nocebo/diaspora
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
19039 commits 4 branches 0 tags 121 MiB
Commit graph

1417 commits

Author SHA1 Message Date
cmrd Senya
cdcf2d747e
Override forgery settings in controllers 
ClientsController and TokenEndpointController are called from the outside,
so CSRF verification prevents them from normal operation.

closes #7062
 2016-10-01 10:24:15 +02:00
Augier
e424896822
Fully port conversations to Backbone and drop inbox.js 2016-09-30 00:32:46 +02:00
Steffen van Bergerem
327cabe6fe Add number of unreviewed reports to admin dashboard and admin sidebar 
closes #7109
 2016-09-18 22:48:05 +02:00
Steffen van Bergerem
546f909658 Fix 500 in html requests for post interactions 
closes #7085
 2016-09-11 00:21:13 +02:00
Steffen van Bergerem
e27af6ee1a
Redirect logged in users to inviters page when following an invitation link 
closes #7061
 2016-09-06 05:08:04 +02:00
Steffen van Bergerem
806de7e9d8
Exclude closed accounts from search 
closes #7042
 2016-09-04 03:22:58 +02:00
Steffen van Bergerem
89b51dddf9
Add application controller specs for grammatical gender 2016-09-04 03:02:27 +02:00
Steffen van Bergerem
08794bc47b
Remove user_photo method from users controller 
closes #7049
 2016-09-04 03:01:51 +02:00
Denis Hovart
bcace2def2 6840 : meta tags update (#6998) 
* Adds a new metadata helper and methods to PostPresenter to have metas on post pages.

* Adds tests to post controller to check correctness of metas

* Add methods to PersonPresenter to have metas on profile pages

* Correct meta data helper test

* Update PersonPresenter, add test to PeopleController

* Creates TagPresenter. Display tag metas on tag index page

* Updata meta data helper spec

* Not displaying bio as the description meta on profile page for now. Privacy concerns to be cleared.

* Set meta info as hashes in presenters

* Move original hardcoded metas info to config/defaults.yml

* metas_tags include by default the general metas, update views

* Update code style, clean views

* Renames TagPresenter StreamTagPresenter, updates TagController spec

* Add a default_metas entry to diaspora.yml.example

* Align metas hash in presenters, refactor meta data helper

* Use bio as description meta if user has a public profile

* Rename StreamTagPresenter to TagStreamPresenter
 2016-08-18 21:52:39 +02:00
Steffen van Bergerem
7b5ac656a7
Fix conversations autoSuggest showing non-mutual contacts 2016-08-18 13:02:14 +02:00
Steffen van Bergerem
34e3fb2e14
Merge pull request #6991 from cmrd-senya/dropdown-regression 
Fix aspect dropdown when person is being fetched
 2016-08-18 10:07:35 +02:00
Steffen van Bergerem
993f3d5ab0
Refactor contacts page using pagination 2016-08-18 01:54:43 +02:00
cmrd Senya
4b3f36e92a
Fix aspect dropdown when person is being fetched 
fix #6989
 2016-08-15 23:43:24 +03:00
Dennis Schubert
9d662a90d6
Merge pull request #6987 from SuperTux88/allow-hovercard-for-remote-people 
Allow hovercards of remote people when not logged in
 2016-08-15 16:25:48 +02:00
CSammy
8491df1625 Added test for loading of previous posts on a tag page. 2016-08-15 13:30:20 +02:00
Benjamin Neff
23541546e9 Allow hovercards of remote people when not logged in 
In #6603 hovercards were activated for logged out users, but they only
worked for local people. Hovercards on remote-people are important to
get the diaspora-id to search the person on the local pod, if you don't
know who it is.
 2016-08-15 01:33:26 +02:00
Benjamin Neff
bc6c8a0598 disable registration with invite-code when invitations are closed 
also display message if the user has no invitations left and refactored
InvitationsController spec and remove unused message parameter
 2016-08-13 13:51:28 +02:00
Benjamin Neff
3b1a5c6bdf don't reduce number of invites when registration is open 
otherwise the counter goes into negative ;)

