Commit Graph

221 Commits

Author SHA1 Message Date
Trinity Pointard
fceb9ab0cd Update cookie management a bit
Update to latest rocket_csrf
Make user_id a samesite lax cookie (see https://github.com/Plume-org/Plume/issues/233#issuecomment-422660275)
2018-09-30 11:56:12 +02:00
Bat
d8ca1d70b7 Fix CSRF issues
GET routes are not protected against CSRF. This commit changes the needed URLs to
POST and replace simple links with forms.

Thanks @fdb-hiroshima for noticing it!
2018-09-19 18:13:07 +01:00
Igor Galić
06718a5c8a
directly use SafeString in InstanceSettingsForm 2018-09-14 20:25:16 +02:00
Igor Galić
65e213309b
do not allocate empty strings
follow review from @pwoolcoc, and do not use

    SafeString::new(&<String>::new())

since this makes an allocation which will then just be thrown away.
Instead, we pass ""
2018-09-14 18:24:27 +02:00
Igor Galić
f5c299f23c
make blog/instance description a SafeString
long_description & short_description's documentation say they can be
Markdown, but they are String, not SafeString.

This led to escaped strings being printed in the editor
https://github.com/Plume-org/Plume/issues/220
2018-09-14 15:14:24 +02:00
Bat
0200a7b223 Only send notifications for mentions if the post is not a draft 2018-09-12 17:00:00 +01:00
Bat
b01212f4a6 Make it impossible to view drafts if you are not the author
Even if you got the URL
2018-09-12 16:58:38 +01:00
Bat
8fa83dfe25 Version bump
0.1.x was the pre-alpha.

The first Alpha will be 0.2.x
2018-09-11 19:53:14 +01:00
Baptiste Gelez
13ef50bb78
Merge pull request #212 from zcdunn/add_webapp_manifest
Add webapp manifest
2018-09-10 20:44:44 +01:00
Bat
10da8f31b6 Hide articles on public pages
Only show them in the dashboard
2018-09-10 20:06:00 +01:00
Zachary Dunn
8765b12229 Unwrap option 2018-09-10 14:54:18 -04:00
Bat
8879935925 Add the possibility to save an article as draft 2018-09-10 19:38:19 +01:00
Zachary Dunn
3a81dd7089 Add webapp manifest 2018-09-10 10:14:08 -04:00
Bat
de3707983a Account deletion
Fixes #182
2018-09-09 20:49:24 +01:00
Bat
54f6e7dfc6 Use a more classical flow for creating comments
Don't locally federate them anymore

It allows us to have them fetched later too
2018-09-09 16:08:53 +01:00
Bat
642884034d Fix build errors 2018-09-09 12:37:20 +01:00
Bat
08cb337df6 Broadcast activities to all known instances
We consider everything posted with Plume public (for the moment at least)
2018-09-09 12:19:11 +01:00
Bat
b4391b55f2 Fix panic because of invalid URL parsing when commenting 2018-09-09 11:53:22 +01:00
Bat
1f2bd105b6 Implement user ban 2018-09-09 11:25:55 +01:00
Bat
f66ddf6ef2 Actually implement blocks 2018-09-08 22:05:48 +01:00
Bat
0a70ff2594 Merge branch 'master' of github.com:Plume-org/Plume 2018-09-08 20:32:12 +01:00
Bat
f1d5865a16 Instance (un)block endpoint
And hide the block button for the local instance
2018-09-08 20:07:55 +01:00
Bat
c1e0b6c306 Add admin interface to manage interface 2018-09-08 19:54:09 +01:00
Baptiste Gelez
fe7f87c47f
Merge pull request #205 from lthms/recent_rocket
Update to a more recent rocket and rust toolchain
2018-09-08 19:06:52 +01:00
Thomas Letan
0ef4717a7f deps: Update to a more recent rocket and rust toolchain
With this patch, Plume will be use a more up-to-date revision of
Rocket, that works with nightly-2018-07-17. It may have been able to
make it work with a more recent revision, but it turns out rocket has
introduced several breaking changes so I’d rather fix those.

Besides updating rocket_i18n and rocket_csrf to use the same revision
than Plume, this patch deals with the new implementation of the
Uri<'_> type. It silents a class of warnings, to deal with a change in
rustc which affects diesel. This latter change should be reverted as
soon as diesel releases a new version of its crate.
2018-09-08 15:51:55 +02:00
Bat
0f5f9101b6 Only notify for mention if it is not in a comment
To avoid two similar notifications
2018-09-08 12:53:17 +01:00
Bat
b53a078b49 Edit HTML for old articles without source 2018-09-08 12:05:22 +01:00
Bat
2822f8efe9 Don't show the "Registrations closed" message if there is an error when creating a new user 2018-09-07 20:13:14 +01:00
Bat
3918bd4501 Edit posts 2018-09-07 18:51:53 +01:00
Bat
413e34ac0e Federate article updating 2018-09-06 22:39:22 +01:00
Bat
7152d714ae Add a source property to posts
To store the Markdown
2018-09-06 20:00:55 +01:00
Bat
dd9c4a6a73 Add a page to list articles by tag 2018-09-06 13:06:04 +01:00
Bat
5b3eca63e0 Make it possible to tag articles and display them 2018-09-05 21:18:27 +01:00
Bat
b66d4f73ce Reorganize the homepage 2018-09-05 18:03:02 +01:00
Bat
79348e06ff Add a dedicated page for the federated feed 2018-09-05 15:37:49 +01:00
Bat
1496598a45 User feed 2018-09-05 15:21:50 +01:00
Bat
babb3a81f5 Local timeline 2018-09-04 20:56:27 +01:00
Bat
bba9a56329 Add author biography at the bottom of the post 2018-09-04 14:55:15 +01:00
Bat
94a386ea2c Add subtitles to articles
Fix #152
2018-09-04 12:26:13 +01:00
Bat
7653551d57 Fix some compilation errors 2018-09-04 11:45:41 +01:00
Bat
dcebc4653a Make it possible to unfollow someone
I was sure it was already implemented, but it looks like it wasn't
2018-09-04 11:37:58 +01:00
Bat
e4810263e3 Make about page accessible even when logged out 2018-09-03 22:48:35 +01:00
Bat
32a4949f25 Update user information if needed
When a remote is displayed, if it has not been updated since at least 24 hours, newer informations are fetched.

Fixes #135
2018-09-03 19:53:20 +01:00
Bat
3373bb66cd Fake password verification when trying to login with inexistant account
Fix #170
2018-09-03 18:04:21 +01:00
Bat
ac631627ab Make it possible to disable registrations
Fix #41
2018-09-03 17:05:45 +01:00
Bat
3013eec579 Redesign menu items 2018-09-03 14:59:02 +01:00
Bat
e2e7d10929 Make it possible to choose an avatar 2018-09-03 13:04:17 +01:00
Bat
99fdb8e680 Media deletion 2018-09-02 22:10:15 +01:00
Bat
f44b6fffa3 Media upload 2018-09-02 21:55:42 +01:00
Bat
97c0b533ab Add Atom feeds for blogs and users 2018-09-01 21:08:26 +01:00