nocebo/diaspora
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
18098 commits 4 branches 0 tags 121 MiB
Commit graph

2465 commits

Author SHA1 Message Date
Benjamin Neff
7f11beae37 dispatch retractions 2016-06-26 06:21:00 +02:00
Benjamin Neff
65ba573a3b Contact retraction 2016-06-26 06:21:00 +02:00
Benjamin Neff
89fbcf7c56 federate retractions 2016-06-26 06:21:00 +02:00
Benjamin Neff
9ce9b4bcd0 deliver profile update with new dispatcher 2016-06-26 06:21:00 +02:00
Benjamin Neff
7184d4334e remove after_dispatch hook 
handle photos in StatusMessageCreationService
 2016-06-26 06:21:00 +02:00
Benjamin Neff
20dabbd15f remove user parameter from subscribers method 2016-06-26 06:21:00 +02:00
Benjamin Neff
f9f91a0e9e create new contact for local receive 2016-06-26 06:21:00 +02:00
Benjamin Neff
581f8d7226 don't force remove contact on block 
this creates inconsistent states, if you remove the block in the future
 2016-06-26 06:21:00 +02:00
Benjamin Neff
102e2a0834 remove Request class and refactor Connecting 2016-06-26 06:20:59 +02:00
Benjamin Neff
d87756c4b7 move #add_contact_to_aspect from User-model to user_methods.rb 2016-06-26 06:20:59 +02:00
Benjamin Neff
6fbfc2bf96 write receive specs and delete old unused specs 
also refactored receive methods
 2016-06-26 06:20:59 +02:00
Benjamin Neff
59bb46eeb6 handle retractions 2016-06-26 06:20:59 +02:00
Benjamin Neff
58a5a881cf receive local 
* Contact: auto-follow-back
* Shareable: create share visibilities
 2016-06-26 06:20:59 +02:00
Benjamin Neff
ae96b4bf55 refactor message notifications 
all visibilities are already in the conversation, so we can send
all notifications at once.
 2016-06-26 06:20:59 +02:00
Benjamin Neff
4fb34139b0 cleanup notifications and fix tests 2016-06-26 06:20:59 +02:00
Benjamin Neff
ebfb0aa884 create NotificationService: send notifications after receive 2016-06-26 06:20:59 +02:00
Benjamin Neff
800fa1786c fix author join for federation callbacks with Poll 2016-06-26 06:20:58 +02:00
Benjamin Neff
1790efad08 implement :update_pod callback 2016-06-26 06:20:58 +02:00
Benjamin Neff
4408efdff3 fetch public key for unknown person 
and do some refactorings
 2016-06-26 06:20:58 +02:00
Dennis Schubert
61fb7410cc
Merge pull request #6844 from cmrd-senya/unique-aspect-visibilities 
Fix possible duplication of AspectVisibility
 2016-06-19 01:49:41 +02:00
cmrd Senya
204f58e6a7
Remove repetion of shareable initialization code 2016-05-31 21:16:13 +03:00
cmrd Senya
717554edac
Fix possible duplication of AspectVisibility 
No uniqueness control on AspectVisibility resulted in possible having
multiple AspectVisibility objects in the DB for the same aspect and
shareable which doesn't make sense. Introduce uniqueness validation
and fix up tests where duplication happened.
 2016-05-27 20:22:03 +03:00
Dennis Schubert
53808847a2 Merge branch 'stable' into develop 2016-05-07 18:52:34 +02:00
Ralin Chimev
1773e3e35d Do not change notification timestamp when making it read or unread. 
Marking a notification as unread resets the timeago stamp causing
the times to look wrong. It can be reproduced by marking an old
notification as unread. Using the update_column instead of
update_attribute will not touch the updated_at attribute, and
thus will not affect the updated time ago in the view.

