闭社主体 forked from https://github.com/tootsuite/mastodon
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

483 lines
15 KiB

8 years ago
7 years ago
Add Keybase integration (#10297) * create account_identity_proofs table * add endpoint for keybase to check local proofs * add async task to update validity and liveness of proofs from keybase * first pass keybase proof CRUD * second pass keybase proof creation * clean up proof list and add badges * add avatar url to keybase api * Always highlight the “Identity Proofs” navigation item when interacting with proofs. * Update translations. * Add profile URL. * Reorder proofs. * Add proofs to bio. * Update settings/identity_proofs front-end. * Use `link_to`. * Only encode query params if they exist. URLs without params had a trailing `?`. * Only show live proofs. * change valid to active in proof list and update liveness before displaying * minor fixes * add keybase config at well-known path * extremely naive feature flagging off the identity proof UI * fixes for rubocop * make identity proofs page resilient to potential keybase issues * normalize i18n * tweaks for brakeman * remove two unused translations * cleanup and add more localizations * make keybase_contacts an admin setting * fix ExternalProofService my_domain * use Addressable::URI in identity proofs * use active model serializer for keybase proof config * more cleanup of keybase proof config * rename proof is_valid and is_live to proof_valid and proof_live * cleanup * assorted tweaks for more robust communication with keybase * Clean up * Small fixes * Display verified identity identically to verified links * Clean up unused CSS * Add caching for Keybase avatar URLs * Remove keybase_contacts setting
5 years ago
Add Keybase integration (#10297) * create account_identity_proofs table * add endpoint for keybase to check local proofs * add async task to update validity and liveness of proofs from keybase * first pass keybase proof CRUD * second pass keybase proof creation * clean up proof list and add badges * add avatar url to keybase api * Always highlight the “Identity Proofs” navigation item when interacting with proofs. * Update translations. * Add profile URL. * Reorder proofs. * Add proofs to bio. * Update settings/identity_proofs front-end. * Use `link_to`. * Only encode query params if they exist. URLs without params had a trailing `?`. * Only show live proofs. * change valid to active in proof list and update liveness before displaying * minor fixes * add keybase config at well-known path * extremely naive feature flagging off the identity proof UI * fixes for rubocop * make identity proofs page resilient to potential keybase issues * normalize i18n * tweaks for brakeman * remove two unused translations * cleanup and add more localizations * make keybase_contacts an admin setting * fix ExternalProofService my_domain * use Addressable::URI in identity proofs * use active model serializer for keybase proof config * more cleanup of keybase proof config * rename proof is_valid and is_live to proof_valid and proof_live * cleanup * assorted tweaks for more robust communication with keybase * Clean up * Small fixes * Display verified identity identically to verified links * Clean up unused CSS * Add caching for Keybase avatar URLs * Remove keybase_contacts setting
5 years ago
Add Keybase integration (#10297) * create account_identity_proofs table * add endpoint for keybase to check local proofs * add async task to update validity and liveness of proofs from keybase * first pass keybase proof CRUD * second pass keybase proof creation * clean up proof list and add badges * add avatar url to keybase api * Always highlight the “Identity Proofs” navigation item when interacting with proofs. * Update translations. * Add profile URL. * Reorder proofs. * Add proofs to bio. * Update settings/identity_proofs front-end. * Use `link_to`. * Only encode query params if they exist. URLs without params had a trailing `?`. * Only show live proofs. * change valid to active in proof list and update liveness before displaying * minor fixes * add keybase config at well-known path * extremely naive feature flagging off the identity proof UI * fixes for rubocop * make identity proofs page resilient to potential keybase issues * normalize i18n * tweaks for brakeman * remove two unused translations * cleanup and add more localizations * make keybase_contacts an admin setting * fix ExternalProofService my_domain * use Addressable::URI in identity proofs * use active model serializer for keybase proof config * more cleanup of keybase proof config * rename proof is_valid and is_live to proof_valid and proof_live * cleanup * assorted tweaks for more robust communication with keybase * Clean up * Small fixes * Display verified identity identically to verified links * Clean up unused CSS * Add caching for Keybase avatar URLs * Remove keybase_contacts setting
5 years ago
