Commit Graph

194 Commits

Author SHA1 Message Date
Darius Kazemi f2a6028834 Merge tag 'v4.1.0rc1' into hometown-dev 2023-01-23 16:46:13 -08:00
Darius Kazemi 6281823df0
Add a user setting to show/hide domains on remote usernames (#1254)
Adds a user toggle in the preferences menu:

> Show full username (including domain) for remote users

It only shortens the username of local accounts. The main reason for this is so that there is a clear visual indicator of who is local on a thread -- this is important for local-only posting reasons. But we've been using it on Friend Camp for 3 years now and it's actually really nice for getting a sense of who is on what server, too.

The bulk of this work was done by Callie on Friend Camp in October 2019.

Fixes #1247
2022-12-28 10:45:04 -08:00
Francis Murillo c50e9d078a
Render current day formats in the client timezone (#21878)
* Fix remaining plain %time to %time.formatted

* Add %time.relative-formatted to client format dates on the current day

* Add missing comma dangle to formats

* Use client side message format instead of the server

* Add fallback message to relatve_format.today

* Remove unused translation key and fix js lint issue

Co-authored-by: Effy Elden <effy@effy.space>
2022-12-15 16:35:25 +01:00
Darius Kazemi a98750aac0 Merge tag 'v3.5.5+hometown-1.0.8' into hometown-4.0-1.0.8-merge 2022-12-04 12:18:18 -08:00
Darius Kazemi 427596ab01 Adding a `norss` user preference
There is now a `norss` user preference for a user to opt out of having an RSS feed of their public posts. This operates on the exact same logic as the existing `noindex` for the search engine opt-out: the admin can check a box in Site Settings for a default setting for users. If a user has never touched their RSS opt-out setting then it is equal to whatever the default is. But individual users can override the default in their Preferences -> Other menu.

So a privacy-minded server admin could opt everyone out by default, but the overall default behavior is to have RSS feeds of public posts for everyone, which is the default Mastodon behavior anyway.

The `norss`, like `noindex`, is just a key on a pre-existing `settings` object that is a key-value store, so there doesn't even need to be a database migration for this!

Fixes #1232
2022-12-03 22:04:55 -08:00
Rose 4f15fd0ba1
Fix style for hashes (#20518)
* Fix style for hashes

Make the style for hashes consistent.

* New style

More consistency
2022-11-17 11:05:39 +01:00
Darius Kazemi 840688318f Merge tag 'v4.0.0' into hometown-4.0-merge 2022-11-16 20:54:49 -08:00
Claire 9f4930ec11
Add password autocomplete hints (#20071)
Fixes #20067

Our password autocomplete hints were “off” but that does not prevent current
browsers from trying to autocomplete them anyway, so use `current-password` and
`new-password` so they don't put a newly-generated password in a password
confirmation prompt, or the old password for a password renewal prompt.
2022-11-08 03:53:06 +01:00
Eugen Rochko 8f07381856
Revert "Remove preference to aggregate reblogs in home/list feeds (#18112)" (#19463)
This reverts commit af396fa35f.
2022-10-26 09:10:18 +02:00
Takeshi Umeda 7777524145
Fix featured tag display name in setting (#19404) 2022-10-21 13:22:02 +02:00
Eugen Rochko dd5d99f83f
Fix error on migration page (#19386) 2022-10-18 19:01:59 +02:00
Eugen Rochko 93f340a4bf
Remove setting that disables account deletes (#17683) 2022-10-06 10:16:47 +02:00
Eugen Rochko 36f4c32a38
Change path of privacy policy page (#19249) 2022-09-29 06:22:12 +02:00
Eugen Rochko af396fa35f
Remove preference to aggregate reblogs in home/list feeds (#18112) 2022-08-25 23:38:36 +02:00
Eugen Rochko 0b3e4fd5de
Remove digest e-mails (#17985)
* Remove digest e-mails

* Remove digest-related code
2022-08-25 23:38:22 +02:00
Eugen Rochko e7aa2be828
Change how hashtags are normalized (#18795)
* Change how hashtags are normalized

