* Return specific error on failure to parse Date header
* Add error message when preferredUsername is not set
* Change error report to be JSON and include more details
* Change error report to differentiate unknown account and failed refresh
* Add tests
* Fix /api/v1/admin/trends/tags using wrong serializer
Fix regression from #18641
* Only use `REST::Admin::TagSerializer` when the user can `manage_taxonomies`
* Fix admin trending hashtag component to not link if `id` is unknown
* Allow changing hide_collections setting with the api
This is currently only possible with app/controllers/settings/profiles_controller.rb
and is the only difference in the allowed parameter between the two controllers
* Fix the lint issue
* Use normal indent
Major changes in this PR to how the About page is rendered.
* Bringing back the static, serverside-generated About page from v3.
This involved reverting a lot of code and modifying some of the
variables names to match changes in v4.
* Update the table of contents generator to also parse markdown
* Change a bunch of in-app routing to redirect to the static About page
instead of the React component route
* Incorporate @ClearlyClaire's [open
PR](https://github.com/mastodon/mastodon/pull/20808) for a setting that
lets admins choose to make the explore page their non-logged-in landing
page instead of About (but About is the default)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
This PR adds a "Hometown" tab to the "Server Settings" menu for
administrators. I have placed our site-wide RSS default opt-in/opt-out
setting here, and future Hometown-specific site-wide settings will go
there too.
This PR also brings back the site-wide setting for whether users are
default opted in to or out of search engine indexing (thanks @prplecake)
and the site-wide setting for whether the list of discovered servers is
available to the public via the API. Both options are under Server
Settings -> Discovery now.
Fixes#1211
Co-authored-by: prplecake <me@prplecake.com>
Adds a user toggle in the preferences menu:
> Show full username (including domain) for remote users
It only shortens the username of local accounts. The main reason for this is so that there is a clear visual indicator of who is local on a thread -- this is important for local-only posting reasons. But we've been using it on Friend Camp for 3 years now and it's actually really nice for getting a sense of who is on what server, too.
The bulk of this work was done by Callie on Friend Camp in October 2019.
Fixes#1247
Adds buttons to Preferences -> Moderation -> Federation that allow moderators to import and export domain-level blocks.
This is coming to a future Mastodon release (I don't know which one) but I wanted to pull it in to Hometown early. Work by @clearlyclaire, @enbylenore, and @tak
Fixes#1164
Co-authored-by: Levi Bard <taktaktaktaktaktaktaktaktaktak@gmail.com>
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
Co-authored-by: Lenore Gilbert <lenore@lenoregilbert.net>
* Clear sessions on password change
* Rename User::clear_sessions to revoke_access for a clearer meaning
* Add reset paassword controller test
* Use User.find instead of User.find_for_authentication for reset password test
* Use redirect and render for better test meaning in reset password
Co-authored-by: Effy Elden <effy@effy.space>
There is now a `norss` user preference for a user to opt out of having an RSS feed of their public posts. This operates on the exact same logic as the existing `noindex` for the search engine opt-out: the admin can check a box in Site Settings for a default setting for users. If a user has never touched their RSS opt-out setting then it is equal to whatever the default is. But individual users can override the default in their Preferences -> Other menu.
So a privacy-minded server admin could opt everyone out by default, but the overall default behavior is to have RSS feeds of public posts for everyone, which is the default Mastodon behavior anyway.
The `norss`, like `noindex`, is just a key on a pre-existing `settings` object that is a key-value store, so there doesn't even need to be a database migration for this!
Fixes#1232
This adds a `keep_local` column to the `account_statuses_cleanup_policy` table in the database. There is a new checkbox in the preferences for automatic post deletion, and when calculating which statuses to delete there is now a filter for `without_local_scope`.
Several controlers set quite intricate Cache-Control headers in order to
hopefully not be cached by any intermediate proxies or local caches. Unfortunately,
these headers are processed by ActionDispatch::HTTP::Cache in a way that squashes
and discards any values set alongside no-store other than private:
8015c2c2cf/actionpack/lib/action_dispatch/http/cache.rb (L207-L209)
We want to preserve no-store on these responses, but we might as well remove
parts that are going to be dropped anyway. As many of the endpoints in these
controllers are private to a particular user, we should also add "private",
which will be preserved alongside no-store.
Darius Kazemi
Claire
Carl Schwan
Darius Kazemi
David Vega
nametoolong
Effy Elden
Francis Murillo
lenore gilbert
trwnh
Daniel Axtens
Eugen Rochko
James Tucker
John Holdun