闭社主体 forked from https://github.com/tootsuite/mastodon
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

456 lines
14 KiB

8 years ago
7 years ago
Add Keybase integration (#10297) * create account_identity_proofs table * add endpoint for keybase to check local proofs * add async task to update validity and liveness of proofs from keybase * first pass keybase proof CRUD * second pass keybase proof creation * clean up proof list and add badges * add avatar url to keybase api * Always highlight the “Identity Proofs” navigation item when interacting with proofs. * Update translations. * Add profile URL. * Reorder proofs. * Add proofs to bio. * Update settings/identity_proofs front-end. * Use `link_to`. * Only encode query params if they exist. URLs without params had a trailing `?`. * Only show live proofs. * change valid to active in proof list and update liveness before displaying * minor fixes * add keybase config at well-known path * extremely naive feature flagging off the identity proof UI * fixes for rubocop * make identity proofs page resilient to potential keybase issues * normalize i18n * tweaks for brakeman * remove two unused translations * cleanup and add more localizations * make keybase_contacts an admin setting * fix ExternalProofService my_domain * use Addressable::URI in identity proofs * use active model serializer for keybase proof config * more cleanup of keybase proof config * rename proof is_valid and is_live to proof_valid and proof_live * cleanup * assorted tweaks for more robust communication with keybase * Clean up * Small fixes * Display verified identity identically to verified links * Clean up unused CSS * Add caching for Keybase avatar URLs * Remove keybase_contacts setting
5 years ago
Add Keybase integration (#10297) * create account_identity_proofs table * add endpoint for keybase to check local proofs * add async task to update validity and liveness of proofs from keybase * first pass keybase proof CRUD * second pass keybase proof creation * clean up proof list and add badges * add avatar url to keybase api * Always highlight the “Identity Proofs” navigation item when interacting with proofs. * Update translations. * Add profile URL. * Reorder proofs. * Add proofs to bio. * Update settings/identity_proofs front-end. * Use `link_to`. * Only encode query params if they exist. URLs without params had a trailing `?`. * Only show live proofs. * change valid to active in proof list and update liveness before displaying * minor fixes * add keybase config at well-known path * extremely naive feature flagging off the identity proof UI * fixes for rubocop * make identity proofs page resilient to potential keybase issues * normalize i18n * tweaks for brakeman * remove two unused translations * cleanup and add more localizations * make keybase_contacts an admin setting * fix ExternalProofService my_domain * use Addressable::URI in identity proofs * use active model serializer for keybase proof config * more cleanup of keybase proof config * rename proof is_valid and is_live to proof_valid and proof_live * cleanup * assorted tweaks for more robust communication with keybase * Clean up * Small fixes * Display verified identity identically to verified links * Clean up unused CSS * Add caching for Keybase avatar URLs * Remove keybase_contacts setting
5 years ago
Add Keybase integration (#10297) * create account_identity_proofs table * add endpoint for keybase to check local proofs * add async task to update validity and liveness of proofs from keybase * first pass keybase proof CRUD * second pass keybase proof creation * clean up proof list and add badges * add avatar url to keybase api * Always highlight the “Identity Proofs” navigation item when interacting with proofs. * Update translations. * Add profile URL. * Reorder proofs. * Add proofs to bio. * Update settings/identity_proofs front-end. * Use `link_to`. * Only encode query params if they exist. URLs without params had a trailing `?`. * Only show live proofs. * change valid to active in proof list and update liveness before displaying * minor fixes * add keybase config at well-known path * extremely naive feature flagging off the identity proof UI * fixes for rubocop * make identity proofs page resilient to potential keybase issues * normalize i18n * tweaks for brakeman * remove two unused translations * cleanup and add more localizations * make keybase_contacts an admin setting * fix ExternalProofService my_domain * use Addressable::URI in identity proofs * use active model serializer for keybase proof config * more cleanup of keybase proof config * rename proof is_valid and is_live to proof_valid and proof_live * cleanup * assorted tweaks for more robust communication with keybase * Clean up * Small fixes * Display verified identity identically to verified links * Clean up unused CSS * Add caching for Keybase avatar URLs * Remove keybase_contacts setting
5 years ago
