Merge 030f22678f into 14cb5ff881

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

app/controllers/admin/accounts/avatars_controller.rb

@@ -0,0 +1,24 @@
+# frozen_string_literal: true
+
+module Admin
+  class Accounts::AvatarsController < BaseController
+    before_action :set_account
+
+    def destroy
+      authorize @account, :remove_avatar?
+
+      @account.avatar = nil
+      @account.save!
+
+      log_action :remove_avatar, @account.user
+
+      redirect_to admin_account_path(@account.id), notice: t('admin.accounts.removed_avatar_msg', username: @account.acct)
+    end
+
+    private
+
+    def set_account
+      @account = Account.find(params[:account_id])
+    end
+  end
+end

app/controllers/admin/accounts/headers_controller.rb

@@ -0,0 +1,24 @@
+# frozen_string_literal: true
+
+module Admin
+  class Accounts::HeadersController < BaseController
+    before_action :set_account
+
+    def destroy
+      authorize @account, :remove_header?
+
+      @account.header = nil
+      @account.save!
+
+      log_action :remove_header, @account.user
+
+      redirect_to admin_account_path(@account.id), notice: t('admin.accounts.removed_header_msg', username: @account.acct)
+    end
+
+    private
+
+    def set_account
+      @account = Account.find(params[:account_id])
+    end
+  end
+end

app/controllers/admin/accounts_controller.rb

@@ -106,28 +106,6 @@ module Admin
       redirect_to admin_account_path(@account.id), notice: I18n.t('admin.accounts.redownloaded_msg', username: @account.acct)
     end
 
-    def remove_avatar
-      authorize @account, :remove_avatar?
-
-      @account.avatar = nil
-      @account.save!
-
-      log_action :remove_avatar, @account.user
-
-      redirect_to admin_account_path(@account.id), notice: I18n.t('admin.accounts.removed_avatar_msg', username: @account.acct)
-    end
-
-    def remove_header
-      authorize @account, :remove_header?
-
-      @account.header = nil
-      @account.save!
-
-      log_action :remove_header, @account.user
-
-      redirect_to admin_account_path(@account.id), notice: I18n.t('admin.accounts.removed_header_msg', username: @account.acct)
-    end
-
     def unblock_email
       authorize @account, :unblock_email?
 

app/javascript/mastodon/components/button/button.stories.tsx

@@ -8,6 +8,7 @@ const meta = {
   component: Button,
   args: {
     secondary: false,
+    plain: false,
     compact: false,
     dangerous: false,
     disabled: false,
@@ -57,6 +58,14 @@ export const Secondary: Story = {
   play: buttonTest,
 };
 
+export const Plain: Story = {
+  args: {
+    plain: true,
+    children: 'Plain button',
+  },
+  play: buttonTest,
+};
+
 export const Compact: Story = {
   args: {
     compact: true,
@@ -101,6 +110,14 @@ export const SecondaryDisabled: Story = {
   play: disabledButtonTest,
 };
 
+export const PlainDisabled: Story = {
+  args: {
+    ...Plain.args,
+    disabled: true,
+  },
+  play: disabledButtonTest,
+};
+
 const loadingButtonTest: Story['play'] = async ({
   args,
   canvas,

app/javascript/mastodon/components/button/index.tsx

@@ -9,6 +9,7 @@ interface BaseProps
   extends Omit<React.ButtonHTMLAttributes<HTMLButtonElement>, 'children'> {
   block?: boolean;
   secondary?: boolean;
+  plain?: boolean;
   compact?: boolean;
   dangerous?: boolean;
   loading?: boolean;
@@ -35,6 +36,7 @@ export const Button: React.FC<Props> = ({
   disabled,
   block,
   secondary,
+  plain,
   compact,
   dangerous,
   loading,
@@ -62,6 +64,7 @@ export const Button: React.FC<Props> = ({
     <button
       className={classNames('button', className, {
         'button-secondary': secondary,
+        'button--plain': plain,
         'button--compact': compact,
         'button--block': block,
         'button--dangerous': dangerous,

