Merge branch 'master' into glitch-soc/merge-upstream

Conflicts:
- `Gemfile.lock`:
  Not a real conflict, upstream updated dependencies that were too close to
  glitch-soc-only ones in the file.
- `app/controllers/oauth/authorized_applications_controller.rb`:
  Upstream changed the logic surrounding suspended accounts.
  Minor conflict due to glitch-soc's theming system.
  Ported upstream changes.
- `app/controllers/settings/base_controller.rb`:
  Upstream refactored and changed the logic surrounding suspended accounts.
  Minor conflict due to glitch-soc's theming system.
  Ported upstream changes.
- `app/controllers/settings/sessions_controller.rb`:
  Upstream refactored and changed the logic surrounding suspended accounts.
  Minor conflict due to glitch-soc's theming system.
  Ported upstream changes.
- `app/models/user.rb`:
  Upstream refactored and changed the logic surrounding suspended accounts.
  Minor conflict due to glitch-soc not preventing moved accounts from logging
  in.
  Ported upstream changes while keeping the ability for moved accounts to log
  in.
- `app/policies/status_policy.rb`:
  Upstream refactored and changed the logic surrounding suspended accounts.
  Minor conflict due to glitch-soc's local-only toots.
  Ported upstream changes.
- `app/serializers/rest/account_serializer.rb`:
  Upstream refactored and changed the logic surrounding suspended accounts.
  Minor conflict due to glitch-soc's ability  to hide followers count.
  Ported upstream changes.
- `app/services/process_mentions_service.rb`:
  Upstream refactored and changed the logic surrounding suspended accounts.
  Minor conflict due to glitch-soc's local-only toots.
  Ported upstream changes.
- `package.json`:
  Not a real conflict, upstream updated dependencies that were too close to
  glitch-soc-only ones in the file.
master
Thibaut Girka 2 years ago
commit a7aedebc31
  1. 18
      Gemfile
  2. 144
      Gemfile.lock
  3. 11
      app/controllers/accounts_controller.rb
  4. 3
      app/controllers/activitypub/outboxes_controller.rb
  5. 31
      app/controllers/admin/accounts_controller.rb
  6. 4
      app/controllers/api/base_controller.rb
  7. 2
      app/controllers/api/v1/accounts/featured_tags_controller.rb
  8. 2
      app/controllers/api/v1/accounts/follower_accounts_controller.rb
  9. 2
      app/controllers/api/v1/accounts/following_accounts_controller.rb
  10. 2
      app/controllers/api/v1/accounts/identity_proofs_controller.rb
  11. 2
      app/controllers/api/v1/accounts/lists_controller.rb
  12. 2
      app/controllers/api/v1/accounts/relationships_controller.rb
  13. 2
      app/controllers/api/v1/accounts/statuses_controller.rb
  14. 10
      app/controllers/api/v1/accounts_controller.rb
  15. 9
      app/controllers/api/v1/admin/accounts_controller.rb
  16. 2
      app/controllers/api/v1/blocks_controller.rb
  17. 2
      app/controllers/api/v1/endorsements_controller.rb
  18. 4
      app/controllers/api/v1/follow_requests_controller.rb
  19. 4
      app/controllers/api/v1/lists/accounts_controller.rb
  20. 2
      app/controllers/api/v1/mutes_controller.rb
  21. 4
      app/controllers/api/v1/notifications_controller.rb
  22. 2
      app/controllers/api/v1/push/subscriptions_controller.rb
  23. 1
      app/controllers/api/v1/statuses/favourited_by_accounts_controller.rb
  24. 2
      app/controllers/api/v1/statuses/reblogged_by_accounts_controller.rb
  25. 3
      app/controllers/api/web/push_subscriptions_controller.rb
  26. 5
      app/controllers/concerns/export_controller_concern.rb
  27. 5
      app/controllers/oauth/authorized_applications_controller.rb
  28. 4
      app/controllers/settings/aliases_controller.rb
  29. 3
      app/controllers/settings/applications_controller.rb
  30. 7
      app/controllers/settings/base_controller.rb
  31. 9
      app/controllers/settings/deletes_controller.rb
  32. 2
      app/controllers/settings/exports/blocked_accounts_controller.rb
  33. 2
      app/controllers/settings/exports/blocked_domains_controller.rb
  34. 2
      app/controllers/settings/exports/following_accounts_controller.rb
  35. 2
      app/controllers/settings/exports/lists_controller.rb
  36. 2
      app/controllers/settings/exports/muted_accounts_controller.rb
  37. 11
      app/controllers/settings/exports_controller.rb
  38. 3
      app/controllers/settings/featured_tags_controller.rb
  39. 3
      app/controllers/settings/identity_proofs_controller.rb
  40. 3
      app/controllers/settings/imports_controller.rb
  41. 9
      app/controllers/settings/migration/redirects_controller.rb
  42. 9
      app/controllers/settings/migrations_controller.rb
  43. 1
      app/controllers/settings/pictures_controller.rb
  44. 4
      app/controllers/settings/preferences_controller.rb
  45. 3
      app/controllers/settings/profiles_controller.rb
  46. 9
      app/controllers/settings/sessions_controller.rb
  47. 5
      app/controllers/settings/two_factor_authentication/confirmations_controller.rb
  48. 5
      app/controllers/settings/two_factor_authentication/otp_authentication_controller.rb
  49. 5
      app/controllers/settings/two_factor_authentication/recovery_codes_controller.rb
  50. 3
      app/controllers/settings/two_factor_authentication/webauthn_credentials_controller.rb
  51. 5
      app/controllers/settings/two_factor_authentication_methods_controller.rb
  52. 4
      app/javascript/mastodon/actions/accounts.js
  53. 43
      app/javascript/mastodon/actions/markers.js
  54. 4
      app/javascript/mastodon/actions/notifications.js
  55. 38
      app/javascript/mastodon/actions/picture_in_picture.js
  56. 17
      app/javascript/mastodon/components/animated_number.js
  57. 20
      app/javascript/mastodon/components/error_boundary.js
  58. 11
      app/javascript/mastodon/components/icon_button.js
  59. 12
      app/javascript/mastodon/components/intersection_observer_article.js
  60. 69
      app/javascript/mastodon/components/picture_in_picture_placeholder.js
  61. 24
      app/javascript/mastodon/components/status.js
  62. 13
      app/javascript/mastodon/components/status_action_bar.js
  63. 6
      app/javascript/mastodon/containers/status_container.js
  64. 76
      app/javascript/mastodon/features/account/components/header.js
  65. 31
      app/javascript/mastodon/features/account_gallery/index.js
  66. 5
      app/javascript/mastodon/features/account_timeline/components/header.js
  67. 12
      app/javascript/mastodon/features/account_timeline/containers/header_container.js
  68. 8
      app/javascript/mastodon/features/account_timeline/index.js
  69. 47
      app/javascript/mastodon/features/audio/index.js
  70. 2
      app/javascript/mastodon/features/emoji/emoji.js
  71. 8
      app/javascript/mastodon/features/notifications/components/filter_bar.js
  72. 58
      app/javascript/mastodon/features/notifications/components/notification.js
  73. 41
      app/javascript/mastodon/features/notifications/index.js
  74. 137
      app/javascript/mastodon/features/picture_in_picture/components/footer.js
  75. 40
      app/javascript/mastodon/features/picture_in_picture/components/header.js
  76. 85
      app/javascript/mastodon/features/picture_in_picture/index.js
  77. 8
      app/javascript/mastodon/features/status/components/detailed_status.js
  78. 5
      app/javascript/mastodon/features/status/index.js
  79. 2
      app/javascript/mastodon/features/ui/components/media_modal.js
  80. 4
      app/javascript/mastodon/features/ui/components/video_modal.js
  81. 6
      app/javascript/mastodon/features/ui/index.js
  82. 53
      app/javascript/mastodon/features/video/index.js
  83. 2
      app/javascript/mastodon/reducers/index.js
  84. 111
      app/javascript/mastodon/reducers/notifications.js
  85. 22
      app/javascript/mastodon/reducers/picture_in_picture.js
  86. 5
      app/javascript/styles/contrast/diff.scss
  87. 149
      app/javascript/styles/mastodon/components.scss
  88. 4
      app/lib/activitypub/activity.rb
  89. 2
      app/lib/activitypub/activity/delete.rb
  90. 4
      app/lib/activitypub/activity/follow.rb
  91. 2
      app/lib/activitypub/activity/like.rb
  92. 10
      app/lib/request.rb
  93. 16
      app/mailers/notification_mailer.rb
  94. 28
      app/mailers/user_mailer.rb
  95. 9
      app/models/account.rb
  96. 5
      app/models/account_conversation.rb
  97. 20
      app/models/account_deletion_request.rb
  98. 4
      app/models/admin/account_action.rb
  99. 3
      app/models/concerns/account_associations.rb
  100. 26
      app/models/concerns/account_interactions.rb
  101. Some files were not shown because too many files have changed in this diff Show More

