nocebo/diaspora
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
19336 commits 4 branches 0 tags 121 MiB
Commit graph

1433 commits

Author SHA1 Message Date
Benjamin Neff
df9874b73a remove raw_message 
This was only an alias for "text", and "raw_message" is also not used
for federation anymore, so we can drop it.
 2016-07-17 01:40:00 +02:00
Steffen van Bergerem
f8d8089cb6
Add more specs for the admins controller 2016-07-09 12:30:19 +02:00
Steffen van Bergerem
b01ca5d3bc
Add basic help controller spec 2016-07-09 10:55:59 +02:00
Steffen van Bergerem
b296e73c36
Add basic terms controller spec 2016-07-09 10:55:59 +02:00
Benjamin Neff
9a3f653c45 fix sender for messages for old pods 
Send a second message to remote recipients with conversation-author
as salmon author if the conversation-author is local.

The first dispatch will fail on old pods. New pods will ignore the
second message, if the guid already exist.
 2016-06-26 14:05:52 +02:00
Benjamin Neff
70f378a1c1 don't participate own posts on creation 2016-06-26 06:21:02 +02:00
Benjamin Neff
57dbcc0e67 add root author to reshare subscribers 2016-06-26 06:21:02 +02:00
Benjamin Neff
03123f1c4d remove more unused code and cleanup 2016-06-26 06:21:01 +02:00
Benjamin Neff
ae05d4e928 use Diaspora::Federation::Dispatcher everywhere 2016-06-26 06:21:01 +02:00
Benjamin Neff
ecbf5fa3e7 enable some skipped tests again 2016-06-26 06:21:00 +02:00
Benjamin Neff
7184d4334e remove after_dispatch hook 
handle photos in StatusMessageCreationService
 2016-06-26 06:21:00 +02:00
Benjamin Neff
20dabbd15f remove user parameter from subscribers method 2016-06-26 06:21:00 +02:00
Benjamin Neff
581f8d7226 don't force remove contact on block 
this creates inconsistent states, if you remove the block in the future
 2016-06-26 06:21:00 +02:00
Benjamin Neff
4fb34139b0 cleanup notifications and fix tests 2016-06-26 06:20:59 +02:00
Benjamin Neff
b1d30aa9cc add more "diaspora to federation entity" methods 
move it to Diaspora::Federation::Entities and use it in some tests, but most of the tests can be removed later.
 2016-06-26 06:20:58 +02:00
Steffen van Bergerem
b1943f1e46
Redesign default.haml and add a podmin welcome page 2016-06-20 02:03:53 +02:00
Steffen van Bergerem
629e6382ec
Use Poltergeist instead of Selenium 2016-06-19 01:53:18 +02:00
Dennis Schubert
53808847a2 Merge branch 'stable' into develop 2016-05-07 18:52:34 +02:00
Ralin Chimev
1773e3e35d Do not change notification timestamp when making it read or unread. 
Marking a notification as unread resets the timeago stamp causing
the times to look wrong. It can be reproduced by marking an old
notification as unread. Using the update_column instead of
update_attribute will not touch the updated_at attribute, and
thus will not affect the updated time ago in the view.

Fixes #6798.

closes #6821
 2016-05-07 18:52:27 +02:00
theworldbright
bb3849e4b1 Fix API privilege scope escalation 2016-03-11 17:18:21 -08:00
Benjamin Neff
d94eae0d45 refactoring PostService 
* move presenters back to controllers, this is view-logic
* use PostService in CommentService
* remove iframe route, this is not used anymore
* id/guid limit at 16 chars, hex(8) is 16 chars long
 2016-03-07 05:52:54 +01:00
Benjamin Neff
b398b115bc refactoring CommentService 2016-03-07 05:52:54 +01:00
Benjamin Neff
b67b7cf8c6 write specs for StatusMessageCreationService 2016-03-07 05:52:54 +01:00
Benjamin Neff
5a46da47c3 refactoring StatusMessageCreationService 
* move parameter normalization back to controller, because this is
  frontend-specific.
* if the StatusMessage is public, save also public photos
 2016-03-07 00:00:27 +01:00
Jonne Haß
39ae5e741e Merge pull request #6732 from SuperTux88/cleanup-aspect_visibilities 
Cleanup aspect visibilities
 2016-03-05 11:05:55 +01:00
Benjamin Neff
acb91c79d2 improve pod connection check 
* use port for check
* respect entries in /etc/hosts
* test /.well-known/host-meta
* don't allow redirects to other domains
 2016-03-05 02:57:11 +01:00
Benjamin Neff
b1a6516474 add migration for pods-table 
* add port to pods
* remove url from person and link people with pod-table
 2016-03-05 00:12:54 +01:00
Benjamin Neff
f913128967 don't add public shareables to aspect_visibilities 2016-03-04 20:13:52 +01:00
Dennis Schubert
535057aca4 Merge branch 'stable' into develop 2016-02-21 04:26:25 +01:00
Steffen van Bergerem
374679c093 Add rspec test for reset_authentication_token without current_user 
closes #6707
 2016-02-21 04:26:12 +01:00
Steffen van Bergerem
f8f05371e0 Merge pull request #6394 from AugierLe42e/mobile-js-refactor 
Mobile JS refactor
 2016-02-15 22:22:35 +01:00
Augier
28c509baeb Add jasmine specs for mobile view 2016-02-15 12:14:35 +01:00
Steffen van Bergerem
89f21e87f8 Remove unused code 2016-02-14 02:48:51 +01:00
Steffen van Bergerem
6fce81fc99 Merge branch 'stable' into develop 2016-01-20 21:37:30 +01:00
tamatsyk
960e651764 internationalize controller rescue_from text 
Fix typos

