nocebo/diaspora
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
20705 commits 4 branches 0 tags 121 MiB
Commit graph

2625 commits

Author SHA1 Message Date
Benjamin Neff
9b6a2268e9
Bump diaspora_federation and enable forgery protection by default 2022-07-24 00:29:56 +02:00
Benjamin Neff
ed8e340fa2
Add a dummy route for /.well-known/host-meta 
This was removed from the diaspora_federation gem, since it's not used
for the federation/discovery anymore since a long time. But old versions
of the ConnectionTester up to version 0.7.17 still check if this route
exist or else they mark the pod as offline. So lets add a dummy
host-meta with an empty response back, so the ConnectionTester is happy
again until we can remove this workaround again.
 2022-07-23 00:17:06 +02:00
Benjamin Neff
4edaebb94f
Remove "Did you mean?" from api errors when a parameter is missing 
This isn't helpful at all for an api if you don't send a required
parameter and get an error response that just tells you what parameters
that were available.

This is a new feature with rails >= 6.1 and ruby >= 2.7, so this just
keeps the old behaviour of older rails/ruby versions.
 2022-07-20 21:35:02 +02:00
Benjamin Neff
d4079070ed
Merge branch 'next-minor' into develop 2022-07-20 21:34:39 +02:00
Benjamin Neff
b5a46cf7bb
Fix deprecation warnings for rails 6.0 2022-07-20 21:26:58 +02:00
Dennis Schubert
22ac0872bd
Merge branch 'next-minor' into develop 2022-04-27 20:37:49 +02:00
Jonne Haß
43ee2dbb50 Do not allow to mass assign OTP fields on user edit page 2022-04-27 19:48:42 +02:00
Jonne Haß
1cfe0037f9 Do not allow the user to mass assign their own password alongside other 
parameters

Much thanks to Breno Vitório (@brenu) for the report!
 2022-04-27 13:44:48 +02:00
Benjamin Neff
36778dbeac
Remove /user/auth_token route, this was a leftover from the chat 
Also remove authentication_token from database
 2022-02-27 23:06:24 +01:00
Thorsten Claus
6c4c6f8889
Migration Backend Part 2021-11-23 01:48:32 +01:00
Benjamin Neff
750186319e
Merge branch 'next-minor' into develop 2021-09-18 19:24:20 +02:00
Benjamin Neff
28f03f0a11
Cleanup person_by_handle route 
I think this is a leftover from a long time ago and I can't find
anything that still uses that

closes #8280
 2021-09-18 19:18:34 +02:00
Dennis Schubert
0810fa77e9
Remove special-case for diaspora-handle lookups in people controller. 
Thss partly reverts a475d5fb62. The special case here was only ever used for the chat, which no longer exists.
 2021-07-04 22:10:20 +02:00
Benjamin Neff
1dd2382d03
Merge pull request #8243 from tclaus/8192_drop_relay_example 
drop relay example and implementation

