Commit Graph

2789 Commits

Author SHA1 Message Date
William Pitcock da44cdd381 user: search: use get_or_fetch() instead of get_or_fetch_by_nickname()
get_or_fetch() handles the nickname verses URI differences transparently.
2019-02-14 20:00:04 +00:00
lambda ea2698beb7 Merge branch 'bugfix/activitypub-reserialization' into 'develop'
activitypub transmogrifier: fix reserialization edge cases

See merge request pleroma/pleroma!826
2019-02-14 19:54:16 +00:00
William Pitcock 56862f4ce1 activitypub: clean up logging statements a little 2019-02-14 19:42:33 +00:00
Wim Vanderbauwhede 04b1c13554 Merge remote-tracking branch 'upstream/develop' into patch-image-description 2019-02-14 16:41:40 +00:00
Ivan Tashkinov 027adbc9e5 [#468] Refactored OAuth scopes parsing / defaults handling. 2019-02-14 17:03:19 +03:00
Egor Kislitsyn 3f32d7b937 Fix queue name 2019-02-14 17:02:47 +07:00
Egor Kislitsyn 907306174b fix S3 links encoding in Mediaproxy 2019-02-14 15:55:21 +07:00
William Pitcock 72ba5b4ab7 activitypub: user view: formatting 2019-02-14 03:13:07 +00:00
William Pitcock 5307c211b8 activitypub: user view: report totalItems=0 for follows/followers when hidden 2019-02-14 03:10:00 +00:00
William Pitcock 6542b86292 activitypub: user view: remove totalItems from user outbox
(this is based on a counter in User.Info, but the counter is not reliable.)
2019-02-14 03:02:45 +00:00
William Pitcock ee2fa1a314 activitypub: user view: remove totalInbox from user inbox view
It is not really feasible to quickly calculate the totalItems value and
it shouldn't be trusted anyway.
2019-02-14 03:01:39 +00:00
kaniini bc9e5e6b65 Merge branch 'feature/activitypub-oauth-endpoints' into 'develop'
ActivityPub C2S oauth endpoints

See merge request pleroma/pleroma!821
2019-02-14 02:50:06 +00:00
William Pitcock 64620d8980 activitypub: user view: do not expose oAuth endpoints for instance users 2019-02-14 02:41:21 +00:00
William Pitcock e9ef4b8da6 oauth: never use base64 padding when returning tokens to applications
The normal Base64 alphabet uses the equals sign (=) as a padding character.  Since
Base64 strings are self-synchronizing, padding characters are unnecessary, so don't
generate them in the first place.
2019-02-14 01:10:04 +00:00
William Pitcock e05bf2940f activitypub: transmogrifier: correctly handle nil inReplyTo value 2019-02-14 00:35:54 +00:00
William Pitcock 94cbbb0e3a activitypub: transmogrifier: do not attempt to expand pre-existing AS2 tag objects 2019-02-14 00:35:53 +00:00
Mark Felder f62c1d6266 Improve login error for OAuth flow 2019-02-13 22:33:22 +00:00
Ivan Tashkinov 063baca5e4 [#468] User UI for OAuth permissions restriction. Standardized storage format for `scopes` fields, updated usages. 2019-02-14 00:29:29 +03:00
William Pitcock 9bd6ed975e activitypub: user view: use route helpers instead of hardcoded URIs 2019-02-13 19:34:43 +00:00
William Pitcock 29e946ace4 activitypub: user view: add oauthRegistrationEndpoint to user profiles 2019-02-13 19:34:43 +00:00
William Pitcock db8abd958d activitypub: user view: fix up endpoints rendering 2019-02-13 19:34:43 +00:00
William Pitcock 90facd3598 user view: add AP C2S oauth endpoints to local user profiles 2019-02-13 19:34:43 +00:00
Karen Konou bef9b9cb66 refactored code 2019-02-13 16:23:09 +01:00
Karen Konou adcdd21f16 Merge branch 'develop' into hellthread-filter-fix 2019-02-13 16:22:14 +01:00
lain 88a4de24f9 User.follow_all: Respect blocks in both directions. 2019-02-13 13:52:27 +01:00
Maxim Filippov 760fec4cb8 Update token.ex 2019-02-13 12:59:56 +03:00
Maxim Filippov 62a45bdc11 Add revoke token 2019-02-13 12:59:56 +03:00
Maxim Filippov 61a4bc5095 Add OAuth tokens endpoint 2019-02-13 12:59:56 +03:00
hakabahitoyo b7bc666200 bugfix mdii uploader 2019-02-13 15:46:42 +09:00
Karen Konou 1d727cd069 added checks for public url and follower collections 2019-02-13 00:01:34 +01:00
Haelwenn (lanodan) Monnier da4c662af3
Plugs.HTTPSecurityPlug: Add webpacker to connect-src 2019-02-12 22:12:12 +01:00
Haelwenn (lanodan) Monnier 00e8f0b07d
Plugs.HTTPSecurityPlug: Add unsafe-eval to script-src when in dev mode
This is needed to run dev mode mastofe at the same time
2019-02-12 22:12:11 +01:00
shibayashi ea1058929c
Use url[:scheme] instead of protocol to determine if https is enabled 2019-02-12 00:08:52 +01:00
rinpatch 379d04692c Filter summary in keywordpolicy 2019-02-11 21:35:40 +03:00
rinpatch 39383a6b79 Merge branch 'feature/thread-muting' into 'develop'
Feature/thread muting