Account domain blocks (#2381) * Add <ostatus:conversation /> tag to Atom input/output Only uses ref attribute (not href) because href would be the alternate link that's always included also. Creates new conversation for every non-reply status. Carries over conversation for every reply. Keeps remote URIs verbatim, generates local URIs on the fly like the rest of them. * Conversation muting - prevents notifications that reference a conversation (including replies, favourites, reblogs) from being created. API endpoints /api/v1/statuses/:id/mute and /api/v1/statuses/:id/unmute Currently no way to tell when a status/conversation is muted, so the web UI only has a "disable notifications" button, doesn't work as a toggle * Display "Dismiss notifications" on all statuses in notifications column, not just own * Add "muted" as a boolean attribute on statuses JSON For now always false on contained reblogs, since it's only relevant for statuses returned from the notifications endpoint, which are not nested Remove "Disable notifications" from detailed status view, since it's only relevant in the notifications column * Up max class length * Remove pending test for conversation mute * Add tests, clean up * Rename to "mute conversation" and "unmute conversation" * Raise validation error when trying to mute/unmute status without conversation * Adding account domain blocks that filter notifications and public timelines * Add tests for domain blocks in notifications, public timelines Filter reblogs of blocked domains from home * Add API for listing and creating account domain blocks * API for creating/deleting domain blocks, tests for Status#ancestors and Status#descendants, filter domain blocks from them * Filter domains in streaming API * Update account_domain_block_spec.rb
7 years ago
Web Push Notifications (#3243) * feat: Register push subscription * feat: Notify when mentioned * feat: Boost, favourite, reply, follow, follow request * feat: Notification interaction * feat: Handle change of public key * feat: Unsubscribe if things go wrong * feat: Do not send normal notifications if push is enabled * feat: Focus client if open * refactor: Move push logic to WebPushSubscription * feat: Better title and body * feat: Localize messages * chore: Fix lint errors * feat: Settings * refactor: Lazy load * fix: Check if push settings exist * feat: Device-based preferences * refactor: Simplify logic * refactor: Pull request feedback * refactor: Pull request feedback * refactor: Create /api/web/push_subscriptions endpoint * feat: Spec PushSubscriptionController * refactor: WebPushSubscription => Web::PushSubscription * feat: Spec Web::PushSubscription * feat: Display first media attachment * feat: Support direction * fix: Stuff broken while rebasing * refactor: Integration with session activations * refactor: Cleanup * refactor: Simplify implementation * feat: Set VAPID keys via environment * chore: Comments * fix: Crash when no alerts * fix: Set VAPID keys in testing environment * fix: Follow link * feat: Notification actions * fix: Delete previous subscription * chore: Temporary logs * refactor: Move migration to a later date * fix: Fetch the correct session activation and misc bugs * refactor: Move migration to a later date * fix: Remove follow request (no notifications) * feat: Send administrator contact to push service * feat: Set time-to-live * fix: Do not show sensitive images * fix: Reducer crash in error handling * feat: Add badge * chore: Fix lint error * fix: Checkbox label overlap * fix: Check for payload support * fix: Rename action "type" (crash in latest Chrome) * feat: Action to expand notification * fix: Lint errors * fix: Unescape notification body * fix: Do not allow boosting if the status is hidden * feat: Add VAPID keys to the production sample environment * fix: Strip HTML tags from status * refactor: Better error messages * refactor: Handle browser not implementing the VAPID protocol (Samsung Internet) * fix: Error when target_status is nil * fix: Handle lack of image * fix: Delete reference to invalid subscriptions * feat: Better error handling * fix: Unescape HTML characters after tags are striped * refactor: Simpify code * fix: Modify to work with #4091 * Sort strings alphabetically * i18n: Updated Polish translation it annoys me that it's not fully localized :P * refactor: Use current_session in PushSubscriptionController * fix: Rebase mistake * fix: Set cacheName to mastodon * refactor: Pull request feedback * refactor: Remove logging statements * chore(yarn): Fix conflicts with master * chore(yarn): Copy latest from master * chore(yarn): Readd offline-plugin * refactor: Use save! and update! * refactor: Send notifications async * fix: Allow retry when push fails * fix: Save track for failed pushes * fix: Minify sw.js * fix: Remove account_id from fabricator
7 years ago
8 years ago
  1. # frozen_string_literal: true
  2. require 'sidekiq/web'
  3. require 'sidekiq-scheduler/web'
  4. Sidekiq::Web.set :session_secret, Rails.application.secrets[:secret_key_base]
  5. Rails.application.routes.draw do
  6. root 'home#index'
  7. mount LetterOpenerWeb::Engine, at: 'letter_opener' if Rails.env.development?
