
render json: @domain_allow, serializer: REST::Admin::DomainAllowSerializer
|
||||
end
|
||||
|
||||
def destroy
|
||||
authorize @domain_allow, :destroy?
|
||||
UnallowDomainService.new.call(@domain_allow)
|
||||
|
|
|
@ -16,16 +16,6 @@ class Api::V1::Admin::DomainBlocksController < Api::BaseController
|
|||
|
||||
PAGINATION_PARAMS = %i(limit).freeze
|
||||
|
||||
def index
|
||||
authorize :domain_block, :index?
|
||||
render json: @domain_blocks, each_serializer: REST::Admin::DomainBlockSerializer
|
||||
end
|
||||
|
||||
def show
|
||||
authorize @domain_block, :show?
|
||||
render json: @domain_block, serializer: REST::Admin::DomainBlockSerializer
|
||||
end
|
||||
|
||||
def create
|
||||
authorize :domain_block, :create?
|
||||
|
||||
|
@ -38,6 +28,16 @@ class Api::V1::Admin::DomainBlocksController < Api::BaseController
|
|||
render json: @domain_block, serializer: REST::Admin::DomainBlockSerializer
|
||||
end
|
||||
|
||||
def index
|
||||
authorize :domain_block, :index?
|
||||
render json: @domain_blocks, each_serializer: REST::Admin::DomainBlockSerializer
|
||||
end
|
||||
|
||||
def show
|
||||
authorize @domain_block, :show?
|
||||
render json: @domain_block, serializer: REST::Admin::DomainBlockSerializer
|
||||
end
|
||||
|
||||
def update
|
||||
authorize @domain_block, :update?
|
||||
@domain_block.update!(domain_block_params)
|
||||
|
|
|
@ -18,6 +18,15 @@ class Api::V1::Admin::EmailDomainBlocksController < Api::BaseController
|
|||
limit
|
||||
).freeze
|
||||
|
||||
def create
|
||||
authorize :email_domain_block, :create?
|
||||
|
||||
@email_domain_block = EmailDomainBlock.create!(resource_params)
|
||||
log_action :create, @email_domain_block
|
||||
|
||||
render json: @email_domain_block, serializer: REST::Admin::EmailDomainBlockSerializer
|
||||
end
|
||||
|
||||
def index
|
||||
authorize :email_domain_block, :index?
|
||||
render json: @email_domain_blocks, each_serializer: REST::Admin::EmailDomainBlockSerializer
|
||||
|
@ -28,15 +37,6 @@ class Api::V1::Admin::EmailDomainBlocksController < Api::BaseController
|
|||
render json: @email_domain_block, serializer: REST::Admin::EmailDomainBlockSerializer
|
||||
end
|
||||
|
||||
def create
|
||||
authorize :email_domain_block, :create?
|
||||
|
||||
@email_domain_block = EmailDomainBlock.create!(resource_params)
|
||||
log_action :create, @email_domain_block
|
||||
|
||||
render json: @email_domain_block, serializer: REST::Admin::EmailDomainBlockSerializer
|
||||
end
|
||||
|
||||
def destroy
|
||||
authorize @email_domain_block, :destroy?
|
||||
@email_domain_block.destroy!
|
||||
|
|
|
@ -18,6 +18,13 @@ class Api::V1::Admin::IpBlocksController < Api::BaseController
|
|||
limit
|
||||
).freeze
|
||||
|
||||
def create
|
||||
authorize :ip_block, :create?
|
||||
@ip_block = IpBlock.create!(resource_params)
|
||||
log_action :create, @ip_block
|
||||
render json: @ip_block, serializer: REST::Admin::IpBlockSerializer
|
||||
end
|
||||
|
||||
def index
|
||||
authorize :ip_block, :index?
|
||||
render json: @ip_blocks, each_serializer: REST::Admin::IpBlockSerializer
|
||||
|
@ -28,13 +35,6 @@ class Api::V1::Admin::IpBlocksController < Api::BaseController
|
|||
render json: @ip_block, serializer: REST::Admin::IpBlockSerializer
|
||||
end
|
||||
|
||||
def create
|
||||
authorize :ip_block, :create?
|
||||
@ip_block = IpBlock.create!(resource_params)
|
||||
log_action :create, @ip_block
|
||||
render json: @ip_block, serializer: REST::Admin::IpBlockSerializer
|
||||
end
|
||||
|
||||
def update
|
||||
authorize @ip_block, :update?
|
||||
@ip_block.update(resource_params)
|
||||
|
|
|
@ -1,36 +1,7 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
class Api::V1::Admin::Trends::LinksController < Api::V1::Trends::LinksController
|
||||
include Authorization
|
||||
|
||||
before_action -> { authorize_if_got_token! :'admin:read' }, only: :index
|
||||
before_action -> { authorize_if_got_token! :'admin:write' }, except: :index
|
||||
|
||||
after_action :verify_authorized, except: :index
|
||||
|
||||
def index
|
||||
if current_user&.can?(:manage_taxonomies)
|
||||
render json: @links, each_serializer: REST::Admin::Trends::LinkSerializer
|
||||
else
|
||||
super
|
||||
end
|
||||
end
|
||||
|
||||
def approve
|
||||
authorize :preview_card, :review?
|
||||
|
||||
link = PreviewCard.find(params[:id])
|
||||
link.update(trendable: true)
|
||||
render json: link, serializer: REST::Admin::Trends::LinkSerializer
|
||||
end
|
||||
|
||||
def reject
|
||||
authorize :preview_card, :review?
|
||||
|
||||
link = PreviewCard.find(params[:id])
|
||||
link.update(trendable: false)
|
||||
render json: link, serializer: REST::Admin::Trends::LinkSerializer
|
||||
end
|
||||
before_action -> { authorize_if_got_token! :'admin:read' }
|
||||
|
||||
private
|
||||
|
||||
|
|
|
@ -1,36 +1,7 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
class Api::V1::Admin::Trends::StatusesController < Api::V1::Trends::StatusesController
|
||||
include Authorization
|
||||
|
||||
before_action -> { authorize_if_got_token! :'admin:read' }, only: :index
|
||||
before_action -> { authorize_if_got_token! :'admin:write' }, except: :index
|
||||
|
||||
after_action :verify_authorized, except: :index
|
||||
|
||||
def index
|
||||
if current_user&.can?(:manage_taxonomies)
|
||||
render json: @statuses, each_serializer: REST::Admin::Trends::StatusSerializer
|
||||
else
|
||||
super
|
||||
end
|
||||
end
|
||||
|
||||
def approve
|
||||
authorize [:admin, :status], :review?
|
||||
|
||||
status = Status.find(params[:id])
|
||||
status.update(trendable: true)
|
||||
render json: status, serializer: REST::Admin::Trends::StatusSerializer
|
||||
end
|
||||
|
||||
def reject
|
||||
authorize [:admin, :status], :review?
|
||||
|
||||
status = Status.find(params[:id])
|
||||
status.update(trendable: false)
|
||||
render json: status, serializer: REST::Admin::Trends::StatusSerializer
|
||||
end
|
||||
before_action -> { authorize_if_got_token! :'admin:read' }
|
||||
|
||||
private
|
||||
|
||||
|
|
|
@ -1,12 +1,7 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
class Api::V1::Admin::Trends::TagsController < Api::V1::Trends::TagsController
|
||||
include Authorization
|
||||
|
||||
before_action -> { authorize_if_got_token! :'admin:read' }, only: :index
|
||||
before_action -> { authorize_if_got_token! :'admin:write' }, except: :index
|
||||
|
||||
after_action :verify_authorized, except: :index
|
||||
before_action -> { authorize_if_got_token! :'admin:read' }
|
||||
|
||||
def index
|
||||
if current_user&.can?(:manage_taxonomies)
|
||||
|
@ -16,22 +11,6 @@ class Api::V1::Admin::Trends::TagsController < Api::V1::Trends::TagsController
|
|||
end
|
||||
end
|
||||
|
||||
def approve
|
||||
authorize :tag, :review?
