Merge branch 'develop' into oembed_provider

.gitlab-ci.yml

@@ -13,6 +13,7 @@ cache:
   key: ${CI_COMMIT_REF_SLUG}
   paths:
           - deps
+          - _build
 stages:
   - lint
   - test
@@ -21,6 +22,7 @@ before_script:
   - mix local.hex --force
   - mix local.rebar --force
   - mix deps.get
+  - mix compile --force
   - MIX_ENV=test mix ecto.create
   - MIX_ENV=test mix ecto.migrate
 

.idea/libraries/gen_smtp.xml

@@ -0,0 +1,6 @@
+<component name="libraryTable">
+  <library name="gen_smtp" type="mix">
+    <CLASSES />
+    <SOURCES />
+  </library>
+</component>

.idea/libraries/html_entities.xml

@@ -0,0 +1,6 @@
+<component name="libraryTable">
+  <library name="html_entities" type="mix">
+    <CLASSES />
+    <SOURCES />
+  </library>
+</component>

.idea/libraries/plug_cowboy.xml

@@ -0,0 +1,8 @@
+<component name="libraryTable">
+  <library name="plug_cowboy" type="mix">
+    <CLASSES />
+    <SOURCES>
+      <root url="file://$PROJECT_DIR$/deps/plug_cowboy/lib" />
+    </SOURCES>
+  </library>
+</component>

.idea/libraries/plug_crypto.xml

@@ -0,0 +1,8 @@
+<component name="libraryTable">
+  <library name="plug_crypto" type="mix">
+    <CLASSES />
+    <SOURCES>
+      <root url="file://$PROJECT_DIR$/deps/plug_crypto/lib" />
+    </SOURCES>
+  </library>
+</component>

.idea/libraries/swoosh.xml

@@ -0,0 +1,6 @@
+<component name="libraryTable">
+  <library name="swoosh" type="mix">
+    <CLASSES />
+    <SOURCES />
+  </library>
+</component>

config/config.exs

@@ -137,8 +137,8 @@
   logo_mask: true,
   logo_margin: "0.1em",
   background: "/static/aurora_borealis.jpg",
-  redirect_root_no_login: "/main/all",
+  redirect_root_no_login: "/~/main/all",
-  redirect_root_login: "/main/friends",
+  redirect_root_login: "/~/main/friends",
   show_instance_panel: true,
   scope_options_enabled: false,
   formatting_options_enabled: false,

config/config.md

@@ -175,3 +175,16 @@ the source code is here: https://github.com/koto-bank/kocaptcha. The default end
 `https://captcha.kotobank.ch` is hosted by the developer.
 
 * `endpoint`: the kocaptcha endpoint to use
+
+## :admin_token
+
+Allows to set a token that can be used to authenticate with the admin api without using an actual user by giving it as the 'admin_token' parameter. Example:
+
+```
+config :pleroma, :admin_token, "somerandomtoken"
+```
+
+You can then do
+```
+curl "http://localhost:4000/api/pleroma/admin/invite_token?admin_token=somerandomtoken"
+```

lib/pleroma/formatter.ex

@@ -4,12 +4,12 @@ defmodule Pleroma.Formatter do
   alias Pleroma.HTML
   alias Pleroma.Emoji
 
-  @tag_regex ~r/\#\w+/u
+  @tag_regex ~r/((?<=[^&])|\A)(\#)(\w+)/u
   @markdown_characters_regex ~r/(`|\*|_|{|}|[|]|\(|\)|#|\+|-|\.|!)/
 
   def parse_tags(text, data \\ %{}) do
     Regex.scan(@tag_regex, text)
-    |> Enum.map(fn ["#" <> tag = full_tag] -> {full_tag, String.downcase(tag)} end)
+    |> Enum.map(fn ["#" <> tag = full_tag | _] -> {full_tag, String.downcase(tag)} end)
     |> (fn map ->
           if data["sensitive"] in [true, "True", "true", "1"],
             do: [{"#nsfw", "nsfw"}] ++ map,
@@ -155,7 +155,7 @@ def add_hashtag_links({subs, text}, tags) do
     uuid_text =
       tags
       |> Enum.reduce(text, fn {match, _short, uuid}, text ->
-        String.replace(text, match, uuid)
+        String.replace(text, ~r/((?<=[^&])|(\A))#{match}/, uuid)
       end)
 
     subs =

lib/pleroma/plugs/admin_secret_authentication_plug.ex

@@ -0,0 +1,25 @@
+defmodule Pleroma.Plugs.AdminSecretAuthenticationPlug do
+  import Plug.Conn
+  alias Pleroma.User
+
+  def init(options) do
+    options
+  end
+
+  def secret_token do
+    Pleroma.Config.get(:admin_token)
+  end
+
+  def call(%{assigns: %{user: %User{}}} = conn, _), do: conn
+
+  def call(%{params: %{"admin_token" => admin_token}} = conn, _) do
+    if secret_token() && admin_token == secret_token() do
+      conn
+      |> assign(:user, %User{info: %{is_admin: true}})
+    else
+      conn
+    end
+  end
+
+  def call(conn, _), do: conn
+end