@ -5,10 +5,10 @@ ruby '>= 2.5.0', '< 3.0.0'
gem 'pkg-config', '~> 1.4'
gem 'puma', '~> 4.3'
gem 'rails', '~> 5.2.4.3'
gem 'puma', '~> 5.0'
gem 'rails', '~> 5.2.4.4'
gem 'sprockets', '~> 3.7.2'
gem 'thor', '~> 0.20'
gem 'thor', '~> 1.0'
gem 'rack', '~> 2.2.3'
gem 'thwait', '~> 0.2.0'
@ -20,7 +20,7 @@ gem 'makara', '~> 0.4'
gem 'pghero', '~> 2.7'
gem 'dotenv-rails', '~> 2.7'
gem 'aws-sdk-s3', '~> 1.79', require: false
gem 'aws-sdk-s3', '~> 1.81', require: false
gem 'fog-core', '<= 2.1.0'
gem 'fog-openstack', '~> 0.3', require: false
gem 'paperclip', '~> 6.0'
@ -123,26 +123,26 @@ end
group :test do
gem 'capybara', '~> 3.33'
gem 'climate_control', '~> 0.2'
gem 'faker', '~> 2.13'
gem 'faker', '~> 2.14'
gem 'microformats', '~> 4.2'
gem 'rails-controller-testing', '~> 1.0'
gem 'rspec-sidekiq', '~> 3.1'
gem 'simplecov', '~> 0.19', require: false
gem 'webmock', '~> 3.8'
gem 'parallel_tests', '~> 3.2'
gem 'webmock', '~> 3.9'
gem 'parallel_tests', '~> 3.3'
gem 'rspec_junit_formatter', '~> 0.4'
end
group :development do
gem 'active_record_query_trace', '~> 1.7'
gem 'annotate', '~> 3.1'
gem 'better_errors', '~> 2.7'
gem 'better_errors', '~> 2.8'
gem 'binding_of_caller', '~> 0.7'
gem 'bullet', '~> 6.1'
gem 'letter_opener', '~> 1.7'
gem 'letter_opener_web', '~> 1.4'
gem 'memory_profiler'
gem 'rubocop', '~> 0.90', require: false
gem 'rubocop', '~> 0.91', require: false
gem 'rubocop-rails', '~> 2.8', require: false
gem 'brakeman', '~> 4.9', require: false
gem 'bundler-audit', '~> 0.7', require: false