also  reset all negative counters
 2016-08-13 13:51:02 +02:00
Benjamin Neff
e749bbef15 don't reduce number of available invites if there were errors. 2016-08-13 01:47:27 +02:00
Benjamin Neff
2a553940d4 small design fixes for invites 2016-08-13 01:47:27 +02:00
Benjamin Neff
66b7b7e27a Cleanup legacy invitations from code 
Fixes #5116
 2016-08-13 01:47:27 +02:00
Jonne Haß
7fa299b7ad Merge pull request #6959 from cmrd-senya/devise-upgrade 
Upgrade devise to 4.2
 2016-08-11 12:08:42 +02:00
cmrd Senya
4ae26e1ded Upgrade devise to 4.2 2016-08-11 12:25:36 +03:00
Benjamin Neff
71ed7446c1 Fix user settings style after submit 
Fixed:
* wrong url
* broken navigation
* broken design
after saving the user settings

Fixes #5847
 2016-08-11 01:58:47 +02:00
Steffen van Bergerem
cefffc6082
Move contacts search to contacts#index 2016-08-09 19:20:40 +02:00
Steffen van Bergerem
9f28b935b9
Drop contacts.json 2016-08-09 19:20:40 +02:00
Steffen van Bergerem
f1e9c99866
Add contacts search 2016-08-09 19:20:40 +02:00
Steffen van Bergerem
79117d1a46
Merge pull request #6944 from AugierLe42e/bump-jquery-2 
Bump to jQuery 2
 2016-08-09 13:00:39 +02:00
SaiVardhan
18dbf02181
[FIX] #6642 Strip Markdown from conversation title 
closes #6642
 2016-08-08 19:23:17 +02:00
cmrd Senya
a3f208c380
Notifications and search page backend updates 
Updates introduce support for preloading contacts to Gon in order
to support client-side rendering of aspect membership dropdown box.
 2016-08-08 17:21:38 +03:00
cmrd Senya
82ac611396
Client-side rendering of aspect dropdown for hovercards 2016-08-08 17:21:30 +03:00
cmrd Senya
923fb8a763
Refactor app.views.AspectMembership 
in order to support adding new aspect to a dropdown without full
page reload
 2016-08-08 17:21:14 +03:00
cmrd Senya
15e0f88758
Rename photos[:count] to photos_count in gon 2016-08-08 17:19:26 +03:00
Augier
2e175c4be5 Bump to jQuery 2 2016-08-07 16:14:52 +02:00
Benjamin Neff
df9874b73a remove raw_message 
This was only an alias for "text", and "raw_message" is also not used
for federation anymore, so we can drop it.
 2016-07-17 01:40:00 +02:00
Steffen van Bergerem
f8d8089cb6
Add more specs for the admins controller 2016-07-09 12:30:19 +02:00
Steffen van Bergerem
b01ca5d3bc
Add basic help controller spec 2016-07-09 10:55:59 +02:00
Steffen van Bergerem
b296e73c36
Add basic terms controller spec 2016-07-09 10:55:59 +02:00
Benjamin Neff
9a3f653c45 fix sender for messages for old pods 
Send a second message to remote recipients with conversation-author
as salmon author if the conversation-author is local.