Account domain blocks (#2381) * Add <ostatus:conversation /> tag to Atom input/output Only uses ref attribute (not href) because href would be the alternate link that's always included also. Creates new conversation for every non-reply status. Carries over conversation for every reply. Keeps remote URIs verbatim, generates local URIs on the fly like the rest of them. * Conversation muting - prevents notifications that reference a conversation (including replies, favourites, reblogs) from being created. API endpoints /api/v1/statuses/:id/mute and /api/v1/statuses/:id/unmute Currently no way to tell when a status/conversation is muted, so the web UI only has a "disable notifications" button, doesn't work as a toggle * Display "Dismiss notifications" on all statuses in notifications column, not just own * Add "muted" as a boolean attribute on statuses JSON For now always false on contained reblogs, since it's only relevant for statuses returned from the notifications endpoint, which are not nested Remove "Disable notifications" from detailed status view, since it's only relevant in the notifications column * Up max class length * Remove pending test for conversation mute * Add tests, clean up * Rename to "mute conversation" and "unmute conversation" * Raise validation error when trying to mute/unmute status without conversation * Adding account domain blocks that filter notifications and public timelines * Add tests for domain blocks in notifications, public timelines Filter reblogs of blocked domains from home * Add API for listing and creating account domain blocks * API for creating/deleting domain blocks, tests for Status#ancestors and Status#descendants, filter domain blocks from them * Filter domains in streaming API * Update account_domain_block_spec.rb
7 years ago
Web Push Notifications (#3243) * feat: Register push subscription * feat: Notify when mentioned * feat: Boost, favourite, reply, follow, follow request * feat: Notification interaction * feat: Handle change of public key * feat: Unsubscribe if things go wrong * feat: Do not send normal notifications if push is enabled * feat: Focus client if open * refactor: Move push logic to WebPushSubscription * feat: Better title and body * feat: Localize messages * chore: Fix lint errors * feat: Settings * refactor: Lazy load * fix: Check if push settings exist * feat: Device-based preferences * refactor: Simplify logic * refactor: Pull request feedback * refactor: Pull request feedback * refactor: Create /api/web/push_subscriptions endpoint * feat: Spec PushSubscriptionController * refactor: WebPushSubscription => Web::PushSubscription * feat: Spec Web::PushSubscription * feat: Display first media attachment * feat: Support direction * fix: Stuff broken while rebasing * refactor: Integration with session activations * refactor: Cleanup * refactor: Simplify implementation * feat: Set VAPID keys via environment * chore: Comments * fix: Crash when no alerts * fix: Set VAPID keys in testing environment * fix: Follow link * feat: Notification actions * fix: Delete previous subscription * chore: Temporary logs * refactor: Move migration to a later date * fix: Fetch the correct session activation and misc bugs * refactor: Move migration to a later date * fix: Remove follow request (no notifications) * feat: Send administrator contact to push service * feat: Set time-to-live * fix: Do not show sensitive images * fix: Reducer crash in error handling * feat: Add badge * chore: Fix lint error * fix: Checkbox label overlap * fix: Check for payload support * fix: Rename action "type" (crash in latest Chrome) * feat: Action to expand notification * fix: Lint errors * fix: Unescape notification body * fix: Do not allow boosting if the status is hidden * feat: Add VAPID keys to the production sample environment * fix: Strip HTML tags from status * refactor: Better error messages * refactor: Handle browser not implementing the VAPID protocol (Samsung Internet) * fix: Error when target_status is nil * fix: Handle lack of image * fix: Delete reference to invalid subscriptions * feat: Better error handling * fix: Unescape HTML characters after tags are striped * refactor: Simpify code * fix: Modify to work with #4091 * Sort strings alphabetically * i18n: Updated Polish translation it annoys me that it's not fully localized :P * refactor: Use current_session in PushSubscriptionController * fix: Rebase mistake * fix: Set cacheName to mastodon * refactor: Pull request feedback * refactor: Remove logging statements * chore(yarn): Fix conflicts with master * chore(yarn): Copy latest from master * chore(yarn): Readd offline-plugin * refactor: Use save! and update! * refactor: Send notifications async * fix: Allow retry when push fails * fix: Save track for failed pushes * fix: Minify sw.js * fix: Remove account_id from fabricator
7 years ago
8 years ago
  1. # frozen_string_literal: true
  2. require 'sidekiq_unique_jobs/web'
  3. require 'sidekiq-scheduler/web'
  4. Sidekiq::Web.set :session_secret, Rails.application.secrets[:secret_key_base]
  5. Rails.application.routes.draw do
  6. root 'home#index'
  7. mount LetterOpenerWeb::Engine, at: 'letter_opener' if Rails.env.development?