@ -16,25 +16,25 @@ GIT
GEM
remote: https://rubygems.org/
specs:
actioncable (5.2.4.3)
actionpack (= 5.2.4.3)
actioncable (5.2.4.4)
actionpack (= 5.2.4.4)
nio4r (~> 2.0)
websocket-driver (>= 0.6.1)
actionmailer (5.2.4.3)
actionpack (= 5.2.4.3)
actionview (= 5.2.4.3)
activejob (= 5.2.4.3)
actionmailer (5.2.4.4)
actionpack (= 5.2.4.4)
actionview (= 5.2.4.4)
activejob (= 5.2.4.4)
mail (~> 2.5, >= 2.5.4)
rails-dom-testing (~> 2.0)
actionpack (5.2.4.3)
actionview (= 5.2.4.3)
activesupport (= 5.2.4.3)
actionpack (5.2.4.4)
actionview (= 5.2.4.4)
activesupport (= 5.2.4.4)
rack (~> 2.0, >= 2.0.8)
rack-test (>= 0.6.3)
rails-dom-testing (~> 2.0)
rails-html-sanitizer (~> 1.0, >= 1.0.2)
actionview (5.2.4.3)
activesupport (= 5.2.4.3)
actionview (5.2.4.4)
activesupport (= 5.2.4.4)
builder (~> 3.1)
erubi (~> 1.4)
rails-dom-testing (~> 2.0)
@ -45,20 +45,20 @@ GEM
case_transform (>= 0.2)
jsonapi-renderer (>= 0.1.1.beta1, < 0.3)
active_record_query_trace (1.7)
activejob (5.2.4.3)
activesupport (= 5.2.4.3)
activejob (5.2.4.4)
activesupport (= 5.2.4.4)
globalid (>= 0.3.6)
activemodel (5.2.4.3)
activesupport (= 5.2.4.3)
activerecord (5.2.4.3)
activemodel (= 5.2.4.3)
activesupport (= 5.2.4.3)
activemodel (5.2.4.4)
activesupport (= 5.2.4.4)
activerecord (5.2.4.4)
activemodel (= 5.2.4.4)
activesupport (= 5.2.4.4)
arel (>= 9.0)
activestorage (5.2.4.3)
actionpack (= 5.2.4.3)
activerecord (= 5.2.4.3)
activestorage (5.2.4.4)
actionpack (= 5.2.4.4)
activerecord (= 5.2.4.4)
marcel (~> 0.3.1)
activesupport (5.2.4.3)
activesupport (5.2.4.4)
concurrent-ruby (~> 1.0, >= 1.0.2)
i18n (>= 0.7, < 2)
minitest (~> 5.1)
@ -79,23 +79,23 @@ GEM
cocaine (~> 0.5.3)
awrence (1.1.1)
aws-eventstream (1.1.0)
aws-partitions (1.365.0)
aws-sdk-core (3.105.0)
aws-partitions (1.373.0)
aws-sdk-core (3.107.0)
aws-eventstream (~> 1, >= 1.0.2)
aws-partitions (~> 1, >= 1.239.0)
aws-sigv4 (~> 1.1)
jmespath (~> 1.0)
aws-sdk-kms (1.37.0)
aws-sdk-kms (1.38.0)
aws-sdk-core (~> 3, >= 3.99.0)
aws-sigv4 (~> 1.1)
aws-sdk-s3 (1.79.1)
aws-sdk-s3 (1.81.0)
aws-sdk-core (~> 3, >= 3.104.3)
aws-sdk-kms (~> 1)
aws-sigv4 (~> 1.1)
aws-sigv4 (1.2.2)
aws-eventstream (~> 1, >= 1.0.2)
bcrypt (3.1.16)
better_errors (2.7.1)
better_errors (2.8.1)
coderay (>= 1.0.0)
erubi (>= 1.0.0)
rack (>= 0.9.0)
@ -160,13 +160,12 @@ GEM
cose (1.0.0)
cbor (~> 0.5.9)
openssl-signature_algorithm (~> 0.4.0)
crack (0.4.3)
safe_yaml (~> 1.0.0)
crack (0.4.4)
crass (1.0.6)
css_parser (1.7.1)
addressable
debug_inspector (0.0.3)
devise (4.7.2)
devise (4.7.3)
bcrypt (~> 3.0)
orm_adapter (~> 0.1)
railties (>= 4.1.0)
@ -210,7 +209,7 @@ GEM
tzinfo
excon (0.76.0)
fabrication (2.21.1)
faker (2.13.0)
faker (2.14.0)
i18n (>= 1.6, < 2)
faraday (1.0.1)
multipart-post (>= 1.2, < 3)
@ -233,7 +232,7 @@ GEM
fog-json (>= 1.0)
ipaddress (>= 0.8)
formatador (0.2.5)
fugit (1.3.8)
fugit (1.3.9)
et-orbi (~> 1.1, >= 1.1.8)
raabro (~> 1.3)
fuubar (2.5.0)
@ -363,7 +362,7 @@ GEM
net-scp (3.0.0)
net-ssh (>= 2.6.5, < 7.0.0)
net-ssh (6.1.0)
nio4r (2.5.3)
nio4r (2.5.4)
nokogiri (1.10.10)
mini_portile2 (~> 2.4.0)
nokogumbo (2.0.2)
@ -387,7 +386,7 @@ GEM
openssl (2.2.0)
openssl-signature_algorithm (0.4.0)
orm_adapter (0.5.0)
ox (2.13.3)
ox (2.13.4)
paperclip (6.0.0)
activemodel (>= 4.2.0)
activesupport (>= 4.2.0)
@ -398,7 +397,7 @@ GEM
av (~> 0.9.0)
paperclip (>= 2.5.2)
parallel (1.19.2)
parallel_tests (3.2.0)
parallel_tests (3.3.0)
parallel
parser (2.7.1.4)
ast (~> 2.4.1)
@ -406,11 +405,11 @@ GEM
pastel (0.8.0)
tty-color (~> 0.5)
pg (1.2.3)
pghero (2.7.0)
pghero (2.7.2)
activerecord (>= 5)
pkg-config (1.4.2)
pkg-config (1.4.3)
posix-spawn (0.3.15)
premailer (1.13.1)
premailer (1.14.2)
addressable
css_parser (>= 1.6.0)
htmlentities (>= 4.0.0)
@ -427,7 +426,7 @@ GEM
pry-rails (0.3.9)
pry (>= 0.10.4)
public_suffix (4.0.6)
puma (4.3.6)
puma (5.0.0)
nio4r (~> 2.0)
pundit (2.1.0)
activesupport (>= 3.0.0)
@ -441,18 +440,18 @@ GEM
rack
rack-test (1.1.0)
rack (>= 1.0, < 3)
rails (5.2.4.3)
actioncable (= 5.2.4.3)
actionmailer (= 5.2.4.3)
actionpack (= 5.2.4.3)
actionview (= 5.2.4.3)
activejob (= 5.2.4.3)
activemodel (= 5.2.4.3)