|
||||
|
||||
tag = Tag.find(params[:id])
|
||||
tag.update(trendable: true, reviewed_at: Time.now.utc)
|
||||
render json: tag, serializer: REST::Admin::TagSerializer
|
||||
end
|
||||
|
||||
def reject
|
||||
authorize :tag, :review?
|
||||
|
||||
tag = Tag.find(params[:id])
|
||||
tag.update(trendable: false, reviewed_at: Time.now.utc)
|
||||
render json: tag, serializer: REST::Admin::TagSerializer
|
||||
end
|
||||
|
||||
private
|
||||
|
||||
def enabled?
|
||||
|
|
|
@ -11,7 +11,7 @@ class Api::V1::ConversationsController < Api::BaseController
|
|||
|
||||
def index
|
||||
@conversations = paginated_conversations
|
||||
render json: @conversations, each_serializer: REST::ConversationSerializer, relationships: StatusRelationshipsPresenter.new(@conversations.map(&:last_status), current_user&.account_id)
|
||||
render json: @conversations, each_serializer: REST::ConversationSerializer
|
||||
end
|
||||
|
||||
def read
|
||||
|
@ -32,19 +32,6 @@ class Api::V1::ConversationsController < Api::BaseController
|
|||
|
||||
def paginated_conversations
|
||||
AccountConversation.where(account: current_account)
|
||||
.includes(
|
||||
account: :account_stat,
|
||||
last_status: [
|
||||
:media_attachments,
|
||||
:preview_cards,
|
||||
:status_stat,
|
||||
:tags,
|
||||
{
|
||||
active_mentions: [account: :account_stat],
|
||||
account: :account_stat,
|
||||
},
|
||||
]
|
||||
)
|
||||
.to_a_paginated_by_id(limit_param(LIMIT), params_slice(:max_id, :since_id, :min_id))
|
||||
end
|
||||
|
||||
|
|
|
@ -1,11 +1,10 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
class Api::V1::CustomEmojisController < Api::BaseController
|
||||
vary_by '', unless: :disallow_unauthenticated_api_access?
|
||||
skip_before_action :require_authenticated_user!, unless: :whitelist_mode?
|
||||
skip_before_action :set_cache_headers
|
||||
|
||||
def index
|
||||
cache_even_if_authenticated! unless disallow_unauthenticated_api_access?
|
||||
expires_in 3.minutes, public: true
|
||||
render_with_cache(each_serializer: REST::CustomEmojiSerializer) { CustomEmoji.listed.includes(:category) }
|
||||
end
|
||||
end
|
||||
|
|
|
@ -5,7 +5,6 @@ class Api::V1::DirectoriesController < Api::BaseController
|
|||
before_action :set_accounts
|
||||
|
||||
def show
|
||||
cache_if_unauthenticated!
|
||||
render json: @accounts, each_serializer: REST::AccountSerializer
|
||||
end
|
||||
|
||||
|
|
|
@ -1,10 +1,9 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
class Api::V1::Emails::ConfirmationsController < Api::BaseController
|
||||
before_action -> { authorize_if_got_token! :read, :'read:accounts' }, only: :check
|
||||
before_action -> { doorkeeper_authorize! :write, :'write:accounts' }, except: :check
|
||||
before_action :require_user_owned_by_application!, except: :check
|
||||
before_action :require_user_not_confirmed!, except: :check
|
||||
before_action -> { doorkeeper_authorize! :write, :'write:accounts' }
|
||||
before_action :require_user_owned_by_application!
|
||||
before_action :require_user_not_confirmed!
|
||||
|
||||
def create
|
||||
current_user.update!(email: params[:email]) if params.key?(:email)
|
||||
|
@ -13,10 +12,6 @@ class Api::V1::Emails::ConfirmationsController < Api::BaseController
|
|||
render_empty
|
||||
end
|
||||
|
||||
def check
|
||||
render json: current_user.confirmed?
|
||||
end
|
||||
|
||||
private
|
||||
|
||||
def require_user_owned_by_application!
|
||||
|
|
|
@ -13,7 +13,7 @@ class Api::V1::FeaturedTagsController < Api::BaseController
|
|||
end
|
||||
|
||||
def create
|
||||
featured_tag = CreateFeaturedTagService.new.call(current_account, params.require(:name))
|
||||
featured_tag = CreateFeaturedTagService.new.call(current_account, featured_tag_params[:name])
|
||||
render json: featured_tag, serializer: REST::FeaturedTagSerializer
|
||||
end
|
||||
|
||||
|
@ -31,4 +31,8 @@ class Api::V1::FeaturedTagsController < Api::BaseController
|
|||
def set_featured_tags
|
||||
@featured_tags = current_account.featured_tags.order(statuses_count: :desc)
|
||||
end
|
||||
|
||||
def featured_tag_params
|
||||
params.permit(:name)
|
||||
end
|
||||
end
|
||||
|
|
|
@ -11,10 +11,6 @@ class Api::V1::FiltersController < Api::BaseController
|
|||
render json: @filters, each_serializer: REST::V1::FilterSerializer
|
||||
end
|
||||
|
||||
def show
|
||||
render json: @filter, serializer: REST::V1::FilterSerializer
|
||||
end
|
||||
|
||||
def create
|
||||
ApplicationRecord.transaction do
|
||||
filter_category = current_account.custom_filters.create!(filter_params)
|
||||
|
@ -24,6 +20,10 @@ class Api::V1::FiltersController < Api::BaseController
|
|||
render json: @filter, serializer: REST::V1::FilterSerializer
|
||||
end
|
||||
|
||||
def show
|
||||
render json: @filter, serializer: REST::V1::FilterSerializer
|
||||
end
|
||||
|
||||
def update
|
||||
ApplicationRecord.transaction do
|
||||
@filter.update!(keyword_params)
|
||||
|
|
|
@ -3,12 +3,11 @@
|
|||
class Api::V1::Instances::ActivityController < Api::BaseController
|
||||
before_action :require_enabled_api!
|
||||
|
||||
skip_before_action :set_cache_headers
|
||||
skip_before_action :require_authenticated_user!, unless: :whitelist_mode?
|
||||
|
||||
vary_by ''
|
||||
|
||||
def show
|
||||
cache_even_if_authenticated!
|
||||
expires_in 1.day, public: true
|
||||
render_with_cache json: :activity, expires_in: 1.day
|
||||
end
|
||||
|
||||
|
|
|
@ -6,15 +6,8 @@ class Api::V1::Instances::DomainBlocksController < Api::BaseController
|
|||
before_action :require_enabled_api!
|
||||
before_action :set_domain_blocks
|
||||
|
||||
vary_by '', if: -> { Setting.show_domain_blocks == 'all' }
|
||||
|
||||
def index
|
||||
if Setting.show_domain_blocks == 'all'
|
||||
cache_even_if_authenticated!
|
||||
else
|
||||
cache_if_unauthenticated!
|
||||
end
|
||||
|
||||
expires_in 3.minutes, public: true
|
||||
render json: @domain_blocks, each_serializer: REST::DomainBlockSerializer, with_comment: (Setting.show_domain_blocks_rationale == 'all' || (Setting.show_domain_blocks_rationale == 'users' && user_signed_in?))
|
||||
end
|
||||
|
||||
|
|
|
@ -2,19 +2,11 @@
|
|||
|
||||
class Api::V1::Instances::ExtendedDescriptionsController < Api::BaseController
|
||||
skip_before_action :require_authenticated_user!, unless: :whitelist_mode?
|
||||
skip_around_action :set_locale
|
||||
|
||||
before_action :set_extended_description
|
||||
|
||||
vary_by ''
|
||||
|
||||
# Override `current_user` to avoid reading session cookies unless in whitelist mode
|
||||
def current_user
|
||||
super if whitelist_mode?
|
||||
end
|
||||
|
||||
def show
|
||||
cache_even_if_authenticated!