The first dispatch will fail on old pods. New pods will ignore the
second message, if the guid already exist.
 2016-06-26 14:05:52 +02:00
Benjamin Neff
70f378a1c1 don't participate own posts on creation 2016-06-26 06:21:02 +02:00
Benjamin Neff
57dbcc0e67 add root author to reshare subscribers 2016-06-26 06:21:02 +02:00
Benjamin Neff
03123f1c4d remove more unused code and cleanup 2016-06-26 06:21:01 +02:00
Benjamin Neff
ae05d4e928 use Diaspora::Federation::Dispatcher everywhere 2016-06-26 06:21:01 +02:00
Benjamin Neff
ecbf5fa3e7 enable some skipped tests again 2016-06-26 06:21:00 +02:00
Benjamin Neff
7184d4334e remove after_dispatch hook 
handle photos in StatusMessageCreationService
 2016-06-26 06:21:00 +02:00
Benjamin Neff
20dabbd15f remove user parameter from subscribers method 2016-06-26 06:21:00 +02:00
Benjamin Neff
581f8d7226 don't force remove contact on block 
this creates inconsistent states, if you remove the block in the future
 2016-06-26 06:21:00 +02:00
Benjamin Neff
4fb34139b0 cleanup notifications and fix tests 2016-06-26 06:20:59 +02:00
Benjamin Neff
b1d30aa9cc add more "diaspora to federation entity" methods 
move it to Diaspora::Federation::Entities and use it in some tests, but most of the tests can be removed later.
 2016-06-26 06:20:58 +02:00
Steffen van Bergerem
b1943f1e46
Redesign default.haml and add a podmin welcome page 2016-06-20 02:03:53 +02:00
Steffen van Bergerem
629e6382ec
Use Poltergeist instead of Selenium 2016-06-19 01:53:18 +02:00
Dennis Schubert
53808847a2 Merge branch 'stable' into develop 2016-05-07 18:52:34 +02:00
Ralin Chimev
1773e3e35d Do not change notification timestamp when making it read or unread. 
Marking a notification as unread resets the timeago stamp causing
the times to look wrong. It can be reproduced by marking an old
notification as unread. Using the update_column instead of
update_attribute will not touch the updated_at attribute, and
thus will not affect the updated time ago in the view.

Fixes #6798.

closes #6821
 2016-05-07 18:52:27 +02:00
theworldbright
bb3849e4b1 Fix API privilege scope escalation 2016-03-11 17:18:21 -08:00
Benjamin Neff
d94eae0d45 refactoring PostService 
* move presenters back to controllers, this is view-logic
* use PostService in CommentService
* remove iframe route, this is not used anymore
* id/guid limit at 16 chars, hex(8) is 16 chars long
 2016-03-07 05:52:54 +01:00
Benjamin Neff
b398b115bc refactoring CommentService 2016-03-07 05:52:54 +01:00
Benjamin Neff
b67b7cf8c6 write specs for StatusMessageCreationService 2016-03-07 05:52:54 +01:00
Benjamin Neff
5a46da47c3 refactoring StatusMessageCreationService 
* move parameter normalization back to controller, because this is
  frontend-specific.
* if the StatusMessage is public, save also public photos
 2016-03-07 00:00:27 +01:00
Jonne Haß
39ae5e741e Merge pull request #6732 from SuperTux88/cleanup-aspect_visibilities 
Cleanup aspect visibilities
 2016-03-05 11:05:55 +01:00
Benjamin Neff
acb91c79d2 improve pod connection check 
* use port for check
* respect entries in /etc/hosts
* test /.well-known/host-meta
* don't allow redirects to other domains
 2016-03-05 02:57:11 +01:00
Benjamin Neff
b1a6516474 add migration for pods-table 
* add port to pods
* remove url from person and link people with pod-table
 2016-03-05 00:12:54 +01:00
Benjamin Neff
f913128967 don't add public shareables to aspect_visibilities 2016-03-04 20:13:52 +01:00
Dennis Schubert
535057aca4 Merge branch 'stable' into develop 2016-02-21 04:26:25 +01:00
Steffen van Bergerem
374679c093 Add rspec test for reset_authentication_token without current_user 
closes #6707
 2016-02-21 04:26:12 +01:00
Steffen van Bergerem
f8f05371e0 Merge pull request #6394 from AugierLe42e/mobile-js-refactor 
Mobile JS refactor
 2016-02-15 22:22:35 +01:00
Augier
28c509baeb Add jasmine specs for mobile view 2016-02-15 12:14:35 +01:00
Steffen van Bergerem
89f21e87f8 Remove unused code 2016-02-14 02:48:51 +01:00
Steffen van Bergerem
6fce81fc99 Merge branch 'stable' into develop 2016-01-20 21:37:30 +01:00
tamatsyk
960e651764 internationalize controller rescue_from text 
Fix typos

