nocebo/diaspora
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
19766 commits 4 branches 0 tags 121 MiB
Commit graph

196 commits

Author SHA1 Message Date
theworldbright
a76f51a6a5 Use redirect_uri if no sector identifier for ppid 
As according to http://openid.net/specs/openid-connect-core-1_0.html#PairwiseAlg:

"If the Client has not provided a value for
sector_identifier_uri in Dynamic Client Registration
[OpenID.Registration], the Sector Identifier used
for pairwise identifier calculation is the host
component of the registered redirect_uri."
 2016-01-04 16:49:55 +09:00
theworldbright
6e1a673459 Replace let!() with factory girl 2016-01-04 16:49:52 +09:00
theworldbright
99d6d7b3e7 Add pairwise pseudonymous identifier support 
Squashed commits:

[a182de7] Fix pronto/travis errors
 2016-01-04 16:49:51 +09:00
theworldbright
d834a1d4d0 Replace user info endpoint with supported claims 
The route /api/v0/user/ will now be used as a
non-OIDC route. In other words, the /api/v0/user/
will require the "read" scope while
/api/openid_connect/user_info/ will require the
"openid" scope
 2016-01-04 16:49:51 +09:00
theworldbright
bc5e5c7420 Fix pronto errors 2016-01-04 16:49:51 +09:00
theworldbright
beae77102d Allow current user to be obtained from access token 2016-01-04 16:49:16 +09:00
theworldbright
efdfe318fd Add ability to get user info from access tokens 2016-01-04 16:48:42 +09:00
Dennis Schubert
d4fbbd86b3 Merge branch 'stable' into develop 2015-12-30 14:51:05 +01:00
Benjamin Neff
5392c6e6a9 refactoring for federation tests 2015-12-30 14:50:34 +01:00
Jonne Haß
13029235d0 Merge branch 'stable' into develop 2015-12-13 12:28:04 +01:00
cmrd Senya
f0fc62e94d Fix a security issue that author_signature is not checked on the to-downstream receive of a federated relayable entity, allowing to forge relayables if you are an owner of the pod where a parent object is stored. 
closes #6539
 2015-12-13 12:26:59 +01:00
cmrd Senya
922d26f976 Implement integration tests for the federation messages receive feature 
These are some initial tests, more to come.

It tests some features of Request, StatusMessage, Comment, Like,
Participation, Retraction, SignedRetraction, RelayableRetraction entities
receive process.
 2015-12-13 12:24:52 +01:00
Dennis Schubert
228f3852b2 Merge branch 'stable' into develop 2015-10-15 05:58:44 +02:00
Steffen van Bergerem
995ce18c37 Display publisher on user profile path 
closes #6503
 2015-10-15 05:58:38 +02:00
Jonne Haß
d396d5555f Merge branch 'stable' into develop 2015-08-21 14:23:46 +02:00
Benjamin Neff
d28e03f053 use discovery from diaspora_federation gem 2015-08-21 14:21:43 +02:00
augier
9a23c92f8e Show author of NSFW post 2015-07-29 21:13:41 +02:00
Steffen van Bergerem
9ca8005b27 Fix percentage on mobile polls 2015-07-25 04:34:52 +02:00
Steffen van Bergerem
79dfdfa224 Add integration tests for mobile polls and locations 2015-07-23 17:30:53 +02:00
Steffen van Bergerem
3f3087c77f Port tags page to Bootstrap 2014-08-28 18:02:02 +02:00
khall
4edd824d3c No deprecation warnings, but one spec still fails (but only when I run all the specs, not when I run just the one spec) 2014-08-26 17:10:29 -07:00
khall
c42916df27 Two tests failing after rspec 2.99 => 3.0.0 2014-08-26 17:10:26 -07:00
khall
027bb9fcb0 Rspec version bump to 2.99 2014-08-26 17:00:21 -07:00
Jonne Haß
42b08e8ab8 Update to Rails 4.1 2014-08-25 17:37:02 +02:00
Jonne Haß
659f0b96d4 do not pass relations to a method that expects a set of aspects ids or a single aspect 2014-08-23 16:34:01 +02:00
Jonne Haß
09f0665225 replace deprecated usages for all 2014-08-23 16:34:01 +02:00
Jonne Haß
32b9caa08c replace stub and mock deprecations with doubles 2014-01-13 12:25:38 +01:00
Jonne Haß
01ecd9d054 do not overwrite rspec methods (receive) 2014-01-13 12:25:37 +01:00
fabianfiorotto
3e5b29b289 Fix pagination for people list on the tag stream page 
Update _index.html.haml