  8. health_check_routes
  9. authenticate :user, lambda { |u| u.admin? } do
  10. mount Sidekiq::Web, at: 'sidekiq', as: :sidekiq
  11. mount PgHero::Engine, at: 'pghero', as: :pghero
  12. end
  13. use_doorkeeper do
  14. controllers authorizations: 'oauth/authorizations',
  15. authorized_applications: 'oauth/authorized_applications',
  16. tokens: 'oauth/tokens'
  17. end
  18. get '.well-known/host-meta', to: 'well_known/host_meta#show', as: :host_meta, defaults: { format: 'xml' }
  19. get '.well-known/nodeinfo', to: 'well_known/nodeinfo#index', as: :nodeinfo, defaults: { format: 'json' }
  20. get '.well-known/webfinger', to: 'well_known/webfinger#show', as: :webfinger
  21. get '.well-known/change-password', to: redirect('/auth/edit')
  22. get '.well-known/keybase-proof-config', to: 'well_known/keybase_proof_config#show'
  23. get '/nodeinfo/2.0', to: 'well_known/nodeinfo#show', as: :nodeinfo_schema
  24. get 'manifest', to: 'manifests#show', defaults: { format: 'json' }
  25. get 'intent', to: 'intents#show'
  26. get 'custom.css', to: 'custom_css#show', as: :custom_css
  27. resource :instance_actor, path: 'actor', only: [:show] do
  28. resource :inbox, only: [:create], module: :activitypub
  29. end
  30. devise_scope :user do
  31. get '/invite/:invite_code', to: 'auth/registrations#new', as: :public_invite
  32. namespace :auth do
  33. resource :setup, only: [:show, :update], controller: :setup
  34. resource :challenge, only: [:create], controller: :challenges
  35. end
  36. end
  37. devise_for :users, path: 'auth', controllers: {
  38. omniauth_callbacks: 'auth/omniauth_callbacks',
  39. sessions: 'auth/sessions',
  40. registrations: 'auth/registrations',
  41. passwords: 'auth/passwords',
  42. confirmations: 'auth/confirmations',
  43. }
  44. get '/users/:username', to: redirect('/@%{username}'), constraints: lambda { |req| req.format.nil? || req.format.html? }
  45. get '/authorize_follow', to: redirect { |_, request| "/authorize_interaction?#{request.params.to_query}" }
  46. resources :accounts, path: 'users', only: [:show], param: :username do
  47. get :remote_follow, to: 'remote_follow#new'
  48. post :remote_follow, to: 'remote_follow#create'
  49. resources :statuses, only: [:show] do
  50. member do
  51. get :activity
  52. get :embed
  53. end
  54. resources :replies, only: [:index], module: :activitypub
  55. end
  56. resources :followers, only: [:index], controller: :follower_accounts
  57. resources :following, only: [:index], controller: :following_accounts
  58. resource :follow, only: [:create], controller: :account_follow
  59. resource :unfollow, only: [:create], controller: :account_unfollow
  60. resource :outbox, only: [:show], module: :activitypub
  61. resource :inbox, only: [:create], module: :activitypub
  62. resources :collections, only: [:show], module: :activitypub
  63. end
  64. resource :inbox, only: [:create], module: :activitypub
  65. get '/@:username', to: 'accounts#show', as: :short_account
  66. get '/@:username/with_replies', to: 'accounts#show', as: :short_account_with_replies
  67. get '/@:username/media', to: 'accounts#show', as: :short_account_media
  68. get '/@:username/tagged/:tag', to: 'accounts#show', as: :short_account_tag
  69. get '/@:account_username/:id', to: 'statuses#show', as: :short_account_status
  70. get '/@:account_username/:id/embed', to: 'statuses#embed', as: :embed_short_account_status
  71. get '/interact/:id', to: 'remote_interaction#new', as: :remote_interaction
