* Add REST API for creating an account
The method is available to apps with a token obtained via the client
credentials grant. It creates a user and account records, as well as
an access token for the app that initiated the request. The user is
unconfirmed, and an e-mail is sent as usual.
The method returns the access token, which the app should save for
later. The REST API is not available to users with unconfirmed
accounts, so the app must be smart to wait for the user to click a
link in their e-mail inbox.
The method is rate-limited by IP to 5 requests per 30 minutes.
* Redirect users back to app from confirmation if they were created with an app
* Add tests
* Return 403 on the method if registrations are not open
* Require agreement param to be true in the API when creating an account
* Add moderation warnings
Replace individual routes for disabling, silencing, and suspending
a user, as well as the report update route, with a unified account
action controller that allows you to select an action (none,
disable, silence, suspend) as well as whether it should generate an
e-mail notification with optional custom text. That notification,
with the optional custom text, is saved as a warning.
Additionally, there are warning presets you can configure to save
time when performing the above.
* Use Account#local_username_and_domain
* Do not animate account header art if user's GIF autoplay setting is off
Fixes#9472
* Honour currently logged-in user's GIF autoplay setting for account avatars
Fixes#9467
* Fix avatar display on some public pages when data is stored on a different host
* Use ternary operator instead of if/else for avatar/header URL
* Add instance-wide setting to disable profile directory
Fixes#9496
When the profile directory is disabled:
- The “discoverable” setting is hidden from users
- The “profile directory” link is not shown on public pages
- /explore returns 404
* Move Setting.profile_directory check to a before_action filter
* Add setting to not aggregate reblogs
Fixes#9222
* Handle cases where user is nil in add_to_home and add_to_list
* Add hint for setting_aggregate_reblogs option
* Reword setting_aggregate_reblogs label
* fix non-escaped html in the profile settings
* provide a default profile text in case if there's no custom one
* update haml syntax
* simplify default profile name to username
* sanitize user-input html but display emojified icons
* Fix missing variable in directory page title
* Order hashtags by number of people instead of alphabetically
* Add icon to OpenGraph preview of directory page
* Prevent line breaks in hashtags and ensure lowercase in the table
* Improve overview of accounts in admin UI
- Display suspended status, role, last activity and IP prominently
- Default to showing local accounts
- Default to not showing suspended accounts
* Remove unused strings
* Fix tests
* Allow filtering accounts by IP mask
Hello,
The ATOM feed contains the hub declaration for WebSub, but the RSS
version does not.
RSS/ATOM readers will typically pick whichever version comes first, and
will thus not see the WebSub feature.
I therefore suggest putting the ATOM version first, as it is more
feature-rich than its RSS counterpart is.
Clients not compatible with ATOM would not pick it anyway due to the
different type attribute.
A more complicated alternative would be to declare the WebSub feature in
the RSS version as well, using something like the following code, and
ensuring that clients subscribed to the RSS version would receive PuSH
updates just like those subscribed to the ATOM version.
````xml
<rss version="2.0" xmlns:webfeeds="http://webfeeds.org/rss/1.0"
xmlns:atom="http://www.w3.org/2005/Atom">
<channel>
<atom:link rel="self" type="application/rss+xml"
href="https://diaspodon.fr/users/test.rss"/>
<atom:link rel="hub" href="https://diaspodon.fr/api/push"/>
</channel>
</rss>
```
* Add silent column to mentions
* Save silent mentions in ActivityPub Create handler and optimize it
Move networking calls out of the database transaction
* Add "limited" visibility level masked as "private" in the API
Unlike DMs, limited statuses are pushed into home feeds. The access
control rules between direct and limited statuses is almost the same,
except for counter and conversation logic
* Ensure silent column is non-null, add spec
* Ensure filters don't check silent mentions for blocks/mutes
As those are "this person is also allowed to see" rather than "this
person is involved", therefore does not warrant filtering
* Clean up code
* Use Status#active_mentions to limit returned mentions
* Fix code style issues
* Use Status#active_mentions in Notification
And remove stream_entry eager-loading from Notification
* Revert "Fix some icon names changed by the Font Awesome 5. (#8796)"
This reverts commit 3f9ec3de82.
* Revert "Migrate to font-awesome 5.0. (#8799)"
This reverts commit 8bae14591b.
* Revert "Fix some icons names, unavailable in fontawesome5 (free license). (#8792)"
This reverts commit b9c727a945.
* Revert "Update the icon name changed by the Font Awesome 5. (#8776)"
This reverts commit 17af4d27da.
* Revert "Add bot icon to bot avatars and migrate to newer version of Font Awesome (#8484)"
This reverts commit 4b794e134d.