change forbitten to forbidden

fix styling issue and copypaste

improve code style for aspec_memberships_controller.rb with rubocop

fix styling issues

aligned elements of hash literals

fix typo

fix locale name and styling of its usage

fix failing tests

closes #6554
 2016-01-20 21:37:02 +01:00
theworldbright
b09ee87912 Update json-jwt legacy methods 2016-01-04 17:01:41 +09:00
theworldbright
58aef5658b Fix remaining remarks 2016-01-04 17:01:40 +09:00
theworldbright
ed1dc256a8 Fix handling of error message in authorization controller 2016-01-04 16:49:58 +09:00
theworldbright
10938404e9 Fix HTTP request test mocks 2016-01-04 16:49:57 +09:00
theworldbright
c6bec2f2dc Return error to RP instead of user for prompt=none 2016-01-04 16:49:57 +09:00
theworldbright
9fc8c63cae Fix hash styles for stub_request 2016-01-04 16:49:57 +09:00
theworldbright
f1b394de0f Fix remaining remarks 2016-01-04 16:49:57 +09:00
theworldbright
2f8c391ac6 Fix pronto and travis errors 2016-01-04 16:49:57 +09:00
theworldbright
0fbcb71255 Add support for request_uri and claims 2016-01-04 16:49:56 +09:00
theworldbright
82600003b3 Flash error messages when redirect_uri is invalid 2016-01-04 16:49:56 +09:00
theworldbright
adcf2ab7ab Fix test for prompt == "none" 2016-01-04 16:49:56 +09:00
augier
d351db1982 Filter for prompt handling 2016-01-04 16:49:56 +09:00
augier
7b2be0d3c6 Support displaying TOS and policy 2016-01-04 16:49:56 +09:00
augier
6fcb9a9d3a Add XSS spec for application's name 2016-01-04 16:49:56 +09:00
augier
2c7d102019 Design for authorization page when client_name not providen + XSS spec 2016-01-04 16:49:55 +09:00
theworldbright
fd467cd42b Add private_key_jwt support 
See

- http://openid.net/specs/openid-connect-core-1_0.html#ClientAuthentication
- https://openid.net/specs/openid-connect-registration-1_0.html#ClientMetadata
 2016-01-04 16:49:55 +09:00
theworldbright
1dcefdb998 Validate sector identifier uri and redirect uri 2016-01-04 16:49:55 +09:00
theworldbright
4be9f4d558 Make client name optional 2016-01-04 16:49:54 +09:00
augier
c33cce0953 Styling user consent form 2016-01-04 16:49:54 +09:00
theworldbright
1a7f2edc01 Perform major refactoring 
- Add foreign_keys
- Remove unused classes/methods
- Fix pronto errors
- Add method to retrieve client id from name
- Remove TODO comments
- Fix unnecessary private key generation
 2016-01-04 16:49:54 +09:00
theworldbright
e55a0b0d0b Replace scopes with constants in Authorization 2016-01-04 16:49:54 +09:00
theworldbright
bb8fe6aa83 Adjust id token config to save private key to file 2016-01-04 16:49:53 +09:00
theworldbright
24fd70676c Fix webfinger discovery route 2016-01-04 16:49:53 +09:00
theworldbright
ab65617958 Add support for max_age parameter 
Additionally add support for prompt's login option

Signed-off-by: theworldbright <kent@kentshikama.com>
 2016-01-04 16:49:53 +09:00
theworldbright
25f51c606a Add support for prompt parameter 2016-01-04 16:49:53 +09:00
theworldbright
8be3be3e10 Refactor authorizations controller destroy action 2016-01-04 16:49:53 +09:00
theworldbright
6e1a673459 Replace let!() with factory girl 2016-01-04 16:49:52 +09:00
theworldbright
dd337d4163 Remove JSON root from client controller 
Signed-off-by: theworldbright <kent@kentshikama.com>
 2016-01-04 16:49:52 +09:00
theworldbright
65c40f236e Load scopes from seeds 
Signed-off-by: theworldbright <kent@kentshikama.com>
 2016-01-04 16:49:51 +09:00
theworldbright
99d6d7b3e7 Add pairwise pseudonymous identifier support 
Squashed commits:

[a182de7] Fix pronto/travis errors
 2016-01-04 16:49:51 +09:00
theworldbright
d834a1d4d0 Replace user info endpoint with supported claims 
The route /api/v0/user/ will now be used as a
non-OIDC route. In other words, the /api/v0/user/
will require the "read" scope while
/api/openid_connect/user_info/ will require the
"openid" scope
 2016-01-04 16:49:51 +09:00