activerecord (= 5.2.4.3)
activestorage (= 5.2.4.3)
activesupport (= 5.2.4.3)
rails (5.2.4.4)
actioncable (= 5.2.4.4)
actionmailer (= 5.2.4.4)
actionpack (= 5.2.4.4)
actionview (= 5.2.4.4)
activejob (= 5.2.4.4)
activemodel (= 5.2.4.4)
activerecord (= 5.2.4.4)
activestorage (= 5.2.4.4)
activesupport (= 5.2.4.4)
bundler (>= 1.3.0)
railties (= 5.2.4.3)
railties (= 5.2.4.4)
sprockets-rails (>= 2.0.0)
rails-controller-testing (1.0.5)
actionpack (>= 5.0.1.rc1)
@ -468,9 +467,9 @@ GEM
railties (>= 5.0, < 6)
rails-settings-cached (0.6.6)
rails (>= 4.2.0)
railties (5.2.4.3)
actionpack (= 5.2.4.3)
activesupport (= 5.2.4.3)
railties (5.2.4.4)
actionpack (= 5.2.4.4)
activesupport (= 5.2.4.4)
method_source
rake (>= 0.8.7)
thor (>= 0.19.0, < 2.0)
@ -482,7 +481,7 @@ GEM
rdf-normalize (0.4.0)
rdf (~> 3.1)
redcarpet (3.5.0)
redis (4.2.1)
redis (4.2.2)
redis-actionpack (5.2.0)
actionpack (>= 5, < 7)
redis-rack (>= 2.1.0, < 3)
@ -501,7 +500,7 @@ GEM
redis-store (>= 1.2, < 2)
redis-store (1.9.0)
redis (>= 4, < 5)
regexp_parser (1.7.1)
regexp_parser (1.8.0)
request_store (1.5.0)
rack (>= 1.4)
responders (3.0.1)
@ -536,18 +535,18 @@ GEM
rspec-support (3.9.3)
rspec_junit_formatter (0.4.1)
rspec-core (>= 2, < 4, != 2.12.0)
rubocop (0.90.0)
rubocop (0.91.0)
parallel (~> 1.10)
parser (>= 2.7.1.1)
rainbow (>= 2.2.2, < 4.0)
regexp_parser (>= 1.7)
rexml
rubocop-ast (>= 0.3.0, < 1.0)
rubocop-ast (>= 0.4.0, < 1.0)
ruby-progressbar (~> 1.7)
unicode-display_width (>= 1.4.0, < 2.0)
rubocop-ast (0.3.0)
rubocop-ast (0.4.2)
parser (>= 2.7.1.4)
rubocop-rails (2.8.0)
rubocop-rails (2.8.1)
activesupport (>= 4.2.0)
rack (>= 1.1)
rubocop (>= 0.87.0)
@ -556,7 +555,6 @@ GEM
nokogiri (>= 1.5.10)
rufus-scheduler (3.6.0)
fugit (~> 1.1, >= 1.1.6)
safe_yaml (1.0.5)
safety_net_attestation (0.4.0)
jwt (~> 2.0)
sanitize (5.2.1)
@ -565,7 +563,7 @@ GEM
nokogumbo (~> 2.0)
securecompare (1.0.0)
semantic_range (2.3.0)
sidekiq (6.1.1)
sidekiq (6.1.2)
connection_pool (>= 2.2.2)
rack (~> 2.0)
redis (>= 4.2.0)
@ -594,7 +592,7 @@ GEM
sprockets (3.7.2)
concurrent-ruby (~> 1.0)
rack (> 1, < 3)
sprockets-rails (3.2.1)
sprockets-rails (3.2.2)
actionpack (>= 4.0)
activesupport (>= 4.0)
sprockets (>= 3.0.0)
@ -613,7 +611,7 @@ GEM
unicode-display_width (~> 1.1, >= 1.1.1)
terrapin (0.6.0)
climate_control (>= 0.0.3, < 1.0)
thor (0.20.3)
thor (1.0.1)
thread_safe (0.3.6)
thwait (0.2.0)
e2mmap
@ -654,7 +652,7 @@ GEM
safety_net_attestation (~> 0.4.0)
securecompare (~> 1.0)
tpm-key_attestation (~> 0.9.0)
webmock (3.8.3)
webmock (3.9.1)
addressable (>= 2.3.6)
crack (>= 0.3.2)
hashdiff (>= 0.4.0, < 2.0.0)
@ -681,8 +679,8 @@ DEPENDENCIES
active_record_query_trace (~> 1.7)
addressable (~> 2.7)
annotate (~> 3.1)
aws-sdk-s3 (~> 1.79)
better_errors (~> 2.7)
aws-sdk-s3 (~> 1.81)
better_errors (~> 2.8)
binding_of_caller (~> 0.7)
blurhash (~> 0.1)
bootsnap (~> 1.4)
@ -711,7 +709,7 @@ DEPENDENCIES
e2mmap (~> 0.1.0)
ed25519 (~> 1.2)
fabrication (~> 2.21)
faker (~> 2.13)
faker (~> 2.14)
fast_blank (~> 1.0)
fastimage
fog-core (<= 2.1.0)
@ -752,7 +750,7 @@ DEPENDENCIES
paperclip (~> 6.0)
paperclip-av-transcoder (~> 0.6)
parallel (~> 1.19)
parallel_tests (~> 3.2)
parallel_tests (~> 3.3)
parslet
pg (~> 1.2)
pghero (~> 2.7)
@ -762,12 +760,12 @@ DEPENDENCIES
private_address_check (~> 0.5)
pry-byebug (~> 3.9)
pry-rails (~> 0.3)
puma (~> 4.3)
puma (~> 5.0)
pundit (~> 2.1)
rack (~> 2.2.3)
rack-attack (~> 6.3)
rack-cors (~> 1.1)
rails (~> 5.2.4.3)
rails (~> 5.2.4.4)
rails-controller-testing (~> 1.0)
rails-i18n (~> 5.1)
rails-settings-cached (~> 0.6)
@ -780,7 +778,7 @@ DEPENDENCIES
rspec-rails (~> 4.0)
rspec-sidekiq (~> 3.1)
rspec_junit_formatter (~> 0.4)
rubocop (~> 0.90)
rubocop (~> 0.91)
rubocop-rails (~> 2.8)
ruby-progressbar (~> 1.10)
sanitize (~> 5.2)
@ -797,12 +795,12 @@ DEPENDENCIES
stoplight (~> 2.2.1)
streamio-ffmpeg (~> 3.0)
strong_migrations (~> 0.7)
thor (~> 0.20)
thor (~> 1.0)
thwait (~> 0.2.0)
tty-prompt (~> 0.22)
twitter-text (~> 1.14)
tzinfo-data (~> 1.2020)
webauthn (~> 3.0.0.alpha1)
webmock (~> 3.8)
webmock (~> 3.9)
webpacker (~> 5.2)
webpush

