closed-social
/
mastodon
3
0
Fork 2
Code Issues 5 Pull Requests 0 Projects 0 Releases 3 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2572 Commits
4 Branches
567 MiB
Tree: bb777c24ff
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'bb777c24ff'
${ noResults }
mastodon/app/controllers/application_controller.rb

121 lines
3.3 KiB
Raw Normal View History

Fix rubocop issues, introduce usage of frozen literal to improve performance
7 years ago
Initial commit
8 years ago
Fixing FanOutOnWriteService, fixing Sidekiq not having enough DB connections in the pool, adding a throttle of 60rpm per IP, adding mini profiler, adding admin status to users
8 years ago
Return force_ssl to the controller (#2380)
7 years ago
Fix #1165 - before_action was called before protect_from_forgery
7 years ago
Make file attachment on MediaAttachment optional (#1865) Create MediaAttachment but without actual file download when domain is blocked with reject_media set to true Clean up old media files when creating a new domain block with reject_media set to true Return remote_url in media attachments API if local file is not present Undo domain block action in admin UI Ability to enable reject_media from admin UI
7 years ago
Adding React.js, Redux, revamping dashboard
7 years ago
Fix local follows, 404 in logs
7 years ago
Add nice error page for CSRF errors/cookie issue, and fix error page handling altogether
7 years ago
Fix local follows, 404 in logs
7 years ago
Fix sign-in redirecting "back" to a missing image because missing static files hit the raise_not_found method
7 years ago
Make User#current_sign_in_at actually track when user was last active, by updating it at least every 24h if the user visits the site
7 years ago
Add filters for suspended accounts
7 years ago
Redirect after sign in to previous page (unless it's a sign in/up/etc page)
7 years ago
Fix local follows, 404 in logs
7 years ago
Improve code style
7 years ago
Fix local follows, 404 in logs
7 years ago
Redirect after sign in to previous page (unless it's a sign in/up/etc page)
7 years ago
Return force_ssl to the controller (#2380)
7 years ago
Redirect after sign in to previous page (unless it's a sign in/up/etc page)
7 years ago
Add simple admin overview of PuSH subscriptions
7 years ago
Make User#current_sign_in_at actually track when user was last active, by updating it at least every 24h if the user visits the site
7 years ago
Only call regeneration worker after first login after a 14 day break
7 years ago
Make User#current_sign_in_at actually track when user was last active, by updating it at least every 24h if the user visits the site
7 years ago
Add filters for suspended accounts
7 years ago
Fix tests
7 years ago
Fix local follows, 404 in logs
7 years ago
Fix #86 - resolve layout breaking on zoom-out on accounts grid
7 years ago
Fix #2195 - Set locale to error pages (#2255) * Fix #2195 - Set locale to error pages * Fix #2195 - Cut duplicate process into one method
7 years ago
Fix local follows, 404 in logs
7 years ago
Catching more exceptions that slipped through, removing AR logging from production as it's very verbose and not very useful
7 years ago
Fix #86 - resolve layout breaking on zoom-out on accounts grid
7 years ago
Fix #2195 - Set locale to error pages (#2255) * Fix #2195 - Set locale to error pages * Fix #2195 - Cut duplicate process into one method
7 years ago
Add nice error page for CSRF errors/cookie issue, and fix error page handling altogether
7 years ago
ActivityPub: Add basic, read-only support for Outboxes, Notes, and Create/Announce Activities (#2197) * Clean up collapsible components * Expose user Outboxes and AS2 representations of statuses * Save work thus far. * Fix bad merge. * Save my work * Clean up pagination. * First test working. * Add tests. * Add Forbidden error template. * Revert yarn.lock changes. * Fix code style deviations and use localized instead of hardcoded English text.
7 years ago
Add nice error page for CSRF errors/cookie issue, and fix error page handling altogether
7 years ago
Fix #2195 - Set locale to error pages (#2255) * Fix #2195 - Set locale to error pages * Fix #2195 - Cut duplicate process into one method
7 years ago
Catching more exceptions that slipped through, removing AR logging from production as it's very verbose and not very useful
7 years ago
Give SINGLE_USER a chance to register (#1820) An attempt to open a brand new Mastodon instance configured as SINGLE_USER_MODE=true will cause an exception. Enable temporary registration if we have no users in the database Fixes #1817
7 years ago
Fix tests
7 years ago
Rename "publish" to "toot" in english locale, fix lightbox showing old image before loading new one, cache notifications API, fix missing follow button on public profiles
7 years ago
Fix tests
7 years ago
Unify collection caching code
7 years ago
Further abstract caching for includes
7 years ago
Fix #248 - Reload all accounts when fetching from cache
7 years ago
Unify collection caching code
7 years ago
Fix #248 - Reload all accounts when fetching from cache
7 years ago
Unify collection caching code
7 years ago
Fix #2195 - Set locale to error pages (#2255) * Fix #2195 - Set locale to error pages * Fix #2195 - Cut duplicate process into one method
7 years ago
Localize with i18n for Devise::FailureApp (#2309) This PR fixes I18n.locale for rake middlewares. Mastodon uses Devise that depends on Warden. Warden::Manager can be found in rake middleware. It is outside of the controller. In the case of authentication failed, warden calls throw(:warden). At the time Warden::Manager delegates request to failure_app to generate response and flash[:alert] after catching it. Unfortunately, I18n.locale is already reset then because I18n.with_locale is enabled only inside the controller. If we used I18n.locale=, Devise::FailureApp could get the current locale.
7 years ago
Fix #2195 - Set locale to error pages (#2255) * Fix #2195 - Set locale to error pages * Fix #2195 - Cut duplicate process into one method
7 years ago
Initial commit
8 years ago
 
  1. # frozen_string_literal: true
  2. 

