Ivan Tashkinov
2a4a4f3342
[ #468 ] Defined OAuth restrictions for all applicable routes.
...
Improved missing "scopes" param handling.
Allowed "any of" / "all of" mode specification in OAuthScopesPlug.
Fixed auth UI / behavior when user selects no permissions at /oauth/authorize.
2019-02-15 19:54:37 +03:00
Ivan Tashkinov
027adbc9e5
[ #468 ] Refactored OAuth scopes parsing / defaults handling.
2019-02-14 17:03:19 +03:00
Ivan Tashkinov
949e35e26d
[ #468 ] OAuth scopes-related data migration simplification.
2019-02-14 14:28:26 +03:00
Ivan Tashkinov
063baca5e4
[ #468 ] User UI for OAuth permissions restriction. Standardized storage format for `scopes` fields, updated usages.
2019-02-14 00:29:29 +03:00
Ivan Tashkinov
a337bd114c
[ #468 ] MastodonAPI scope restrictions. Removed obsolete "POST /web/login" route.
2019-02-09 17:32:33 +03:00
Ivan Tashkinov
4ad843fb9d
[ #468 ] Prototype of OAuth2 scopes support. TwitterAPI scope restrictions.
2019-02-09 17:09:08 +03:00
lambda
99fd199bda
Merge branch 'add-media-path-to-caddy-cache' into 'develop'
...
Add /media to Caddy cache
See merge request pleroma/pleroma!791
2019-02-09 11:39:01 +00:00
shibayashi
e868cfe619
Add /media to Caddy cache
2019-02-09 11:39:01 +00:00
lambda
1eecbc1cd1
Merge branch 'feature/keyword-policy' into 'develop'
...
Add keyword policy
See merge request pleroma/pleroma!794
2019-02-09 11:38:37 +00:00
rinpatch
b05a341187
oof
2019-02-09 08:12:30 +03:00
rinpatch
9a23f8f3ea
Add tests and fix a typo in docs
2019-02-08 20:23:26 +03:00
lambda
c5f8df08a7
Merge branch 'fix/do-split-migration-for-local-users-only' into 'develop'
...
Split hide_network only for local users
See merge request pleroma/pleroma!781
2019-02-08 12:18:05 +00:00
rinpatch
38ff9b3568
fix typo in config.md
2019-02-08 15:12:44 +03:00
rinpatch
7356659273
wow
2019-02-08 15:12:13 +03:00
lambda
ba7d7ffd80
Merge branch 'mark-streaming-feature-for-ios-apps' into 'develop'
...
Mark streaming feature for iOS apps in readme
See merge request pleroma/pleroma!790
2019-02-08 12:10:35 +00:00
lambda
b4271de770
Merge branch 'oauth2_strengthening' into 'develop'
...
OAuth2 security fixes: redirect URI validation, "Mastodon-Local" security breach fix
See merge request pleroma/pleroma!793
2019-02-08 12:09:43 +00:00
rinpatch
f88dec8b33
What idiot did that? (me)
2019-02-08 13:16:50 +03:00
rinpatch
6c21f5aa16
Merge branch 'develop' into feature/keyword-policy
2019-02-08 13:12:33 +03:00
rinpatch
8a0b755c19
rename ftl_removal to federated_timeline_removal to keep consistent naming with SimplePolicy
2019-02-08 13:12:09 +03:00
rinpatch
2174f6eb4f
Add default config for keyword policy
2019-02-08 12:48:39 +03:00
rinpatch
46aa8c18a2
Add keyword policy
2019-02-08 12:38:24 +03:00
Ivan Tashkinov
2c68cf7e9e
OAuth2 security fixes: redirect URI validation, "Mastodon-Local" security breach fix.
...
(`POST /api/v1/apps` could create "Mastodon-Local" app wth any redirect_uris,
and if that happened before /web/login is accessed for the first time
then Pleroma used this externally created record with arbitrary
redirect_uris and client_secret known by creator).
2019-02-07 22:14:06 +03:00
hakabahitoyo
c2090b86b7
mark streaming feature for ios apps in readme
2019-02-07 12:01:35 +09:00
kaniini
d84392c9e0
Merge branch 'remove-pawoo-apps-from-readme' into 'develop'
...
Remove Pawoo apps from README.md
See merge request pleroma/pleroma!788
2019-02-07 02:19:52 +00:00
kaniini
24dd0fc545
Merge branch 'mark-streaming-feature-for-apps-in-readme' into 'develop'
...