@ -7,6 +7,7 @@ class AccountsController < ApplicationController
include AccountControllerConcern
include SignatureAuthentication
before_action :require_signature!, if: -> { request.format == :json && authorized_fetch_mode? }
before_action :set_cache_headers
before_action :set_body_classes
@ -49,7 +50,7 @@ class AccountsController < ApplicationController
format.json do
expires_in 3.minutes, public: !(authorized_fetch_mode? && signed_request_account.present?)
render_with_cache json: @account, content_type: 'application/activity+json', serializer: ActivityPub::ActorSerializer, adapter: ActivityPub::Adapter, fields: restrict_fields_to
render_with_cache json: @account, content_type: 'application/activity+json', serializer: ActivityPub::ActorSerializer, adapter: ActivityPub::Adapter
end
end
end
@ -154,12 +155,4 @@ class AccountsController < ApplicationController
def params_slice(*keys)
params.slice(*keys).permit(*keys)
end
def restrict_fields_to
if signed_request_account.present? || public_fetch_mode?
# Return all fields
else
%i(id type preferred_username inbox public_key endpoints)
end
end
end

@ -57,9 +57,8 @@ class ActivityPub::OutboxesController < ActivityPub::BaseController
def set_statuses
return unless page_requested?
@statuses = @account.statuses.permitted_for(@account, signed_request_account)
@statuses = cache_collection_paginated_by_id(
@statuses,
@account.statuses.permitted_for(@account, signed_request_account),
Status,
LIMIT,
params_slice(:max_id, :min_id, :since_id)

@ -2,7 +2,7 @@
module Admin
class AccountsController < BaseController
before_action :set_account, only: [:show, :redownload, :remove_avatar, :remove_header, :enable, :unsilence, :unsuspend, :memorialize, :approve, :reject]
before_action :set_account, except: [:index]
before_action :require_remote_account!, only: [:redownload]
before_action :require_local_account!, only: [:enable, :memorialize, :approve, :reject]
@ -14,49 +14,58 @@ module Admin
def show
authorize @account, :show?
@deletion_request = @account.deletion_request
@account_moderation_note = current_account.account_moderation_notes.new(target_account: @account)
@moderation_notes = @account.targeted_moderation_notes.latest
@warnings = @account.targeted_account_warnings.latest.custom
@domain_block = DomainBlock.rule_for(@account.domain)
end
def memorialize
authorize @account, :memorialize?
@account.memorialize!
log_action :memorialize, @account
redirect_to admin_account_path(@account.id)
redirect_to admin_account_path(@account.id), notice: I18n.t('admin.accounts.memorialized_msg', username: @account.acct)
end
def enable
authorize @account.user, :enable?
@account.user.enable!
log_action :enable, @account.user
redirect_to admin_account_path(@account.id)
redirect_to admin_account_path(@account.id), notice: I18n.t('admin.accounts.enabled_msg', username: @account.acct)
end
def approve
authorize @account.user, :approve?
@account.user.approve!
redirect_to admin_pending_accounts_path
redirect_to admin_pending_accounts_path, notice: I18n.t('admin.accounts.approved_msg', username: @account.acct)
end
def reject
authorize @account.user, :reject?
SuspendAccountService.new.call(@account, reserve_email: false, reserve_username: false)
redirect_to admin_pending_accounts_path
DeleteAccountService.new.call(@account, reserve_email: false, reserve_username: false)
redirect_to admin_pending_accounts_path, notice: I18n.t('admin.accounts.rejected_msg', username: @account.acct)
end
def destroy
authorize @account, :destroy?
Admin::AccountDeletionWorker.perform_async(@account.id)
redirect_to admin_account_path(@account.id), notice: I18n.t('admin.accounts.destroyed_msg', username: @account.acct)
end
def unsilence
authorize @account, :unsilence?
@account.unsilence!
log_action :unsilence, @account
redirect_to admin_account_path(@account.id)
redirect_to admin_account_path(@account.id), notice: I18n.t('admin.accounts.unsilenced_msg', username: @account.acct)
end
def unsuspend
authorize @account, :unsuspend?
@account.unsuspend!
Admin::UnsuspensionWorker.perform_async(@account.id)
log_action :unsuspend, @account
redirect_to admin_account_path(@account.id)
redirect_to admin_account_path(@account.id), notice: I18n.t('admin.accounts.unsuspended_msg', username: @account.acct)
end
def redownload
@ -65,7 +74,7 @@ module Admin
@account.update!(last_webfingered_at: nil)
ResolveAccountService.new.call(@account)
redirect_to admin_account_path(@account.id)
redirect_to admin_account_path(@account.id), notice: I18n.t('admin.accounts.redownloaded_msg', username: @account.acct)
end
def remove_avatar
@ -76,7 +85,7 @@ module Admin
log_action :remove_avatar, @account.user
redirect_to admin_account_path(@account.id)
redirect_to admin_account_path(@account.id), notice: I18n.t('admin.accounts.removed_avatar_msg', username: @account.acct)
end
def remove_header
@ -87,7 +96,7 @@ module Admin
log_action :remove_header, @account.user
redirect_to admin_account_path(@account.id)
redirect_to admin_account_path(@account.id), notice: I18n.t('admin.accounts.removed_header_msg', username: @account.acct)
end
private