  72. post '/interact/:id', to: 'remote_interaction#create'
  73. get '/explore', to: 'directories#index', as: :explore
  74. get '/explore/:id', to: 'directories#show', as: :explore_hashtag
  75. get '/settings', to: redirect('/settings/profile')
  76. namespace :settings do
  77. resource :profile, only: [:show, :update]
  78. get :preferences, to: redirect('/settings/preferences/appearance')
  79. namespace :preferences do
  80. resource :appearance, only: [:show, :update], controller: :appearance
  81. resource :notifications, only: [:show, :update]
  82. resource :other, only: [:show, :update], controller: :other
  83. end
  84. resource :import, only: [:show, :create]
  85. resource :export, only: [:show, :create]
  86. namespace :exports, constraints: { format: :csv } do
  87. resources :follows, only: :index, controller: :following_accounts
  88. resources :blocks, only: :index, controller: :blocked_accounts
  89. resources :mutes, only: :index, controller: :muted_accounts
  90. resources :lists, only: :index, controller: :lists
  91. resources :domain_blocks, only: :index, controller: :blocked_domains
  92. end
  93. resource :two_factor_authentication, only: [:show, :create, :destroy]
  94. namespace :two_factor_authentication do
  95. resources :recovery_codes, only: [:create]
  96. resource :confirmation, only: [:new, :create]
  97. end
  98. resources :identity_proofs, only: [:index, :show, :new, :create, :update]
  99. resources :applications, except: [:edit] do
  100. member do
  101. post :regenerate
  102. end
  103. end
  104. resource :delete, only: [:show, :destroy]
  105. resource :migration, only: [:show, :create]
  106. namespace :migration do
  107. resource :redirect, only: [:new, :create, :destroy]
  108. end
  109. resources :aliases, only: [:index, :create, :destroy]
  110. resources :sessions, only: [:destroy]
  111. resources :featured_tags, only: [:index, :create, :destroy]
  112. end
  113. resources :media, only: [:show] do
  114. get :player
  115. end
  116. resources :tags, only: [:show]
  117. resources :emojis, only: [:show]
  118. resources :invites, only: [:index, :create, :destroy]
  119. resources :filters, except: [:show]
  120. resource :relationships, only: [:show, :update]
  121. get '/public', to: 'public_timelines#show', as: :public_timeline
  122. get '/media_proxy/:id/(*any)', to: 'media_proxy#show', as: :media_proxy
  123. resource :authorize_interaction, only: [:show, :create]
  124. resource :share, only: [:show, :create]
  125. namespace :admin do
  126. get '/dashboard', to: 'dashboard#index'
  127. resources :domain_allows, only: [:new, :create, :show, :destroy]
  128. resources :domain_blocks, only: [:new, :create, :show, :destroy, :update] do
  129. member do
  130. get :edit
  131. end
  132. end
  133. resources :email_domain_blocks, only: [:index, :new, :create, :destroy]
  134. resources :action_logs, only: [:index]
  135. resources :warning_presets, except: [:new]
  136. resource :settings, only: [:edit, :update]
  137. resources :invites, only: [:index, :create, :destroy] do
  138. collection do
  139. post :deactivate_all
  140. end
  141. end
  142. resources :relays, only: [:index, :new, :create, :destroy] do
  143. member do
  144. post :enable
  145. post :disable
  146. end
  147. end
  148. resources :instances, only: [:index, :show], constraints: { id: /[^\/]+/ }
  149. resources :reports, only: [:index, :show] do
  150. member do
  151. post :assign_to_self
  152. post :unassign
  153. post :reopen
  154. post :resolve
  155. end