This params broken the pagination of the followers list in tags page
To reproduce try to paginate in
https://joindiaspora.com/tags/diaspora

test for people pagination patch

reducing the per page limit

removing tabs
 2013-07-06 13:10:29 +02:00
Florian Staudacher
4ee5d5f19c replace mentions of out-of-aspect people in limited posts with just a 
markdown link to their profile (fixes #2516)

add failing spec for #4160 / #2516

extend the spec a bit more

refactor mention handling in a status message

add method for filtering mentions by aspects

wire mention filtering into the status message model, adapt a few tests to
work properly

cosmetic changes

shorten helper methods

add changelog entry
 2013-06-09 19:16:40 +02:00
Jonne Haß
79a79d65d6 Bye Resque. Ohai Sidekiq. 
* Dropped all references to Resque
* Moved all jobs under app/workers since that's the Sidekiq convention
* Renamed Jobs module to Worker to match new location
* Adapted all jobs to Sidekiq
* Replaced all enqueue calls with perform_async
* Dropped Resque hacks from specs and features, replaced with
  sidekig/testing in RSpec and sidekig/testing/inline in Cucumber
* Updated scripts to start a Sidekiq server
* Inline Sidekiq sinatra app
* Let Sidekiq create the actual Redis instance
* Workaround already initialized constant warnings in service models
* Resolved ToDo in one job definition by creating proper exception clases
  for some errors in receiving posts
* Added sidekiq section to configuration to make it completly
  configurable to the user
* Add Sidekiq middleware for clean backtraces
* Delay HttpMulti retry to give offline pods a chance to come back up
* Do not retry on GUID already taken and alike errors
* Be graceful about deleted posts in GatherOEmbedData
 2013-03-21 23:39:07 +01:00
Jonne Haß
7b56c2dd52 Do not fail on receiving a SignedRetraction via the public route 2013-03-01 03:38:36 +01:00
Jonne Haß
c5ecc872ce add integration spec for retracting a comment 2013-02-28 17:20:33 +01:00
Jonne Haß
58d1448085 update factory girl 2012-09-12 13:24:23 +02:00
Jonne Haß
088446e86e bump rspec-rails, remove deprecated rspec syntax 2012-09-11 00:46:36 +02:00
Maxwell Salzberg
190fceaf5c [SECURITY FIX] please update your pod ASAP 
This is a fix for public messages, where a malicious pod could spoof a message from someone a user was connected to, as the verified signatures were not checked that the object was also from said sender.  This hole only affected public messages, and the private part of code had the correct checks
THX to s-f-s(Stephan Schulz) for reporting and tracking down this issue, and props to Raven24(florian.staudacher@gmx.at) for helping me test the patch
 2012-07-02 10:00:12 -07:00
Zach Prezkuta
9f6d84141c fix incorrect comment on RSpec text 2012-06-09 09:34:06 -06:00
Zach Prezkuta
44e43158cc add rspec test and make fix more rails-y 2012-06-08 22:51:16 -06:00
Maxwell Salzberg
471ce309ea kill your darlings; remove diaspora_client with fire 2012-05-17 14:55:53 -07:00
Maxwell Salzberg
b124d3e5a1 Revert "update factory girl" new version does not support 1.8.7 :( 
This reverts commit c52342b7cb.
 2012-05-16 17:43:56 -07:00
Maxwell Salzberg
c52342b7cb update factory girl 2012-05-16 17:17:14 -07:00
Maxwell Salzberg
9e249bb7ef small refactor of helper method [ci skip] 2012-03-03 17:53:50 -08:00
Maxwell Salzberg