  8. health_check_routes
  9. authenticate :user, lambda { |u| u.admin? } do
  10. mount Sidekiq::Web, at: 'sidekiq', as: :sidekiq
  11. mount PgHero::Engine, at: 'pghero', as: :pghero
  12. end
  13. use_doorkeeper do
  14. controllers authorizations: 'oauth/authorizations',
  15. authorized_applications: 'oauth/authorized_applications',
  16. tokens: 'oauth/tokens'
  17. end
  18. get '.well-known/host-meta', to: 'well_known/host_meta#show', as: :host_meta, defaults: { format: 'xml' }
  19. get '.well-known/nodeinfo', to: 'well_known/nodeinfo#index', as: :nodeinfo, defaults: { format: 'json' }
  20. get '.well-known/webfinger', to: 'well_known/webfinger#show', as: :webfinger
  21. get '.well-known/change-password', to: redirect('/auth/edit')
  22. get '.well-known/keybase-proof-config', to: 'well_known/keybase_proof_config#show'
  23. get '/nodeinfo/2.0', to: 'well_known/nodeinfo#show', as: :nodeinfo_schema
  24. get 'manifest', to: 'manifests#show', defaults: { format: 'json' }
  25. get 'intent', to: 'intents#show'
  26. get 'custom.css', to: 'custom_css#show', as: :custom_css
  27. resource :instance_actor, path: 'actor', only: [:show] do
  28. resource :inbox, only: [:create], module: :activitypub
  29. end
  30. devise_scope :user do
  31. get '/invite/:invite_code', to: 'auth/registrations#new', as: :public_invite
  32. namespace :auth do
  33. resource :setup, only: [:show, :update], controller: :setup
  34. resource :challenge, only: [:create], controller: :challenges
  35. end
  36. end
  37. devise_for :users, path: 'auth', controllers: {
  38. omniauth_callbacks: 'auth/omniauth_callbacks',
  39. sessions: 'auth/sessions',
  40. registrations: 'auth/registrations',
  41. passwords: 'auth/passwords',
  42. confirmations: 'auth/confirmations',
  43. }
  44. get '/users/:username', to: redirect('/@%{username}'), constraints: lambda { |req| req.format.nil? || req.format.html? }
  45. get '/authorize_follow', to: redirect { |_, request| "/authorize_interaction?#{request.params.to_query}" }
  46. resources :accounts, path: 'users', only: [:show], param: :username do
  47. get :remote_follow, to: 'remote_follow#new'
  48. post :remote_follow, to: 'remote_follow#create'
  49. resources :statuses, only: [:show] do
  50. member do
  51. get :activity
  52. get :embed
  53. end
  54. resources :replies, only: [:index], module: :activitypub
  55. end
  56. resources :followers, only: [:index], controller: :follower_accounts
  57. resources :following, only: [:index], controller: :following_accounts
  58. resource :follow, only: [:create], controller: :account_follow
  59. resource :unfollow, only: [:create], controller: :account_unfollow
  60. resource :outbox, only: [:show], module: :activitypub
  61. resource :inbox, only: [:create], module: :activitypub
  62. resources :collections, only: [:show], module: :activitypub
  63. end
  64. resource :inbox, only: [:create], module: :activitypub
  65. get '/@:username', to: 'accounts#show', as: :short_account
  66. get '/@:username/with_replies', to: 'accounts#show', as: :short_account_with_replies
  67. get '/@:username/media', to: 'accounts#show', as: :short_account_media
  68. get '/@:username/tagged/:tag', to: 'accounts#show', as: :short_account_tag
  69. get '/@:account_username/:id', to: 'statuses#show', as: :short_account_status
  70. get '/@:account_username/:id/embed', to: 'statuses#embed', as: :embed_short_account_status
  71. get '/interact/:id', to: 'remote_interaction#new', as: :remote_interaction
  72. post '/interact/:id', to: 'remote_interaction#create'
  73. get '/explore', to: 'directories#index', as: :explore
  74. get '/explore/:id', to: 'directories#show', as: :explore_hashtag
