diff --git a/.travis.yml b/.travis.yml index 505d8683e..2aa647e9a 100644 --- a/.travis.yml +++ b/.travis.yml @@ -3,10 +3,10 @@ cache: bundler: true yarn: true directories: - - node_modules - - public/assets - - public/packs-test - - tmp/cache/babel-loader + - node_modules + - public/assets + - public/packs-test + - tmp/cache/babel-loader dist: trusty sudo: false @@ -25,15 +25,15 @@ addons: postgresql: 9.4 apt: sources: - - trusty-media - - sourceline: deb https://dl.yarnpkg.com/debian/ stable main - key_url: https://dl.yarnpkg.com/debian/pubkey.gpg + - trusty-media + - sourceline: deb https://dl.yarnpkg.com/debian/ stable main + key_url: https://dl.yarnpkg.com/debian/pubkey.gpg packages: - - ffmpeg - - libicu-dev - - libprotobuf-dev - - protobuf-compiler - - yarn + - ffmpeg + - libicu-dev + - libprotobuf-dev + - protobuf-compiler + - yarn rvm: - 2.4.2 diff --git a/app/controllers/activitypub/inboxes_controller.rb b/app/controllers/activitypub/inboxes_controller.rb index 7d0bc74d3..af51e32d5 100644 --- a/app/controllers/activitypub/inboxes_controller.rb +++ b/app/controllers/activitypub/inboxes_controller.rb @@ -11,7 +11,7 @@ class ActivityPub::InboxesController < Api::BaseController process_payload head 202 else - [signature_verification_failure_reason, 401] + render plain: signature_verification_failure_reason, status: 401 end end diff --git a/app/controllers/api/salmon_controller.rb b/app/controllers/api/salmon_controller.rb index 143e9d3cd..ac5f3268d 100644 --- a/app/controllers/api/salmon_controller.rb +++ b/app/controllers/api/salmon_controller.rb @@ -1,6 +1,8 @@ # frozen_string_literal: true class Api::SalmonController < Api::BaseController + include SignatureVerification + before_action :set_account respond_to :txt @@ -9,7 +11,7 @@ class Api::SalmonController < Api::BaseController process_salmon head 202 elsif payload.present? - [signature_verification_failure_reason, 401] + render plain: signature_verification_failure_reason, status: 401 else head 400 end diff --git a/app/controllers/settings/preferences_controller.rb b/app/controllers/settings/preferences_controller.rb index 7cd1abe0c..c853b5ab7 100644 --- a/app/controllers/settings/preferences_controller.rb +++ b/app/controllers/settings/preferences_controller.rb @@ -36,6 +36,7 @@ class Settings::PreferencesController < Settings::BaseController :setting_favourite_modal, :setting_delete_modal, :setting_auto_play_gif, + :setting_display_sensitive_media, :setting_reduce_motion, :setting_system_font_ui, :setting_noindex, diff --git a/app/javascript/mastodon/components/media_gallery.js b/app/javascript/mastodon/components/media_gallery.js index 20febdb16..a276b17d5 100644 --- a/app/javascript/mastodon/components/media_gallery.js +++ b/app/javascript/mastodon/components/media_gallery.js @@ -6,7 +6,7 @@ import IconButton from './icon_button'; import { defineMessages, injectIntl, FormattedMessage } from 'react-intl'; import { isIOS } from '../is_mobile'; import classNames from 'classnames'; -import { autoPlayGif } from '../initial_state'; +import { autoPlayGif, displaySensitiveMedia } from '../initial_state'; const messages = defineMessages({ toggle_visible: { id: 'media_gallery.toggle_visible', defaultMessage: 'Toggle visibility' }, @@ -187,7 +187,7 @@ export default class MediaGallery extends React.PureComponent { }; state = { - visible: !this.props.sensitive, + visible: !this.props.sensitive || displaySensitiveMedia, }; componentWillReceiveProps (nextProps) { diff --git a/app/javascript/mastodon/features/account/components/action_bar.js b/app/javascript/mastodon/features/account/components/action_bar.js index cb849fa5d..b4f812c9a 100644 --- a/app/javascript/mastodon/features/account/components/action_bar.js +++ b/app/javascript/mastodon/features/account/components/action_bar.js @@ -122,7 +122,7 @@ export default class ActionBar extends React.PureComponent {