change forbitten to forbidden

fix styling issue and copypaste

improve code style for aspec_memberships_controller.rb with rubocop

fix styling issues

aligned elements of hash literals

fix typo

fix locale name and styling of its usage

fix failing tests

closes #6554
 2016-01-20 21:37:02 +01:00
theworldbright
b09ee87912 Update json-jwt legacy methods 2016-01-04 17:01:41 +09:00
theworldbright
58aef5658b Fix remaining remarks 2016-01-04 17:01:40 +09:00
theworldbright
ed1dc256a8 Fix handling of error message in authorization controller 2016-01-04 16:49:58 +09:00
theworldbright
10938404e9 Fix HTTP request test mocks 2016-01-04 16:49:57 +09:00
theworldbright
c6bec2f2dc Return error to RP instead of user for prompt=none 2016-01-04 16:49:57 +09:00
theworldbright
9fc8c63cae Fix hash styles for stub_request 2016-01-04 16:49:57 +09:00
theworldbright
f1b394de0f Fix remaining remarks 2016-01-04 16:49:57 +09:00
theworldbright
2f8c391ac6 Fix pronto and travis errors 2016-01-04 16:49:57 +09:00
theworldbright
0fbcb71255 Add support for request_uri and claims 2016-01-04 16:49:56 +09:00
theworldbright
82600003b3 Flash error messages when redirect_uri is invalid 2016-01-04 16:49:56 +09:00
theworldbright
adcf2ab7ab Fix test for prompt == "none" 2016-01-04 16:49:56 +09:00
augier
d351db1982 Filter for prompt handling 2016-01-04 16:49:56 +09:00
augier
7b2be0d3c6 Support displaying TOS and policy 2016-01-04 16:49:56 +09:00
augier
6fcb9a9d3a Add XSS spec for application's name 2016-01-04 16:49:56 +09:00
augier
2c7d102019 Design for authorization page when client_name not providen + XSS spec 2016-01-04 16:49:55 +09:00
theworldbright
fd467cd42b Add private_key_jwt support 
See

- http://openid.net/specs/openid-connect-core-1_0.html#ClientAuthentication
- https://openid.net/specs/openid-connect-registration-1_0.html#ClientMetadata
 2016-01-04 16:49:55 +09:00
theworldbright
1dcefdb998 Validate sector identifier uri and redirect uri 2016-01-04 16:49:55 +09:00
theworldbright
4be9f4d558 Make client name optional 2016-01-04 16:49:54 +09:00
augier
c33cce0953 Styling user consent form 2016-01-04 16:49:54 +09:00
theworldbright
1a7f2edc01 Perform major refactoring 
- Add foreign_keys
- Remove unused classes/methods
- Fix pronto errors
- Add method to retrieve client id from name
- Remove TODO comments
- Fix unnecessary private key generation
 2016-01-04 16:49:54 +09:00
theworldbright
e55a0b0d0b Replace scopes with constants in Authorization 2016-01-04 16:49:54 +09:00
theworldbright
bb8fe6aa83 Adjust id token config to save private key to file 2016-01-04 16:49:53 +09:00
theworldbright
24fd70676c Fix webfinger discovery route 2016-01-04 16:49:53 +09:00
theworldbright
ab65617958 Add support for max_age parameter 
Additionally add support for prompt's login option