e6b1111fd1 AHHHH refactor attack_vectors_spec; hopefully it now borders on understandiablity. this deffy needs another pass from another human, as I had to make tons of spec helper methods to make the crazy setup make sense, but I think we are bordering on something that would let us write new tests in a sane way. whether all of these tests now make sense to test in the first place, that is another question all togther, as it was outside the scope of this refactor 2012-03-03 17:50:51 -08:00
danielgrippi
a3e13e3c0e User#like! method. 2012-02-03 14:42:03 -08:00
danielgrippi
02021584a7 EvilQuery for Participation, refactor comment creation 
you can now create a comment with User#comment!(post, text)
 2012-02-01 15:09:31 -08:00
danielgrippi
eaed3505e4 Don't create share_visibilities for public posts, sans migration of deleting old data. 2012-01-24 16:49:07 -08:00
Maxwell Salzberg
49f18d435a upgrade factory girl there are 3 failing cukes. 2012-01-21 21:58:50 -08:00
danielgrippi
0e5bb81d66 remove all references to the websocket. bang bang. 2012-01-10 12:28:19 -08:00
Maxwell Salzberg
63cdd93afc the websocket has been completely removed, and replaced for a stub until 
we find a better way to reimpliment it in a  more sane way
 2012-01-03 18:39:54 -08:00
Ilya Zhitomirskiy
03ca34767a ms iz rendering nothing for hcard and webfinger if account is closed, not showing aspect dropdown if the user account is closed 2011-12-08 16:32:18 -08:00
danielgrippi
cd6f97fa0e DG IZ; remove authorizations from user; double check that aspect_visibilities are deleted 2011-12-08 16:32:18 -08:00
danielgrippi
644e382cfd DG IZ; remove more stuff associated with user; removed dependant destroys 2011-12-08 16:32:18 -08:00
Ilya Zhitomirskiy
3035f173bd ms iz wip, clearing profile, started deleting post visibilities 2011-12-08 16:32:18 -08:00
Ilya Zhitomirskiy
05612ef733 ms iz wip 2011-12-08 16:32:18 -08:00
Manuel
1c9a96e2aa Fixed relayable specs 2011-11-20 01:06:45 +01:00
Sarah Mei
f1d669a024 Delete all pending specs except stuff we actually want to fix in the short term. Add more useful comments to those. 2011-11-06 21:29:22 -08:00
Maxwell Salzberg
2cbb61be75 make federation errors much louder so we can better debug issues temporarialy 2011-10-25 11:41:52 -07:00
Manuel Schölling
bdeae54c6c Make Photos not inherit from Posts 2011-10-16 13:58:35 +02:00
Manuel Schölling
02a3c3f88b Introduced Shareable 2011-10-16 13:58:35 +02:00
Ilya Zhitomirskiy
7926ebfb53 subclassing receivers, renamed perform to perform [bang] 2011-10-04 10:32:17 -07:00
Maxwell Salzberg
3d275868ce make spec pending rather than commented out 2011-09-16 16:44:51 -07:00
Maxwell Salzberg
3bc81aeb67 stupid test polution :( 2011-09-16 16:42:35 -07:00
Maxwell Salzberg
e26b614e1d added intergration test for dispatcher 2011-09-16 15:56:18 -07:00
danielgrippi
91e649977c MS DG update copyright 2011-09-14 11:23:12 -07:00
Maxwell Salzberg
119cb37ba5 DG MS; broke validations into methods in receiver 2011-09-13 16:42:47 -07:00
Maxwell Salzberg
adaefd0cb5 MS DG rspec is green update gemfile 2011-09-13 13:34:49 -07:00
Maxwell Salzberg
665facaeb0 DG MS renamed private dispatcher; started refactor including public 
dispatcher
 2011-09-12 17:02:40 -07:00
Sarah Mei
6fbb68480b One more aspects.first removed. I think they're breeding 2011-09-05 19:28:10 -07:00
Sarah Mei
7d10b3fdb0 Remove more refs to aspects.first - should make postgres builds green 2011-09-05 19:04:56 -07:00
Raphael Sofaer
60e9fd54e2 Fix a problem with re-saving deleted objects in a spec in postgres, add postgres to test group in gemfile 2011-08-18 16:05:14 -07:00
danielgrippi
a99e69edd6 down to 2 failures in postgres 2011-08-17 16:51:54 -07:00