|
||||
expires_in 3.minutes, public: true
|
||||
render json: @extended_description, serializer: REST::ExtendedDescriptionSerializer
|
||||
end
|
||||
|
||||
|
|
|
@ -3,18 +3,11 @@
|
|||
class Api::V1::Instances::PeersController < Api::BaseController
|
||||
before_action :require_enabled_api!
|
||||
|
||||
skip_before_action :set_cache_headers
|
||||
skip_before_action :require_authenticated_user!, unless: :whitelist_mode?
|
||||
skip_around_action :set_locale
|
||||
|
||||
vary_by ''
|
||||
|
||||
# Override `current_user` to avoid reading session cookies unless in whitelist mode
|
||||
def current_user
|
||||
super if whitelist_mode?
|
||||
end
|
||||
|
||||
def index
|
||||
cache_even_if_authenticated!
|
||||
expires_in 1.day, public: true
|
||||
render_with_cache(expires_in: 1.day) { Instance.where.not(domain: DomainBlock.select(:domain)).pluck(:domain) }
|
||||
end
|
||||
|
||||
|
|
|
@ -5,10 +5,8 @@ class Api::V1::Instances::PrivacyPoliciesController < Api::BaseController
|
|||
|
||||
before_action :set_privacy_policy
|
||||
|
||||
vary_by ''
|
||||
|
||||
def show
|
||||
cache_even_if_authenticated!
|
||||
expires_in 1.day, public: true
|
||||
render json: @privacy_policy, serializer: REST::PrivacyPolicySerializer
|
||||
end
|
||||
|
||||
|
|
|
@ -2,19 +2,10 @@
|
|||
|
||||
class Api::V1::Instances::RulesController < Api::BaseController
|
||||
skip_before_action :require_authenticated_user!, unless: :whitelist_mode?
|
||||
skip_around_action :set_locale
|
||||
|
||||
before_action :set_rules
|
||||
|
||||
vary_by ''
|
||||
|
||||
# Override `current_user` to avoid reading session cookies unless in whitelist mode
|
||||
def current_user
|
||||
super if whitelist_mode?
|
||||
end
|
||||
|
||||
def index
|
||||
cache_even_if_authenticated!
|
||||
render json: @rules, each_serializer: REST::RuleSerializer
|
||||
end
|
||||
|
||||
|
|
|
@ -5,10 +5,8 @@ class Api::V1::Instances::TranslationLanguagesController < Api::BaseController
|
|||
|
||||
before_action :set_languages
|
||||
|
||||
vary_by ''
|
||||
|
||||
def show
|
||||
cache_even_if_authenticated!
|
||||
expires_in 1.day, public: true
|
||||
render json: @languages
|
||||
end
|
||||
|
||||
|
|
|
@ -1,18 +1,11 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
class Api::V1::InstancesController < Api::BaseController
|
||||
skip_before_action :set_cache_headers
|
||||
skip_before_action :require_authenticated_user!, unless: :whitelist_mode?
|
||||
skip_around_action :set_locale
|
||||
|
||||
vary_by ''
|
||||
|
||||
# Override `current_user` to avoid reading session cookies unless in whitelist mode
|
||||
def current_user
|
||||
super if whitelist_mode?
|
||||
end
|
||||
|
||||
def show
|
||||
cache_even_if_authenticated!
|
||||
expires_in 3.minutes, public: true
|
||||
render_with_cache json: InstancePresenter.new, serializer: REST::V1::InstanceSerializer, root: 'instance'
|
||||
end
|
||||
end
|
||||
|
|
|
@ -42,6 +42,6 @@ class Api::V1::ListsController < Api::BaseController
|
|||
end
|
||||
|
||||
def list_params
|
||||
params.permit(:title, :replies_policy, :exclusive)
|
||||
params.permit(:title, :replies_policy)
|
||||
end
|
||||
end
|
||||
|
|
|
@ -6,20 +6,19 @@ class Api::V1::MediaController < Api::BaseController
|
|||
before_action :set_media_attachment, except: [:create]
|
||||
before_action :check_processing, except: [:create]
|
||||
|
||||
def show
|
||||
render json: @media_attachment, serializer: REST::MediaAttachmentSerializer, status: status_code_for_media_attachment
|
||||
end
|
||||
|
||||
def create
|
||||
@media_attachment = current_account.media_attachments.create!(media_attachment_params)
|
||||
render json: @media_attachment, serializer: REST::MediaAttachmentSerializer
|
||||
rescue Paperclip::Errors::NotIdentifiedByImageMagickError
|
||||
render json: file_type_error, status: 422
|
||||
rescue Paperclip::Error => e
|
||||
Rails.logger.error "#{e.class}: #{e.message}"
|
||||
rescue Paperclip::Error
|
||||
render json: processing_error, status: 500
|
||||
end
|
||||
|
||||
def show
|
||||
render json: @media_attachment, serializer: REST::MediaAttachmentSerializer, status: status_code_for_media_attachment
|
||||
end
|
||||
|
||||
def update
|
||||
@media_attachment.update!(updateable_media_attachment_params)
|
||||
render json: @media_attachment, serializer: REST::MediaAttachmentSerializer, status: status_code_for_media_attachment
|
||||
|
|
|
@ -8,7 +8,6 @@ class Api::V1::PollsController < Api::BaseController
|
|||
before_action :refresh_poll
|
||||
|
||||
def show
|
||||
cache_if_unauthenticated!
|
||||
render json: @poll, serializer: REST::PollSerializer, include_results: true
|
||||
end
|
||||
|
||||
|
|
|
@ -6,10 +6,6 @@ class Api::V1::Push::SubscriptionsController < Api::BaseController
|
|||
before_action :set_push_subscription
|
||||
before_action :check_push_subscription, only: [:show, :update]
|
||||
|
||||
def show
|
||||
render json: @push_subscription, serializer: REST::WebPushSubscriptionSerializer
|
||||
end
|
||||
|
||||
def create
|
||||
@push_subscription&.destroy!
|
||||
|
||||
|
@ -25,6 +21,10 @@ class Api::V1::Push::SubscriptionsController < Api::BaseController
|
|||
render json: @push_subscription, serializer: REST::WebPushSubscriptionSerializer
|
||||
end
|
||||
|
||||
def show
|
||||
render json: @push_subscription, serializer: REST::WebPushSubscriptionSerializer
|
||||
end
|
||||
|
||||
def update
|
||||
@push_subscription.update!(data: data_params)
|
||||
render json: @push_subscription, serializer: REST::WebPushSubscriptionSerializer
|
||||
|
|
|
@ -8,7 +8,6 @@ class Api::V1::Statuses::FavouritedByAccountsController < Api::BaseController
|
|||
after_action :insert_pagination_headers
|
||||
|
||||
def index
|
||||
cache_if_unauthenticated!
|
||||
@accounts = load_accounts
|
||||
render json: @accounts, each_serializer: REST::AccountSerializer
|
||||
end
|
||||
|
|
|
@ -7,7 +7,6 @@ class Api::V1::Statuses::HistoriesController < Api::BaseController
|
|||
before_action :set_status
|
||||
|
||||
def show
|
||||
cache_if_unauthenticated!
|
||||
render json: @status.edits.includes(:account, status: [:account]), each_serializer: REST::StatusEditSerializer
|
||||
end
|
||||
|
||||
|
|
|
@ -9,23 +9,17 @@ class Api::V1::Statuses::ReactionsController < Api::BaseController
|
|||
|
||||
def create
|
||||
ReactService.new.call(current_account, @status, params[:id])
|
||||
render json: @status, serializer: REST::StatusSerializer
|
||||
render_empty
|
||||
end
|
||||
|
||||
def destroy
|
||||
UnreactWorker.perform_async(current_account.id, @status.id, params[:id])
|
||||
|
||||
render json: @status, serializer: REST::StatusSerializer, relationships: StatusRelationshipsPresenter.new([@status], current_account.id, reactions_map: { @status.id => false })
|
||||
rescue Mastodon::NotPermittedError
|
||||
not_found
|
||||
UnreactService.new.call(current_account, @status, params[:id])
|
||||
render_empty
|
||||
end
|
||||
|
||||
private
|
||||
|
||||
def set_status
|
||||
@status = Status.find(params[:status_id])
|
||||
authorize @status, :show?