  3. class ApplicationController < ActionController::Base
  4.   # Prevent CSRF attacks by raising an exception.
  5.   # For APIs, you may want to use :null_session instead.
  6.   protect_from_forgery with: :exception
  7. 

  8.   force_ssl if: :https_enabled?
  9. 

  10.   include Localized
  11. 

  12.   helper_method :current_account
  13.   helper_method :single_user_mode?
  14. 

  15.   rescue_from ActionController::RoutingError, with: :not_found
  16.   rescue_from ActiveRecord::RecordNotFound, with: :not_found
  17.   rescue_from ActionController::InvalidAuthenticityToken, with: :unprocessable_entity
  18. 

  19.   before_action :store_current_location, except: :raise_not_found, unless: :devise_controller?
  20.   before_action :set_user_activity
  21.   before_action :check_suspension, if: :user_signed_in?
  22. 

  23.   def raise_not_found
  24.     raise ActionController::RoutingError, "No route matches #{params[:unmatched_route]}"
  25.   end
  26. 

  27.   private
  28. 

  29.   def https_enabled?
  30.     Rails.env.production? && ENV['LOCAL_HTTPS'] == 'true'
  31.   end
  32. 

  33.   def store_current_location
  34.     store_location_for(:user, request.url)
  35.   end
  36. 

  37.   def require_admin!
  38.     redirect_to root_path unless current_user&.admin?
  39.   end
  40. 

  41.   def set_user_activity
  42.     return unless !current_user.nil? && (current_user.current_sign_in_at.nil? || current_user.current_sign_in_at < 24.hours.ago)
  43. 

  44.     # Mark user as signed-in today
  45.     current_user.update_tracked_fields(request)
  46. 

  47.     # If the sign in is after a two week break, we need to regenerate their feed
  48.     RegenerationWorker.perform_async(current_user.account_id) if current_user.last_sign_in_at < 14.days.ago
  49.   end
  50. 

  51.   def check_suspension
  52.     head 403 if current_user.account.suspended?
  53.   end
  54. 

  55.   protected
  56. 

  57.   def not_found
  58.     respond_to do |format|
  59.       format.any  { head 404 }
  60.       format.html { respond_with_error(404) }
  61.     end
  62.   end
  63. 

  64.   def gone
  65.     respond_to do |format|
  66.       format.any  { head 410 }
  67.       format.html { respond_with_error(410) }
  68.     end
  69.   end
  70. 

  71.   def forbidden
  72.     respond_to do |format|
  73.       format.any  { head 403 }
  74.       format.html { render 'errors/403', layout: 'error', status: 403 }
  75.     end
  76.   end
  77. 

  78.   def unprocessable_entity
  79.     respond_to do |format|
  80.       format.any  { head 422 }
  81.       format.html { respond_with_error(422) }
  82.     end
  83.   end
  84. 

  85.   def single_user_mode?
  86.     @single_user_mode ||= Rails.configuration.x.single_user_mode && Account.first
  87.   end
  88. 

  89.   def current_account
  90.     @current_account ||= current_user.try(:account)
  91.   end
  92. 

  93.   def cache_collection(raw, klass)
  94.     return raw unless klass.respond_to?(:with_includes)
  95. 

  96.     raw                    = raw.cache_ids.to_a if raw.is_a?(ActiveRecord::Relation)
  97.     uncached_ids           = []
  98.     cached_keys_with_value = Rails.cache.read_multi(*raw.map(&:cache_key))
  99. 

  100.     raw.each do |item|
  101.       uncached_ids << item.id unless cached_keys_with_value.key?(item.cache_key)
  102.     end
  103. 

  104.     klass.reload_stale_associations!(cached_keys_with_value.values) if klass.respond_to?(:reload_stale_associations!)
  105. 

  106.     unless uncached_ids.empty?
  107.       uncached = klass.where(id: uncached_ids).with_includes.map { |item| [item.id, item] }.to_h
  108. 

  109.       uncached.values.each do |item|
  110.         Rails.cache.write(item.cache_key, item)
  111.       end
  112.     end
  113. 

  114.     raw.map { |item| cached_keys_with_value[item.cache_key] || uncached[item.id] }.compact
  115.   end
  116. 

  117.   def respond_with_error(code)
  118.     set_locale
  119.     render "errors/#{code}", layout: 'error', status: code
  120.   end
  121. end