Commit Graph

488 Commits

Author SHA1 Message Date
Thomas Citharel
58e50e3c9f
test: add new tests for XSS in actors summary
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-12-06 11:19:19 +01:00
Thomas Citharel
ffff379d47
fix: always consider report content as text
Report content was used as HTML in front-end and e-mails but wasn't sanitized as such.

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-12-06 11:05:56 +01:00
Thomas Citharel
5e8f9afb62
fix(activitypub): compact ical:status in activitystream data
Was kept for no other reason than disambiguation with https://schema.org/status, but no need if we
specify the correct alias in the context.

Keeps a fallback for older versions compatibility

Closes #1378

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-12-04 14:05:27 +01:00
Thomas Citharel
5fcf3d5267
test: fix tests using verified routes
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-12-01 16:34:48 +01:00
Thomas Citharel
b315e1d7ff
refactor: use Phoenix verified routes
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-12-01 11:29:53 +01:00
Thomas Citharel
c731f0f084
test: fix tests
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-11-21 17:29:58 +01:00
Thomas Citharel
7ef85fe19b
fix(announcements): load group announcements
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-11-20 17:35:37 +01:00
Thomas Citharel
f24866012b
test: fix ActivityPub headers test
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-11-15 17:30:49 +01:00
Thomas Citharel
e051df1ab3
test: fix unit backend tests
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-11-15 16:35:40 +01:00
Thomas Citharel
b5672cee7e
WIP
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-11-14 14:24:17 +01:00
Thomas Citharel
2ecd55df96
fix(i18n): fix typos in translation sources
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-10-13 10:46:09 +02:00
Thomas Citharel
7a1bfcac49
feat(export): add event status in iCalendar exports
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-10-11 17:08:31 +02:00
Thomas Citharel
f2ac3e2e5d
feat(reports): allow reports to hold multiple events
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-08-31 10:43:36 +02:00
Thomas Citharel
fef60ed0f9
feat(export): add date of participant creation in participant exports
Closes #1343

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-08-24 17:36:58 +02:00
Thomas Citharel
8617382af2
test: add tests for push notification registration GraphQL resolver
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-08-24 11:49:19 +02:00
Thomas Citharel
7cc4abd47b Merge branch 'fix-user-clitests' into 'main'
test: fix user deletion CLI tests and bring back the -k option

See merge request framasoft/mobilizon!1438
2023-08-23 06:26:13 +00:00
Thomas Citharel
d2490f9304
test: fix user deletion CLI tests and bring back the -k option
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-08-23 08:24:28 +02:00
Thomas Citharel
3d491fc034
test: correctly skip invalid tests
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-08-21 16:14:34 +02:00
Thomas Citharel
c987d7b2e7
test: disable tests that fail unexpicably for now
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-08-18 16:20:05 +02:00
Thomas Citharel
3de4d84329
test: refactor resend confirmation email tests
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-08-18 13:41:46 +02:00
Thomas Citharel
7cc9a37c78
test: fix depreciated warn log levels in tests
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-08-17 17:44:13 +02:00
Thomas Citharel
1b0a7499f8
test(export): fix exporting participants CSV
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-08-17 16:35:26 +02:00
Thomas Citharel
107bab33c9
style: run mix format
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-08-17 14:50:44 +02:00
Thomas Citharel
3714925896
fix(groups): fix unauthenticated access to groups because of missing read:group:members permission
The permission in question is now removed

Closes #1311

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-06-21 18:09:45 +02:00
Thomas Citharel
a1f5d1dacc
test(federation): fix APControllerTest failing because of datetime different when we reach 2nd page
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-06-20 17:40:50 +02:00
Thomas Citharel
5cc5c9943c
fix(participant): handle re-confirming participation
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-06-20 16:55:37 +02:00
Thomas Citharel
02098bbb3d
test(export): add basic test for ExportController
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-06-20 16:55:37 +02:00
Thomas Citharel
ce15160e87
test(anti-spam): add tests for anti-spam detection command
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-06-01 14:49:39 +02:00
Thomas Citharel
618b3d23d9
refactor(anti-spam): make anti-spam agnostic from Akismet
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-06-01 14:48:42 +02:00
Thomas Citharel
5664625c1c
fix(apps): fix typo in redirect_uri parameter
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-05-30 14:24:51 +02:00
Thomas Citharel
fe4fbc0bdf
test(emails): add test for group notification emails
Add test for Mobilizon.Web.Email.Group

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-05-25 12:08:27 +02:00
Hugo Renard
c4d60194a6
fix: include user role in moderator role
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-05-23 17:38:11 +02:00
Thomas Citharel
1c1d0d47d7
fix(back): Improve error message when requesting reset passwords and new instructions
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-05-17 11:33:50 +02:00
Thomas Citharel
f3a443138a
fix(feeds): Only provide future events in ICS/Atom feeds
Closes #1246

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-04-20 11:30:34 +02:00
Thomas Citharel
ddba7d6fc5
test: Fix Mobilizon.Service.Notifications.SchedulerTest tests
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-04-20 09:54:11 +02:00
Thomas Citharel
c07ba3a5d1
Add rate-limiting on queries with Hammer
Closes #67

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-03-24 15:32:27 +01:00
Thomas Citharel
986ae45f52
Add worker to clean obsolete application data, token revokation and spec conformance
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-03-24 09:18:53 +01:00
Thomas Citharel
59944603b7
Update deps and fix some front-end stuff
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-03-22 10:19:25 +01:00
Thomas Citharel
8984bd7636
Introduce authorizations with Rajska
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-03-22 10:19:25 +01:00
Thomas Citharel
b6875f6a4b
Introduce device flow
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-03-22 09:34:11 +01:00
Thomas Citharel
2ee329ff7b
Introduce application tokens
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-03-22 09:34:10 +01:00
Thomas Citharel
317a3434b2
feat(spam): Introduce checking new accounts, events & comments for spam with the help of Akismet
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-02-07 15:18:29 +01:00
Thomas Citharel
a78cd16afe
Fix LDAP authentificator tests
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-01-16 12:00:06 +01:00
Thomas Citharel
3e15048843
Prevent AP collection page number being < 1
Closes #1184

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2022-11-21 16:57:54 +01:00
Thomas Citharel
a51b36fb75
Fix building CSP policy
You can't use 'none' as a CSP Policy if there's other things among

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2022-11-04 16:47:24 +01:00
Thomas Citharel
57fac37347
Support CSP report_uri, report_to and the Report-To and Reporting-Endpoints headers
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2022-11-04 10:55:26 +01:00
Thomas Citharel
a1726fc12e
Add sha-256 hash for toggling dark theme code and remove inlined phoenix digest
Follow-up to !1300

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2022-11-02 11:36:32 +01:00
Thomas Citharel
470a3e594b
Correctly escape user-defined names in emails
Closes #1151

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2022-10-31 14:30:40 +01:00
Thomas Citharel
082435129e
Fix tests after CLDR upgrade
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2022-10-27 16:08:15 +02:00
Thomas Citharel
c9fffca046
Always lowercase the emails before trying to reset password
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2022-10-18 18:37:39 +02:00