- + diff --git a/app/javascript/mastodon/features/video/index.js b/app/javascript/mastodon/features/video/index.js index 0ee8bb6c8..7752fc057 100644 --- a/app/javascript/mastodon/features/video/index.js +++ b/app/javascript/mastodon/features/video/index.js @@ -4,6 +4,7 @@ import { defineMessages, injectIntl, FormattedMessage } from 'react-intl'; import { throttle } from 'lodash'; import classNames from 'classnames'; import { isFullscreen, requestFullscreen, exitFullscreen } from '../ui/util/fullscreen'; +import { displaySensitiveMedia } from '../../initial_state'; const messages = defineMessages({ play: { id: 'video.play', defaultMessage: 'Play' }, @@ -107,7 +108,7 @@ export default class Video extends React.PureComponent { fullscreen: false, hovered: false, muted: false, - revealed: !this.props.sensitive, + revealed: !this.props.sensitive || displaySensitiveMedia, }; setPlayerRef = c => { diff --git a/app/javascript/mastodon/initial_state.js b/app/javascript/mastodon/initial_state.js index 3fc45077d..6f1356324 100644 --- a/app/javascript/mastodon/initial_state.js +++ b/app/javascript/mastodon/initial_state.js @@ -5,6 +5,7 @@ const getMeta = (prop) => initialState && initialState.meta && initialState.meta export const reduceMotion = getMeta('reduce_motion'); export const autoPlayGif = getMeta('auto_play_gif'); +export const displaySensitiveMedia = getMeta('display_sensitive_media'); export const unfollowModal = getMeta('unfollow_modal'); export const boostModal = getMeta('boost_modal'); export const deleteModal = getMeta('delete_modal'); diff --git a/app/javascript/mastodon/locales/defaultMessages.json b/app/javascript/mastodon/locales/defaultMessages.json index a27f17b42..c0841d6f5 100644 --- a/app/javascript/mastodon/locales/defaultMessages.json +++ b/app/javascript/mastodon/locales/defaultMessages.json @@ -433,7 +433,7 @@ "id": "account.view_full_profile" }, { - "defaultMessage": "Posts", + "defaultMessage": "Toots", "id": "account.posts" }, { diff --git a/app/javascript/mastodon/locales/en.json b/app/javascript/mastodon/locales/en.json index 028f9aefd..e72c45bf2 100644 --- a/app/javascript/mastodon/locales/en.json +++ b/app/javascript/mastodon/locales/en.json @@ -13,7 +13,7 @@ "account.moved_to": "{name} has moved to:", "account.mute": "Mute @{name}", "account.mute_notifications": "Mute notifications from @{name}", - "account.posts": "Posts", + "account.posts": "Toots", "account.report": "Report @{name}", "account.requested": "Awaiting approval. Click to cancel follow request", "account.share": "Share @{name}'s profile", diff --git a/app/lib/user_settings_decorator.rb b/app/lib/user_settings_decorator.rb index 5f0176f27..c7afdacc2 100644 --- a/app/lib/user_settings_decorator.rb +++ b/app/lib/user_settings_decorator.rb @@ -15,20 +15,21 @@ class UserSettingsDecorator private def process_update - user.settings['notification_emails'] = merged_notification_emails if change?('notification_emails') - user.settings['interactions'] = merged_interactions if change?('interactions') - user.settings['default_privacy'] = default_privacy_preference if change?('setting_default_privacy') - user.settings['default_sensitive'] = default_sensitive_preference if change?('setting_default_sensitive') - user.settings['unfollow_modal'] = unfollow_modal_preference if change?('setting_unfollow_modal') - user.settings['boost_modal'] = boost_modal_preference if change?('setting_boost_modal') + user.settings['notification_emails'] = merged_notification_emails if change?('notification_emails') + user.settings['interactions'] = merged_interactions if change?('interactions') + user.settings['default_privacy'] = default_privacy_preference if change?