Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.
Sign upFollowers-only post federation #2111
Conversation
Gargron
added some commits
Apr 18, 2017
Gargron
changed the title from
[WIP] Followers-only post federation
to
Followers-only post federation
Apr 22, 2017
Gargron
requested review from
mjankowski,
krainboltgreene and
ineffyble
Apr 22, 2017
| + account = Account.find(account_id) | ||
| + target_account = Account.find(target_account_id) | ||
| + | ||
| + BlockService.new.call(account, target_account) |
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
mjankowski
Apr 22, 2017
Collaborator
The block followed by unblock here has the effect of:
- Remove any follows between the accounts, in both directions
- Create a block from account to target
- Clear the timeline and notifications of the account from anything from the target
- Salmon the block from the account to the target
- ...
- Remove the block
- Send the unblock salmon
This does not prevent accounts on the target domains from immediately refollowing the person, unless they also change their account to private, right?
I just want to make sure I understand the general flow here.
mjankowski
Apr 22, 2017
Collaborator
The block followed by unblock here has the effect of:
- Remove any follows between the accounts, in both directions
- Create a block from account to target
- Clear the timeline and notifications of the account from anything from the target
- Salmon the block from the account to the target
- ...
- Remove the block
- Send the unblock salmon
This does not prevent accounts on the target domains from immediately refollowing the person, unless they also change their account to private, right?
I just want to make sure I understand the general flow here.
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
| + | ||
| + before_action :authenticate_user! | ||
| + | ||
| + def show |
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
mjankowski
Apr 22, 2017
Collaborator
Should the @domains here be paginated, maybe ordered by most followers? I'm not sure what's typical for how many instances a typical account has following them.
If so, maybe rename this action to index
mjankowski
Apr 22, 2017
Collaborator
Should the @domains here be paginated, maybe ordered by most followers? I'm not sure what's typical for how many instances a typical account has following them.
If so, maybe rename this action to index
| @@ -0,0 +1,28 @@ | ||
| +# frozen_string_literal: true | ||
| + | ||
| +class Settings::FollowersController < ApplicationController |
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
mjankowski
Apr 22, 2017
Collaborator
I could see this being Settings::FollowerDomainsController with a single index action for the list, and then something like Settings::FollowerDomains#update with the array of domain values instead of purge.
Related - how do you feel about a "Block" button next to each domain that would just do them one at a time (and redirect right back to list) -vs- the checkboxes to select a bunch and then submit at once?
mjankowski
Apr 22, 2017
Collaborator
I could see this being Settings::FollowerDomainsController with a single index action for the list, and then something like Settings::FollowerDomains#update with the array of domain values instead of purge.
Related - how do you feel about a "Block" button next to each domain that would just do them one at a time (and redirect right back to list) -vs- the checkboxes to select a bunch and then submit at once?
| + | ||
| + def show | ||
| + @account = current_account | ||
| + @domains = current_account.followers.reorder(nil).group('accounts.domain').select('accounts.domain, count(accounts.*) as accounts_from_domain') |
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
yiskah
Apr 23, 2017
Collaborator
Question: Is this a toggle-able setting? Having it enabled by default and hidden in preferences will cause the same problems as last time. I assume this time users will be notified that if they wish they can go into settings and enable this after reviewing who follows them?
|
Question: Is this a toggle-able setting? Having it enabled by default and hidden in preferences will cause the same problems as last time. I assume this time users will be notified that if they wish they can go into settings and enable this after reviewing who follows them? |
yiskah
referenced this pull request
Apr 23, 2017
Closed
#1319 Specify local followers rather than all followers. #1878
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
Gargron
Apr 23, 2017
Member
This is a hard problem, because it's a one-off event... I wouldn't want to code in special cases for such things so early on in the lifetime of the project... That being said, it's not like old private toots would retroactively travel anywhere. A word-of-mouth announcement might be fine? Alternatively, and this should've been a thing since the start probably, show a warning in web UI if you selected private toot setting but your account isn't locked.
Also I remember everyone wants to rename "private" to "followers-only".
|
This is a hard problem, because it's a one-off event... I wouldn't want to code in special cases for such things so early on in the lifetime of the project... That being said, it's not like old private toots would retroactively travel anywhere. A word-of-mouth announcement might be fine? Alternatively, and this should've been a thing since the start probably, show a warning in web UI if you selected private toot setting but your account isn't locked. Also I remember everyone wants to rename "private" to "followers-only". |
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
yiskah
Apr 23, 2017
Collaborator
Word of mouth is absolutely not the way to go. The problem last time was that users were suddenly having this big change and didn't know to go auditing their followers because everything is suddenly different. Implementing a warning is a good idea.
|
Word of mouth is absolutely not the way to go. The problem last time was that users were suddenly having this big change and didn't know to go auditing their followers because everything is suddenly different. Implementing a warning is a good idea. |
Gargron
added some commits
Apr 23, 2017
Gargron
merged commit 5015149
into
master
Apr 23, 2017
Gargron
deleted the
feature-private-federation
branch
Apr 23, 2017
wxcafe
referenced this pull request
Apr 24, 2017
Closed
Better control over who's following me #2187
mecab
referenced this pull request
Apr 26, 2017
Merged
Update Japanese translation for activitypub and authorized followers #2471
added a commit
to Toootim/mastodon
that referenced
this pull request
Apr 26, 2017
unarist
referenced this pull request
Apr 27, 2017
Merged
Update Japanese translation (and English translation file) for JavaScript #2538
added a commit
to Toootim/mastodon
that referenced
this pull request
Apr 28, 2017
added a commit
to y0t4/mastodon
that referenced
this pull request
Apr 29, 2017
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
dunn
May 1, 2017
Contributor
Are any of the proposed mitigations from https://marrus-sh.github.io/mastodon-info/everything-you-need-to-know-about-privacy-v1.3-020170427.html planned for future releases?
|
Are any of the proposed mitigations from https://marrus-sh.github.io/mastodon-info/everything-you-need-to-know-about-privacy-v1.3-020170427.html planned for future releases? |
ghost
referenced this pull request
Gargron commentedApr 18, 2017
•
edited
Edited 1 time
-
Gargron
edited Apr 23, 2017 (most recent)
:privatetoots to subscribersNew settings page:
If your account is not locked:
"Remove followers" applies soft-blocks to all followers from selected domains. Soft-block means "block, then immediately unblock"
When posting to followers-only with unlocked account:
"Private" has been renamed to "followers-only"
Default post privacy settings have been restyled slightly: