Commit Graph

252 Commits

Author SHA1 Message Date
Claire e61a7794f8 Merge commit 'df9e26158d9787859b24bdc276af478abf05e1af' into glitch-soc/merge-upstream
Conflicts:
- `lib/sanitize_ext/sanitize_config.rb`:
  Conflict because glitch-soc has a different list of allowed tags.
  Added upstream's new allowed tags while keeping ours.
- `spec/requests/api/v1/timelines/public_spec.rb`:
  Conflict because of glitch-soc's default settings.
  Updated accordingly.
2024-07-04 17:12:14 +02:00
Claire 502cf75b16
Merge pull request from GHSA-58x8-3qxw-6hm7
* Fix insufficient permission checking for public timeline endpoints

Note that this changes unauthenticated access failure code from 401 to 422

* Add more tests for public timelines

* Require user token in `/api/v1/statuses/:id/translate` and `/api/v1/scheduled_statuses`
2024-07-04 16:26:49 +02:00
Claire b0c979af49 Merge commit '58ace2e45e16a69977267d03874568c11043f04c' into glitch-soc/merge-upstream 2024-06-18 18:20:36 +02:00
Claire 58ace2e45e
Fix SQL error in admin measures API (#30753) 2024-06-18 16:04:58 +00:00
Claire 677f73f793 Merge commit '3a191b3797dde1daf79cd748a14b87240532d543' into glitch-soc/merge-upstream 2024-06-17 13:41:58 +02:00
Claire 45abddb302
Fix pagination attributes not being returned in ungroupable-only pages (#30688) 2024-06-13 14:10:34 +00:00
Claire 4daed855e5 Merge commit 'd818ddd6870094e89e58ef61f37da4cb73935856' into glitch-soc/merge-upstream 2024-06-11 19:46:11 +02:00
Matt Jankowski b2496177e0
Use correct params in `v1/admin/domain_allows` spec (#30378) 2024-06-11 07:35:30 +00:00
Claire be68f8f4af Merge commit '9cc4040308a758d4b77961f4da79cf63a044fffe' into glitch-soc/merge-upstream 2024-06-10 18:20:08 +02:00
Daniel M Brasil 77c2216e47
fix: Return HTTP 422 when scheduled status time is less than 5 minutes (#30584) 2024-06-10 13:33:48 +00:00
Claire 7277d2f130 Merge commit '496c10542bd39ca86a85d4de81778c134ea4383c' into glitch-soc/merge-upstream 2024-06-07 20:30:51 +02:00
Matt Jankowski 07cc94e05f
Use `sidekiq_inline` in requests/api/v1/admin/account_actions spec (#30563) 2024-06-06 14:19:22 +00:00
Matt Jankowski 9b9b0e25b6
Use `sidekiq_inline` in requests/api/v1/reports spec (#30564) 2024-06-06 14:14:33 +00:00
Claire 578b0eae7d Fix /api/v1/timelines/link specs for glitch-soc default settings 2024-06-06 12:52:15 +02:00
Claire 30b00ca2b5 Merge commit '5652ca613582df03e5b838626078981414f3b897' into glitch-soc/merge-upstream 2024-06-06 12:27:26 +02:00
Eugen Rochko a2505e8611
Add timeline of public posts about a trending link to REST API (#30381) 2024-06-06 08:43:04 +00:00
Emelia Smith e02d23b549
Change `read:me` scope to `profile` scope (#30357)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2024-06-06 07:30:10 +00:00
Emelia Smith 4655be0da6
Fix add validation to webpush subscription keys (#30542) 2024-06-05 19:16:47 +00:00
Emelia Smith eef2cc054f
Add url validation to Web::PushSubscription endpoints (#30540) 2024-06-05 08:06:06 +00:00
Claire 974335e414
Add experimental server-side notification grouping (#29889) 2024-06-03 08:35:59 +00:00
Claire c827a98f19 Merge commit 'd20a5c3ec9ed40a991245fe32d0acb6187dd48c4' into glitch-soc/merge-upstream
Conflicts:
- `yarn.lock`:
  Not a real conflict, just a line adjacent to a glitch-soc only dependency
  getting updated.
  Updated dependencies as upstream did.
2024-05-29 17:03:24 +02:00
Claire 36fe8f8566
Change `ids` param to `id` in `/api/v1/statuses` and `/api/v1/accounts` for consistency (#30465) 2024-05-29 09:19:17 +00:00
Matt Jankowski c61e356475
Add `Status::MEDIA_ATTACHMENTS_LIMIT` configuration constant (#30433) 2024-05-27 09:49:44 +00:00
Claire 0e8633f6c7 Merge commit '3a862439dfc989c6c5741e007c2f4e0335fffe33' into glitch-soc/merge-upstream 2024-05-23 20:11:12 +02:00
Matt Jankowski 3a862439df
Remove unused account record in api/v2/admin/accounts spec (#30397) 2024-05-23 08:26:58 +00:00
Claire e46321e63d Merge commit 'de4815afda0809bf999519aabda1cd14c67278da' into glitch-soc/merge-upstream 2024-05-20 12:17:36 +02:00
Emelia Smith 2da2a1dae9
Support multiple redirect_uris when creating OAuth 2.0 Applications (#29192) 2024-05-17 13:46:12 +00:00
Claire 016d194274 Merge commit '2fe1b8d1695d8faa452a69872fde94ccc4611576' into glitch-soc/merge-upstream
Conflicts:
- `app/helpers/application_helper.rb`:
  Not a real conflict, upstream added helpers right next to glitch-soc only
  helpers.
  Added upstream's helpers.
- `spec/models/status_spec.rb`:
  Not a real conflict, upstream added specs right next to glitch-soc only
  specs.
  Added upstream's tests.
2024-05-06 17:53:51 +02:00
Claire 2fe1b8d169
Add API to get multiple accounts and statuses (#27871)
Co-authored-by: noellabo <noel.yoshiba@gmail.com>
2024-05-06 15:19:15 +00:00
Claire 3789d9f825 Merge commit 'b7902225d698a107df2cf8b4ca221caad38fa464' into glitch-soc/merge-upstream
Conflicts:
- `spec/validators/status_length_validator_spec.rb`:
  Upstream refactored tests to stub `StatusLengthValidator::MAX_CHARS`
  while glitch-soc had custom code to read from `MAX_TOOT_CHARS`.
  Switched to using upstream's implementation of the tests.
2024-05-04 16:28:30 +02:00
Claire f09f5b35f2 Merge commit 'd97d31cce664281d868e4c661451687a301c97c8' into glitch-soc/merge-upstream
Conflicts:
- `app/models/account.rb`:
  Upstream refactored this file a bit, moving validation limits to constants.
  We already had a similar change, although with different constant names.
  Updated to match upstream's code.

The following files were also modified accordingly:
- `app/views/settings/profiles/show.html.haml`
- `spec/requests/api/v1/accounts/credentials_spec.rb`
2024-05-04 16:12:51 +02:00
Claire 253ead3aa7
Fix not being able to block a subdomain of an already-blocked domain through the API (#30119) 2024-05-02 20:56:21 +00:00
Claire b039e62194 Merge commit 'a2399046ca600d492b492b8dae88011de687bece' into glitch-soc/merge-upstream 2024-05-01 19:49:59 +02:00
Claire 0fb469e2f3 Merge commit '52ab8a59c6e77b6409a7d4d81b15751732b3af91' into glitch-soc/merge-upstream 2024-05-01 17:30:52 +02:00
Claire 15f6d2d038 Merge commit 'd27eb181f6ab419d1745a1fe9b94094be17a618f' into glitch-soc/merge-upstream
Conflicts:
- `spec/requests/api/v2/instance_spec.rb`:
  Conflict due to glitch-soc having a different default site name.
  Updated the tests as upstream did, keeping glitch-soc's default name.
2024-05-01 17:22:02 +02:00
Claire 2c386d4cfe Merge commit 'c70c39cad03824c64564fa7d241e6bf01acbab76' into glitch-soc/merge-upstream 2024-05-01 17:06:49 +02:00
Emelia Smith 049b159beb
Add read:me OAuth 2.0 scope, allowing more limited access to user data (#29087) 2024-04-23 11:47:00 +00:00
Claire 777984faeb Merge commit '119c7aa0df1e1d26bdee1701250d23a7af9e9136' into glitch-soc/merge-upstream 2024-04-06 20:34:07 +02:00
Claire 903dc53522 Merge commit '05eda8d19330a9c27c0cf07de19a87edff269057' into glitch-soc/merge-upstream 2024-04-06 20:01:25 +02:00
Matt Jankowski 191bf5876e
Add coverage for sanitize failure path in api/web/embeds spec (#29851) 2024-04-04 16:07:16 +00:00
Matt Jankowski f87959ab50
Fix `RSpec/LetSetup` cop in api/v1/timelines/public spec (#28972) 2024-04-02 14:05:02 +00:00
Matt Jankowski 34489591ec
Add `max_pinned_statuses` to instances serializer and api response (#29441) 2024-04-02 13:54:11 +00:00
Renaud Chaput b4d991adaa
Use integers and not numbers in notification policy API counters (#29810) 2024-04-02 10:06:26 +00:00
Matt Jankowski 34f293475e
Fix results/query in `api/v1/featured_tags/suggestions` (#29597) 2024-03-22 15:08:27 +00:00
Claire 814a48517f
Add some more tests for notification policies (#29698) 2024-03-21 16:46:38 +00:00
Claire 2e49bc97b0 Merge commit '7720c684c5bf54e73e8815defe15473777d1c201' into glitch-soc/merge-upstream 2024-03-15 12:20:32 +01:00
Matt Jankowski 2e91a9bd34
Add `include_pagination_headers` matcher to check `Link` header in api specs (#29596) 2024-03-15 10:17:45 +00:00
Claire 08b10cce52 Merge commit 'b43eaa4517107326c7e73b949cec759f841b4a30' into glitch-soc/merge-upstream
Conflicts:
- `spec/controllers/api/v1/accounts/credentials_controller_spec.rb`
  Conflict due to glitch-soc's different note length handling.
  Ported the changes in `spec/requests/api/v1/accounts/credentials_spec.rb` instead.
2024-03-13 20:12:58 +01:00
Claire 06881a8669 Merge commit '2c0441acd7f943a9873b650cf75d33c73d545acf' into glitch-soc/merge-upstream 2024-03-13 19:16:47 +01:00
Matt Jankowski 46e902f1f3
Merge `api/v1/accounts/credentials` controller spec into existing request spec (#29006) 2024-03-13 09:22:43 +00:00
Matt Jankowski 71eecbfa1f
Move `api/v2/filters/*` to request spec (#28956) 2024-03-13 08:47:09 +00:00
Claire a5127d0ef8 Merge commit '24319836de6046fb2985ec1a24c30ad7d47584d7' into glitch-soc/merge-upstream
Conflicts:
- `config/routes/api.rb`:
  glitch-soc has an extra `:destroy` action on notifications for historical reasons.
  Kept it for now, while otherwise updating as upstream did.
2024-03-11 17:29:07 +01:00
Matt Jankowski 24319836de
Convert request-based setup into factory setup in push/subscriptions request spec (#29489) 2024-03-11 15:46:25 +00:00
Eugen Rochko 50b17f7e10
Add notification policies and notification requests (#29366) 2024-03-07 14:53:37 +00:00
Claire 159e500749 Merge commit '18945f62e07617ac44b7a25a61799b0959fe67f7' into glitch-soc/merge-upstream 2024-03-01 18:34:48 +01:00
Matt Jankowski 18945f62e0
Convert more API specs from controller->request style (#29004) 2024-03-01 16:24:45 +00:00
Claire d2cfc6e5e2 Merge commit '08342ad40c1b92caf873282190efe8533a7d6e2e' into glitch-soc/merge-upstream 2024-02-24 15:02:28 +01:00
Claire ab2f0daa10 Merge commit 'aaa58d4807377e04649499ebee91757b16b9a007' into glitch-soc/merge-upstream
Conflicts:
- `.github/workflows/build-security.yml`:
  Changes were already cherry-picked and adapted in glitch-soc.
  Kept glitch-soc's version.
- `Gemfile.lock`:
  Changes were already cherry-picked and updated further in glitch-soc.
  Kept glitch-soc's version.
- `lib/mastodon/version.rb`:
  Changes were already cherry-picked and updated further in glitch-soc.
  Kept glitch-soc's version.
2024-02-24 14:27:43 +01:00
Claire dfd74f0dae Merge commit '1467f1e1e1c18dc4b310862ff1f719165a24cfb6' into glitch-soc/merge-upstream 2024-02-24 14:15:49 +01:00
Claire 73de36318e Move `api/v1/timelines/direct` to request spec 2024-02-24 14:10:05 +01:00
Claire 9903e6beab Merge commit '0b0ca6f3b85c9d08e4642e49d743f8d060632293' into glitch-soc/merge-upstream
Conflicts:
- `spec/controllers/api/v1/timelines/direct_controller_spec.rb`:
  `spec/controllers/api/v1/timelines` has been renamed, but we had an extra
  spec here for a glitch-soc-only endpoint.
  Kept glitch-soc's file unchanged (will port to a request spec later).
2024-02-24 14:05:26 +01:00
Claire c297d999ba Merge commit '87ad398ddc78f2da5746774960690661e8e57335' into glitch-soc/merge-upstream 2024-02-24 14:02:01 +01:00
Matt Jankowski 64f9939e39
Use `capture_emails` helper to improve email assertions in specs (#29245) 2024-02-19 15:57:47 +00:00
Wolfgang Fournès 86627ea2e4
Add a missing thread example to the statuses spec (#29278) 2024-02-19 13:35:58 +00:00
Claire 7ee93b7431
Change `source` attribute of `Suggestion` entity in `/api/v2/suggestions` back to a string (#29108) 2024-02-06 17:10:17 +00:00
Matt Jankowski df7acdcee5
Update markers API spec for error case (#29096) 2024-02-06 12:47:04 +00:00
Emelia Smith 4fb7f611de
Return domain block digests from admin domain blocks API (#29092) 2024-02-06 12:38:14 +00:00
Matt Jankowski 4cf07ed78c
Add missing action logging to `api/v1/admin/reports#update` (#29044) 2024-02-06 11:34:11 +00:00
Matt Jankowski ff8937aa2c
Move `api/v1/statuses/*` to request spec (#28954) 2024-01-26 17:45:54 +00:00
Matt Jankowski 5119fbc9b7
Move `api/v1/admin/trends/links/preview_card_providers` to request spec (#28951) 2024-01-26 17:41:39 +00:00
Matt Jankowski b6baab447d
Move `api/v2/admin/accounts` to request spec (#28950) 2024-01-26 17:41:13 +00:00
Matt Jankowski 7adcc0aae3
Move `api/v1/trends/*` to request specs (#28949) 2024-01-26 17:40:39 +00:00
Matt Jankowski 0b0ca6f3b8
Move `api/v1/timelines/list` to request spec (#28948) 2024-01-26 17:40:15 +00:00
Matt Jankowski 09a3493fca
Combine double subject in `api/v1/media` shared example (#28943) 2024-01-26 16:35:49 +00:00
Claire 102eff7c05 Merge commit 'e2d9635074ad33cc8144adc434bcd90faae9c424' into glitch-soc/merge-upstream 2024-01-22 19:19:40 +01:00
Claire 0700eb58bc Merge commit '163db814c2b3cf544b78e427e7f7bbd99b94a025' into glitch-soc/merge-upstream 2024-01-22 19:12:05 +01:00
Matt Jankowski 7ecf7f5403
Move controller->request specs for api/v1/statuses/* (#28818) 2024-01-22 11:58:54 +00:00
Matt Jankowski 329911b0a3
Migrate controller->request spec for api/v1/follow* (#28811) 2024-01-19 09:32:41 +00:00
Claire 528a8fa495 Merge commit 'f866413e724c2e7f8329fbc6e96f56f0b186c62a' into glitch-soc/merge-upstream 2024-01-18 22:16:16 +01:00
Matt Jankowski 0b853678a4
Add coverage for `api/v1/peers/search` endpoint and extract controller query to Instance scope (#28796) 2024-01-18 15:57:10 +00:00
Claire 2f521bc84a Merge commit 'a2f02a07758c32f0dcc6388b4f30ca5a84e762f3' into glitch-soc/merge-upstream 2024-01-15 20:27:41 +01:00
Matt Jankowski e72676e83a
Improve `api/v1/markers#create` performance against simultaneous requests (#28718) 2024-01-15 09:47:25 +00:00