  156. resources :reported_statuses, only: [:create]
  157. end
  158. resources :report_notes, only: [:create, :destroy]
  159. resources :accounts, only: [:index, :show] do
  160. member do
  161. post :enable
  162. post :unsilence
  163. post :unsuspend
  164. post :redownload
  165. post :remove_avatar
  166. post :remove_header
  167. post :memorialize
  168. post :approve
  169. post :reject
  170. end
  171. resource :change_email, only: [:show, :update]
  172. resource :reset, only: [:create]
  173. resource :action, only: [:new, :create], controller: 'account_actions'
  174. resources :statuses, only: [:index, :show, :create, :update, :destroy]
  175. resources :followers, only: [:index]
  176. resource :confirmation, only: [:create] do
  177. collection do
  178. post :resend
  179. end
  180. end
  181. resource :role do
  182. member do
  183. post :promote
  184. post :demote
  185. end
  186. end
  187. end
  188. resources :pending_accounts, only: [:index] do
  189. collection do
  190. post :approve_all
  191. post :reject_all
  192. post :batch
  193. end
  194. end
  195. resources :users, only: [] do
  196. resource :two_factor_authentication, only: [:destroy]
  197. end
  198. resources :custom_emojis, only: [:index, :new, :create] do
  199. collection do
  200. post :batch
  201. end
  202. end
  203. resources :account_moderation_notes, only: [:create, :destroy]
  204. resources :tags, only: [:index, :show, :update] do
  205. collection do
  206. post :approve_all
  207. post :reject_all
  208. post :batch
  209. end
  210. end
  211. end
  212. get '/admin', to: redirect('/admin/dashboard', status: 302)
  213. namespace :api do
  214. # OEmbed
  215. get '/oembed', to: 'oembed#show', as: :oembed
  216. # Identity proofs
  217. get :proofs, to: 'proofs#index'
  218. # JSON / REST API
  219. namespace :v1 do
  220. resources :statuses, only: [:create, :show, :destroy] do
  221. scope module: :statuses do
  222. resources :reblogged_by, controller: :reblogged_by_accounts, only: :index
  223. resources :favourited_by, controller: :favourited_by_accounts, only: :index
  224. resource :reblog, only: :create
  225. post :unreblog, to: 'reblogs#destroy'
  226. resource :favourite, only: :create
  227. post :unfavourite, to: 'favourites#destroy'
  228. resource :mute, only: :create
  229. post :unmute, to: 'mutes#destroy'
  230. resource :pin, only: :create
  231. post :unpin, to: 'pins#destroy'
  232. end
  233. member do
  234. get :context
  235. end
  236. end
  237. namespace :timelines do
  238. resource :home, only: :show, controller: :home
  239. resource :public, only: :show, controller: :public
  240. resources :tag, only: :show
  241. resources :list, only: :show
  242. end
  243. resources :streaming, only: [:index]
  244. resources :custom_emojis, only: [:index]
  245. resources :suggestions, only: [:index, :destroy]
  246. resources :scheduled_statuses, only: [:index, :show, :update, :destroy]
  247. resources :preferences, only: [:index]
  248. resources :conversations, only: [:index, :destroy] do
  249. member do
  250. post :read
  251. end
  252. end
  253. resources :media, only: [:create, :update]
  254. resources :blocks, only: [:index]
  255. resources :mutes, only: [:index]
  256. resources :favourites, only: [:index]
  257. resources :reports, only: [:create]
  258. resources :trends, only: [:index]
  259. resources :filters, only: [:index, :create, :show, :update, :destroy]
  260. resources :endorsements, only: [:index]
  261. resources :markers, only: [:index, :create]