Signed-off-by: theworldbright <kent@kentshikama.com>
 2016-01-04 16:49:53 +09:00
theworldbright
25f51c606a Add support for prompt parameter 2016-01-04 16:49:53 +09:00
theworldbright
8be3be3e10 Refactor authorizations controller destroy action 2016-01-04 16:49:53 +09:00
theworldbright
6e1a673459 Replace let!() with factory girl 2016-01-04 16:49:52 +09:00
theworldbright
dd337d4163 Remove JSON root from client controller 
Signed-off-by: theworldbright <kent@kentshikama.com>
 2016-01-04 16:49:52 +09:00
theworldbright
65c40f236e Load scopes from seeds 
Signed-off-by: theworldbright <kent@kentshikama.com>
 2016-01-04 16:49:51 +09:00
theworldbright
99d6d7b3e7 Add pairwise pseudonymous identifier support 
Squashed commits:

[a182de7] Fix pronto/travis errors
 2016-01-04 16:49:51 +09:00
theworldbright
d834a1d4d0 Replace user info endpoint with supported claims 
The route /api/v0/user/ will now be used as a
non-OIDC route. In other words, the /api/v0/user/
will require the "read" scope while
/api/openid_connect/user_info/ will require the
"openid" scope
 2016-01-04 16:49:51 +09:00
theworldbright
e5932968fd Add support for authorization code flow 2016-01-04 16:49:51 +09:00
theworldbright
bc5e5c7420 Fix pronto errors 2016-01-04 16:49:51 +09:00
augier
de4f68c289 Support for more metadata 2016-01-04 16:49:50 +09:00
augier
cc28199555 Fixing hounds remarks 2016-01-04 16:49:50 +09:00
theworldbright
7b80a7408d Add integration tests for implicit flow 
Squashed commits:
[d5001fe] Refactor
[8d8a23f] Add test for when authorization is denied
[659fc56] Adjust password flow integration test
 2016-01-04 16:49:50 +09:00
theworldbright
ee9ac06e1a Add support for access tokens in implicit flow 
Squashed commits:
[7dbf618] Use Rail's find_or_create_by method
 2016-01-04 16:49:50 +09:00
theworldbright
2d762da072 Adjust tokens to fit revised Authorization 2016-01-04 16:49:50 +09:00
theworldbright
17fde49d61 Implement ID Token for the implicit flow 2016-01-04 16:49:50 +09:00
augier
031679762a Redesign the models 2016-01-04 16:49:49 +09:00
theworldbright
9d9dc13272 Adjust discovery controller to current values 2016-01-04 16:49:49 +09:00
Augier
73cc55940d Fix travis errors and refactor 2016-01-04 16:49:49 +09:00
theworldbright
3d26cbf657 Allow POST requests at authentication endpoint 2016-01-04 16:49:49 +09:00
theworldbright
3cfbcbce8f Implement authorization endpoint (part 1) 
The user can now authenticate with the authorization
server's authorization endpoint and receive a fake
id token.
 2016-01-04 16:49:49 +09:00
theworldbright
88d02ea35b Add client registration 
Client must now be registered prior to imitating a
call to the token endpoint with the password flow.

Squashed commits:

[fdcef62] Rename authorization endpoint to protected resource endpoint
 2016-01-04 16:49:48 +09:00
theworldbright
52e10a91fe Add tests for invalid token to password flow 2016-01-04 16:49:16 +09:00
theworldbright
9de2837a63 Move new API from /api/v2 to /api/v0 2016-01-04 16:49:16 +09:00
theworldbright
beae77102d Allow current user to be obtained from access token 2016-01-04 16:49:16 +09:00
theworldbright
68d96a3189 Add versionist gem 2016-01-04 16:49:16 +09:00
Dennis Schubert
9dca1785c2 Merge branch 'stable' into develop 2015-12-31 16:17:35 +01:00
Jonne Haß
9aa7b2bd78 bump ruby-oembed 2015-12-31 16:05:57 +01:00
Dennis Schubert
d4fbbd86b3 Merge branch 'stable' into develop 2015-12-30 14:51:05 +01:00
Benjamin Neff
082e300a40 remove PublicsController completely 2015-12-30 14:50:34 +01:00
Benjamin Neff
5c8f0c1671 create queue callbacks and remove receive routes 2015-12-30 14:50:34 +01:00
Jonne Haß
21cb1f44cd Merge branch 'stable' into develop 2015-12-08 17:30:32 +01:00
apsc92
fdb3ae5cb8 Fix_notifications_timestamp_issue #4826 
closes #6573
 2015-12-08 17:30:27 +01:00
Manuel Vögele
1680c0c924 Do not disable submit button if comment is empty in mobile view 
Fixes #5485
 2015-11-13 02:46:22 +01:00
Jonne Haß
7fca5cf93a Merge branch 'stable' into develop 2015-11-04 22:10:07 +01:00
theworldbright
a054a35863 Catch Diaspora::NotMine on post controller 
closes #6533
 2015-11-04 22:10:00 +01:00
Jonne Haß
2aed793d19 Merge branch 'stable' into develop 2015-10-11 17:30:47 +02:00
Steffen van Bergerem
123e6d1dd4 Redirect logged out users to sign up page for limited posts 
closes #6490
 2015-10-11 17:29:01 +02:00
Jonne Haß
92b5ea29ed Merge branch 'stable' into develop 2015-10-07 22:29:45 +02:00
Steffen van Bergerem
e0be1b49f1 Add public stream 
closes #6465
 2015-10-07 22:29:39 +02:00
Jonne Haß
1df5c7f7bf Merge branch 'stable' into develop 2015-10-07 10:58:10 +02:00
Faldrian
a946251a9e Show getting_started only if user has made no profile changes on the page 
closes #6456
 2015-10-07 10:58:06 +02:00
Lukas Matt
78f9b39e55 Use polymorphic association for the report item 
* Adopt pronto suggestions