lib/pleroma/web/router.ex

@@ -38,6 +38,7 @@ defmodule Pleroma.Web.Router do
     plug(Pleroma.Plugs.SessionAuthenticationPlug)
     plug(Pleroma.Plugs.LegacyAuthenticationPlug)
     plug(Pleroma.Plugs.AuthenticationPlug)
+    plug(Pleroma.Plugs.AdminSecretAuthenticationPlug)
     plug(Pleroma.Plugs.UserEnabledPlug)
     plug(Pleroma.Plugs.SetUserSessionIdPlug)
     plug(Pleroma.Plugs.EnsureAuthenticatedPlug)

priv/static/index.html

@@ -1 +1 @@
-<!DOCTYPE html><html lang=en><head><meta charset=utf-8><meta name=viewport content="width=device-width,initial-scale=1"><title>Pleroma</title><!--server-generated-meta--><link rel=icon type=image/png href=/favicon.png><link rel=stylesheet href=/static/font/css/fontello.css><link rel=stylesheet href=/static/font/css/animation.css><link href=/static/css/app.ea00efb3229c8591fcc5249f0241b986.css rel=stylesheet></head><body style="display: none"><div id=app></div><script type=text/javascript src=/static/js/manifest.e076977b8e6c6844fb00.js></script><script type=text/javascript src=/static/js/vendor.cc4190750f6ed4d697bd.js></script><script type=text/javascript src=/static/js/app.67f548ecb9e9fd6b25b0.js></script></body></html>
+<!DOCTYPE html><html lang=en><head><meta charset=utf-8><meta name=viewport content="width=device-width,initial-scale=1"><title>Pleroma</title><!--server-generated-meta--><link rel=icon type=image/png href=/favicon.png><link rel=stylesheet href=/static/font/css/fontello.css><link rel=stylesheet href=/static/font/css/animation.css><link href=/static/css/app.285fa56c62b811bbd37880f7e2656b13.css rel=stylesheet></head><body style="display: none"><div id=app></div><script type=text/javascript src=/static/js/manifest.60e190da7cc4cc4711dc.js></script><script type=text/javascript src=/static/js/vendor.48d4753220bd83360796.js></script><script type=text/javascript src=/static/js/app.6cb7378f44092df9536a.js></script></body></html>

priv/static/static/config.json

@@ -4,8 +4,8 @@
   "logo": "/static/logo.png",
   "logoMask": true,
   "logoMargin": ".1em",
-  "redirectRootNoLogin": "/main/all",
+  "redirectRootNoLogin": "/~/main/all",
-  "redirectRootLogin": "/main/friends",
+  "redirectRootLogin": "/~/main/friends",
   "chatDisabled": false,
   "showInstanceSpecificPanel": false,
   "scopeOptionsEnabled": false,

test/formatter_test.exs

@@ -22,6 +22,18 @@ test "turns hashtags into links" do
       assert expected_text ==
                Formatter.add_hashtag_links({[], text}, tags) |> Formatter.finalize()
     end
+
+    test "does not turn html characters to tags" do
+      text = "Fact #3: pleroma does what mastodon't"
+
+      expected_text =
+        "Fact <a data-tag='3' href='http://localhost:4001/tag/3' rel='tag'>#3</a>: pleroma does what mastodon't"
+
+      tags = Formatter.parse_tags(text)
+
+      assert expected_text ==
+               Formatter.add_hashtag_links({[], text}, tags) |> Formatter.finalize()
+    end
   end
 
   describe ".add_links" do

test/plugs/admin_secret_authentication_plug_test.exs

@@ -0,0 +1,38 @@
+defmodule Pleroma.Plugs.AdminSecretAuthenticationPlugTest do
+  use Pleroma.Web.ConnCase, async: true
+  import Pleroma.Factory
+
+  alias Pleroma.Plugs.AdminSecretAuthenticationPlug
+
+  test "does nothing if a user is assigned", %{conn: conn} do
+    user = insert(:user)
+
+    conn =
+      conn
+      |> assign(:user, user)
+
+    ret_conn =
+      conn
+      |> AdminSecretAuthenticationPlug.call(%{})
+
+    assert conn == ret_conn
+  end
+
+  test "with secret set and given in the 'admin_token' parameter, it assigns an admin user", %{
+    conn: conn
+  } do
+    Pleroma.Config.put(:admin_token, "password123")
+
+    conn =
+      %{conn | params: %{"admin_token" => "wrong_password"}}
+      |> AdminSecretAuthenticationPlug.call(%{})
+
+    refute conn.assigns[:user]
+
+    conn =
+      %{conn | params: %{"admin_token" => "password123"}}
+      |> AdminSecretAuthenticationPlug.call(%{})
+
+    assert conn.assigns[:user].info.is_admin
+  end
+end

test/plugs/set_user_session_id_plug_test.exs

@@ -1,6 +1,8 @@
 defmodule Pleroma.Plugs.SetUserSessionIdPlugTest do
   use Pleroma.Web.ConnCase, async: true
 
+  Code.ensure_compiled(Pleroma.User)
+
   alias Pleroma.Plugs.SetUserSessionIdPlug
   alias Pleroma.User