Mark streaming feature for Apps in README.md
See merge request pleroma/pleroma!789
2019-02-07 02:18:51 +00:00
hakabahitoyo
902c72bb56
Mark streaming feature for Apps in README.md
2019-02-07 11:04:37 +09:00
Hakaba Hitoyo
063739054e
Update README.md
2019-02-07 01:15:27 +00:00
kaniini
430f23323c
Merge branch 'rename-followings' into 'develop'
...
hide_followings was renamed to hide_followers in the FE, but never synced up in the BE
See merge request pleroma/pleroma!787
2019-02-06 22:40:24 +00:00
Mark Felder
74518d0b60
hide_followings was renamed to hide_followers in the FE, but never synced up in the BE
...
This was a dirty regex replace which worked on my server
2019-02-06 22:34:44 +00:00
Haelwenn
1220a17146
Merge branch 'bugfix/rich-media-card' into 'develop'
...
rich media cards: bugfixes and regression tests
See merge request pleroma/pleroma!785
2019-02-06 18:39:13 +00:00
William Pitcock
26670b09a7
tests: add a rich media card that contains all relevant fields
2019-02-06 18:27:55 +00:00
kaniini
18e783bcb2
Merge branch 'add-admin-and-moderator-fields' into 'develop'
...
Add admin and moderator badges to user view and make their visibility configurable
See merge request pleroma/pleroma!767
2019-02-06 18:19:47 +00:00
William Pitcock
6eb8c1eb92
test: add some regression tests for the rich media card rendering
2019-02-06 18:12:26 +00:00
William Pitcock
65a4b9fbea
mastodon api: rich media: don't clobber %URI struct with a string
2019-02-06 18:02:15 +00:00
Haelwenn
09b71a9053
Merge branch 'mr/exsyslogger-doc-and-format' into 'develop'
...
Adds a couple examples to docs/config.md for ExSyslogger and removes duplicate timestamps from default format.
See merge request pleroma/pleroma!784
2019-02-06 18:02:10 +00:00
Michael Loftis
ab80c8ebb8
adds a couple of explicit examples for ExSyslogger
2019-02-06 17:54:30 +00:00
rinpatch
f7aedbcc55
Merge branch 'fix/activitypub-user-view-badmap' into 'develop'
...
Fix if clause in activity_pub user_view
See merge request pleroma/pleroma!783
2019-02-06 17:47:58 +00:00
href
f753043ce0
Fix if clause in activity_pub user_view
2019-02-06 18:42:19 +01:00
Michael Loftis
43b3f9e96e
rids the duplicate timestamp from default ExSyslogger config
2019-02-06 17:34:09 +00:00
Maxim Filippov
f1b72bfb70
Split hide_networ only for local users
2019-02-06 13:41:36 +03:00
lambda
3c08e20d68
Merge branch '2019-02-06-update-frontend' into 'develop'
...
update frontend
See merge request pleroma/pleroma!780
2019-02-06 09:47:36 +00:00
lain
78a51f4dd4
update frontend
2019-02-06 10:40:01 +01:00
eugenijm
035eaeb9b8
Allow to configure visibility for admin and moderator badges
2019-02-06 06:18:05 +03:00
eugenijm
398c81f9c8
Add is_admin and is_moderator boolean fields to the user view
2019-02-06 02:10:06 +03:00
rinpatch
c46490b199
Merge branch 'bugfix/rich-media-non-unicode-nuclear-option' into 'develop'
...
rich media: parser: reject any data which cannot be explicitly encoded into JSON
Closes #596
See merge request pleroma/pleroma!779
2019-02-05 21:01:20 +00:00
William Pitcock
d83dbd9070
rich media: parser: reject any data which cannot be explicitly encoded into JSON
2019-02-05 20:50:57 +00:00
kaniini
d120aa63f0
Merge branch 'fix-dm-index' into 'develop'
...
Massage index until it actually does the stuff we want.
See merge request pleroma/pleroma!772
2019-02-05 20:27:31 +00:00
kaniini
681ba1e52f
Merge branch 'feature/ap-c2s-whoami' into 'develop'
...
activitypub: c2s: add /api/ap/whoami endpoint for andstatus
See merge request pleroma/pleroma!773
2019-02-05 20:26:31 +00:00
kaniini
00d572fd58
Merge branch 'testfix/twitter-api' into 'develop'
...
test: twitterapi: fix another possible test failure case
See merge request pleroma/pleroma!778
2019-02-05 20:13:38 +00:00
William Pitcock
73e6a1f1dd
test: twitterapi: fix another possible test failure case
2019-02-05 20:08:16 +00:00