app/javascript/styles/mastodon/components.scss

@@ -201,6 +201,41 @@
     }
   }
 
+  &.button--plain {
+    color: $highlight-text-color;
+    background: transparent;
+    padding: 6px;
+
+    // The button has no outline, so we use negative margin to
+    // visually align its label with its surroundings while maintaining
+    // a generous click target
+    margin-inline: -6px;
+    border: 1px solid transparent;
+
+    &:active,
+    &:focus,
+    &:hover {
+      border-color: transparent;
+      color: lighten($highlight-text-color, 4%);
+      background-color: transparent;
+      text-decoration: none;
+    }
+
+    &:disabled,
+    &.disabled {
+      opacity: 0.7;
+      border-color: transparent;
+      color: $ui-button-disabled-color;
+
+      &:active,
+      &:focus,
+      &:hover {
+        border-color: transparent;
+        color: $ui-button-disabled-color;
+      }
+    }
+  }
+
   &.button-tertiary {
     background: transparent;
     padding: 6px 17px;

app/serializers/activitypub/note_serializer.rb

@@ -232,6 +232,15 @@ class ActivityPub::NoteSerializer < ActivityPub::Serializer
       canQuote: {
         automaticApproval: approved_uris,
       },
+      canReply: {
+        always: 'https://www.w3.org/ns/activitystreams#Public',
+      },
+      canLike: {
+        always: 'https://www.w3.org/ns/activitystreams#Public',
+      },
+      canAnnounce: {
+        always: 'https://www.w3.org/ns/activitystreams#Public',
+      },
     }
   end
 

app/views/admin/accounts/_local_account.html.haml

@@ -1,12 +1,12 @@
 - if account.avatar?
   %tr
     %th= t('admin.accounts.avatar')
-    %td= table_link_to 'delete', t('admin.accounts.remove_avatar'), remove_avatar_admin_account_path(account.id), method: :post, data: { confirm: t('admin.accounts.are_you_sure') } if can?(:remove_avatar, account)
+    %td= table_link_to 'delete', t('admin.accounts.remove_avatar'), admin_account_avatar_path(account.id), method: :delete, data: { confirm: t('admin.accounts.are_you_sure') } if can?(:remove_avatar, account)
     %td
 - if account.header?
   %tr
     %th= t('admin.accounts.header')
-    %td= table_link_to 'delete', t('admin.accounts.remove_header'), remove_header_admin_account_path(account.id), method: :post, data: { confirm: t('admin.accounts.are_you_sure') } if can?(:remove_header, account)
+    %td= table_link_to 'delete', t('admin.accounts.remove_header'), admin_account_header_path(account.id), method: :delete, data: { confirm: t('admin.accounts.are_you_sure') } if can?(:remove_header, account)
     %td
 %tr
   %th= t('admin.accounts.role')

config/routes/admin.rb

@@ -131,14 +131,17 @@ namespace :admin do
   resources :report_notes, only: [:create, :destroy]
 
   resources :accounts, only: [:index, :show, :destroy] do
+    scope module: :accounts do
+      resource :header, only: :destroy
+      resource :avatar, only: :destroy
+    end
+
     member do
       post :enable
       post :unsensitive
       post :unsilence
       post :unsuspend
       post :redownload
-      post :remove_avatar
-      post :remove_header
       post :memorialize
       post :approve
       post :reject

spec/controllers/admin/accounts_controller_spec.rb

@@ -280,29 +280,6 @@ RSpec.describe Admin::AccountsController do
     end
   end
 
-  describe 'POST #remove_avatar' do
-    subject { post :remove_avatar, params: { id: account.id } }
-
-    let(:current_user) { Fabricate(:user, role: role) }
-    let(:account) { Fabricate(:account) }
-
-    context 'when user is admin' do
-      let(:role) { UserRole.find_by(name: 'Admin') }
-
-      it 'succeeds in removing avatar' do
-        expect(subject).to redirect_to admin_account_path(account.id)
-      end
-    end
-
-    context 'when user is not admin' do
-      let(:role) { UserRole.everyone }
-
-      it 'fails to remove avatar' do
-        expect(subject).to have_http_status 403
-      end
-    end
-  end
-
   describe 'POST #unblock_email' do
     subject { post :unblock_email, params: { id: account.id } }
 