* Fix tests
2022-07-13 15:03:28 +02:00
Eugen Rochko 44b2ee3485
Add customizable user roles (#18641)
* Add customizable user roles

* Various fixes and improvements

* Add migration for old settings and fix tootctl role management
2022-07-05 02:41:40 +02:00
Darius Kazemi ac01eee575 Merge tag 'v3.5.1' into hometown-dev-3.5.1 2022-05-05 20:41:34 -07:00
Eugen Rochko 8e20e16cf0
Change e-mail notifications to only be sent when recipient is offline (#17984)
* Change e-mail notifications to only be sent when recipient is offline

Change the default for follow and mention notifications back on

* Add preference to always send e-mail notifications

* Change wording
2022-04-08 18:03:31 +02:00
Darius Kazemi c7e5c4a8a6 Merge tag 'v3.5.0' into hometown-dev-3.5.0 2022-04-01 14:53:35 -07:00
Eugen Rochko 392b367835
Fix IDN domains not being rendered correctly in a few left-over places (#17848) 2022-03-22 10:07:11 +01:00
Eugen Rochko edf09ec747
Add `/api/v1/accounts/familiar_followers` to REST API (#17700)
* Add `/api/v1/accounts/familiar_followers` to REST API

* Change hide network preference to be stored consistently for local and remote accounts

* Add dummy classes to migration

* Apply suggestions from code review

Co-authored-by: Claire <claire.github-309c@sitedethib.com>

Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2022-03-07 09:36:47 +01:00
Eugen Rochko 564efd0651
Add appeals (#17364)
* Add appeals

* Add ability to reject appeals and ability to browse pending appeals in admin UI

* Add strikes to account page in settings

* Various fixes and improvements

- Add separate notification setting for appeals, separate from reports
- Fix style of links in report/strike header
- Change approving an appeal to not restore statuses (due to federation complexities)
- Change style of successfully appealed strikes on account settings page
- Change account settings page to only show unappealed or recently appealed strikes

* Change appealed_at to overruled_at

* Fix missing method error
2022-02-14 21:27:53 +01:00
Eugen Rochko 3aebe711fd
Change languages to be listed under standard instead of native name in admin UI (#17485) 2022-02-09 04:15:38 +01:00
Eugen Rochko b6d7726ecb
Remove language detection through cld3 (#17478)
* Remove language detection through cld3

* Update app/helpers/languages_helper.rb

Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>

Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
2022-02-08 02:41:17 +01:00
Eugen Rochko 7de0ee7aba
Remove Keybase integration (#17045) 2021-11-26 05:58:18 +01:00
Claire 3c45dfa0fe
Fix “discoverable” account setting being tied to profile directory (#16637) 2021-08-20 16:11:58 +02:00
Claire e2844b7e58
Change number_to_human calls to always use 3-digits precision (#16469)
Fixes #16435
2021-07-07 21:13:08 +02:00
Claire 262c7bcb57
Add full user agent in tooltips for login activities (#16428)
Also adds timestamp in HTML itself to not rely on javascript
2021-06-23 16:42:23 +02:00
Eugen Rochko d174d12c83
Add authentication history (#16408) 2021-06-21 17:07:30 +02:00
Darius Kazemi f57cda3855 Merge tag 'v3.4.0' into hometown-dev 2021-05-17 13:48:27 -07:00
Darius Kazemi 4fe7cfc4be Merge tag 'v1.0.5+3.2.0' into hometown-v1.0.5+3.3.0 2021-04-22 16:37:11 -07:00
Filipe Rodrigues 3dc94d9f91
Fix reference to non-existing translation in the exports page. (#15894)
The exports page showed a different "CSV" capitalisation in the
"Bookmarks" row ("Csv") compared to the other rows ("CSV").
This was due to a referece to a translation string that does not exist,
`bookmarks.csv`, defaulting to the key's last segment in title case.

This issue was introduced in commit dcd86204 (PR #14956).

