Merge tag 'v2.1.1' into imastodon

* Fix conflict

* Update locale files

* mastodon#6109 PR removed

.env.production.sample

@@ -11,10 +11,11 @@ DB_PASS=
 DB_PORT=5432
 
 # Federation
-# Note: Changing LOCAL_DOMAIN or LOCAL_HTTPS at a later time will cause unwanted side effects.
+# Note: Changing LOCAL_DOMAIN at a later time will cause unwanted side effects, including breaking all existing federation.
 # LOCAL_DOMAIN should *NOT* contain the protocol part of the domain e.g https://example.com.
 LOCAL_DOMAIN=example.com 
-LOCAL_HTTPS=true
+
+# Changing LOCAL_HTTPS in production is no longer supported. (Mastodon will always serve https:// links)
 
 # Use this only if you need to run mastodon on a different domain than the one used for federation.
 # You can read more about this option on https://github.com/tootsuite/documentation/blob/master/Running-Mastodon/Serving_a_different_domain.md

Gemfile

@@ -28,7 +28,7 @@ gem 'browser'
 gem 'charlock_holmes', '~> 0.7.5'
 gem 'iso-639'
 gem 'cld3', '~> 3.2.0'
-gem 'devise', '~> 4.2'
+gem 'devise', '~> 4.3'
 gem 'devise-two-factor', '~> 3.0'
 gem 'doorkeeper', '~> 4.2'
 gem 'fast_blank', '~> 1.0'
@@ -58,6 +58,7 @@ gem 'redis', '~> 3.3', require: ['redis', 'redis/connection/hiredis']
 gem 'mario-redis-lock', '~> 1.2', require: 'redis_lock'
 gem 'rqrcode', '~> 0.10'
 gem 'ruby-oembed', '~> 0.12', require: 'oembed'
+gem 'ruby-progressbar', '~> 1.4'
 gem 'sanitize', '~> 4.4'
 gem 'sidekiq', '~> 5.0'
 gem 'sidekiq-scheduler', '~> 2.1'

Gemfile.lock

@@ -299,13 +299,11 @@ GEM
       sidekiq (>= 3.5.0)
       statsd-ruby (~> 1.2.0)
     oj (3.3.9)
-    openssl (2.0.6)
     orm_adapter (0.5.0)
-    ostatus2 (2.0.1)
+    ostatus2 (2.0.2)
       addressable (~> 2.4)
       http (~> 2.0)
       nokogiri (~> 1.6)
-      openssl (~> 2.0)
     ox (2.8.2)
     paperclip (5.1.0)
       activemodel (>= 4.2.0)
@@ -561,7 +559,7 @@ DEPENDENCIES
   charlock_holmes (~> 0.7.5)
   cld3 (~> 3.2.0)
   climate_control (~> 0.2)
-  devise (~> 4.2)
+  devise (~> 4.3)
   devise-two-factor (~> 3.0)
   doorkeeper (~> 4.2)
   dotenv-rails (~> 2.2)
@@ -621,6 +619,7 @@ DEPENDENCIES
   rspec-sidekiq (~> 3.0)
   rubocop
   ruby-oembed (~> 0.12)
+  ruby-progressbar (~> 1.4)
   sanitize (~> 4.4)
   scss_lint (~> 0.55)
   sidekiq (~> 5.0)
@@ -643,4 +642,4 @@ RUBY VERSION
    ruby 2.4.2p198
 
 BUNDLED WITH
-   1.16.0
+   1.16.1

app/controllers/accounts_controller.rb

@@ -2,7 +2,8 @@
 
 class AccountsController < ApplicationController
   include AccountControllerConcern
-  include SignatureVerification
+
+  before_action :set_cache_headers
 
   def show
     respond_to do |format|
@@ -26,10 +27,11 @@ def show
       end
 
       format.json do
-        render json: @account,
-               serializer: ActivityPub::ActorSerializer,
-               adapter: ActivityPub::Adapter,
-               content_type: 'application/activity+json'
+        skip_session!
+
+        render_cached_json(['activitypub', 'actor', @account.cache_key], content_type: 'application/activity+json') do
+          ActiveModelSerializers::SerializableResource.new(@account, serializer: ActivityPub::ActorSerializer, adapter: ActivityPub::Adapter)
+        end
       end
     end
   end

app/controllers/activitypub/follows_controller.rb

@@ -0,0 +1,22 @@
+# frozen_string_literal: true
+
+class ActivityPub::FollowsController < Api::BaseController
+  include SignatureVerification
+
+  def show
+    render json: follow_request,
+           serializer: ActivityPub::FollowSerializer,
+           adapter: ActivityPub::Adapter,
+           content_type: 'application/activity+json'
+  end
+
+  private
+
+  def follow_request
+    FollowRequest.includes(:account).references(:account).find_by!(
+      id: params.require(:id),
+      accounts: { domain: nil, username: params.require(:account_username) },
+      target_account: signed_request_account
+    )
+  end
+end