|
||||
rescue Mastodon::NotPermittedError
|
||||
not_found
|
||||
end
|
||||
end
|
||||
|
|
|
@ -8,7 +8,6 @@ class Api::V1::Statuses::RebloggedByAccountsController < Api::BaseController
|
|||
after_action :insert_pagination_headers
|
||||
|
||||
def index
|
||||
cache_if_unauthenticated!
|
||||
@accounts = load_accounts
|
||||
render json: @accounts, each_serializer: REST::AccountSerializer
|
||||
end
|
||||
|
|
|
@ -2,8 +2,6 @@
|
|||
|
||||
class Api::V1::Statuses::ReblogsController < Api::BaseController
|
||||
include Authorization
|
||||
include Redisable
|
||||
include Lockable
|
||||
|
||||
before_action -> { doorkeeper_authorize! :write, :'write:statuses' }
|
||||
before_action :require_user!
|
||||
|
@ -12,9 +10,7 @@ class Api::V1::Statuses::ReblogsController < Api::BaseController
|
|||
override_rate_limit_headers :create, family: :statuses
|
||||
|
||||
def create
|
||||
with_redis_lock("reblog:#{current_account.id}:#{@reblog.id}") do
|
||||
@status = ReblogService.new.call(current_account, @reblog, reblog_params)
|
||||
end
|
||||
@status = ReblogService.new.call(current_account, @reblog, reblog_params)
|
||||
|
||||
render json: @status, serializer: REST::StatusSerializer
|
||||
end
|
||||
|
|
|
@ -24,14 +24,11 @@ class Api::V1::StatusesController < Api::BaseController
|
|||
DESCENDANTS_DEPTH_LIMIT = 20
|
||||
|
||||
def show
|
||||
cache_if_unauthenticated!
|
||||
@status = cache_collection([@status], Status).first
|
||||
render json: @status, serializer: REST::StatusSerializer
|
||||
end
|
||||
|
||||
def context
|
||||
cache_if_unauthenticated!
|
||||
|
||||
ancestors_limit = CONTEXT_LIMIT
|
||||
descendants_limit = CONTEXT_LIMIT
|
||||
descendants_depth_limit = nil
|
||||
|
@ -69,7 +66,8 @@ class Api::V1::StatusesController < Api::BaseController
|
|||
content_type: status_params[:content_type],
|
||||
allowed_mentions: status_params[:allowed_mentions],
|
||||
idempotency: request.headers['Idempotency-Key'],
|
||||
with_rate_limit: true
|
||||
with_rate_limit: true,
|
||||
quote_id: status_params[:quote_id].presence
|
||||
)
|
||||
|
||||
render json: @status, serializer: @status.is_a?(ScheduledStatus) ? REST::ScheduledStatusSerializer : REST::StatusSerializer
|
||||
|
@ -140,6 +138,7 @@ class Api::V1::StatusesController < Api::BaseController
|
|||
:visibility,
|
||||
:language,
|
||||
:scheduled_at,
|
||||
:quote_id,
|
||||
:content_type,
|
||||
allowed_mentions: [],
|
||||
media_ids: [],
|
||||
|
|
|
@ -5,7 +5,7 @@ class Api::V1::StreamingController < Api::BaseController
|
|||
if Rails.configuration.x.streaming_api_base_url == request.host
|
||||
not_found
|
||||
else
|
||||
redirect_to streaming_api_url, status: 301, allow_other_host: true
|
||||
redirect_to streaming_api_url, status: 301
|
||||
end
|
||||
end
|
||||
|
||||
|
|
|
@ -8,7 +8,6 @@ class Api::V1::TagsController < Api::BaseController
|
|||
override_rate_limit_headers :follow, family: :follows
|
||||
|
||||
def show
|
||||
cache_if_unauthenticated!
|
||||
render json: @tag, serializer: REST::TagSerializer
|
||||
end
|
||||
|
||||
|
|
|
@ -5,7 +5,6 @@ class Api::V1::Timelines::PublicController < Api::BaseController
|
|||
after_action :insert_pagination_headers, unless: -> { @statuses.empty? }
|
||||
|
||||
def show
|
||||
cache_if_unauthenticated!
|
||||
@statuses = load_statuses
|
||||
render json: @statuses, each_serializer: REST::StatusSerializer, relationships: StatusRelationshipsPresenter.new(@statuses, current_user&.account_id)
|
||||
end
|
||||
|
|
|
@ -5,7 +5,6 @@ class Api::V1::Timelines::TagController < Api::BaseController
|
|||
after_action :insert_pagination_headers, unless: -> { @statuses.empty? }
|
||||
|
||||
def show
|
||||
cache_if_unauthenticated!
|
||||
@statuses = load_statuses
|
||||
render json: @statuses, each_serializer: REST::StatusSerializer, relationships: StatusRelationshipsPresenter.new(@statuses, current_user&.account_id)
|
||||
end
|
||||
|
|
|
@ -1,8 +1,6 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
class Api::V1::Trends::LinksController < Api::BaseController
|
||||
vary_by 'Authorization, Accept-Language'
|
||||
|
||||
before_action :set_links
|
||||
|
||||
after_action :insert_pagination_headers
|
||||
|
@ -10,7 +8,6 @@ class Api::V1::Trends::LinksController < Api::BaseController
|
|||
DEFAULT_LINKS_LIMIT = 10
|
||||
|
||||
def index
|
||||
cache_if_unauthenticated!
|
||||
render json: @links, each_serializer: REST::Trends::LinkSerializer
|
||||
end
|
||||
|
||||
|
|
|
@ -1,14 +1,11 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
class Api::V1::Trends::StatusesController < Api::BaseController
|
||||
vary_by 'Authorization, Accept-Language'
|
||||
|
||||
before_action :set_statuses
|
||||
|
||||
after_action :insert_pagination_headers
|
||||
|
||||
def index
|
||||
cache_if_unauthenticated!
|
||||
render json: @statuses, each_serializer: REST::StatusSerializer
|
||||
end
|
||||
|
||||
|
|
|
@ -8,7 +8,6 @@ class Api::V1::Trends::TagsController < Api::BaseController
|
|||
DEFAULT_TAGS_LIMIT = (ENV['MAX_TRENDING_TAGS'] || 10).to_i
|
||||
|
||||
def index
|
||||
cache_if_unauthenticated!
|
||||
render json: @tags, each_serializer: REST::TagSerializer, relationships: TagRelationshipsPresenter.new(@tags, current_user&.account_id)
|
||||
end
|
||||
|
||||
|
|
|
@ -12,16 +12,16 @@ class Api::V2::Filters::KeywordsController < Api::BaseController
|
|||
render json: @keywords, each_serializer: REST::FilterKeywordSerializer
|
||||
end
|
||||
|
||||
def show
|
||||
render json: @keyword, serializer: REST::FilterKeywordSerializer
|
||||
end
|
||||
|
||||
def create
|
||||
@keyword = current_account.custom_filters.find(params[:filter_id]).keywords.create!(resource_params)
|
||||
|
||||
render json: @keyword, serializer: REST::FilterKeywordSerializer
|
||||
end
|
||||
|
||||
def show
|
||||
render json: @keyword, serializer: REST::FilterKeywordSerializer
|
||||
end
|
||||
|
||||
def update
|
||||
@keyword.update!(resource_params)
|
||||
|
||||
|
|
|
@ -12,16 +12,16 @@ class Api::V2::Filters::StatusesController < Api::BaseController
|
|||
render json: @status_filters, each_serializer: REST::FilterStatusSerializer
|
||||
end
|
||||
|
||||
def show
|
||||
render json: @status_filter, serializer: REST::FilterStatusSerializer
|
||||
end
|
||||
|
||||
def create
|
||||
@status_filter = current_account.custom_filters.find(params[:filter_id]).statuses.create!(resource_params)
|
||||
|
||||
render json: @status_filter, serializer: REST::FilterStatusSerializer
|
||||
end
|
||||
|
||||
def show
|
||||
render json: @status_filter, serializer: REST::FilterStatusSerializer
|
||||
end
|
||||
|
||||
def destroy
|
||||
@status_filter.destroy!
