Commit graph

488 commits

Author SHA1 Message Date
Thomas Citharel 58e50e3c9f
test: add new tests for XSS in actors summary
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-12-06 11:19:19 +01:00
Thomas Citharel ffff379d47
fix: always consider report content as text
Report content was used as HTML in front-end and e-mails but wasn't sanitized as such.

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-12-06 11:05:56 +01:00
Thomas Citharel 5e8f9afb62
fix(activitypub): compact ical:status in activitystream data
Was kept for no other reason than disambiguation with https://schema.org/status, but no need if we
specify the correct alias in the context.

Keeps a fallback for older versions compatibility

Closes #1378

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-12-04 14:05:27 +01:00
Thomas Citharel 5fcf3d5267
test: fix tests using verified routes
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-12-01 16:34:48 +01:00
Thomas Citharel b315e1d7ff
refactor: use Phoenix verified routes
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-12-01 11:29:53 +01:00
Thomas Citharel c731f0f084
test: fix tests
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-11-21 17:29:58 +01:00
Thomas Citharel 7ef85fe19b
fix(announcements): load group announcements
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-11-20 17:35:37 +01:00
Thomas Citharel f24866012b
test: fix ActivityPub headers test
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-11-15 17:30:49 +01:00
Thomas Citharel e051df1ab3
test: fix unit backend tests
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-11-15 16:35:40 +01:00
Thomas Citharel b5672cee7e
WIP
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-11-14 14:24:17 +01:00
Thomas Citharel 2ecd55df96
fix(i18n): fix typos in translation sources
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-10-13 10:46:09 +02:00
Thomas Citharel 7a1bfcac49
feat(export): add event status in iCalendar exports
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-10-11 17:08:31 +02:00
Thomas Citharel f2ac3e2e5d
feat(reports): allow reports to hold multiple events
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-08-31 10:43:36 +02:00
Thomas Citharel fef60ed0f9
feat(export): add date of participant creation in participant exports
Closes #1343

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-08-24 17:36:58 +02:00
Thomas Citharel 8617382af2
test: add tests for push notification registration GraphQL resolver
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-08-24 11:49:19 +02:00
Thomas Citharel 7cc4abd47b Merge branch 'fix-user-clitests' into 'main'
test: fix user deletion CLI tests and bring back the -k option

See merge request framasoft/mobilizon!1438
2023-08-23 06:26:13 +00:00
Thomas Citharel d2490f9304
test: fix user deletion CLI tests and bring back the -k option
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-08-23 08:24:28 +02:00
Thomas Citharel 3d491fc034
test: correctly skip invalid tests
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-08-21 16:14:34 +02:00
Thomas Citharel c987d7b2e7
test: disable tests that fail unexpicably for now
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-08-18 16:20:05 +02:00
Thomas Citharel 3de4d84329
test: refactor resend confirmation email tests
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-08-18 13:41:46 +02:00
Thomas Citharel 7cc9a37c78
test: fix depreciated warn log levels in tests
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-08-17 17:44:13 +02:00
Thomas Citharel 1b0a7499f8
test(export): fix exporting participants CSV
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-08-17 16:35:26 +02:00
Thomas Citharel 107bab33c9
style: run mix format
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-08-17 14:50:44 +02:00
Thomas Citharel 3714925896
fix(groups): fix unauthenticated access to groups because of missing read:group:members permission
The permission in question is now removed

Closes #1311

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-06-21 18:09:45 +02:00
Thomas Citharel a1f5d1dacc
test(federation): fix APControllerTest failing because of datetime different when we reach 2nd page
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-06-20 17:40:50 +02:00
Thomas Citharel 5cc5c9943c
fix(participant): handle re-confirming participation
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-06-20 16:55:37 +02:00
Thomas Citharel 02098bbb3d
test(export): add basic test for ExportController
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-06-20 16:55:37 +02:00
Thomas Citharel ce15160e87
test(anti-spam): add tests for anti-spam detection command
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-06-01 14:49:39 +02:00
Thomas Citharel 618b3d23d9
refactor(anti-spam): make anti-spam agnostic from Akismet
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-06-01 14:48:42 +02:00
Thomas Citharel 5664625c1c
fix(apps): fix typo in redirect_uri parameter
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-05-30 14:24:51 +02:00
Thomas Citharel fe4fbc0bdf
test(emails): add test for group notification emails
Add test for Mobilizon.Web.Email.Group

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-05-25 12:08:27 +02:00
Hugo Renard c4d60194a6
fix: include user role in moderator role
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-05-23 17:38:11 +02:00
Thomas Citharel 1c1d0d47d7
fix(back): Improve error message when requesting reset passwords and new instructions
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-05-17 11:33:50 +02:00
Thomas Citharel f3a443138a
fix(feeds): Only provide future events in ICS/Atom feeds
Closes #1246

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-04-20 11:30:34 +02:00
Thomas Citharel ddba7d6fc5
test: Fix Mobilizon.Service.Notifications.SchedulerTest tests
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-04-20 09:54:11 +02:00
Thomas Citharel c07ba3a5d1
Add rate-limiting on queries with Hammer
Closes #67

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-03-24 15:32:27 +01:00
Thomas Citharel 986ae45f52
Add worker to clean obsolete application data, token revokation and spec conformance
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-03-24 09:18:53 +01:00
Thomas Citharel 59944603b7
Update deps and fix some front-end stuff
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-03-22 10:19:25 +01:00
Thomas Citharel 8984bd7636
Introduce authorizations with Rajska
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-03-22 10:19:25 +01:00
Thomas Citharel b6875f6a4b
Introduce device flow
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-03-22 09:34:11 +01:00
Thomas Citharel 2ee329ff7b
Introduce application tokens
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-03-22 09:34:10 +01:00
Thomas Citharel 317a3434b2
feat(spam): Introduce checking new accounts, events & comments for spam with the help of Akismet
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-02-07 15:18:29 +01:00
Thomas Citharel a78cd16afe
Fix LDAP authentificator tests
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-01-16 12:00:06 +01:00
Thomas Citharel 3e15048843
Prevent AP collection page number being < 1
Closes #1184

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2022-11-21 16:57:54 +01:00
Thomas Citharel a51b36fb75
Fix building CSP policy
You can't use 'none' as a CSP Policy if there's other things among

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2022-11-04 16:47:24 +01:00
Thomas Citharel 57fac37347
Support CSP report_uri, report_to and the Report-To and Reporting-Endpoints headers
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2022-11-04 10:55:26 +01:00
Thomas Citharel a1726fc12e
Add sha-256 hash for toggling dark theme code and remove inlined phoenix digest
Follow-up to !1300

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2022-11-02 11:36:32 +01:00
Thomas Citharel 470a3e594b
Correctly escape user-defined names in emails
Closes #1151

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2022-10-31 14:30:40 +01:00
Thomas Citharel 082435129e
Fix tests after CLDR upgrade
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2022-10-27 16:08:15 +02:00
Thomas Citharel c9fffca046
Always lowercase the emails before trying to reset password
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2022-10-18 18:37:39 +02:00