@ -96,12 +96,12 @@ class Api::BaseController < ApplicationController
def require_user!
if !current_user
render json: { error: 'This method requires an authenticated user' }, status: 422
elsif current_user.disabled?
render json: { error: 'Your login is currently disabled' }, status: 403
elsif !current_user.confirmed?
render json: { error: 'Your login is missing a confirmed e-mail address' }, status: 403
elsif !current_user.approved?
render json: { error: 'Your login is currently pending approval' }, status: 403
elsif !current_user.functional?
render json: { error: 'Your login is currently disabled' }, status: 403
else
set_user_activity
end

@ -17,6 +17,6 @@ class Api::V1::Accounts::FeaturedTagsController < Api::BaseController
end
def set_featured_tags
@featured_tags = @account.featured_tags
@featured_tags = @account.suspended? ? @account.featured_tags : []
end
end

@ -25,7 +25,7 @@ class Api::V1::Accounts::FollowerAccountsController < Api::BaseController
end
def hide_results?
(@account.hides_followers? && current_account&.id != @account.id) || (current_account && @account.blocking?(current_account))
@account.suspended? || (@account.hides_followers? && current_account&.id != @account.id) || (current_account && @account.blocking?(current_account))
end
def default_accounts

@ -25,7 +25,7 @@ class Api::V1::Accounts::FollowingAccountsController < Api::BaseController
end
def hide_results?
(@account.hides_following? && current_account&.id != @account.id) || (current_account && @account.blocking?(current_account))
@account.suspended? || (@account.hides_following? && current_account&.id != @account.id) || (current_account && @account.blocking?(current_account))
end
def default_accounts

@ -5,7 +5,7 @@ class Api::V1::Accounts::IdentityProofsController < Api::BaseController
before_action :set_account
def index
@proofs = @account.identity_proofs.active
@proofs = @account.suspended? ? [] : @account.identity_proofs.active
render json: @proofs, each_serializer: REST::IdentityProofSerializer
end

@ -6,7 +6,7 @@ class Api::V1::Accounts::ListsController < Api::BaseController
before_action :set_account
def index
@lists = @account.lists.where(account: current_account)
@lists = @account.suspended? ? [] : @account.lists.where(account: current_account)
render json: @lists, each_serializer: REST::ListSerializer
end

@ -5,7 +5,7 @@ class Api::V1::Accounts::RelationshipsController < Api::BaseController
before_action :require_user!
def index
accounts = Account.where(id: account_ids).select('id')
accounts = Account.without_suspended.where(id: account_ids).select('id')
# .where doesn't guarantee that our results are in the same order
# we requested them, so return the "right" order to the requestor.
@accounts = accounts.index_by(&:id).values_at(*account_ids).compact

@ -18,7 +18,7 @@ class Api::V1::Accounts::StatusesController < Api::BaseController
end
def load_statuses
cached_account_statuses
@account.suspended? ? [] : cached_account_statuses
end
def cached_account_statuses

@ -9,7 +9,6 @@ class Api::V1::AccountsController < Api::BaseController
before_action :require_user!, except: [:show, :create]
before_action :set_account, except: [:create]
before_action :check_account_suspension, only: [:show]
before_action :check_enabled_registrations, only: [:create]
skip_before_action :require_authenticated_user!, only: :create
@ -31,9 +30,8 @@ class Api::V1::AccountsController < Api::BaseController
end
def follow
FollowService.new.call(current_user.account, @account, reblogs: truthy_param?(:reblogs), with_rate_limit: true)
options = @account.locked? || current_user.account.silenced? ? {} : { following_map: { @account.id => { reblogs: truthy_param?(:reblogs) } }, requested_map: { @account.id => false } }
follow = FollowService.new.call(current_user.account, @account, reblogs: params.key?(:reblogs) ? truthy_param?(:reblogs) : nil, notify: params.key?(:notify) ? truthy_param?(:notify) : nil, with_rate_limit: true)
options = @account.locked? || current_user.account.silenced? ? {} : { following_map: { @account.id => { reblogs: follow.show_reblogs?, notify: follow.notify? } }, requested_map: { @account.id => false } }
render json: @account, serializer: REST::RelationshipSerializer, relationships: relationships(options)
end
@ -73,10 +71,6 @@ class Api::V1::AccountsController < Api::BaseController
AccountRelationshipsPresenter.new([@account.id], current_user.account_id, options)
end
def check_account_suspension
gone if @account.suspended?
end
def account_params
params.permit(:username, :email, :password, :agreement, :locale, :reason)
end