|
||||
render_empty
|
||||
|
|
|
@ -11,16 +11,16 @@ class Api::V2::FiltersController < Api::BaseController
|
|||
render json: @filters, each_serializer: REST::FilterSerializer, rules_requested: true
|
||||
end
|
||||
|
||||
def show
|
||||
render json: @filter, serializer: REST::FilterSerializer, rules_requested: true
|
||||
end
|
||||
|
||||
def create
|
||||
@filter = current_account.custom_filters.create!(resource_params)
|
||||
|
||||
render json: @filter, serializer: REST::FilterSerializer, rules_requested: true
|
||||
end
|
||||
|
||||
def show
|
||||
render json: @filter, serializer: REST::FilterSerializer, rules_requested: true
|
||||
end
|
||||
|
||||
def update
|
||||
@filter.update!(resource_params)
|
||||
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
|
||||
class Api::V2::InstancesController < Api::V1::InstancesController
|
||||
def show
|
||||
cache_even_if_authenticated!
|
||||
expires_in 3.minutes, public: true
|
||||
render_with_cache json: InstancePresenter.new, serializer: REST::InstanceSerializer, root: 'instance'
|
||||
end
|
||||
end
|
||||
|
|
|
@ -6,8 +6,7 @@ class Api::V2::MediaController < Api::V1::MediaController
|
|||
render json: @media_attachment, serializer: REST::MediaAttachmentSerializer, status: @media_attachment.not_processed? ? 202 : 200
|
||||
rescue Paperclip::Errors::NotIdentifiedByImageMagickError
|
||||
render json: file_type_error, status: 422
|
||||
rescue Paperclip::Error => e
|
||||
Rails.logger.error "#{e.class}: #{e.message}"
|
||||
rescue Paperclip::Error
|
||||
render json: processing_error, status: 500
|
||||
end
|
||||
end
|
||||
|
|
|
@ -21,8 +21,6 @@ class ApplicationController < ActionController::Base
|
|||
helper_method :omniauth_only?
|
||||
helper_method :sso_account_settings
|
||||
helper_method :whitelist_mode?
|
||||
helper_method :body_class_string
|
||||
helper_method :skip_csrf_meta_tags?
|
||||
|
||||
rescue_from ActionController::ParameterMissing, Paperclip::AdapterRegistry::NoHandlerError, with: :bad_request
|
||||
rescue_from Mastodon::NotPermittedError, with: :forbidden
|
||||
|
@ -39,11 +37,9 @@ class ApplicationController < ActionController::Base
|
|||
service_unavailable
|
||||
end
|
||||
|
||||
before_action :store_referrer, except: :raise_not_found, if: :devise_controller?
|
||||
before_action :store_current_location, except: :raise_not_found, unless: :devise_controller?
|
||||
before_action :require_functional!, if: :user_signed_in?
|
||||
|
||||
before_action :set_cache_control_defaults
|
||||
|
||||
skip_before_action :verify_authenticity_token, only: :raise_not_found
|
||||
|
||||
def raise_not_found
|
||||
|
@ -60,25 +56,14 @@ class ApplicationController < ActionController::Base
|
|||
!authorized_fetch_mode?
|
||||
end
|
||||
|
||||
def store_referrer
|
||||
return if request.referer.blank?
|
||||
|
||||
redirect_uri = URI(request.referer)
|
||||
return if redirect_uri.path.start_with?('/auth')
|
||||
|
||||
stored_url = redirect_uri.to_s if redirect_uri.host == request.host && redirect_uri.port == request.port
|
||||
|
||||
store_location_for(:user, stored_url)
|
||||
def store_current_location
|
||||
store_location_for(:user, request.url) unless [:json, :rss].include?(request.format&.to_sym)
|
||||
end
|
||||
|
||||
def require_functional!
|
||||
redirect_to edit_user_registration_path unless current_user.functional?
|
||||
end
|
||||
|
||||
def skip_csrf_meta_tags?
|
||||
false
|
||||
end
|
||||
|
||||
def after_sign_out_path_for(_resource_or_scope)
|
||||
if ENV['OMNIAUTH_ONLY'] == 'true' && ENV['OIDC_ENABLED'] == 'true'
|
||||
'/auth/auth/openid_connect/logout'
|
||||
|
@ -142,7 +127,7 @@ class ApplicationController < ActionController::Base
|
|||
end
|
||||
|
||||
def sso_account_settings
|
||||
ENV.fetch('SSO_ACCOUNT_SETTINGS', nil)
|
||||
ENV.fetch('SSO_ACCOUNT_SETTINGS')
|
||||
end
|
||||
|
||||
def current_account
|
||||
|
@ -157,10 +142,6 @@ class ApplicationController < ActionController::Base
|
|||
@current_session = SessionActivation.find_by(session_id: cookies.signed['_session_id']) if cookies.signed['_session_id'].present?
|
||||
end
|
||||
|
||||
def body_class_string
|
||||
@body_classes || ''
|
||||
end
|
||||
|
||||
def respond_with_error(code)
|
||||
respond_to do |format|
|
||||
format.any do
|
||||
|
@ -170,8 +151,4 @@ class ApplicationController < ActionController::Base
|
|||
format.json { render json: { error: Rack::Utils::HTTP_STATUS_CODES[code] }, status: code }
|
||||
end
|
||||
end
|
||||
|
||||
def set_cache_control_defaults
|
||||
response.cache_control.replace(private: true, no_store: true)
|
||||
end
|
||||
end
|
||||
|
|
|
@ -15,6 +15,12 @@ class Auth::ConfirmationsController < Devise::ConfirmationsController
|
|||
|
||||
skip_before_action :require_functional!
|
||||
|
||||
def new
|
||||
super
|
||||
|
||||
resource.email = current_user.unconfirmed_email || current_user.email if user_signed_in?
|
||||
end
|
||||
|
||||
def show
|
||||
old_session_values = session.to_hash
|
||||
reset_session
|
||||
|
@ -23,12 +29,6 @@ class Auth::ConfirmationsController < Devise::ConfirmationsController
|
|||
super
|
||||
end
|
||||
|
||||
def new
|
||||
super
|
||||
|
||||
resource.email = current_user.unconfirmed_email || current_user.email if user_signed_in?
|
||||
end
|
||||
|
||||
def confirm_captcha
|
||||
check_captcha! do |message|
|
||||
flash.now[:alert] = message
|
||||
|
@ -51,12 +51,14 @@ class Auth::ConfirmationsController < Devise::ConfirmationsController
|
|||
# step.
|
||||
confirmation_token = params[:confirmation_token]
|
||||
return if confirmation_token.nil?
|
||||
|
||||
@confirmation_user = User.find_first_by_auth_conditions(confirmation_token: confirmation_token)
|
||||
end
|
||||
|
||||
def captcha_user_bypass?
|
||||
return true if @confirmation_user.nil? || @confirmation_user.confirmed?
|
||||
|
||||
invite = Invite.find(@confirmation_user.invite_id) if @confirmation_user.invite_id.present?
|
||||
invite.present? && !invite.max_uses.nil?
|
||||
end
|
||||
|
||||
def set_pack
|
||||
|
@ -88,10 +90,8 @@ class Auth::ConfirmationsController < Devise::ConfirmationsController
|
|||
def after_confirmation_path_for(_resource_name, user)
|
||||
if user.created_by_application && truthy_param?(:redirect_to_app)
|
||||
user.created_by_application.confirmation_redirect_uri
|
||||
elsif user_signed_in?