spec/requests/admin/accounts/avatar_spec.rb

@@ -0,0 +1,23 @@
+# frozen_string_literal: true
+
+require 'rails_helper'
+
+RSpec.describe 'Admin Accounts Avatar' do
+  before { sign_in user }
+
+  describe 'DELETE #destroy' do
+    let(:user) { Fabricate(:user, role: role) }
+    let(:account) { Fabricate(:account, avatar: fixture_file_upload('avatar.gif', 'image/gif')) }
+
+    context 'when user is not admin' do
+      let(:role) { UserRole.everyone }
+
+      it 'fails to remove avatar' do
+        delete "/admin/accounts/#{account.id}/avatar"
+
+        expect(response)
+          .to have_http_status 403
+      end
+    end
+  end
+end

spec/requests/admin/accounts/header_spec.rb

@@ -0,0 +1,23 @@
+# frozen_string_literal: true
+
+require 'rails_helper'
+
+RSpec.describe 'Admin Accounts Header' do
+  before { sign_in user }
+
+  describe 'DELETE #destroy' do
+    let(:user) { Fabricate(:user, role: role) }
+    let(:account) { Fabricate(:account, header: fixture_file_upload('attachment.jpg', 'image/jpeg')) }
+
+    context 'when user is not admin' do
+      let(:role) { UserRole.everyone }
+
+      it 'fails to remove header' do
+        delete "/admin/accounts/#{account.id}/header"
+
+        expect(response)
+          .to have_http_status 403
+      end
+    end
+  end
+end

spec/system/admin/accounts/avatar_spec.rb

@@ -0,0 +1,27 @@
+# frozen_string_literal: true
+
+require 'rails_helper'
+
+RSpec.describe 'Admin Accounts Avatar' do
+  before { sign_in user }
+
+  let(:user) { Fabricate(:admin_user) }
+
+  describe 'Deleting an account avatar' do
+    let(:account) { Fabricate(:account, avatar: fixture_file_upload('avatar.gif', 'image/gif')) }
+
+    it 'succeeds in removing avatar' do
+      visit admin_account_path(account.id)
+
+      expect { submit_delete }
+        .to change { account.reload.avatar_file_name }.to(be_blank)
+        .and change(Admin::ActionLog, :count).by(1)
+      expect(page)
+        .to have_content I18n.t('admin.accounts.removed_avatar_msg', username: account.acct)
+    end
+
+    def submit_delete
+      click_on I18n.t('admin.accounts.remove_avatar')
+    end
+  end
+end

spec/system/admin/accounts/header_spec.rb

@@ -0,0 +1,27 @@
+# frozen_string_literal: true
+
+require 'rails_helper'
+
+RSpec.describe 'Admin Accounts Header' do
+  before { sign_in user }
+
+  let(:user) { Fabricate(:admin_user) }
+
+  describe 'Deleting an account header' do
+    let(:account) { Fabricate(:account, header: fixture_file_upload('attachment.jpg', 'image/jpeg')) }
+
+    it 'succeeds in removing header' do
+      visit admin_account_path(account.id)
+
+      expect { submit_delete }
+        .to change { account.reload.header_file_name }.to(be_blank)
+        .and change(Admin::ActionLog, :count).by(1)
+      expect(page)
+        .to have_content I18n.t('admin.accounts.removed_header_msg', username: account.acct)
+    end
+
+    def submit_delete
+      click_on I18n.t('admin.accounts.remove_header')
+    end
+  end
+end

yarn.lock

@@ -11957,8 +11957,8 @@ __metadata:
   linkType: hard
 
 "sass@npm:^1.62.1":
-  version: 1.91.0
-  resolution: "sass@npm:1.91.0"
+  version: 1.92.0
+  resolution: "sass@npm:1.92.0"
   dependencies:
     "@parcel/watcher": "npm:^2.4.1"
     chokidar: "npm:^4.0.0"
@@ -11969,7 +11969,7 @@ __metadata:
       optional: true
   bin:
     sass: sass.js
-  checksum: 10c0/5be1c98f7a618cb5f90b62f63d2aa0f78f9bf369c93ec7cd9880752a26b0ead19aa63cc341e8a26ce6c74d080baa5705f1685dff52fe6a3f28a7828ae50182b6
+  checksum: 10c0/bdff9fa6988620e2a81962efdd016e3894d19934cfadc105cf41db767f59dd47afd8ff32840e612ef700cb67e19d9e83c108f1724eb8f0bef56c4877dbe6f14d
   languageName: node
   linkType: hard