@ -58,7 +58,13 @@ class Api::V1::Admin::AccountsController < Api::BaseController
def reject
authorize @account.user, :reject?
SuspendAccountService.new.call(@account, reserve_email: false, reserve_username: false)
DeleteAccountService.new.call(@account, reserve_email: false, reserve_username: false)
render json: @account, serializer: REST::Admin::AccountSerializer
end
def destroy
authorize @account, :destroy?
Admin::AccountDeletionWorker.perform_async(@account.id)
render json: @account, serializer: REST::Admin::AccountSerializer
end
@ -72,6 +78,7 @@ class Api::V1::Admin::AccountsController < Api::BaseController
def unsuspend
authorize @account, :unsuspend?
@account.unsuspend!
Admin::UnsuspensionWorker.perform_async(@account.id)
log_action :unsuspend, @account
render json: @account, serializer: REST::Admin::AccountSerializer
end

@ -18,6 +18,8 @@ class Api::V1::BlocksController < Api::BaseController
def paginated_blocks
@paginated_blocks ||= Block.eager_load(target_account: :account_stat)
.joins(:target_account)
.merge(Account.without_suspended)
.where(account: current_account)
.paginate_by_max_id(
limit_param(DEFAULT_ACCOUNTS_LIMIT),

@ -25,7 +25,7 @@ class Api::V1::EndorsementsController < Api::BaseController
end
def endorsed_accounts
current_account.endorsed_accounts.includes(:account_stat)
current_account.endorsed_accounts.includes(:account_stat).without_suspended
end
def insert_pagination_headers

@ -13,7 +13,7 @@ class Api::V1::FollowRequestsController < Api::BaseController
def authorize
AuthorizeFollowService.new.call(account, current_account)
NotifyService.new.call(current_account, Follow.find_by(account: account, target_account: current_account))
NotifyService.new.call(current_account, :follow, Follow.find_by(account: account, target_account: current_account))
render json: account, serializer: REST::RelationshipSerializer, relationships: relationships
end
@ -37,7 +37,7 @@ class Api::V1::FollowRequestsController < Api::BaseController
end
def default_accounts
Account.includes(:follow_requests, :account_stat).references(:follow_requests)
Account.without_suspended.includes(:follow_requests, :account_stat).references(:follow_requests)
end
def paginated_follow_requests

@ -37,9 +37,9 @@ class Api::V1::Lists::AccountsController < Api::BaseController
def load_accounts
if unlimited?
@list.accounts.includes(:account_stat).all
@list.accounts.without_suspended.includes(:account_stat).all
else
@list.accounts.includes(:account_stat).paginate_by_max_id(limit_param(DEFAULT_ACCOUNTS_LIMIT), params[:max_id], params[:since_id])
@list.accounts.without_suspended.includes(:account_stat).paginate_by_max_id(limit_param(DEFAULT_ACCOUNTS_LIMIT), params[:max_id], params[:since_id])
end
end

@ -27,6 +27,8 @@ class Api::V1::MutesController < Api::BaseController
def paginated_mutes
@paginated_mutes ||= Mute.eager_load(:target_account)
.joins(:target_account)
.merge(Account.without_suspended)
.where(account: current_account)
.paginate_by_max_id(
limit_param(DEFAULT_ACCOUNTS_LIMIT),

@ -14,7 +14,7 @@ class Api::V1::NotificationsController < Api::BaseController
end
def show
@notification = current_account.notifications.find(params[:id])
@notification = current_account.notifications.without_suspended.find(params[:id])
render json: @notification, serializer: REST::NotificationSerializer
end
@ -49,7 +49,7 @@ class Api::V1::NotificationsController < Api::BaseController
end
def browserable_account_notifications
current_account.notifications.browserable(exclude_types, from_account)
current_account.notifications.without_suspended.browserable(exclude_types, from_account)
end
def target_statuses_from_notifications

@ -52,6 +52,6 @@ class Api::V1::Push::SubscriptionsController < Api::BaseController
def data_params
return {} if params[:data].blank?
params.require(:data).permit(alerts: [:follow, :follow_request, :favourite, :reblog, :mention, :poll])
params.require(:data).permit(alerts: [:follow, :follow_request, :favourite, :reblog, :mention, :poll, :status])
end
end

@ -22,6 +22,7 @@ class Api::V1::Statuses::FavouritedByAccountsController < Api::BaseController
def default_accounts
Account
.without_suspended
.includes(:favourites, :account_stat)
.references(:favourites)
.where(favourites: { status_id: @status.id })

@ -21,7 +21,7 @@ class Api::V1::Statuses::RebloggedByAccountsController < Api::BaseController
end
def default_accounts
Account.includes(:statuses, :account_stat).references(:statuses)
Account.without_suspended.includes(:statuses, :account_stat).references(:statuses)
end
def paginated_statuses

@ -22,6 +22,7 @@ class Api::Web::PushSubscriptionsController < Api::Web::BaseController
reblog: alerts_enabled,
mention: alerts_enabled,
poll: alerts_enabled,
status: alerts_enabled,
},
}
@ -57,6 +58,6 @@ class Api::Web::PushSubscriptionsController < Api::Web::BaseController
end
def data_params
@data_params ||= params.require(:data).permit(alerts: [:follow, :follow_request, :favourite, :reblog, :mention, :poll])
@data_params ||= params.require(:data).permit(alerts: [:follow, :follow_request, :favourite, :reblog, :mention, :poll, :status])
end
end

@ -5,7 +5,6 @@ module ExportControllerConcern
included do
before_action :authenticate_user!
before_action :require_not_suspended!
before_action :load_export
skip_before_action :require_functional!
@ -30,8 +29,4 @@ module ExportControllerConcern
def export_filename
"#{controller_name}.csv"
end
def require_not_suspended!
forbidden if current_account.suspended?
end
end