|
||||
web_url('start')
|
||||
else
|
||||
new_user_session_path
|
||||
super
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -25,16 +25,16 @@ class Auth::RegistrationsController < Devise::RegistrationsController
|
|||
super(&:build_invite_request)
|
||||
end
|
||||
|
||||
def destroy
|
||||
not_found
|
||||
end
|
||||
|
||||
def update
|
||||
super do |resource|
|
||||
resource.clear_other_sessions(current_session.session_id) if resource.saved_change_to_encrypted_password?
|
||||
end
|
||||
end
|
||||
|
||||
def destroy
|
||||
not_found
|
||||
end
|
||||
|
||||
protected
|
||||
|
||||
def update_resource(resource, params)
|
||||
|
@ -47,7 +47,7 @@ class Auth::RegistrationsController < Devise::RegistrationsController
|
|||
super(hash)
|
||||
|
||||
resource.locale = I18n.locale
|
||||
resource.invite_code = @invite&.code if resource.invite_code.blank?
|
||||
resource.invite_code = params[:invite_code] if resource.invite_code.blank?
|
||||
resource.registration_form_time = session[:registration_form_time]
|
||||
resource.sign_up_ip = request.remote_ip
|
||||
|
||||
|
@ -132,7 +132,7 @@ class Auth::RegistrationsController < Devise::RegistrationsController
|
|||
end
|
||||
|
||||
def set_sessions
|
||||
@sessions = current_user.session_activations.order(updated_at: :desc)
|
||||
@sessions = current_user.session_activations
|
||||
end
|
||||
|
||||
def set_strikes
|
||||
|
@ -157,6 +157,6 @@ class Auth::RegistrationsController < Devise::RegistrationsController
|
|||
end
|
||||
|
||||
def set_cache_headers
|
||||
response.cache_control.replace(private: true, no_store: true)
|
||||
response.headers['Cache-Control'] = 'private, no-store'
|
||||
end
|
||||
end
|
||||
|
|
|
@ -11,7 +11,15 @@ class Auth::SetupController < ApplicationController
|
|||
|
||||
skip_before_action :require_functional!
|
||||
|
||||
def show; end
|
||||
def show
|
||||
flash.now[:notice] = begin
|
||||
if @user.pending?
|
||||
I18n.t('devise.registrations.signed_up_but_pending')
|
||||
else
|
||||
I18n.t('devise.registrations.signed_up_but_unconfirmed')
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
def update
|
||||
# This allows updating the e-mail without entering a password as is required
|
||||
|
@ -19,13 +27,14 @@ class Auth::SetupController < ApplicationController
|
|||
# that were not confirmed yet
|
||||
|
||||
if @user.update(user_params)
|
||||
@user.resend_confirmation_instructions unless @user.confirmed?
|
||||
redirect_to auth_setup_path, notice: I18n.t('auth.setup.new_confirmation_instructions_sent')
|
||||
redirect_to auth_setup_path, notice: I18n.t('devise.confirmations.send_instructions')
|
||||
else
|
||||
render :show
|
||||
end
|
||||
end
|
||||
|
||||
helper_method :missing_email?
|
||||
|
||||
private
|
||||
|
||||
def require_unconfirmed_or_pending!
|
||||
|
@ -44,7 +53,11 @@ class Auth::SetupController < ApplicationController
|
|||
params.require(:user).permit(:email)
|
||||
end
|
||||
|
||||
def missing_email?
|
||||
truthy_param?(:missing_email)
|
||||
end
|
||||
|
||||
def set_pack
|
||||
use_pack 'sign_up'
|
||||
use_pack 'auth'
|
||||
end
|
||||
end
|
||||
|
|
|
@ -60,7 +60,7 @@ class AuthorizeInteractionsController < ApplicationController
|
|||
end
|
||||
|
||||
def uri_param
|
||||
params[:uri] || params.fetch(:acct, '').delete_prefix('acct:')
|
||||
params[:uri] || params.fetch(:acct, '').gsub(/\Aacct:/, '')
|
||||
end
|
||||
|
||||
def set_body_classes
|
||||
|
|
|
@ -11,15 +11,11 @@ class BackupsController < ApplicationController
|
|||
def download
|
||||
case Paperclip::Attachment.default_options[:storage]
|
||||
when :s3
|
||||
redirect_to @backup.dump.expiring_url(10), allow_other_host: true
|
||||
redirect_to @backup.dump.expiring_url(10)
|
||||
when :fog
|
||||
if Paperclip::Attachment.default_options.dig(:fog_credentials, :openstack_temp_url_key).present?
|
||||
redirect_to @backup.dump.expiring_url(Time.now.utc + 10), allow_other_host: true
|
||||
else
|
||||
redirect_to full_asset_url(@backup.dump.url), allow_other_host: true
|
||||
end
|
||||
redirect_to @backup.dump.expiring_url(Time.now.utc + 10)
|
||||
when :filesystem
|
||||
redirect_to full_asset_url(@backup.dump.url), allow_other_host: true
|
||||
redirect_to full_asset_url(@backup.dump.url)
|
||||
end
|
||||
end
|
||||
|
||||
|
|
|
@ -10,8 +10,7 @@ module AccountControllerConcern
|
|||
|
||||
included do
|
||||
before_action :set_instance_presenter
|
||||
|
||||
after_action :set_link_headers, if: -> { request.format.nil? || request.format == :html }
|
||||
before_action :set_link_headers, if: -> { request.format.nil? || request.format == :html }
|
||||
end
|
||||
|
||||
private
|
||||
|
|
|
@ -155,30 +155,8 @@ module CacheConcern
|
|||
end
|
||||
end
|
||||
|
||||
class_methods do
|
||||
def vary_by(value, **kwargs)
|
||||
before_action(**kwargs) do |controller|
|
||||
response.headers['Vary'] = value.respond_to?(:call) ? controller.instance_exec(&value) : value
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
included do
|
||||
after_action :enforce_cache_control!
|
||||
end
|
||||
|
||||
# Prevents high-entropy headers such as `Cookie`, `Signature` or `Authorization`
|
||||
# from being used as cache keys, while allowing to `Vary` on them (to not serve
|
||||
# anonymous cached data to authenticated requests when authentication matters)
|
||||
def enforce_cache_control!
|
||||
vary = response.headers['Vary']&.split&.map { |x| x.strip.downcase }
|
||||
return unless vary.present? && %w(cookie authorization signature).any? { |header| vary.include?(header) && request.headers[header].present? }
|
||||
|
||||
response.cache_control.replace(private: true, no_store: true)
|
||||
end
|
||||
|
||||
def render_with_cache(**options)
|
||||
raise ArgumentError, 'Only JSON render calls are supported' unless options.key?(:json) || block_given?
|
||||
raise ArgumentError, 'only JSON render calls are supported' unless options.key?(:json) || block_given?
|
||||
|
||||
key = options.delete(:key) || [[params[:controller], params[:action]].join('/'), options[:json].respond_to?(:cache_key) ? options[:json].cache_key : nil, options[:fields].nil? ? nil : options[:fields].join(',')].compact.join(':')
|
||||
expires_in = options.delete(:expires_in) || 3.minutes
|
||||
|
@ -198,6 +176,10 @@ module CacheConcern
|
|||
end
|
||||
end
|
||||
|
||||
def set_cache_headers
|
||||
response.headers['Vary'] = public_fetch_mode? ? 'Accept' : 'Accept, Signature'
|
||||
end
|
||||
|
||||
def cache_collection(raw, klass)
|
||||
return raw unless klass.respond_to?(:with_includes)
|
||||
|
||||
|
@ -205,7 +187,7 @@ module CacheConcern
|
|||
return [] if raw.empty?
|
||||
|
||||
cached_keys_with_value = begin
|
||||
Rails.cache.read_multi(*raw).transform_keys(&:id).transform_values { |r| ActiveRecordCoder.load(r) }
|
||||
Rails.cache.read_multi(*raw, namespace: 'v2').transform_keys(&:id).transform_values { |r| ActiveRecordCoder.load(r) }
|
||||
rescue ActiveRecordCoder::Error
|
||||
{} # The serialization format may have changed, let's pretend it's a cache miss.