  75. get '/settings', to: redirect('/settings/profile')
  76. namespace :settings do
  77. resource :profile, only: [:show, :update] do
  78. resources :pictures, only: :destroy
  79. end
  80. get :preferences, to: redirect('/settings/preferences/appearance')
  81. namespace :preferences do
  82. resource :appearance, only: [:show, :update], controller: :appearance
  83. resource :notifications, only: [:show, :update]
  84. resource :other, only: [:show, :update], controller: :other
  85. end
  86. resource :import, only: [:show, :create]
  87. resource :export, only: [:show, :create]
  88. namespace :exports, constraints: { format: :csv } do
  89. resources :follows, only: :index, controller: :following_accounts
  90. resources :blocks, only: :index, controller: :blocked_accounts
  91. resources :mutes, only: :index, controller: :muted_accounts
  92. resources :lists, only: :index, controller: :lists
  93. resources :domain_blocks, only: :index, controller: :blocked_domains
  94. end
  95. resource :two_factor_authentication, only: [:show, :create, :destroy]
  96. namespace :two_factor_authentication do
  97. resources :recovery_codes, only: [:create]
  98. resource :confirmation, only: [:new, :create]
  99. end
  100. resources :identity_proofs, only: [:index, :show, :new, :create, :update]
  101. resources :applications, except: [:edit] do
  102. member do
  103. post :regenerate
  104. end
  105. end
  106. resource :delete, only: [:show, :destroy]
  107. resource :migration, only: [:show, :create]
  108. namespace :migration do
  109. resource :redirect, only: [:new, :create, :destroy]
  110. end
  111. resources :aliases, only: [:index, :create, :destroy]
  112. resources :sessions, only: [:destroy]
  113. resources :featured_tags, only: [:index, :create, :destroy]
  114. end
  115. resources :media, only: [:show] do
  116. get :player
  117. end
  118. resources :tags, only: [:show]
  119. resources :emojis, only: [:show]
  120. resources :invites, only: [:index, :create, :destroy]
  121. resources :filters, except: [:show]
  122. resource :relationships, only: [:show, :update]
  123. get '/public', to: 'public_timelines#show', as: :public_timeline
  124. get '/media_proxy/:id/(*any)', to: 'media_proxy#show', as: :media_proxy
  125. resource :authorize_interaction, only: [:show, :create]
  126. resource :share, only: [:show, :create]
  127. namespace :admin do
  128. get '/dashboard', to: 'dashboard#index'
  129. resources :domain_allows, only: [:new, :create, :show, :destroy]
  130. resources :domain_blocks, only: [:new, :create, :show, :destroy, :update] do
  131. member do
  132. get :edit
  133. end
  134. end
  135. resources :email_domain_blocks, only: [:index, :new, :create, :destroy]
  136. resources :action_logs, only: [:index]
  137. resources :warning_presets, except: [:new]
  138. resources :announcements, except: [:show] do
  139. member do
  140. post :publish
  141. post :unpublish
  142. end
  143. end
  144. resource :settings, only: [:edit, :update]
  145. resources :site_uploads, only: [:destroy]
  146. resources :invites, only: [:index, :create, :destroy] do
  147. collection do
  148. post :deactivate_all
  149. end
  150. end
  151. resources :relays, only: [:index, :new, :create, :destroy] do
  152. member do
  153. post :enable
  154. post :disable
  155. end
  156. end
  157. resources :instances, only: [:index, :show], constraints: { id: /[^\/]+/ }
  158. resources :reports, only: [:index, :show] do
  159. member do
  160. post :assign_to_self
  161. post :unassign
  162. post :reopen
  163. post :resolve
  164. end
  165. resources :reported_statuses, only: [:create]
  166. end