Fixes #6798.

closes #6821
 2016-05-07 18:52:27 +02:00
Steffen van Bergerem
2263abdc82 Merge branch 'stable' into develop 2016-05-05 17:59:51 +02:00
Senya
ce6b1a3c0c Clear unused regex in mention.rb 
The REGEX is unused

closes #6810
 2016-05-05 17:59:37 +02:00
Steffen van Bergerem
c8a8110cf1 Merge branch 'stable' into develop 2016-03-30 11:13:47 +02:00
Dennis Schubert
fbe77781ff Use 1004 as our placeholder birth year because 1004 was a leap year. (Well, actually, people in 1004 probably had no idea what a leap year is. Or red tests. Or code.) 2016-03-30 11:12:31 +02:00
theworldbright
bb3849e4b1 Fix API privilege scope escalation 2016-03-11 17:18:21 -08:00
Dennis Schubert
69ac153fe9 Merge pull request #6745 from cmrd-senya/remove_diaspora_handle_shareables 
Remove diaspora_handle from shareables
 2016-03-08 23:45:16 +01:00
cmrd Senya
2986aa8b24 Remove diaspora_handle from shareables 
We can determine diaspora_handle from a relation with people for the
shareables (posts, photos). So we don't need to store diaspora_handle in
the DB. Also remove tmp_old_id from photos which is not refenrenced anywhere.
 2016-03-07 18:47:21 +03:00
Benjamin Neff
d94eae0d45 refactoring PostService 
* move presenters back to controllers, this is view-logic
* use PostService in CommentService
* remove iframe route, this is not used anymore
* id/guid limit at 16 chars, hex(8) is 16 chars long
 2016-03-07 05:52:54 +01:00
Benjamin Neff
5a46da47c3 refactoring StatusMessageCreationService 
* move parameter normalization back to controller, because this is
  frontend-specific.
* if the StatusMessage is public, save also public photos
 2016-03-07 00:00:27 +01:00
Benjamin Neff
10af3a8b11 fix pod table migration if someone deleted a user (owner) manually 2016-03-06 23:55:28 +01:00
Jonne Haß
39ae5e741e Merge pull request #6732 from SuperTux88/cleanup-aspect_visibilities 
Cleanup aspect visibilities
 2016-03-05 11:05:55 +01:00
Benjamin Neff
acb91c79d2 improve pod connection check 
* use port for check
* respect entries in /etc/hosts
* test /.well-known/host-meta
* don't allow redirects to other domains
 2016-03-05 02:57:11 +01:00
Benjamin Neff
b1a6516474 add migration for pods-table 
* add port to pods
* remove url from person and link people with pod-table
 2016-03-05 00:12:54 +01:00
Benjamin Neff
f913128967 don't add public shareables to aspect_visibilities 2016-03-04 20:13:52 +01:00
Benjamin Neff
7011f2961d Revert "Back out #6723 due to Postgres breakage" 
This reverts commit 84cfbd22fc.
 2016-03-04 14:01:31 +01:00
Dennis Schubert
84cfbd22fc Back out #6723 due to Postgres breakage 
This reverts commit 832a56134b, reversing
changes made to 75c3e6068c.
 2016-03-04 13:33:32 +01:00
Benjamin Neff
e3d1f0fd16 fix order with two posts with the same timestamp for all streams 2016-03-03 21:43:11 +01:00
Benjamin Neff
7583568be8 update queries for new ShareVisibility 
Also:
* remove ShareablesFromPerson evil-query
* improve multi-stream and aspect-stream queries
* fix logging for recieve
* don't add last 100 public posts to users streams after sharing
* delete share visibility when shareable is deleted
 2016-03-03 21:43:11 +01:00
Dennis Schubert
75c3e6068c Merge branch 'stable' into develop 2016-03-03 17:58:05 +01:00
Steffen van Bergerem
b98af83c9d Sort tag search result by name 
closes #6734
 2016-03-03 17:57:58 +01:00
Dennis Schubert
7c88fb7936 Merge pull request #6586 from cmrd-senya/drop-signatures 
Remove parent author signature for relayables from the DB
 2016-03-03 17:39:28 +01:00
Steffen van Bergerem
b69361838b Merge pull request #6621 from Fensterbank/6610-improved-gallery 
add a card footer in gallery containing meta data and link to single post view
 2016-03-02 21:47:53 +01:00
Frédéric Bolvin
e8bddcc7a7 add a card footer in gallery containing meta data and link to single post view 2016-03-02 19:50:32 +01:00
Steffen van Bergerem
482cbe7fcc Add reason for post report to email sent to admins 2016-02-07 17:58:03 +01:00
Dennis Schubert
7c197756dd Merge branch 'stable' into develop 2016-01-26 15:19:55 +01:00
Dennis Schubert
ad20bb052c Fix include_root_in_json misuse 
since it is no longer exposed for instances, our post_presenter failed
hard.
 2016-01-26 15:18:02 +01:00
Jonne Haß
baeff22451 Merge pull request #6095 from AugierLe42e/openid 
OpenID Connect
 2016-01-06 12:30:15 +01:00
Manuel Vögele
4f34ecafa4 Show posts of ignored users on their profile page 2016-01-04 18:29:30 +01:00
theworldbright
38439277d6 Add licenses where appropriate 2016-01-04 17:22:44 +09:00
theworldbright
58aef5658b Fix remaining remarks 2016-01-04 17:01:40 +09:00
theworldbright
9f85a90f55 Update code_used to false after issues new code 2016-01-04 16:49:58 +09:00
theworldbright
773a5a67d9 Add default kid to ID token 2016-01-04 16:49:58 +09:00
theworldbright
f1b394de0f Fix remaining remarks 2016-01-04 16:49:57 +09:00
augier
d028b5672e Fix remarks 2016-01-04 16:49:57 +09:00
theworldbright
0fbcb71255 Add support for request_uri and claims 2016-01-04 16:49:56 +09:00
theworldbright
9c9880d880 Move JWKs files to database 2016-01-04 16:49:56 +09:00
theworldbright
da766d8e8b Revoke previously issued tokens on duplicate request 2016-01-04 16:49:55 +09:00
theworldbright
fd467cd42b Add private_key_jwt support 
See