Claire 15bc13c65b Merge commit '2954279e9c630a9d146575bf600978dc6c5279bd' into glitch-soc/merge-upstream 2024-01-11 20:15:19 +01:00
Matt Jankowski 2954279e9c
Remove double subject call in `api/v1/admin/trends/links/links` spec (#28695) 2024-01-11 15:13:11 +00:00
Matt Jankowski 95bd46d32a
Remove double subject call in `api/v1/admin/ip_blocks` spec (#28696) 2024-01-11 15:11:57 +00:00
Claire 23d8bd8ce1 Merge commit '0a7cff53c2577b3e79599e069eeb344f2613ad8d' into glitch-soc/merge-upstream 2024-01-11 13:24:20 +01:00
Matt Jankowski 00341c70ff
Use Sidekiq `fake!` instead of `inline!` in specs (#25369) 2024-01-10 11:06:58 +00:00
Claire c5b0e6d5a0 Merge branch 'main' into glitch-soc/merge-upstream 2023-12-28 16:57:10 +01:00
Claire 92aa6e2ec9 Merge commit 'b7bdcd4f395aaa1e85930940975439d10b570f40' into glitch-soc/merge-upstream 2023-12-21 19:42:13 +01:00
Claire f5b7307890 Merge commit 'f99e05710ea06cf10bbd3fb64ae8c00b095cb455' into glitch-soc/merge-upstream
Conflicts:
- `.rubocop_todo.yml`:
  Took upstream's version of the conflicting lines.
2023-12-21 19:24:10 +01:00
Claire 6e56f95285 Merge commit '4a7395d989e40c3bd4ef18173aa5ea850c8ddcdd' into glitch-soc/merge-upstream
Conflicts:
- `README.md`:
  Upstream modified its README, we have a completely different one.
  Kept our README file.
2023-12-21 18:17:17 +01:00
Claire 077e0c6812 Merge commit '0b4a3a04378ce43f2f314b9446b5053f6b374c6d' into glitch-soc/merge-upstream
Conflicts:
- `Gemfile.lock`:
  Conflict caused by the `json` gem thing once again.
  Updated as upstream did, but keeping the most recent `json` version.
- `spec/helpers/application_helper_spec.rb`:
  Upstream refactored a bunch of specs, including one place that differs
  because of glitch-soc's theming system.
  Refactored as upstream did, adapting it for glitch-soc's theming system.
2023-12-20 22:16:50 +01:00
Claire b135b6ba8f Merge commit '8ebc94dd22a18c28c4c9763b909e92e6ba64e242' into glitch-soc/merge-upstream
Conflicts:
- `app/views/admin/custom_emojis/new.html.haml`:
  Conflict caused by glitch-soc having a different file size limit constant
  name.
  Updated like upstream did while keeping glitch-soc's constant name.
2023-12-19 21:24:01 +01:00
Claire 6c00d5b0c4 Fix test failure caused by glitch-soc changes 2023-12-19 21:14:39 +01:00
Claire 2e786e13cb Merge commit '973597c6f1e25b16c592e5573304319aeaa375e1' into glitch-soc/merge-upstream
Conflicts:
- `app/validators/status_pin_validator.rb`:
  Upstream refactored that file, while glitch-soc had configurable limits for
  pinned statuses.
  Updated the code with upstream's refactor, while keeping glitch-soc's
  configurability.
2023-12-19 20:51:37 +01:00
Claire d288a6162a Merge commit '12c22ee5e71ae0220ea10199e4d10deb4140ec44' into glitch-soc/merge-upstream 2023-12-19 20:40:05 +01:00
Claire b24f676cf1 Merge commit '1526e54ac6f08431c8c833f20b4be8882355967c' into glitch-soc/merge-upstream 2023-12-19 20:24:57 +01:00
Claire 6fed0fcbaa
Remove unneeded settings cleanup from specs (#28425) 2023-12-19 15:17:22 +00:00
Eugen Rochko b5ac61b2c5
Change algorithm of follow recommendations (#28314)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-12-19 10:59:43 +00:00
Matt Jankowski c28976d89e
Handle negative offset param in `api/v2/search` (#28282) 2023-12-19 10:55:39 +00:00