  167. resources :report_notes, only: [:create, :destroy]
  168. resources :accounts, only: [:index, :show] do
  169. member do
  170. post :enable
  171. post :unsilence
  172. post :unsuspend
  173. post :redownload
  174. post :remove_avatar
  175. post :remove_header
  176. post :memorialize
  177. post :approve
  178. post :reject
  179. end
  180. resource :change_email, only: [:show, :update]
  181. resource :reset, only: [:create]
  182. resource :action, only: [:new, :create], controller: 'account_actions'
  183. resources :statuses, only: [:index, :show, :create, :update, :destroy]
  184. resources :relationships, only: [:index]
  185. resource :confirmation, only: [:create] do
  186. collection do
  187. post :resend
  188. end
  189. end
  190. resource :role, only: [] do
  191. member do
  192. post :promote
  193. post :demote
  194. end
  195. end
  196. end
  197. resources :pending_accounts, only: [:index] do
  198. collection do
  199. post :approve_all
  200. post :reject_all
  201. post :batch
  202. end
  203. end
  204. resources :users, only: [] do
  205. resource :two_factor_authentication, only: [:destroy]
  206. end
  207. resources :custom_emojis, only: [:index, :new, :create] do
  208. collection do
  209. post :batch
  210. end
  211. end
  212. resources :account_moderation_notes, only: [:create, :destroy]
  213. resources :tags, only: [:index, :show, :update] do
  214. collection do
  215. post :approve_all
  216. post :reject_all
  217. post :batch
  218. end
  219. end
  220. end
  221. get '/admin', to: redirect('/admin/dashboard', status: 302)
  222. namespace :api do
  223. # OEmbed
  224. get '/oembed', to: 'oembed#show', as: :oembed
  225. # Identity proofs
  226. get :proofs, to: 'proofs#index'
  227. # JSON / REST API
  228. namespace :v1 do
  229. resources :statuses, only: [:create, :show, :destroy] do
  230. scope module: :statuses do
  231. resources :reblogged_by, controller: :reblogged_by_accounts, only: :index
  232. resources :favourited_by, controller: :favourited_by_accounts, only: :index
  233. resource :reblog, only: :create
  234. post :unreblog, to: 'reblogs#destroy'
  235. resource :favourite, only: :create
  236. post :unfavourite, to: 'favourites#destroy'
  237. resource :bookmark, only: :create
  238. post :unbookmark, to: 'bookmarks#destroy'
  239. resource :mute, only: :create
  240. post :unmute, to: 'mutes#destroy'
  241. resource :pin, only: :create
  242. post :unpin, to: 'pins#destroy'
  243. end
  244. member do
  245. get :context
  246. end
  247. end
  248. namespace :timelines do
  249. resource :home, only: :show, controller: :home
  250. resource :public, only: :show, controller: :public
  251. resources :tag, only: :show
  252. resources :list, only: :show
  253. end
  254. resources :streaming, only: [:index]
  255. resources :custom_emojis, only: [:index]
  256. resources :suggestions, only: [:index, :destroy]
  257. resources :scheduled_statuses, only: [:index, :show, :update, :destroy]
  258. resources :preferences, only: [:index]
  259. resources :announcements, only: [:index] do
  260. scope module: :announcements do
  261. resources :reactions, only: [:update, :destroy]
  262. end
  263. member do
  264. post :dismiss
  265. end
  266. end
  267. resources :conversations, only: [:index, :destroy] do
  268. member do
  269. post :read
  270. end
  271. end
  272. resources :media, only: [:create, :update, :show]
  273. resources :blocks, only: [:index]
  274. resources :mutes, only: [:index]
  275. resources :favourites, only: [:index]
  276. resources :bookmarks, only: [:index]
  277. resources :reports, only: [:create]
  278. resources :trends, only: [:index]