@ -6,6 +6,7 @@ class Oauth::AuthorizedApplicationsController < Doorkeeper::AuthorizedApplicatio
before_action :store_current_location
before_action :authenticate_resource_owner!
before_action :set_pack
before_action :require_not_suspended!, only: :destroy
before_action :set_body_classes
skip_before_action :require_functional!
@ -30,4 +31,8 @@ class Oauth::AuthorizedApplicationsController < Doorkeeper::AuthorizedApplicatio
def set_pack
use_pack 'settings'
end
def require_not_suspended!
forbidden if current_account.suspended?
end
end

@ -1,9 +1,9 @@
# frozen_string_literal: true
class Settings::AliasesController < Settings::BaseController
layout 'admin'
skip_before_action :require_functional!
before_action :authenticate_user!
before_action :require_not_suspended!
before_action :set_aliases, except: :destroy
before_action :set_alias, only: :destroy

@ -1,9 +1,6 @@
# frozen_string_literal: true
class Settings::ApplicationsController < Settings::BaseController
layout 'admin'
before_action :authenticate_user!
before_action :set_application, only: [:show, :update, :destroy, :regenerate]
before_action :prepare_scopes, only: [:create, :update]

@ -2,6 +2,9 @@
class Settings::BaseController < ApplicationController
before_action :set_pack
layout 'admin'
before_action :authenticate_user!
before_action :set_body_classes
before_action :set_cache_headers
@ -18,4 +21,8 @@ class Settings::BaseController < ApplicationController
def set_cache_headers
response.headers['Cache-Control'] = 'no-cache, no-store, max-age=0, must-revalidate'
end
def require_not_suspended!
forbidden if current_account.suspended?
end
end

@ -1,13 +1,10 @@
# frozen_string_literal: true
class Settings::DeletesController < Settings::BaseController
layout 'admin'
skip_before_action :require_functional!
before_action :check_enabled_deletion
before_action :authenticate_user!
before_action :require_not_suspended!
skip_before_action :require_functional!
before_action :check_enabled_deletion
def show
@confirmation = Form::DeleteConfirmation.new
@ -46,7 +43,7 @@ class Settings::DeletesController < Settings::BaseController
def destroy_account!
current_account.suspend!
Admin::SuspensionWorker.perform_async(current_user.account_id, true)
AccountDeletionWorker.perform_async(current_user.account_id)
sign_out
end
end

@ -2,7 +2,7 @@
module Settings
module Exports
class BlockedAccountsController < ApplicationController
class BlockedAccountsController < BaseController
include ExportControllerConcern
def index

@ -2,7 +2,7 @@
module Settings
module Exports
class BlockedDomainsController < ApplicationController
class BlockedDomainsController < BaseController
include ExportControllerConcern
def index

@ -2,7 +2,7 @@
module Settings
module Exports
class FollowingAccountsController < ApplicationController
class FollowingAccountsController < BaseController
include ExportControllerConcern
def index

@ -2,7 +2,7 @@
module Settings
module Exports
class ListsController < ApplicationController
class ListsController < BaseController
include ExportControllerConcern
def index

@ -2,7 +2,7 @@
module Settings
module Exports
class MutedAccountsController < ApplicationController
class MutedAccountsController < BaseController
include ExportControllerConcern
def index

@ -3,11 +3,6 @@
class Settings::ExportsController < Settings::BaseController
include Authorization
layout 'admin'
before_action :authenticate_user!
before_action :require_not_suspended!
skip_before_action :require_functional!
def show
@ -16,8 +11,6 @@ class Settings::ExportsController < Settings::BaseController
end
def create
raise Mastodon::NotPermittedError unless user_signed_in?
backup = nil
RedisLock.acquire(lock_options) do |lock|
@ -37,8 +30,4 @@ class Settings::ExportsController < Settings::BaseController
def lock_options
{ redis: Redis.current, key: "backup:#{current_user.id}" }
end
def require_not_suspended!
forbidden if current_account.suspended?
end
end

@ -1,9 +1,6 @@
# frozen_string_literal: true
class Settings::FeaturedTagsController < Settings::BaseController
layout 'admin'
before_action :authenticate_user!
before_action :set_featured_tags, only: :index
before_action :set_featured_tag, except: [:index, :create]
before_action :set_recently_used_tags, only: :index

@ -1,9 +1,6 @@
# frozen_string_literal: true
class Settings::IdentityProofsController < Settings::BaseController
layout 'admin'
before_action :authenticate_user!
before_action :check_required_params, only: :new
before_action :check_enabled, only: :new

@ -1,9 +1,6 @@
# frozen_string_literal: true
class Settings::ImportsController < Settings::BaseController
layout 'admin'
before_action :authenticate_user!
before_action :set_account
def show

@ -1,13 +1,10 @@
# frozen_string_literal: true
class Settings::Migration::RedirectsController < Settings::BaseController
layout 'admin'
skip_before_action :require_functional!
before_action :authenticate_user!
before_action :require_not_suspended!
skip_before_action :require_functional!
def new
@redirect = Form::Redirect.new
end
@ -38,8 +35,4 @@ class Settings::Migration::RedirectsController < Settings::BaseController
def resource_params
params.require(:form_redirect).permit(:acct, :current_password, :current_username)
end
def require_not_suspended!
forbidden if current_account.suspended?
end
end

@ -1,15 +1,12 @@
# frozen_string_literal: true
class Settings::MigrationsController < Settings::BaseController
layout 'admin'
skip_before_action :require_functional!
before_action :authenticate_user!
before_action :require_not_suspended!
before_action :set_migrations
before_action :set_cooldown
skip_before_action :require_functional!
def show
@migration = current_account.migrations.build
end
@ -44,8 +41,4 @@ class Settings::MigrationsController < Settings::BaseController
def on_cooldown?
@cooldown.present?
end
def require_not_suspended!
forbidden if current_account.suspended?
end