('setting_default_privacy') + user.settings['default_sensitive'] = default_sensitive_preference if change?('setting_default_sensitive') + user.settings['unfollow_modal'] = unfollow_modal_preference if change?('setting_unfollow_modal') + user.settings['boost_modal'] = boost_modal_preference if change?('setting_boost_modal') user.settings['favourite_modal'] = favourite_modal_preference if change?('setting_favourite_modal') - user.settings['delete_modal'] = delete_modal_preference if change?('setting_delete_modal') - user.settings['auto_play_gif'] = auto_play_gif_preference if change?('setting_auto_play_gif') - user.settings['reduce_motion'] = reduce_motion_preference if change?('setting_reduce_motion') - user.settings['system_font_ui'] = system_font_ui_preference if change?('setting_system_font_ui') - user.settings['noindex'] = noindex_preference if change?('setting_noindex') - user.settings['flavour'] = flavour_preference if change?('setting_flavour') - user.settings['skin'] = skin_preference if change?('setting_skin') + user.settings['delete_modal'] = delete_modal_preference if change?('setting_delete_modal') + user.settings['auto_play_gif'] = auto_play_gif_preference if change?('setting_auto_play_gif') + user.settings['display_sensitive_media'] = display_sensitive_media_preference if change?('setting_display_sensitive_media') + user.settings['reduce_motion'] = reduce_motion_preference if change?('setting_reduce_motion') + user.settings['system_font_ui'] = system_font_ui_preference if change?('setting_system_font_ui') + user.settings['noindex'] = noindex_preference if change?('setting_noindex') + user.settings['flavour'] = flavour_preference if change?('setting_flavour') + user.settings['skin'] = skin_preference if change?('setting_skin') end def merged_notification_emails @@ -71,6 +72,10 @@ class UserSettingsDecorator boolean_cast_setting 'setting_auto_play_gif' end + def display_sensitive_media_preference + boolean_cast_setting 'setting_display_sensitive_media' + end + def reduce_motion_preference boolean_cast_setting 'setting_reduce_motion' end diff --git a/app/models/invite.rb b/app/models/invite.rb index b87a3b722..4ba5432d2 100644 --- a/app/models/invite.rb +++ b/app/models/invite.rb @@ -4,7 +4,7 @@ # Table name: invites # # id :integer not null, primary key -# user_id :integer +# user_id :integer not null # code :string default(""), not null # expires_at :datetime # max_uses :integer diff --git a/app/models/notification.rb b/app/models/notification.rb index 733f89cf7..7f8dae5ec 100644 --- a/app/models/notification.rb +++ b/app/models/notification.rb @@ -69,7 +69,7 @@ class Notification < ApplicationRecord class << self def reload_stale_associations!(cached_items) - account_ids = cached_items.map(&:from_account_id).uniq + account_ids = (cached_items.map(&:from_account_id) + cached_items.map { |item| item.target_status&.account_id }.compact).uniq return if account_ids.empty? @@ -77,6 +77,7 @@ class Notification < ApplicationRecord cached_items.each do |item| item.from_account = accounts[item.from_account_id] + item.target_status.account = accounts[item.target_status.account_id] if item.target_status end end diff --git a/app/models/user.rb b/app/models/user.rb index d495fc390..af54efded 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -84,7 +84,7 @@ class User < ApplicationRecord has_many :session_activations, dependent: :destroy delegate :auto_play_gif, :default_sensitive, :unfollow_modal, :boost_modal, :favourite_modal, :delete_modal, - :reduce_motion, :system_font_ui, :noindex, :flavour, :skin, + :reduce_motion, :system_font_ui, :noindex, :flavour, :skin, :display_sensitive_media, to: :settings, prefix: :setting, allow_nil: false attr_accessor :invite_code diff --git a/app/models/web/setting.rb b/app/models/web/setting.rb index 12b9d1226..0a5129d17 100644 --- a/app/models/web/setting.rb +++ b/app/models/web/setting.rb @@ -7,7 +7,7 @@ # data :json # created_at :datetime not null # updated_at :datetime not null -# user_id :integer +# user_id :integer not null # class Web::Setting < ApplicationRecord diff --git a/app/serializers/initial_state_serializer.rb b/app/serializers/initial_state_serializer.rb index 904daa804..5434f1c56 100644 --- a/app/serializers/initial_state_serializer.rb +++ b/app/serializers/initial_state_serializer.rb @@ -25,13 +25,14 @@ class InitialStateSerializer < ActiveModel::Serializer } if object.current_account - store[:me] = object.current_account.id.to_s - store[:unfollow_modal] = object.current_account.user.setting_unfollow_modal - store[:boost_modal] = object.current_account.user.setting_boost_modal - store[:favourite_modal] = object.current_account.user.setting_favourite_modal - store[:delete_modal] = object.current_account.user.setting_delete_modal - store[:auto_play_gif] = object.current_account.user.setting_auto_play_gif - store[:reduce_motion] = object.current_account.user.setting_reduce_motion + store[:me] = object.current_account.id.to_s + store[:unfollow_modal] = object.current_account.user.setting_unfollow_modal + store[:boost_modal] = object.current_account.user.setting_boost_modal + store[:favourite_modal] = object.current_account.user.setting_favourite_modal + store[:delete_modal] = object.current_account.user.setting_delete_modal + store[:auto_play_gif] = object.current_account.user.setting_auto_play_gif + store[:display_sensitive_media] = object.current_account.user.setting_display_sensitive_media + store[:reduce_motion] = object.current_account.user.setting_reduce_motion end store diff --git a/app/views/settings/preferences/show.html.haml b/app/views/settings/preferences/show.html.haml index a2a17d0d6..75dfa027e 100644 --- a/app/views/settings/preferences/show.html.haml +++ b/app/views/settings/preferences/show.html.haml @@ -36,6 +36,7 @@ .fields-group = f.input :setting_auto_play_gif, as: :boolean, wrapper: :with_label + = f.input :setting_display_sensitive_media, as: :boolean, wrapper: :with_label = f.input :setting_reduce_motion, as: :boolean, wrapper: :with_label = f.input :setting_system_font_ui, as: :boolean, wrapper: :with_label diff --git a/app/views/stream_entries/_detailed_status.html.haml b/app/views/stream_entries/_detailed_status.html.haml index d88ec8280..470bff218 100644 --- a/app/views/stream_entries/_detailed_status.html.haml +++ b/app/views/stream_entries/_detailed_status.html.haml @@ -22,9 +22,9 @@ - if !status.media_attachments.empty? - if status.media_attachments.first.video? - video = status.media_attachments.first - %div{ data: { component: 'Video', props: Oj.dump(src: video.file.url(:original), preview: video.file.url(:small), sensitive: status.sensitive?, width: 670, height: 380, detailed: true) }}< + %div{ data: { component: 'Video', props: Oj.dump(src: video.file.url(:original), preview: video.file.url(:small), sensitive: status.sensitive? && !current_account&.user&.setting_display_sensitive_media, width: 670, height: 380, detailed: true) }} - else - %div{ data: { component: 'MediaGallery', props: Oj.dump(height: 380, sensitive: status.sensitive?, standalone: true, 'autoPlayGif': current_account&.user&.setting_auto_play_gif, 'reduceMotion': current_account&.user&.setting_reduce_motion, media: status.media_attachments.map { |a| ActiveModelSerializers::SerializableResource.new(a, serializer: REST::MediaAttachmentSerializer).as_json }) }}< + %div{ data: { component: 'MediaGallery', props: Oj.dump(height: 380, sensitive: status.sensitive? && !current_account&.user&.setting_display_sensitive_media, standalone: true, 'autoPlayGif': current_account&.user&.setting_auto_play_gif, 'reduceMotion': current_account&.user&.setting_reduce_motion, media: status.media_attachments.map { |a| ActiveModelSerializers::SerializableResource.new(a, serializer: REST::MediaAttachmentSerializer).as_json }) }} - elsif status.preview_cards.first %div{ data: { component: 'Card', props: Oj.dump('maxDescription': 160, card: ActiveModelSerializers::SerializableResource.new(status.preview_cards.first, serializer: REST::PreviewCardSerializer).as_json) }} diff --git a/app/views/stream_entries/_simple_status.html.haml b/app/views/stream_entries/_simple_status.html.haml index 0b45ff308..03d416fd6 100644 --- a/app/views/stream_entries/_simple_status.html.haml +++ b/app/views/stream_entries/_simple_status.html.haml @@ -24,6 +24,6 @@ - unless status.media_attachments.empty? - if status.media_attachments.first.video? - video = status.media_attachments.first - %div{ data: { component: 'Video', props: Oj.dump(src: video.file.url(:original), preview: video.file.url(:small), sensitive: status.sensitive?, width: 610, height: 343) }}>< + %div{ data: { component: 'Video', props: Oj.dump(src: video.file.url(:original), preview: video.file.url(:small), sensitive: status.sensitive? && !current_account&.user&.setting_display_sensitive_media, width: 610, height: 343) }} - else - %div{ data: { component: 'MediaGallery', props: Oj.dump(height: 343, sensitive: status.sensitive?, 'autoPlayGif': current_account&.user&.setting_auto_play_gif, media: status.media_attachments.map { |a| ActiveModelSerializers::SerializableResource.new(a, serializer: REST::MediaAttachmentSerializer).as_json }) }}>< + %div{ data: { component: 'MediaGallery', props: Oj.dump(height: 343, sensitive: status.sensitive? && !current_account&.user&.setting_display_sensitive_media, 'autoPlayGif': current_account&.user&.setting_auto_play_gif, media: status.media_attachments.map { |a| ActiveModelSerializers::SerializableResource.new(a, serializer: REST::MediaAttachmentSerializer).as_json }) }} diff --git a/config/locales/simple_form.en.yml b/config/locales/simple_form.en.yml index e097e80ae..c958431d3 100644 --- a/config/locales/simple_form.en.yml +++ b/config/locales/simple_form.en.yml @@ -45,6 +45,7 @@ en: setting_default_privacy: Post privacy setting_default_sensitive: Always mark media as sensitive setting_delete_modal: Show confirmation dialog before deleting a toot + setting_display_sensitive_media: Always show media marked as sensitive setting_favourite_modal: Show confirmation dialog before favouriting setting_noindex: Opt-out of search engine indexing setting_reduce_motion: Reduce motion in animations diff --git a/config/settings.yml b/config/settings.yml index 592be1a8a..580a20895 100644 --- a/config/settings.yml +++ b/config/settings.yml @@ -25,6 +25,7 @@ defaults: &defaults favourite_modal: false delete_modal: true auto_play_gif: false + display_sensitive_media: false reduce_motion: false system_font_ui: false noindex: false diff --git a/db/migrate/20180206000000_change_user_id_nonnullable.rb b/db/migrate/20180206000000_change_user_id_nonnullable.rb new file mode 100644 index 000000000..4eecb6154 --- /dev/null +++ b/db/migrate/20180206000000_change_user_id_nonnullable.rb @@ -0,0 +1,6 @@ +class ChangeUserIdNonnullable < ActiveRecord::Migration[5.1] + def change + change_column_null :invites, :user_id, false + change_column_null :web_settings, :user_id, false + end +end diff --git a/db/schema.rb b/db/schema.rb index 09567de35..c118377df 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -10,7 +10,7 @@ # # It's strongly recommended that you check this file into your version control system. -ActiveRecord::Schema.define(version: 20180204034416) do +ActiveRecord::Schema.define(version: 20180206000000) do # These are extensions that must be enabled in order to support this database enable_extension "plpgsql" @@ -204,7 +204,7 @@ ActiveRecord::Schema.define(version: 20180204034416) do end create_table "invites", force: :cascade do |t| - t.bigint "user_id" + t.bigint "user_id", null: false t.string "code", default: "", null: false t.datetime "expires_at" t.integer "max_uses" @@ -526,7 +526,7 @@ ActiveRecord::Schema.define(version: 20180204034416) do t.json "data" t.datetime "created_at", null: false t.datetime "updated_at", null: false - t.bigint "user_id" + t.bigint "user_id", null: false t.index ["user_id"], name: "index_web_settings_on_user_id", unique: true end diff --git a/spec/controllers/api/salmon_controller_spec.rb b/spec/controllers/api/salmon_controller_spec.rb index 323d85b61..8af8b83a8 100644 --- a/spec/controllers/api/salmon_controller_spec.rb +++ b/spec/controllers/api/salmon_controller_spec.rb @@ -40,7 +40,7 @@ RSpec.describe Api::SalmonController, type: :controller do end end - context 'with invalid post data' do + context 'with empty post data' do before do request.env['RAW_POST_DATA'] = '' post :update, params: { id: account.id } @@ -50,5 +50,19 @@ RSpec.describe Api::SalmonController, type: :controller do expect(response).to have_http_status(400) end end + + context 'with invalid post data' do + before do + service = double(call: false) + allow(VerifySalmonService).to receive(:new).and_return(service) + + request.env['RAW_POST_DATA'] = File.read(File.join(Rails.root, 'spec', 'fixtures', 'salmon', 'mention.xml')) + post :update, params: { id: account.id } + end + + it 'returns http client error' do + expect(response).to have_http_status(401) + end + end end end diff --git a/spec/services/fetch_atom_service_spec.rb b/spec/services/fetch_atom_service_spec.rb index 5491fd027..d7f162b85 100644 --- a/spec/services/fetch_atom_service_spec.rb +++ b/spec/services/fetch_atom_service_spec.rb @@ -1,4 +1,63 @@ require 'rails_helper' RSpec.describe FetchAtomService do + describe '#link_header' do + context 'Link is Array' do + target = FetchAtomService.new + target.instance_variable_set('@response', 'Link' => [ + '; rel="up"; meta="bar"', + '; rel="self"', + ]) + + it 'set first link as link_header' do + expect(target.send(:link_header).links[0].href).to eq 'http://example.com/' + end + end + + context 'Link is not Array' do + target = FetchAtomService.new + target.instance_variable_set('@response', 'Link' => '; rel="self", ; rel = "up"') + + it { expect(target.send(:link_header).links[0].href).to eq 'http://example.com/foo' } + end + end + + describe '#perform_request' do + let(:url) { 'http://example.com' } + context 'Check method result' do + before do + WebMock.stub_request(:get, url).to_return(status: 200, body: '', headers: {}) + @target = FetchAtomService.new + @target.instance_variable_set('@url', url) + end + + it 'HTTP::Response instance is returned and set to @response' do + expect(@target.send(:perform_request).status.to_s).to eq '200 OK' + expect(@target.instance_variable_get('@response')).to be_instance_of HTTP::Response + end + end + + context 'check passed parameters to Request' do + before do + @target = FetchAtomService.new + @target.instance_variable_set('@url', url) + @target.instance_variable_set('@unsupported_activity', unsupported_activity) + allow(Request).to receive(:new).with(:get, url) + expect(Request).to receive_message_chain(:new, :add_headers).with('Accept' => accept) + allow(Request).to receive_message_chain(:new, :add_headers, :perform).with(no_args) + end + + context '@unsupported_activity is true' do + let(:unsupported_activity) { true } + let(:accept) { 'text/html' } + it { @target.send(:perform_request) } + end + + context '@unsupported_activity is false' do + let(:unsupported_activity) { false } + let(:accept) { 'application/activity+json, application/ld+json, application/atom+xml, text/html' } + it { @target.send(:perform_request) } + end + end + end end