|
||||
end
|
||||
|
@ -218,7 +200,7 @@ module CacheConcern
|
|||
uncached = klass.where(id: uncached_ids).with_includes.index_by(&:id)
|
||||
|
||||
uncached.each_value do |item|
|
||||
Rails.cache.write(item, ActiveRecordCoder.dump(item))
|
||||
Rails.cache.write(item, ActiveRecordCoder.dump(item), namespace: 'v2')
|
||||
end
|
||||
end
|
||||
|
||||
|
|
|
@ -2,7 +2,6 @@
|
|||
|
||||
module CaptchaConcern
|
||||
extend ActiveSupport::Concern
|
||||
|
||||
include Hcaptcha::Adapters::ViewMethods
|
||||
|
||||
included do
|
||||
|
@ -36,22 +35,18 @@ module CaptchaConcern
|
|||
flash.delete(:hcaptcha_error)
|
||||
yield message
|
||||
end
|
||||
|
||||
false
|
||||
end
|
||||
end
|
||||
|
||||
def extend_csp_for_captcha!
|
||||
policy = request.content_security_policy
|
||||
|
||||
return unless captcha_required? && policy.present?
|
||||
|
||||
%w(script_src frame_src style_src connect_src).each do |directive|
|
||||
values = policy.send(directive)
|
||||
|
||||
values << 'https://hcaptcha.com' unless values.include?('https://hcaptcha.com') || values.include?('https:')
|
||||
values << 'https://*.hcaptcha.com' unless values.include?('https://*.hcaptcha.com') || values.include?('https:')
|
||||
|
||||
policy.send(directive, *values)
|
||||
end
|
||||
end
|
||||
|
|
|
@ -180,15 +180,14 @@ module SignatureVerification
|
|||
|
||||
def build_signed_string
|
||||
signed_headers.map do |signed_header|
|
||||
case signed_header
|
||||
when Request::REQUEST_TARGET
|
||||
if signed_header == Request::REQUEST_TARGET
|
||||
"#{Request::REQUEST_TARGET}: #{request.method.downcase} #{request.path}"
|
||||
when '(created)'
|
||||
elsif signed_header == '(created)'
|
||||
raise SignatureVerificationError, 'Invalid pseudo-header (created) for rsa-sha256' unless signature_algorithm == 'hs2019'
|
||||
raise SignatureVerificationError, 'Pseudo-header (created) used but corresponding argument missing' if signature_params['created'].blank?
|
||||
|
||||
"(created): #{signature_params['created']}"
|
||||
when '(expires)'
|
||||
elsif signed_header == '(expires)'
|
||||
raise SignatureVerificationError, 'Invalid pseudo-header (expires) for rsa-sha256' unless signature_algorithm == 'hs2019'
|
||||
raise SignatureVerificationError, 'Pseudo-header (expires) used but corresponding argument missing' if signature_params['expires'].blank?
|
||||
|
||||
|
@ -245,7 +244,7 @@ module SignatureVerification
|
|||
end
|
||||
|
||||
if key_id.start_with?('acct:')
|
||||
stoplight_wrap_request { ResolveAccountService.new.call(key_id.delete_prefix('acct:'), suppress_errors: false) }
|
||||
stoplight_wrap_request { ResolveAccountService.new.call(key_id.gsub(/\Aacct:/, ''), suppress_errors: false) }
|
||||
elsif !ActivityPub::TagManager.instance.local_uri?(key_id)
|
||||
account = ActivityPub::TagManager.instance.uri_to_actor(key_id)
|
||||
account ||= stoplight_wrap_request { ActivityPub::FetchRemoteKeyService.new.call(key_id, id: false, suppress_errors: false) }
|
||||
|
|
|
@ -7,12 +7,6 @@ module WebAppControllerConcern
|
|||
prepend_before_action :redirect_unauthenticated_to_permalinks!
|
||||
before_action :set_pack
|
||||
before_action :set_app_body_class
|
||||
|
||||
vary_by 'Accept, Accept-Language, Cookie'
|
||||
end
|
||||
|
||||
def skip_csrf_meta_tags?
|
||||
current_user.nil?
|
||||
end
|
||||
|
||||
def set_app_body_class
|
||||
|
|
|
@ -1,8 +1,18 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
class CustomCssController < ActionController::Base # rubocop:disable Rails/ApplicationController
|
||||
class CustomCssController < ApplicationController
|
||||
skip_before_action :store_current_location
|
||||
skip_before_action :require_functional!
|
||||
skip_before_action :update_user_sign_in
|
||||
skip_before_action :set_session_activity
|
||||
|
||||
skip_around_action :set_locale
|
||||
|
||||
before_action :set_cache_headers
|
||||
|
||||
def show
|
||||
expires_in 3.minutes, public: true
|
||||
request.session_options[:skip] = true
|
||||
render content_type: 'text/css'
|
||||
end
|
||||
end
|
||||
|
|
|
@ -10,7 +10,6 @@ class Disputes::BaseController < ApplicationController
|
|||
before_action :set_body_classes
|
||||
before_action :authenticate_user!
|
||||
before_action :set_pack
|
||||
before_action :set_cache_headers
|
||||
|
||||
private
|
||||
|
||||
|
@ -21,8 +20,4 @@ class Disputes::BaseController < ApplicationController
|
|||
def set_body_classes
|
||||
@body_classes = 'admin'
|
||||
end
|
||||
|
||||
def set_cache_headers
|
||||
response.cache_control.replace(private: true, no_store: true)
|
||||
end
|
||||
end
|
||||
|
|
|
@ -2,12 +2,15 @@
|
|||
|
||||
class EmojisController < ApplicationController
|
||||
before_action :set_emoji
|
||||
|
||||
vary_by -> { 'Signature' if authorized_fetch_mode? }
|
||||
before_action :set_cache_headers
|
||||
|
||||
def show
|
||||
expires_in 3.minutes, public: true
|
||||
render_with_cache json: @emoji, content_type: 'application/activity+json', serializer: ActivityPub::EmojiSerializer, adapter: ActivityPub::Adapter
|
||||
respond_to do |format|
|
||||
format.json do
|
||||
expires_in 3.minutes, public: true
|
||||
render_with_cache json: @emoji, content_type: 'application/activity+json', serializer: ActivityPub::EmojiSerializer, adapter: ActivityPub::Adapter
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
private
|
||||
|
|
|
@ -8,7 +8,6 @@ class Filters::StatusesController < ApplicationController
|
|||
before_action :set_status_filters
|
||||
before_action :set_pack
|
||||
before_action :set_body_classes
|
||||
before_action :set_cache_headers
|
||||
|
||||
PER_PAGE = 20
|
||||
|
||||
|
@ -50,8 +49,4 @@ class Filters::StatusesController < ApplicationController
|
|||
def set_body_classes
|
||||
@body_classes = 'admin'
|
||||
end
|
||||
|
||||
def set_cache_headers
|
||||
response.cache_control.replace(private: true, no_store: true)
|
||||
end
|
||||
end
|
||||
|
|
|
@ -7,7 +7,6 @@ class FiltersController < ApplicationController
|
|||
before_action :set_filter, only: [:edit, :update, :destroy]
|
||||
before_action :set_pack
|
||||
before_action :set_body_classes
|
||||
before_action :set_cache_headers
|
||||
|
||||
def index
|
||||
@filters = current_account.custom_filters.includes(:keywords, :statuses).order(:phrase)
|
||||
|
@ -18,8 +17,6 @@ class FiltersController < ApplicationController
|
|||
@filter.keywords.build
|
||||
end
|
||||
|
||||
def edit; end
|
||||
|
||||
def create
|
||||
@filter = current_account.custom_filters.build(resource_params)
|
||||
|
||||
|
@ -30,6 +27,8 @@ class FiltersController < ApplicationController
|
|||
end
|
||||
end
|
||||
|
||||
def edit; end
|
||||
|
||||
def update
|
||||
if @filter.update(resource_params)
|
||||
redirect_to filters_path
|
||||
|
@ -60,8 +59,4 @@ class FiltersController < ApplicationController
|
|||
def set_body_classes
|
||||
@body_classes = 'admin'
|
||||
end
|
||||
|
||||
def set_cache_headers
|
||||
response.cache_control.replace(private: true, no_store: true)
|
||||
end
|
||||
end
|
||||
|
|
|
@ -5,9 +5,8 @@ class FollowerAccountsController < ApplicationController
|
|||
include SignatureVerification
|
||||
include WebAppControllerConcern
|
||||
|
||||
vary_by -> { public_fetch_mode? ? 'Accept, Accept-Language, Cookie' : 'Accept, Accept-Language, Cookie, Signature' }
|
||||
|
||||
before_action :require_account_signature!, if: -> { request.format == :json && authorized_fetch_mode? }
|
||||
before_action :set_cache_headers
|
||||
|
||||
skip_around_action :set_locale, if: -> { request.format == :json }
|
||||
skip_before_action :require_functional!, unless: :whitelist_mode?