(h/t @meqif for helping with figuring out the bug)
2021-03-15 02:17:29 +01:00
Renato "Lond" Cerqueira cb085b4c44 Merge tag 'v3.3.0' into instance_only_statuses 2020-12-27 11:19:14 +01:00
ThibG 96c1e71329
Add import/export feature for bookmarks (#14956)
* Add ability to export bookmarks

* Add support for importing bookmarks

* Add bookmark import tests

* Add bookmarks export test
2020-11-19 17:48:13 +01:00
Eugen Rochko 9b1f2a4b61
Add subresource integrity for JS and CSS assets (#15096)
Fix #2744
2020-11-06 11:56:31 +01:00
ThibG 78e45a5285
Add option to disable swiping motions across the WebUI (#13885)
Fixes #13882
2020-09-30 19:31:03 +02:00
abcang e79d719e92
Changed tag most_used to recently_used (#14760) 2020-09-07 17:47:41 +02:00
santiagorodriguez96 e8d41bc2fe
Add WebAuthn as an alternative 2FA method (#14466)
* feat: add possibility of adding WebAuthn security keys to use as 2FA

This adds a basic UI for enabling WebAuthn 2FA. We did a little refactor
to the Settings page for editing the 2FA methods – now it will list the
methods that are available to the user (TOTP and WebAuthn) and from
there they'll be able to add or remove any of them.
Also, it's worth mentioning that for enabling WebAuthn it's required to
have TOTP enabled, so the first time that you go to the 2FA Settings
page, you'll be asked to set it up.
This work was inspired by the one donde by Github in their platform, and
despite it could be approached in different ways, we decided to go with
this one given that we feel that this gives a great UX.

Co-authored-by: Facundo Padula <facundo.padula@cedarcode.com>

* feat: add request for WebAuthn as second factor at login if enabled

This commits adds the feature for using WebAuthn as a second factor for
login when enabled.
If users have WebAuthn enabled, now a page requesting for the use of a
WebAuthn credential for log in will appear, although a link redirecting
to the old page for logging in using a two-factor code will also be
present.

Co-authored-by: Facundo Padula <facundo.padula@cedarcode.com>

* feat: add possibility of deleting WebAuthn Credentials

Co-authored-by: Facundo Padula <facundo.padula@cedarcode.com>

* feat: disable WebAuthn when an Admin disables 2FA for a user

Co-authored-by: Facundo Padula <facundo.padula@cedarcode.com>

* feat: remove ability to disable TOTP leaving only WebAuthn as 2FA

Following examples form other platforms like Github, we decided to make
Webauthn 2FA secondary to 2FA with TOTP, so that we removed the
possibility of removing TOTP authentication only, leaving users with
just WEbAuthn as 2FA. Instead, users will have to click on 'Disable 2FA'
in order to remove second factor auth.
The reason for WebAuthn being secondary to TOPT is that in that way,
users will still be able to log in using their code from their phone's
application if they don't have their security keys with them – or maybe
even lost them.

* We had to change a little the flow for setting up TOTP, given that now
  it's possible to setting up again if you already had TOTP, in order to
  let users modify their authenticator app – given that now it's not
  possible for them to disable TOTP and set it up again with another
  authenticator app.
  So, basically, now instead of storing the new `otp_secret` in the
  user, we store it in the session until the process of set up is
  finished.
  This was because, as it was before, when users clicked on 'Edit' in
  the new two-factor methods lists page, but then went back without
  finishing the flow, their `otp_secret` had been changed therefore
  invalidating their previous authenticator app, making them unable to
  log in again using TOTP.

Co-authored-by: Facundo Padula <facundo.padula@cedarcode.com>

* refactor: fix eslint errors

The PR build was failing given that linting returning some errors.
This commit attempts to fix them.

* refactor: normalize i18n translations

The build was failing given that i18n translations files were not
normalized.
This commits fixes that.

* refactor: avoid having the webauthn gem locked to a specific version

* refactor: use symbols for routes without '/'

* refactor: avoid sending webauthn disabled email when 2FA is disabled

When an admins disable 2FA for users, we were sending two mails
to them, one notifying that 2FA was disabled and the other to notify
that WebAuthn was disabled.
As the second one is redundant since the first email includes it, we can
remove it and send just one email to users.

