mstdn.y-zu.org/mastodon
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
13,072 Commits 12 Branches 127 Tags 124 MiB
main
Commit Graph

558 Commits

Author SHA1 Message Date
YorimiMochida
c92b5559a9
Merge pull request #137 from Y-zu-don-maintenance-org/4.1.18 
4.1.18
 2024-07-05 18:59:51 +09:00
Claire
34aeef3453
Merge pull request from GHSA-58x8-3qxw-6hm7 
* Fix insufficient permission checking for public timeline endpoints

Note that this changes unauthenticated access failure code from 401 to 422

* Add more tests for public timelines

* Require user token in `/api/v1/statuses/:id/translate` and `/api/v1/scheduled_statuses`
 2024-07-04 16:26:49 +02:00
Claire
33a50884e5 Fix not being able to block a subdomain of an already-blocked domain through the API (#30119) 2024-05-17 12:30:07 +02:00
Matt Jankowski
8ce403a85b Fix results/query in api/v1/featured_tags/suggestions (#29597) 2024-05-17 12:30:07 +02:00
YorimiMochida
2ab80bc511
Merge pull request #129 from Y-zu-don-maintenance-org/features/v4.1.12 
Features/v4.1.12
 2024-02-02 21:31:08 +09:00
Claire
458620bdd4 Fix potential redirection loop of streaming endpoint (#28665) 2024-01-24 15:31:06 +01:00
Claire
a1a71263e0 Fix streaming API redirection ignoring the port of streaming_api_base_url (#28558) 2024-01-24 15:31:06 +01:00
YoheiZuho
70cf68fc6e Merge tag 'v4.1.9' into features/4.1.9 2023-10-11 18:13:24 +09:00
Daniel M Brasil
ea7fa048f3 Fix /api/v1/timelines/tag/:hashtag allowing for unauthenticated access when public preview is disabled (#26237) 2023-09-05 19:16:09 +02:00
YorimiMochida
ff17262aff
Merge pull request #119 from Y-zu-don-maintenance-org/features/v4.1.3 
Features/v4.1.3
 2023-07-06 22:39:03 +09:00
Claire
f8930a67a0 Change /api/v1/statuses/:id/history to always return at least one item (#25510) 2023-07-06 13:45:40 +02:00
Daniel M Brasil
fd1ffd72eb Fix incorrect pagination headers in /api/v2/admin/accounts (#25477) 2023-07-06 13:45:40 +02:00
Claire
1301af60e0 Fix race condition when reblogging a status (#25016) 2023-07-06 13:45:40 +02:00
Claire
036ac5b5c9 Fix ArgumentError when loading newer Private Mentions (#25399) 2023-07-06 13:45:40 +02:00
Claire
3e1724e972 Fix multiple N+1s in ConversationsController (#25134) 2023-07-06 13:45:40 +02:00
YoheiZuho
1b02b4bfde Merge remote-tracking branch 'accelforce/custom/quote' into features/v4.1.2 2023-06-30 20:52:31 +09:00
Nick Schonning
f68bb52556
Apply Rubocop Style/NegatedIfElseCondition (#23451) 2023-02-08 07:07:36 +01:00
Eugen Rochko
21780c0204
Change notifications per page from 15 to 40 in REST API (#23348) 2023-02-01 11:23:54 +01:00
Claire
4b92e59f4f
Add support for editing media description and focus point of already-posted statuses (#20878) 
* Add backend support for editing media attachments of existing posts

* Allow editing media attachments of already-posted toots

* Add tests
 2023-01-18 16:33:55 +01:00
Claire
b034dc42be
Fix /api/v1/admin/trends/tags using wrong serializer (#18943) 
* Fix /api/v1/admin/trends/tags using wrong serializer

Fix regression from #18641

* Only use `REST::Admin::TagSerializer` when the user can `manage_taxonomies`

* Fix admin trending hashtag component to not link if `id` is unknown
 2023-01-18 16:28:18 +01:00
Carl Schwan
f33e22ae4c
Allow changing hide_collections setting with the api (#22790) 
* Allow changing hide_collections setting with the api

This is currently only possible with app/controllers/settings/profiles_controller.rb
and is the only difference in the allowed parameter between the two controllers

* Fix the lint issue

* Use normal indent
 2023-01-13 16:40:21 +01:00
Claire
8556a649d5
Fix changing domain block severity not undoing individual account effects (#22135) 
* Fix changing domain block severity not undoing individual account effects

Fixes #22133

* Add tests
 2022-12-15 17:45:02 +01:00
Claire
623d3d2e32
Change CSP directives on API to be tight and concise (#20960) 2022-12-15 16:40:32 +01:00
nametoolong
63b379c2d9
Fix N+1 queries from in NotificationsController (#21202) 
Co-authored-by: Nonexistent <nx@example.org>
 2022-12-15 16:18:20 +01:00
Francis Murillo
f6492a7c4d
Log admin approve and reject account (#22088) 
* Log admin approve and reject account

* Add unit tests for approve and reject logging
 2022-12-07 00:25:18 +01:00
Claire
69137f4a90
Fix irreversible and whole_word parameters handling in /api/v1/filters (#21988) 
Fixes #21965
 2022-12-07 00:10:53 +01:00
Claire
51a33ce77a
Fix not being able to follow more than one hashtag (#21285) 
Fixes regression from #20860
 2022-11-21 10:35:09 +01:00
trwnh
7fdeed5fbc
Make tag following idempotent (#20860) 2022-11-17 10:55:59 +01:00
trwnh
e1f819fd78
Fix pagination of followed tags (#20861) 
* Fix missing pagination headers on followed tags

* Fix typo
 2022-11-17 10:54:10 +01:00
Daniel Axtens
4d85c27d1a
Add 'private' to Cache-Control, match Rails expectations (#20608) 
Several controlers set quite intricate Cache-Control headers in order to
hopefully not be cached by any intermediate proxies or local caches. Unfortunately,
these headers are processed by ActionDispatch::HTTP::Cache in a way that squashes
and discards any values set alongside no-store other than private:
8015c2c2cf/actionpack/lib/action_dispatch/http/cache.rb (L207-L209)

We want to preserve no-store on these responses, but we might as well remove
parts that are going to be dropped anyway. As many of the endpoints in these
controllers are private to a particular user, we should also add "private",
which will be preserved alongside no-store.
 2022-11-16 04:56:30 +01:00
kyori19
ae2190b9a5
Merge remote-tracking branch 'mastodon/main' into custom/quote 
# Conflicts:
#	app/javascript/mastodon/components/status.js
#	app/javascript/mastodon/components/status_action_bar.js
#	app/javascript/mastodon/components/status_content.js
#	app/javascript/mastodon/containers/timeline_container.js
#	app/javascript/mastodon/features/status/components/detailed_status.js
#	app/javascript/styles/mastodon/components.scss
 2022-11-15 01:48:20 +00:00
trwnh
b59ce0a60f
Move V2 Filter methods under /api/v2 prefix (#20622) 
* Move V2 Filter methods under /api/v2 prefix

* move over the tests too
 2022-11-14 08:34:07 +01:00
Eugen Rochko
b31afc6294
Fix error when passing unknown filter param in REST API (#20626) 
Fix #19156
 2022-11-14 08:06:06 +01:00
Eugen Rochko
167d86d21d
Fix role_ids not accepting arrays in admin API (#20625) 
Fix #19157
 2022-11-14 06:56:15 +01:00
Claire
86f6631d28
Remove dead code and refactor status threading code (#20357) 
* Remove dead code

* Remove unneeded/broken parameters and refactor descendant computation
 2022-11-10 22:30:00 +01:00
Claire
1615c3eb6e
Change logged out /api/v1/statuses/:id/context logged out limits (#20355) 2022-11-10 21:06:08 +01:00
James Tucker
78a6b871fe
Improve performance by avoiding regex construction (#20215) 
```ruby
10.times { p /#{FOO}/.object_id }
10.times { p FOO_RE.object_id }
```
 2022-11-10 05:49:30 +01:00
Eugen Rochko
0cd0786aef
Revert filtering public timelines by locale by default (#20294) 2022-11-10 05:34:42 +01:00
trwnh
89e1974f30
Make account endorsements idempotent (fix #19045) (#20118) 
* Make account endorsements idempotent (fix #19045)

* Accept suggestion to use exists? instead of find_by + nil check

Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>

* fix logic (unless, not if)

* switch to using `find_or_create_by!`

Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
 2022-11-08 16:39:15 +01:00
trwnh
68d9dcd425
Fix uncaught 500 error on invalid replies_policy (Fix #19097) (#20126) 2022-11-08 16:37:28 +01:00
Claire
4cb2323458
Fix crash in legacy filter creation controller (#19878) 2022-11-07 03:38:53 +01:00
Eugen Rochko
3a41fccc43
Change AUTHORIZED_FETCH to not block unauthenticated REST API access (#19803) 
New environment variable `DISALLOW_UNAUTHENTICATED_API_ACCESS`
 2022-11-05 22:56:03 +01:00
kyori19
4be8ece78d
Merge remote-tracking branch 'mastodon/main' into custom/quote 2022-11-05 19:56:50 +00:00
Claire
c2170991c7
Fix reblogs being discarded after the reblogged status (#19731) 2022-11-04 16:31:44 +01:00
Eugen Rochko
15bae3e0e4
Change post-processing to be deferred only for large media types (#19617) 2022-11-01 15:27:58 +01:00
Eugen Rochko
26478f461c
Remove language filtering from hashtag timelines (#19563) 2022-10-30 21:29:23 +01:00
Eugen Rochko
276b85bc91
Fix admin APIs returning deleted object instead of empty object upon delete (#19479) 
Fix #19153
 2022-10-30 02:43:57 +02:00
Eugen Rochko
5724da0780
Fix language not being saved when editing status (#19543) 
Fix #19542
 2022-10-30 02:43:27 +02:00
Eugen Rochko
3e18e05330
Fix uncaught error when invalid date is supplied to API (#19480) 
Fix #19213
 2022-10-27 14:30:52 +02:00
Eugen Rochko
1ae508bf2f
Change unauthenticated search to not support pagination in REST API (#19326) 
- Only exact search matches for queries with < 5 characters
- Do not support queries with `offset` (pagination)
- Return HTTP 401 on truthy `resolve` instead of overriding to false
 2022-10-26 12:10:02 +02:00