- http://openid.net/specs/openid-connect-core-1_0.html#ClientAuthentication
- https://openid.net/specs/openid-connect-registration-1_0.html#ClientMetadata
 2016-01-04 16:49:55 +09:00
theworldbright
1dcefdb998 Validate sector identifier uri and redirect uri 2016-01-04 16:49:55 +09:00
theworldbright
5f19d8ffe6 Add acr value 2016-01-04 16:49:55 +09:00
theworldbright
a76f51a6a5 Use redirect_uri if no sector identifier for ppid 
As according to http://openid.net/specs/openid-connect-core-1_0.html#PairwiseAlg:

"If the Client has not provided a value for
sector_identifier_uri in Dynamic Client Registration
[OpenID.Registration], the Sector Identifier used
for pairwise identifier calculation is the host
component of the registered redirect_uri."
 2016-01-04 16:49:55 +09:00
theworldbright
4be9f4d558 Make client name optional 2016-01-04 16:49:54 +09:00
theworldbright
9439a16d98 Fix failing auth code test and styles 2016-01-04 16:49:54 +09:00
augier
8c2af74447 Fixing last remarks 2016-01-04 16:49:54 +09:00
augier
c33cce0953 Styling user consent form 2016-01-04 16:49:54 +09:00
theworldbright
1a7f2edc01 Perform major refactoring 
- Add foreign_keys
- Remove unused classes/methods
- Fix pronto errors
- Add method to retrieve client id from name
- Remove TODO comments
- Fix unnecessary private key generation
 2016-01-04 16:49:54 +09:00
theworldbright
e55a0b0d0b Replace scopes with constants in Authorization 2016-01-04 16:49:54 +09:00
theworldbright
858e8c2503 Prevent duplicate scopes in authorization 2016-01-04 16:49:54 +09:00
theworldbright
724f32604b Add nonce to auth code flow 2016-01-04 16:49:53 +09:00
theworldbright
bb8fe6aa83 Adjust id token config to save private key to file 2016-01-04 16:49:53 +09:00
augier
07c12ba057 Using Camo for the application logo 2016-01-04 16:49:53 +09:00
augier
3fb2d262b8 Using entypo icon as default application image 2016-01-04 16:49:52 +09:00
theworldbright
3734e074a6 Fix pronto errors 2016-01-04 16:49:52 +09:00
theworldbright
98fd18077a Add test for expired access token 2016-01-04 16:49:52 +09:00
augier
308170f691 Add applications information page 2016-01-04 16:49:52 +09:00
theworldbright
65c40f236e Load scopes from seeds 
Signed-off-by: theworldbright <kent@kentshikama.com>
 2016-01-04 16:49:51 +09:00
theworldbright
99d6d7b3e7 Add pairwise pseudonymous identifier support 
Squashed commits:

[a182de7] Fix pronto/travis errors
 2016-01-04 16:49:51 +09:00
theworldbright
e5932968fd Add support for authorization code flow 2016-01-04 16:49:51 +09:00
theworldbright
bc5e5c7420 Fix pronto errors 2016-01-04 16:49:51 +09:00
theworldbright
3cbe75469b Add support for scopes 
Remove scopes from tokens

Squashed commits:

[83db38f] Add redirect uris to supported metadata
 2016-01-04 16:49:51 +09:00
augier
de4f68c289 Support for more metadata 2016-01-04 16:49:50 +09:00
theworldbright
979adca1e7 Fix account deleter specs 
Squashed commits:

[7ff4276] Adjust discovery controller
 2016-01-04 16:49:50 +09:00
augier
b173283692 Test for refresh token flow 2016-01-04 16:49:50 +09:00
augier
cc28199555 Fixing hounds remarks 2016-01-04 16:49:50 +09:00
theworldbright
7b80a7408d Add integration tests for implicit flow 
Squashed commits:
[d5001fe] Refactor
[8d8a23f] Add test for when authorization is denied
[659fc56] Adjust password flow integration test
 2016-01-04 16:49:50 +09:00
theworldbright
ee9ac06e1a Add support for access tokens in implicit flow 
Squashed commits:
[7dbf618] Use Rail's find_or_create_by method
 2016-01-04 16:49:50 +09:00
theworldbright
2d762da072 Adjust tokens to fit revised Authorization 2016-01-04 16:49:50 +09:00
theworldbright
17fde49d61 Implement ID Token for the implicit flow 2016-01-04 16:49:50 +09:00
theworldbright
1475672d72 Fix authorization and related models 
Squashed commits:
[a844d37] Remove unnecessary class_name's from models
[529a30c] Further adjust authorization and related models
 2016-01-04 16:49:50 +09:00
augier
031679762a Redesign the models 2016-01-04 16:49:49 +09:00
Augier
9140c8244b Support for refresh tokens w/ no tests 2016-01-04 16:49:49 +09:00
Augier
73cc55940d Fix travis errors and refactor 2016-01-04 16:49:49 +09:00
theworldbright
3cfbcbce8f Implement authorization endpoint (part 1) 
The user can now authenticate with the authorization
server's authorization endpoint and receive a fake
id token.
 2016-01-04 16:49:49 +09:00
theworldbright
059933f076 Add scopes and authorization models 2016-01-04 16:49:49 +09:00
theworldbright
88d02ea35b Add client registration 
Client must now be registered prior to imitating a
call to the token endpoint with the password flow.

Squashed commits:

[fdcef62] Rename authorization endpoint to protected resource endpoint
 2016-01-04 16:49:48 +09:00
theworldbright
7c75eb5901 Make access tokens belong to user not client app 2016-01-04 16:49:48 +09:00