danielgrippi
bf0eb3dac3 4 failures left in postgres 2011-08-17 14:18:51 -07:00
Raphael Sofaer
17917528f6 IZ, RS, Move AS::Photo controller spec into integration so that rack middleware is run. Make auth failure return 401 rather than 302. 2011-06-27 12:31:47 -07:00
Raphael Sofaer
df04b59857 Change :on to :post in the comment and post methods 2011-06-01 16:45:29 -07:00
danielgrippi
648a10e6d3 Merge branch 'master' into follow 
Conflicts:
	app/controllers/requests_controller.rb
	app/controllers/tags_controller.rb
	app/helpers/aspects_helper.rb
	app/views/notifications/index.html.haml
	config/routes.rb
	public/javascripts/aspect-edit.js
	public/javascripts/contact-list.js
	spec/integration/receiving_spec.rb
	spec/models/user/connecting_spec.rb
	spec/models/user/posting_spec.rb
 2011-05-04 11:35:35 -07:00
Raphael Sofaer
efe79eb351 Fix stream on pages other than 1, rename raw_visible_posts to visible_posts 2011-04-13 14:35:20 -07:00
danielgrippi
106ae983d5 Merge branch 'master' into follow. all specs green. 
Conflicts:
	app/controllers/application_controller.rb
	app/controllers/people_controller.rb
	app/models/person.rb
	config/assets.yml
	db/schema.rb
	public/javascripts/aspect-edit.js
	spec/controllers/aspects_controller_spec.rb
	spec/models/user/querying_spec.rb
	spec/spec_helper.rb
 2011-04-11 17:48:37 -07:00
danielgrippi
352d1c6abf fixed disconnecting logic. specs&cucumber green 2011-04-11 15:10:51 -07:00
danielgrippi
c128cae4ec specs green after moving ContactController#new to AspectsMembership#new 2011-04-08 11:44:09 -07:00
danielgrippi
aeda5a4e39 dispatching / receiving logic complete. following wip. 2011-04-07 18:29:24 -07:00
danielgrippi
68375fdb02 added mutual flag, removed pending from contact, specs are green. wip 2011-04-05 16:12:53 -07:00
Raphael Sofaer
fdb6675f28 Make things more postgres compatible 2011-04-05 09:49:39 -07:00
danielgrippi
cbdbe1b29b follow wip. 2 failures. 2011-04-04 19:22:19 -07:00
danielgrippi
590e1fd93f All green except invite connecting +2 misc. 2011-04-04 15:16:19 -07:00
danielgrippi
97d8b34599 Fix all specs, add foreign key constraints on post_visibility 2011-03-29 17:31:56 -07:00
danielgrippi
8816bd7f91 8 failures left. wip. 2011-03-29 17:31:56 -07:00
danielgrippi
9a0d6219b5 Moving PostVisibility to aspects, WIP, model specs pass 2011-03-29 17:31:56 -07:00
maxwell
924dc13adc profile tagging now federates #FO #REAL 2011-03-17 18:05:49 -07:00
danielgrippi
68479481cf made websockets far less dumb. don't render partials for people not connected. 2011-03-15 18:21:09 -07:00
Raphael Sofaer
1b0445563e Specs passing with text 2011-03-14 11:39:31 -07:00
Raphael Sofaer
4b4654a408 Changing message to text, partway done, deleted data conversion 2011-03-14 11:39:31 -07:00
zhitomirskiyi
35cabd469f fixed the merge for the author convention 2011-03-10 20:13:52 -08:00
zhitomirskiyi
9b00b2c786 Merge branch 'mnutt-9925139-user-shouldnt-mention-non-friends' 
Conflicts:
	app/models/user.rb
	spec/integration/receiving_spec.rb
	spec/models/mention_spec.rb
	spec/models/status_message_spec.rb
 2011-03-10 19:59:12 -08:00
danielgrippi
1f5edb1d92 Merge branch 'private_messages' 
Conflicts:
	app/controllers/status_messages_controller.rb
	app/models/data_point.rb
	app/models/status_message.rb
	db/schema.rb
	lib/fake.rb
	public/stylesheets/sass/application.sass
	spec/models/mention_spec.rb
 2011-03-08 21:23:41 -08:00
zhitomirskiyi
80a3a3446a pulling in 2011-03-06 21:37:27 -08:00
zhitomirskiyi
e537104fb4 pulling in 2011-03-06 21:36:03 -08:00