closes #8192
 2021-06-13 01:35:42 +02:00
Thorsten Claus
61de6e117d 8192 drop relay example and implementation 2021-05-12 23:23:46 +02:00
Thorsten Claus
2db1d5d641 Fixing PR Rewview issues 2021-04-18 13:11:25 +02:00
Thorsten Claus
4147249d2d Makes the local posts link be configured for special audiences 2021-04-18 13:11:25 +02:00
Thorsten Claus
ddee980426 Adds a local-public tag on the sidebar that shows all posts local to this pod 2021-04-18 13:11:25 +02:00
Jonne Haß
d9db761c79 API: Add endpoint to toggle conversation read status 2020-11-30 18:03:38 +01:00
Jonne Haß
a7ff52f366 API: Don't mark conversations as read when fetching its messages 2020-11-30 18:03:38 +01:00
Jonne Haß
0aba20f85c OpenID Connect: ensure consistent issuer URL 
root_url does not know the right protocol in all contexts,
some clients are strict when validating this.
 2020-10-24 22:30:43 +02:00
Benjamin Neff
81bc438c98
Fix error in TagFollowingsController#create when duplicate is created 2020-10-23 21:10:15 +02:00
Jonne Haß
7fabd9d17f OpenID Connect: Disable form-action CSP on authorization page 
Some browsers apply this CSP rules even to the redirect response
after the POST requests, blocking the redirect_uri redirect
 2020-10-20 18:10:52 +02:00
Jonne Haß
d13bcc00e0 Merge branch 'next-minor' into develop 2020-03-21 19:15:14 +01:00
Vitalie Ciubotaru
827a2ce991 Remove links to deleted profiles in admin user stats 
closes #8063
closes #8061
 2020-03-21 19:14:56 +01:00
Jonne Haß
1a7b2b0c31 API: extend /search/user with a filter option 
See API docs for more details
 2020-03-20 12:39:09 +01:00
Jonne Haß
2d28ddc1ef Add API route to (un)block a user 2020-03-20 12:38:27 +01:00
Jonne Haß
cd6e02ccec API: allow post creation without a body when there are photos 2020-02-20 18:50:32 +01:00
Jonne Haß
e9242d7754 API: Fix fetching explicitly not only unread conversations 2020-02-17 10:59:10 +01:00
Jonne Haß
00df0b7bda API: add new route to search for tags 2020-02-17 10:58:04 +01:00
Benjamin Neff
4139ae2549
Merge branch 'next-minor' into develop 2020-02-12 00:13:19 +01:00
Dennis Schubert
2e2b42ef1a
Mark non-attribute usage in SQL queries as safe. 
Non-attribute arguments will be disallowed in Rails 6.0.
 2020-02-11 23:54:55 +01:00
Dennis Schubert
45e8b54bea
Check for status codes instead of relying on response.redirect?. 
Rack did so much refactoring, we do not see a Response object here anymore.
 2020-02-11 23:53:14 +01:00
Jonne Haß
6dbef95951 API: return whether post or item was already reported or not 2020-02-09 11:04:59 +01:00
Jonne Haß
8068d8747b API: Fix fetching explicitly not only unread notifications 2020-02-09 11:03:55 +01:00
Jonne Haß
cd0995abf3 API: Don't return notifications target unless it's a post 2020-02-09 11:03:55 +01:00
Jonne Haß
2e7526bac5 API: Let hide endpoint take payload as documented and act according to it 2020-02-02 21:49:20 +01:00
Jonne Haß
dcbd02cf7f Return 403 for unauthorized API requests 
Also cleanup error handling code and remove last translatable
API error messages
 2020-02-02 21:49:20 +01:00
Jonne Haß
884de9008f API: rename poll_answer_id to poll_answer in post interactions vote endpoint 2020-02-02 21:26:33 +01:00
Jonne Haß
0754c92116 API: correct like and comment scopes for private posts 2020-02-02 18:23:34 +01:00
Jonne Haß
fbd0a51829 API: return current users like, reshare and subcription status in post infos 2020-02-02 18:13:55 +01:00
Jonne Haß
6bbcb7415b API: don't make error messages translatable 2020-02-02 18:04:11 +01:00
Jonne Haß
04744b4dac API: Return 409 when trying to create something existing and 410 when trying to delete something already gone 
Probably missed a few more cases where we always return sucess when the user requests
status quo, but this should cover most ground
 2020-02-02 18:04:11 +01:00
Jonne Haß
e8b9a70fbf Ensure API responses adhere to documented error format 2020-02-02 18:04:11 +01:00
Jonne Haß
35bfbc9c82 Return missing created_at field on reshares endpoint 2020-01-24 16:58:32 +01:00
Jonne Haß
16b242fa0f Drop chat_enabled from aspects API 2020-01-21 23:35:01 +01:00
Jonne Haß
39c863ead9 Merge branch 'develop' into api 2020-01-21 23:35:01 +01:00
cmrd Senya
6b8cd5d390 API: accept name parameter instead of first name and last name in user patch 2020-01-21 23:34:43 +01:00
Jonne Haß
dad54db7f4 Return API pagination links as headers rather than in the response body itself 2020-01-21 23:34:43 +01:00
Jonne Haß
cb679371ac Merge branch 'develop' into api 2020-01-21 23:34:43 +01:00