  279. resources :filters, only: [:index, :create, :show, :update, :destroy]
  280. resources :endorsements, only: [:index]
  281. resources :markers, only: [:index, :create]
  282. namespace :apps do
  283. get :verify_credentials, to: 'credentials#show'
  284. end
  285. resources :apps, only: [:create]
  286. resource :instance, only: [:show] do
  287. resources :peers, only: [:index], controller: 'instances/peers'
  288. resource :activity, only: [:show], controller: 'instances/activity'
  289. end
  290. resource :domain_blocks, only: [:show, :create, :destroy]
  291. resource :directory, only: [:show]
  292. resources :follow_requests, only: [:index] do
  293. member do
  294. post :authorize
  295. post :reject
  296. end
  297. end
  298. resources :notifications, only: [:index, :show] do
  299. collection do
  300. post :clear
  301. end
  302. member do
  303. post :dismiss
  304. end
  305. end
  306. namespace :accounts do
  307. get :verify_credentials, to: 'credentials#show'
  308. patch :update_credentials, to: 'credentials#update'
  309. resource :search, only: :show, controller: :search
  310. resources :relationships, only: :index
  311. end
  312. resources :accounts, only: [:create, :show] do
  313. resources :statuses, only: :index, controller: 'accounts/statuses'
  314. resources :followers, only: :index, controller: 'accounts/follower_accounts'
  315. resources :following, only: :index, controller: 'accounts/following_accounts'
  316. resources :lists, only: :index, controller: 'accounts/lists'
  317. resources :identity_proofs, only: :index, controller: 'accounts/identity_proofs'
  318. member do
  319. post :follow
  320. post :unfollow
  321. post :block
  322. post :unblock
  323. post :mute
  324. post :unmute
  325. end
  326. resource :pin, only: :create, controller: 'accounts/pins'
  327. post :unpin, to: 'accounts/pins#destroy'
  328. end
  329. resources :lists, only: [:index, :create, :show, :update, :destroy] do
  330. resource :accounts, only: [:show, :create, :destroy], controller: 'lists/accounts'
  331. end
  332. namespace :featured_tags do
  333. get :suggestions, to: 'suggestions#index'
  334. end
  335. resources :featured_tags, only: [:index, :create, :destroy]
  336. resources :polls, only: [:create, :show] do
  337. resources :votes, only: :create, controller: 'polls/votes'
  338. end
  339. namespace :push do
  340. resource :subscription, only: [:create, :show, :update, :destroy]
  341. end
  342. namespace :admin do
  343. resources :accounts, only: [:index, :show] do
  344. member do
  345. post :enable
  346. post :unsilence
  347. post :unsuspend
  348. post :approve
  349. post :reject
  350. end
  351. resource :action, only: [:create], controller: 'account_actions'
  352. end
  353. resources :reports, only: [:index, :show] do
  354. member do
  355. post :assign_to_self
  356. post :unassign
  357. post :reopen
  358. post :resolve
  359. end
  360. end
  361. end
  362. end
  363. namespace :v2 do
  364. resources :media, only: [:create]
  365. get '/search', to: 'search#index', as: :search
  366. end
  367. namespace :web do
  368. resource :settings, only: [:update]
  369. resource :embed, only: [:create]
  370. resources :push_subscriptions, only: [:create] do
  371. member do
  372. put :update
  373. end
  374. end
  375. end
  376. end
  377. get '/web/(*any)', to: 'home#index', as: :web
  378. get '/about', to: 'about#show'
  379. get '/about/more', to: 'about#more'
  380. get '/terms', to: 'about#terms'
  381. match '/', via: [:post, :put, :patch, :delete], to: 'application#raise_not_found', format: false
  382. match '*unmatched_route', via: :all, to: 'application#raise_not_found', format: false
  383. end