|
||||
|
@ -15,7 +14,7 @@ class FollowerAccountsController < ApplicationController
|
|||
def index
|
||||
respond_to do |format|
|
||||
format.html do
|
||||
expires_in(15.seconds, public: true, stale_while_revalidate: 30.seconds, stale_if_error: 1.hour) unless user_signed_in?
|
||||
expires_in 0, public: true unless user_signed_in?
|
||||
end
|
||||
|
||||
format.json do
|
||||
|
|
|
@ -5,9 +5,8 @@ class FollowingAccountsController < ApplicationController
|
|||
include SignatureVerification
|
||||
include WebAppControllerConcern
|
||||
|
||||
vary_by -> { public_fetch_mode? ? 'Accept, Accept-Language, Cookie' : 'Accept, Accept-Language, Cookie, Signature' }
|
||||
|
||||
before_action :require_account_signature!, if: -> { request.format == :json && authorized_fetch_mode? }
|
||||
before_action :set_cache_headers
|
||||
|
||||
skip_around_action :set_locale, if: -> { request.format == :json }
|
||||
skip_before_action :require_functional!, unless: :whitelist_mode?
|
||||
|
@ -15,7 +14,7 @@ class FollowingAccountsController < ApplicationController
|
|||
def index
|
||||
respond_to do |format|
|
||||
format.html do
|
||||
expires_in(15.seconds, public: true, stale_while_revalidate: 30.seconds, stale_if_error: 1.hour) unless user_signed_in?
|
||||
expires_in 0, public: true unless user_signed_in?
|
||||
end
|
||||
|
||||
format.json do
|
||||
|
|
|
@ -6,7 +6,7 @@ class HomeController < ApplicationController
|
|||
before_action :set_instance_presenter
|
||||
|
||||
def index
|
||||
expires_in(15.seconds, public: true, stale_while_revalidate: 30.seconds, stale_if_error: 1.day) unless user_signed_in?
|
||||
expires_in 0, public: true unless user_signed_in?
|
||||
end
|
||||
|
||||
private
|
||||
|
|
|
@ -1,13 +1,10 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
class InstanceActorsController < ActivityPub::BaseController
|
||||
vary_by ''
|
||||
class InstanceActorsController < ApplicationController
|
||||
include AccountControllerConcern
|
||||
|
||||
serialization_scope nil
|
||||
|
||||
before_action :set_account
|
||||
skip_before_action :require_functional!
|
||||
skip_before_action :update_user_sign_in
|
||||
skip_before_action :check_account_confirmation
|
||||
skip_around_action :set_locale
|
||||
|
||||
def show
|
||||
expires_in 10.minutes, public: true
|
||||
|
|
|
@ -9,7 +9,7 @@ class IntentsController < ApplicationController
|
|||
if uri.scheme == 'web+mastodon'
|
||||
case uri.host
|
||||
when 'follow'
|
||||
return redirect_to authorize_interaction_path(uri: uri.query_values['uri'].delete_prefix('acct:'))
|
||||
return redirect_to authorize_interaction_path(uri: uri.query_values['uri'].gsub(/\Aacct:/, ''))
|
||||
when 'share'
|
||||
return redirect_to share_path(text: uri.query_values['text'])
|
||||
end
|
||||
|
|
|
@ -8,7 +8,6 @@ class InvitesController < ApplicationController
|
|||
before_action :authenticate_user!
|
||||
before_action :set_pack
|
||||
before_action :set_body_classes
|
||||
before_action :set_cache_headers
|
||||
|
||||
def index
|
||||
authorize :invite, :create?
|
||||
|
@ -55,8 +54,4 @@ class InvitesController < ApplicationController
|
|||
def set_body_classes
|
||||
@body_classes = 'admin'
|
||||
end
|
||||
|
||||
def set_cache_headers
|
||||
response.cache_control.replace(private: true, no_store: true)
|
||||
end
|
||||
end
|
||||
|
|
|
@ -1,9 +1,8 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
class ManifestsController < ActionController::Base # rubocop:disable Rails/ApplicationController
|
||||
# Prevent `active_model_serializer`'s `ActionController::Serialization` from calling `current_user`
|
||||
# and thus re-issuing session cookies
|
||||
serialization_scope nil
|
||||
class ManifestsController < ApplicationController
|
||||
skip_before_action :store_current_location
|
||||
skip_before_action :require_functional!
|
||||
|
||||
def show
|
||||
expires_in 3.minutes, public: true
|
||||
|
|
|
@ -3,6 +3,7 @@
|
|||
class MediaController < ApplicationController
|
||||
include Authorization
|
||||
|
||||
skip_before_action :store_current_location
|
||||
skip_before_action :require_functional!, unless: :whitelist_mode?
|
||||
|
||||
before_action :authenticate_user!, if: :whitelist_mode?
|
||||
|
@ -46,7 +47,7 @@ class MediaController < ApplicationController
|
|||
end
|
||||
|
||||
def allow_iframing
|
||||
response.headers.delete('X-Frame-Options')
|
||||
response.headers['X-Frame-Options'] = 'ALLOWALL'
|
||||
end
|
||||
|
||||
def set_pack
|
||||
|
|
|
@ -6,6 +6,7 @@ class MediaProxyController < ApplicationController
|
|||
include Redisable
|
||||
include Lockable
|
||||
|
||||
skip_before_action :store_current_location
|
||||
skip_before_action :require_functional!
|
||||
|
||||
before_action :authenticate_user!, if: :whitelist_mode?
|
||||
|
@ -16,13 +17,13 @@ class MediaProxyController < ApplicationController
|
|||
rescue_from HTTP::TimeoutError, HTTP::ConnectionError, OpenSSL::SSL::SSLError, with: :internal_server_error
|
||||
|
||||
def show
|
||||
with_redis_lock("media_download:#{params[:id]}") do
|
||||
with_lock("media_download:#{params[:id]}") do
|
||||
@media_attachment = MediaAttachment.remote.attached.find(params[:id])
|
||||
authorize @media_attachment.status, :show?
|
||||
redownload! if @media_attachment.needs_redownload? && !reject_media?
|
||||
end
|
||||
|
||||
redirect_to full_asset_url(@media_attachment.file.url(version)), allow_other_host: true
|
||||
redirect_to full_asset_url(@media_attachment.file.url(version))
|
||||
end
|
||||
|
||||
private
|
||||
|
|
|
@ -39,6 +39,6 @@ class Oauth::AuthorizationsController < Doorkeeper::AuthorizationsController
|
|||
end
|
||||
|
||||
def set_cache_headers
|
||||
response.cache_control.replace(private: true, no_store: true)
|
||||
response.headers['Cache-Control'] = 'private, no-store'
|
||||
end
|
||||
end
|
||||
|
|
Some files were not shown because too many files have changed in this diff Show more
Loading…
Reference in a new issue