Signed-off-by: Lukas Matt <lukas@zauberstuhl.de>
 2015-10-03 17:18:03 +02:00
Jonne Haß
0508c1b8d4 Merge branch 'stable' into develop 2015-09-14 22:06:52 +02:00
Steffen van Bergerem
05a6d95811 Always show public photos 
closes #6398
 2015-09-14 22:04:53 +02:00
Jonne Haß
0f1295718f Merge branch 'stable' into develop 2015-09-13 12:25:18 +02:00
Jonne Haß
6fb5e88ead Merge branch 'master' into stable 2015-09-13 12:23:41 +02:00
Steffen van Bergerem
ebad0961a9 Show private profile info if contact is sharing 2015-09-13 12:16:25 +02:00
Jonne Haß
176b32c815 Merge branch 'stable' into develop 2015-09-07 12:41:36 +02:00
realtin
15b186518c add moderators to report email recievers 
and refactor coding style according to pull request comments

(#5324)
 2015-09-07 12:31:25 +02:00
realtin
098c30c2b7 adapt report spec for the moderator 2015-09-07 12:29:46 +02:00
zaziemo
b2dc77e1e6 change method name for a better understanding of what the befor_filter does 
and correct test syntax
#5324
 2015-09-07 12:24:12 +02:00
realtin
bc75371b7a report controller renders index for the moderator 
(#5324)
 2015-09-07 12:24:12 +02:00
Steffen van Bergerem
3bc5b673c6 Refactor mobile comment js code and add tests 2015-08-29 14:46:20 +02:00
Florian Staudacher
ea397ffdfb Add connection test for pods in the network 
* add a class for checking pod connectivity
* extend pod model to handle new functionality
* add an admin frontend to list pods and re-trigger checks manually
* add a daily worker to run through all the pods
* add unit tests for most of the new code
 2015-08-24 22:04:53 +02:00
Jonne Haß
d396d5555f Merge branch 'stable' into develop 2015-08-21 14:23:46 +02:00
Benjamin Neff
663835ed3a remove old webfinger/hcard code 
closes #6310
 2015-08-21 14:23:08 +02:00
Benjamin Neff
d28e03f053 use discovery from diaspora_federation gem 2015-08-21 14:21:43 +02:00
Jonne Haß
25be9ecfd2 Merge branch 'stable' into develop 2015-08-09 18:35:44 +02:00
theworldbright
d7c92431ae Extract service from comments controller 
closes #6307
 2015-08-09 18:35:11 +02:00
Jonne Haß
480384a077 Merge branch 'stable' into develop 2015-08-06 22:56:30 +02:00
Steffen van Bergerem
dc576fb0d6 Check if person is nil in person_image_tag 
closes #6286
 2015-08-06 22:55:41 +02:00
Dennis Schubert
04135d7b28 Merge branch 'stable' into develop 2015-07-27 02:05:14 +02:00
Steffen van Bergerem
6fea450777 Fix mobile photos index page 
closes #6243
 2015-07-27 01:59:26 +02:00
Jonne Haß
6ee3843449 Merge branch 'stable' into develop 2015-07-26 13:11:49 +02:00
theworldbright
2a3dde1ae5 Refactor PostService and extract its tests 
Squashed commits:

[ada0f09] Remove favorites from Posts table

closes #6208
 2015-07-26 13:10:24 +02:00
theworldbright
d724397168 Refactor posts controller 2015-07-26 12:58:42 +02:00
Dennis Schubert
e8297f8d6b Merge pull request #6207 from jaywink/social-relay 
Implement social relay requirements
 2015-07-25 23:01:45 +02:00
Jonne Haß
11a8ac614c Merge pull request #6240 from svbergerem/contact-page-update-counts 
Update number of contacts on contact page when adding/removing contacts
 2015-07-24 22:02:39 +02:00
Steffen van Bergerem
04191996a5 Add updates for 'only sharing' and 'all contacts' 2015-07-24 14:18:43 +02:00
Dennis Schubert
be8f920c29 Merge branch 'stable' into develop 2015-07-24 04:05:32 +02:00
Jonne Haß
b7064677ff Collapse StatisticsController into NodeInfoController 2015-07-24 03:51:31 +02:00
Jonne Haß
487b0d90ca Implement NodeInfo 2015-07-24 03:50:02 +02:00
Steffen van Bergerem
484e70a68f Add dashboard to admin page 2015-07-21 14:36:41 +02:00
Jason Robinson
bdf6c71772 Implement social relay functionality 
* .well-known/social-relay - to serve subscription preferences to relays
* Workers.deferred_dispatch relay carbon copy functionality for outbound sending

See discussion here: https://www.loomio.org/d/9vpoe0UR/public-post-federation#comment-730911 and spec here: https://wiki.diasporafoundation.org/Relay_servers_for_public_posts
 2015-07-18 21:29:31 +03:00
Benjamin Neff
8bf54e32ae create temporary fixture tests and remove old tests 2015-07-14 05:50:26 +02:00
Benjamin Neff
0fca8ceeaf create temporary fixture tests and remove old tests 2015-07-10 01:46:48 +02:00
Dennis Schubert
e0420d733a Merge branch 'stable' into develop 2015-06-08 00:49:55 +02:00
Benjamin Neff
010afa1019 refactor: iterate over visiblities 
closes #6060
 2015-06-08 00:45:16 +02:00
efstrian
d64ea15891 Issue #4297: Style fixes - Default theme is configurable 2015-06-07 19:58:14 +03:00
dimana
31d760867c Issue #4297: Updated color themes and testing 2015-06-07 19:57:37 +03:00
Dennis Schubert
aac0a2582e Merge branch 'stable' into develop 2015-05-12 04:00:12 +02:00
Steffen van Bergerem
40bb44eb96 Mobile: manage followed tags 
closes #5945
 2015-05-12 04:00:07 +02:00
Jonne Haß
4a7c358be9 Merge branch 'stable' into develop 2015-05-05 01:39:52 +02:00
Steffen van Bergerem
399fdb2c7d Check request.format :mobile in home controller 2015-05-05 01:39:48 +02:00
Jonne Haß
f257658e46 Revert "Revert "Merge pull request #5852 from margori/3393-activity-stream-keeping-retracted-participations"" 
This reverts commit 2c7848e3cb.
 2015-05-04 00:43:41 +02:00
Jonne Haß
2c7848e3cb Revert "Merge pull request #5852 from margori/3393-activity-stream-keeping-retracted-participations" 
This reverts commit 096fa2ddbb, reversing
changes made to f7d1105148.
 2015-05-04 00:36:27 +02:00
Benjamin Neff
3c09756417 refactoring javascript and controller 
- move to contacts.js
- use json
- move to aspects_controller
- add route
- rewrite test
- fix css in chrome
 2015-04-28 01:57:43 +02:00
Simon Wörner
cee4f1c3cd fixed aspect sorting, added minimal jquery ui, added test 2015-04-26 01:57:00 +02:00
Jonne Haß
0bad6dba88 Merge branch 'release/0.5.0.0-RC' into develop 2015-04-22 20:58:54 +02:00
Jonne Haß
6e546ff2bf Trigger exports through a POST request 
GET requests don't get any CSRF protection by Rails,
thus these sensitive actions should be better protected.

Thanks to @tomekr for the report.
 2015-04-22 20:20:10 +02:00
Jonne Haß
0a70e51f74 Add a token the filename for exported user data 
Also redirect to it for download, for Amazon S3
compatibility.

Prior to this patch an attacker could obtain an
users export by guessing the filename with a high
chance of success. Fully authenticating the
download request is a lot harder due to our diverse
deployment scenarios.

This brings the used method in line with the photo
export feature.

Thanks to @tomekr for the report.
 2015-04-22 20:19:17 +02:00