app/controllers/admin/custom_emojis_controller.rb

@@ -3,6 +3,7 @@
 module Admin
   class CustomEmojisController < BaseController
     before_action :set_custom_emoji, except: [:index, :new, :create]
+    before_action :set_filter_params
 
     def index
       authorize :custom_emoji, :index?
@@ -32,23 +33,26 @@ def update
 
       if @custom_emoji.update(resource_params)
         log_action :update, @custom_emoji
-        redirect_to admin_custom_emojis_path, notice: I18n.t('admin.custom_emojis.updated_msg')
+        flash[:notice] = I18n.t('admin.custom_emojis.updated_msg')
       else
-        redirect_to admin_custom_emojis_path, notice: I18n.t('admin.custom_emojis.update_failed_msg')
+        flash[:alert] =  I18n.t('admin.custom_emojis.update_failed_msg')
       end
+      redirect_to admin_custom_emojis_path(page: params[:page], **@filter_params)
     end
 
     def destroy
       authorize @custom_emoji, :destroy?
       @custom_emoji.destroy!
       log_action :destroy, @custom_emoji
-      redirect_to admin_custom_emojis_path, notice: I18n.t('admin.custom_emojis.destroyed_msg')
+      flash[:notice] = I18n.t('admin.custom_emojis.destroyed_msg')
+      redirect_to admin_custom_emojis_path(page: params[:page], **@filter_params)
     end
 
     def copy
       authorize @custom_emoji, :copy?
 
-      emoji = CustomEmoji.find_or_initialize_by(domain: nil, shortcode: @custom_emoji.shortcode)
+      emoji = CustomEmoji.find_or_initialize_by(domain: nil,
+                                                shortcode: @custom_emoji.shortcode)
       emoji.image = @custom_emoji.image
 
       if emoji.save
@@ -58,21 +62,23 @@ def copy
         flash[:alert] = I18n.t('admin.custom_emojis.copy_failed_msg')
       end
 
-      redirect_to admin_custom_emojis_path(page: params[:page])
+      redirect_to admin_custom_emojis_path(page: params[:page], **@filter_params)
     end
 
     def enable
       authorize @custom_emoji, :enable?
       @custom_emoji.update!(disabled: false)
       log_action :enable, @custom_emoji
-      redirect_to admin_custom_emojis_path, notice: I18n.t('admin.custom_emojis.enabled_msg')
+      flash[:notice] = I18n.t('admin.custom_emojis.enabled_msg')
+      redirect_to admin_custom_emojis_path(page: params[:page], **@filter_params)
     end
 
     def disable
       authorize @custom_emoji, :disable?
       @custom_emoji.update!(disabled: true)
       log_action :disable, @custom_emoji
-      redirect_to admin_custom_emojis_path, notice: I18n.t('admin.custom_emojis.disabled_msg')
+      flash[:notice] = I18n.t('admin.custom_emojis.disabled_msg')
+      redirect_to admin_custom_emojis_path(page: params[:page], **@filter_params)
     end
 
     private
@@ -81,6 +87,10 @@ def set_custom_emoji
       @custom_emoji = CustomEmoji.find(params[:id])
     end
 
+    def set_filter_params
+      @filter_params = filter_params.to_hash.symbolize_keys
+    end
+
     def resource_params
       params.require(:custom_emoji).permit(:shortcode, :image, :visible_in_picker)
     end

app/controllers/admin/settings_controller.rb

@@ -18,13 +18,17 @@ class SettingsController < BaseController
       bootstrap_timeline_accounts
       thumbnail
       min_invite_role
+      activity_api_enabled
+      peers_api_enabled
     ).freeze
 
     BOOLEAN_SETTINGS = %w(
       open_registrations
       open_deletion
       timeline_preview
       show_staff_badge
+      activity_api_enabled
+      peers_api_enabled
     ).freeze
 
