nocebo/diaspora
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
20275 commits 4 branches 0 tags 121 MiB
Commit graph

20275 commits

This branch
This branch
All branches
Author SHA1 Message Date
Dennis Schubert
905df19a34
Bump rubyzip. 2020-02-11 23:54:56 +01:00
Dennis Schubert
43b83cf8f7
Bump json-jwt. 2020-02-11 23:54:56 +01:00
Dennis Schubert
d898b5ba69
Bump rack-cors. 2020-02-11 23:54:56 +01:00
Dennis Schubert
b7ee911778
Bump excon. 2020-02-11 23:54:56 +01:00
Dennis Schubert
67d73ece80
Bump secure_headers. 2020-02-11 23:54:55 +01:00
Dennis Schubert
71023a8713
Replace secret_token with secret_key_base. 
secrets.secret_token is deprecated in favor of secret_key_base and will be removed in Rails 6.0.
 2020-02-11 23:54:55 +01:00
Dennis Schubert
2e2b42ef1a
Mark non-attribute usage in SQL queries as safe. 
Non-attribute arguments will be disallowed in Rails 6.0.
 2020-02-11 23:54:55 +01:00
Dennis Schubert
4685df634c
Make Person.search_query_string public. 
Accessibility of private/protected class methods in :scope is deprecated and will be removed in Rails 6.0.
 2020-02-11 23:53:14 +01:00
Dennis Schubert
e40a07f204
Replace be_success with be_successful in specs. 
be_success is deprecated and will be removed in Rails 6.
 2020-02-11 23:53:14 +01:00
Dennis Schubert
45e8b54bea
Check for status codes instead of relying on response.redirect?. 
Rack did so much refactoring, we do not see a Response object here anymore.
 2020-02-11 23:53:14 +01:00
Dennis Schubert
35da56109f
Create a dup string from the return value of .truncate. 
Due to a bug in Rails, .truncate returns a frozen string if the string actually changed, but not if there are no changes. This leads to inconsistent behaviour, and broken tests.

This was fixed upstream, see https://github.com/rails/rails/pull/36109, but the fix did not make it into 5.2.x, so we have to work around for the time being.
 2020-02-11 23:53:14 +01:00
Dennis Schubert
75ef13b5d1
Replace content_security_policy_nonce with content_security_policy_script_nonce. 
To avoid an conflict with Rails, and to avoid confusing by twitter's gem overloading the method.
 2020-02-11 23:53:14 +01:00
Dennis Schubert
25e9728fae
Do not depend on the default parameter being set in Person#initialize. 
ActiveRecord 5.2.x occasionally calls with a nil parameter explicitly provided, so using default arguments does not work.
 2020-02-11 23:53:14 +01:00
Dennis Schubert
93b0e1eb22
Bump Rails. 2020-02-11 23:53:14 +01:00
Jonne Haß
6dbef95951 API: return whether post or item was already reported or not 2020-02-09 11:04:59 +01:00
Jonne Haß
8068d8747b API: Fix fetching explicitly not only unread notifications 2020-02-09 11:03:55 +01:00
Jonne Haß
cd0995abf3 API: Don't return notifications target unless it's a post 2020-02-09 11:03:55 +01:00
Jonne Haß
04d0d6dccb API: return mentioned_people for comments 2020-02-04 18:54:53 +01:00
Dennis Schubert
08d4f87a2d
Merge pull request #8100 from denschub/hotfix/fix-raw-photos 
Re-add `raw` to a photo's json.
 2020-02-04 16:36:13 +01:00
Dennis Schubert
6df742a7cb
Do not allow additional properties in the API's photo_sizes schema definition 2020-02-04 15:52:58 +01:00
Dennis Schubert
dbbf743920
Add the scaled_full image as a raw image in AvatarPresenter as well. 
This is a temporary workaround. Adding the real raw photo is quite a
challange and touches multiple components nobody wants to touch right
now. As this change is blocking an actual hotfix, this is fine, and will
be properly fixed at a later time.
 2020-02-04 15:52:57 +01:00
Dennis Schubert
bf55d07580
Re-add sizes.raw to the photo JSON 
because we need it for showing the raw image in the lightbox. This got lost, as the photo extension was made after API development started.
 2020-02-04 14:38:49 +01:00
Jonne Haß
2e7526bac5 API: Let hide endpoint take payload as documented and act according to it 2020-02-02 21:49:20 +01:00
Jonne Haß
dcbd02cf7f Return 403 for unauthorized API requests 
Also cleanup error handling code and remove last translatable
API error messages
 2020-02-02 21:49:20 +01:00
Jonne Haß
884de9008f API: rename poll_answer_id to poll_answer in post interactions vote endpoint 2020-02-02 21:26:33 +01:00
Jonne Haß
b1f357849b API: return post oEmbed data 2020-02-02 20:15:36 +01:00
Jonne Haß
5921cd0176 API: return post open graph metadata 2020-02-02 20:15:36 +01:00
Jonne Haß
8cae234f45 API: return own vote state in polls 2020-02-02 18:40:07 +01:00
Jonne Haß
b921b71b97 API: ensure nsfw field in post is returned as a boolean 2020-02-02 18:31:46 +01:00
Jonne Haß
0754c92116 API: correct like and comment scopes for private posts 2020-02-02 18:23:34 +01:00
Jonne Haß
fbd0a51829 API: return current users like, reshare and subcription status in post infos 2020-02-02 18:13:55 +01:00
Jonne Haß
6bbcb7415b API: don't make error messages translatable 2020-02-02 18:04:11 +01:00
Jonne Haß
04744b4dac API: Return 409 when trying to create something existing and 410 when trying to delete something already gone 
Probably missed a few more cases where we always return sucess when the user requests
status quo, but this should cover most ground
 2020-02-02 18:04:11 +01:00
Jonne Haß
e8b9a70fbf Ensure API responses adhere to documented error format 2020-02-02 18:04:11 +01:00
Jonne Haß
9e762fcc31 Use full references in API JSON schema 
We load another schema, https://diaspora.github.io/diaspora_federation/schemas/federation_entities.json,
that has overlapping definitions, namely #/definitions/post. When the definition from that schema is accessed
first, the json-schema gem caches it and is not smart enough to give precedence to the definition
within the schema document that contains the reference. So for now we have to disambiguate the references
likes this
 2020-02-02 18:03:51 +01:00
Jonne Haß
2da33408f9 Merge branch 'next-minor' into develop 2020-01-27 09:30:14 +01:00
Jonne Haß
1e642be040 Hide sign up link in mobile header when registrations are disabled 
closes #8060
 2020-01-27 09:30:11 +01:00
Dennis Schubert
f35f55cb25
Merge pull request #8088 from jhass/feature/return_token_endpoint_auth_method 
API: Return a default token_endpoint_auth_method when the client gives none in its OpenID Connect registration request
 2020-01-24 22:20:00 +01:00
Jonne Haß
654b81b8f1 Explicitly select fragment from API JSON schema in specs 
this should make them more strict and robust at the same time
 2020-01-24 16:59:04 +01:00
Jonne Haß
35bfbc9c82 Return missing created_at field on reshares endpoint 2020-01-24 16:58:32 +01:00
Jonne Haß
0935451cd8 Return a default token_endpoint_auth_method when the client gives none in its OpenID Connect registration request 
Since we announce it in the supported metadata, some clients expect to be told what to use and don't fallback to the spec standard of
client_secret_basic on their own.
 2020-01-24 11:02:02 +01:00
Dennis Schubert
500763294d
Merge pull request #8086 from jhass/api 
API
 2020-01-22 22:38:15 +01:00
Jonne Haß
1da075e30b Merge branch 'next-minor' into develop 2020-01-22 21:09:20 +01:00
Dennis Schubert
1d72f95705 Issue #8062 - Drop rails-assets.org. 
and replace it with our own Gem cache. This isn't pretty, as we have to manage that one ourselves, and pushing updates requires a core-team member, but rails-assets.org has become way too unreliable for us to be a viable option.

closes #8087
 2020-01-22 21:08:06 +01:00
Jonne Haß
8d690a9e33 undo changes in introduced by merge conflicts in the api branch 2020-01-21 23:56:01 +01:00
Jonne Haß
16b242fa0f Drop chat_enabled from aspects API 2020-01-21 23:35:01 +01:00
Jonne Haß
9bb1a36e3d Fix passing scope name to wrong scope openid connect error message 2020-01-21 23:35:01 +01:00
Jonne Haß
3abf6b6f41 return required client_secret_expires_at in openid connect dynamic registration response 2020-01-21 23:35:01 +01:00
Jonne Haß
1bf05e7921 use desktop openid connect authorizations and error pages on mobile for now 2020-01-21 23:35:01 +01:00
Jonne Haß
39c863ead9 Merge branch 'develop' into api 2020-01-21 23:35:01 +01:00