* refactor: avoid creating new env variable for webauthn_origin config

* refactor: improve flash error messages for webauthn pages

Co-authored-by: Facundo Padula <facundo.padula@cedarcode.com>
2020-08-24 16:46:27 +02:00
Renato "Lond" Cerqueira 06b6353483 Merge tag 'v3.1.5' into instance_only_statuses 2020-07-15 20:13:00 +02:00
Darius Kazemi 877a478466 Merge tag 'v3.1.4' into hometown-dev 2020-05-15 15:34:04 -07:00
Eugen Rochko 8be4c2ba21
Add ability to remove identity proofs from account (#13682)
Fix #12613
2020-05-10 11:21:10 +02:00
ThibG 0e362b7678
Fix end-user-facing uses of inline CSS (#13438)
* Move some inline styles to CSS files

* Move default_account_display_name span to fix useless tags with duplicate id

* Change handling of public pages spoiler text from inline CSS to dataset attribute

* Use the `dir` HTML attribute instead of inline CSS

* Move status action bar inline CSS to CSS file

* Hide logo resources from CSS file, not inline CSS

Fixes #11601

* Move translation prompt styling from inline CSS to CSS file

* Move “invited by” styling on registration form from inline to CSS file

* Use the progress tag to display poll results in JS fallback

* Fix poll results JS-less fallback when the user has voted for an option

* Change account public page “moved” notice to use img tags instead of inline CSS

* Move OTP hint inline CSS to SCSS file

* Hide JS-less fallback vote progressbars from accessibility tools

Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
2020-04-28 10:16:55 +02:00
sternenseemann 679980f77c
Allow users to delete their header and avatar (#13234)
This is achieved by sending a DELETE request to
/settings/profile/pictures/{avatar,header} via a link that is part of
the upload form's hint of the respective picture.
2020-04-20 14:03:03 +02:00
ThibG f7e011919e
Fix account aliases page (#13452)
* Fix error not being displayed when adding an account alias, add error for self-references

Co-Authored-By: Mélanie Chauvel (ariasuni) <perso@hack-libre.org>

* Add “You have no aliases.” note in confusing empty aliases table

Co-Authored-By: Mélanie Chauvel (ariasuni) <perso@hack-libre.org>

Co-authored-by: Mélanie Chauvel (ariasuni) <perso@hack-libre.org>
2020-04-13 06:41:43 +02:00
guigeekz e31ba618d4
Add submit button to the top of preferences pages (#13068)
* Move submit button to the top of the edit page

* Duplicate save button on long form

* Fix click submit on profile spec
2020-03-08 16:04:03 +01:00
Darius Kazemi 7977ce6d5e Merge branch 'instance_only_statuses' of https://github.com/masto-donte-com-br/mastodon into hometown-dev 2020-03-02 09:52:41 -08:00
Renato "Lond" Cerqueira e0f3a4583c Merge tag 'v3.1.1' into instance_only_statuses 2020-02-21 14:21:59 +01:00
Eugen Rochko 6feafb8802
Various fixes and improvements (#12878)
* Fix unused role routes being generated

* Remove unused JavaScript code

* Refactor filters code to be DRYer

* Fix `.count == 0` comparisons to `.empty?` in views

* Fix filters in views
2020-01-20 15:55:03 +01:00
Sasha Sorokin 36426ed4ad Use heading actions and placeholders in settings (#12801)
This commit:

- Refactors centered text blocks currently used for placeholders
  for empty tables and puts styles for it in separate class -
  .centered-text, simply aliasing text-align: center. Which is
  furtherly used in this commit.

- Improves applications settings page to use heading actions, moving
  "New application" button there, and displaying placeholder "You
  have no applications" in place of empty table.

- Improves custom emoji settings page to use heading action
  for "Upload" button, making it more easily accessible without
  need to scroll through all of the emojis.

- Improves email domain blocks settings page, moving "Add new" to the
  heading actions and using placeholder "No e-mail domains currently
  blacklisted" instead of showing empty table.
2020-01-11 02:14:45 +01:00