  262. namespace :apps do
  263. get :verify_credentials, to: 'credentials#show'
  264. end
  265. resources :apps, only: [:create]
  266. resource :instance, only: [:show] do
  267. resources :peers, only: [:index], controller: 'instances/peers'
  268. resource :activity, only: [:show], controller: 'instances/activity'
  269. end
  270. resource :domain_blocks, only: [:show, :create, :destroy]
  271. resource :directory, only: [:show]
  272. resources :follow_requests, only: [:index] do
  273. member do
  274. post :authorize
  275. post :reject
  276. end
  277. end
  278. resources :notifications, only: [:index, :show] do
  279. collection do
  280. post :clear
  281. end
  282. member do
  283. post :dismiss
  284. end
  285. end
  286. namespace :accounts do
  287. get :verify_credentials, to: 'credentials#show'
  288. patch :update_credentials, to: 'credentials#update'
  289. resource :search, only: :show, controller: :search
  290. resources :relationships, only: :index
  291. end
  292. resources :accounts, only: [:create, :show] do
  293. resources :statuses, only: :index, controller: 'accounts/statuses'
  294. resources :followers, only: :index, controller: 'accounts/follower_accounts'
  295. resources :following, only: :index, controller: 'accounts/following_accounts'
  296. resources :lists, only: :index, controller: 'accounts/lists'
  297. resources :identity_proofs, only: :index, controller: 'accounts/identity_proofs'
  298. member do
  299. post :follow
  300. post :unfollow
  301. post :block
  302. post :unblock
  303. post :mute
  304. post :unmute
  305. end
  306. resource :pin, only: :create, controller: 'accounts/pins'
  307. post :unpin, to: 'accounts/pins#destroy'
  308. end
  309. resources :lists, only: [:index, :create, :show, :update, :destroy] do
  310. resource :accounts, only: [:show, :create, :destroy], controller: 'lists/accounts'
  311. end
  312. namespace :featured_tags do
  313. get :suggestions, to: 'suggestions#index'
  314. end
  315. resources :featured_tags, only: [:index, :create, :destroy]
  316. resources :polls, only: [:create, :show] do
  317. resources :votes, only: :create, controller: 'polls/votes'
  318. end
  319. namespace :push do
  320. resource :subscription, only: [:create, :show, :update, :destroy]
  321. end
  322. namespace :admin do
  323. resources :accounts, only: [:index, :show] do
  324. member do
  325. post :enable
  326. post :unsilence
  327. post :unsuspend
  328. post :approve
  329. post :reject
  330. end
  331. resource :action, only: [:create], controller: 'account_actions'
  332. end
  333. resources :reports, only: [:index, :show] do
  334. member do
  335. post :assign_to_self
  336. post :unassign
  337. post :reopen
  338. post :resolve
  339. end
  340. end
  341. end
  342. end
  343. namespace :v2 do
  344. get '/search', to: 'search#index', as: :search
  345. end
  346. namespace :web do
  347. resource :settings, only: [:update]
  348. resource :embed, only: [:create]
  349. resources :push_subscriptions, only: [:create] do
  350. member do
  351. put :update
  352. end
  353. end
  354. end
  355. end
  356. get '/web/(*any)', to: 'home#index', as: :web
  357. get '/about', to: 'about#show'
  358. get '/about/more', to: 'about#more'
  359. get '/terms', to: 'about#terms'
  360. match '/', via: [:post, :put, :patch, :delete], to: 'application#raise_not_found', format: false
  361. match '*unmatched_route', via: :all, to: 'application#raise_not_found', format: false
  362. end