     UPLOAD_SETTINGS = %w(

app/controllers/api/v1/instances/activity_controller.rb

@@ -0,0 +1,36 @@
+# frozen_string_literal: true
+
+class Api::V1::Instances::ActivityController < Api::BaseController
+  before_action :require_enabled_api!
+
+  respond_to :json
+
+  def show
+    render_cached_json('api:v1:instances:activity:show', expires_in: 1.day) { activity }
+  end
+
+  private
+
+  def activity
+    weeks = []
+
+    12.times do |i|
+      day     = i.weeks.ago.to_date
+      week_id = day.cweek
+      week    = Date.commercial(day.cwyear, week_id)
+
+      weeks << {
+        week: week.to_time.to_i.to_s,
+        statuses: Redis.current.get("activity:statuses:local:#{week_id}") || 0,
+        logins: Redis.current.pfcount("activity:logins:#{week_id}"),
+        registrations: Redis.current.get("activity:accounts:local:#{week_id}") || 0,
+      }
+    end
+
+    weeks
+  end
+
+  def require_enabled_api!
+    head 404 unless Setting.activity_api_enabled
+  end
+end

app/controllers/api/v1/instances/peers_controller.rb

@@ -0,0 +1,17 @@
+# frozen_string_literal: true
+
+class Api::V1::Instances::PeersController < Api::BaseController
+  before_action :require_enabled_api!
+
+  respond_to :json
+
+  def index
+    render_cached_json('api:v1:instances:peers:index', expires_in: 1.day) { Account.remote.domains }
+  end
+
+  private
+
+  def require_enabled_api!
+    head 404 unless Setting.peers_api_enabled
+  end
+end

app/controllers/application_controller.rb

@@ -121,4 +121,26 @@ def respond_with_error(code)
       end
     end
   end
+
+  def render_cached_json(cache_key, **options)
+    options[:expires_in] ||= 3.minutes
+    options[:public]     ||= true
+    cache_key              = cache_key.join(':') if cache_key.is_a?(Enumerable)
+    content_type           = options.delete(:content_type) || 'application/json'
+
+    data = Rails.cache.fetch(cache_key, { raw: true }.merge(options)) do
+      yield.to_json
+    end
+
+    expires_in options[:expires_in], public: options[:public]
+    render json: data, content_type: content_type
+  end
+
+  def set_cache_headers
+    response.headers['Vary'] = 'Accept'
+  end
+
+  def skip_session!
+    request.session_options[:skip] = true
+  end
 end

app/controllers/auth/confirmations_controller.rb

@@ -2,10 +2,4 @@
 
 class Auth::ConfirmationsController < Devise::ConfirmationsController
   layout 'auth'
-
-  def show
-    super do |user|
-      BootstrapTimelineWorker.perform_async(user.account_id) if user.errors.empty?
-    end
-  end
 end

app/controllers/auth/registrations_controller.rb

@@ -37,6 +37,10 @@ def after_inactive_sign_up_path_for(_resource)
     new_user_session_path
   end
 
+  def after_update_path_for(_resource)
+    edit_user_registration_path
+  end
+
   def check_enabled_registrations
     redirect_to root_path if single_user_mode? || !allowed_registrations?
   end

app/controllers/authorize_follows_controller.rb

@@ -4,6 +4,7 @@ class AuthorizeFollowsController < ApplicationController
   layout 'modal'
 
   before_action :authenticate_user!
+  before_action :set_body_classes
 
   def show
     @account = located_account || render(:error)
@@ -58,4 +59,8 @@ def acct_without_prefix
   def acct_params
     params.fetch(:acct, '')
   end
+
+  def set_body_classes
+    @body_classes = 'modal-layout'
+  end
 end

app/controllers/concerns/user_tracking_concern.rb

@@ -17,6 +17,7 @@ def set_user_activity
 
     # Mark as signed-in today
     current_user.update_tracked_fields!(request)
+    ActivityTracker.record('activity:logins', current_user.id)
 
     # Regenerate feed if needed
     regenerate_feed! if user_needs_feed_update?

app/controllers/emojis_controller.rb

@@ -2,14 +2,16 @@
 
 class EmojisController < ApplicationController
   before_action :set_emoji
+  before_action :set_cache_headers
 
   def show
     respond_to do |format|
       format.json do
-        render json: @emoji,
-               serializer: ActivityPub::EmojiSerializer,
-               adapter: ActivityPub::Adapter,
-               content_type: 'application/activity+json'
+        skip_session!
+
+        render_cached_json(['activitypub', 'emoji', @emoji.cache_key], content_type: 'application/activity+json') do
+          ActiveModelSerializers::SerializableResource.new(@emoji, serializer: ActivityPub::EmojiSerializer, adapter: ActivityPub::Adapter)
+        end
       end
     end
   end

app/controllers/remote_follow_controller.rb

@@ -38,4 +38,8 @@ def set_account
   def suspended_account?
     @account.suspended?
   end
+
+  def set_body_classes
+    @body_classes = 'modal-layout'
+  end
 end

app/controllers/shares_controller.rb

@@ -25,6 +25,6 @@ def initial_state_params
   end
 
   def set_body_classes
-    @body_classes = 'compose-standalone'
+    @body_classes = 'modal-layout compose-standalone'
   end
 end