See merge request pleroma/pleroma!796
2019-02-11 15:02:14 +00:00
lambda 044616292b Merge branch 'feature/rich-media-limits' into 'develop'
rich media: tighten fetching timeouts and size limits

See merge request pleroma/pleroma!809
2019-02-11 12:33:58 +00:00
Karen Konou ac72b578da Merge branch 'develop' into feature/thread-muting 2019-02-11 12:10:49 +01:00
Karen Konou c01ef574c1 Refactor as per Rin's suggestions, add endpoint tests 2019-02-11 12:04:02 +01:00
lambda d53e36bf1e Revert "Merge branch 'object-creation' into 'develop'"
This reverts merge request !802
2019-02-11 08:07:39 +00:00
Egor Kislitsyn 305d219413 Merge branch 'develop' of git.pleroma.social:pleroma/pleroma into feature/jobs
# Conflicts:
#	lib/pleroma/web/federator/federator.ex
#	lib/pleroma/web/websub/websub.ex
2019-02-11 13:54:21 +07:00
William Pitcock 45e57dd187 rich media: tighten fetching timeouts and size limits 2019-02-10 21:54:08 +00:00
kaniini 6c8d15da11 Merge branch 'fix/credo-issues' into 'develop'
Fix credo issues

See merge request pleroma/pleroma!786
2019-02-10 20:54:21 +00:00
Karen Konou cc21fc5f53 refactor, status view updating, error handling 2019-02-10 10:42:30 +01:00
rinpatch e0de0fcf22 Merge branch 'object-creation' into 'develop'
Do object insertion through Cachex

See merge request pleroma/pleroma!802
2019-02-10 07:39:27 +00:00
kaniini d5fe05c37e Merge branch 'follow-enhancements' into 'develop'
Respect blocks in mass follow.

See merge request pleroma/pleroma!797
2019-02-09 21:03:42 +00:00
lain f8388be9c6 Do object insertion through Cachex
So we don't flood our postgres logs with errors. Should also make things
slightly faster.
2019-02-09 22:01:08 +01:00
Karen Konou 6a150de3bd Add unique index and unique constraint check, uniqueness test fails 2019-02-09 20:52:11 +01:00
Karen Konou 638456ce8f elixir too new for CI's mix format lol 2019-02-09 18:08:46 +01:00
Karen Konou a0d732ec55 it works!! 2019-02-09 17:47:57 +01:00
Haelwenn (lanodan) Monnier 6ca633ddd3
Mix.Tasks.Pleroma.Uploads: Disable Enum.reduce warning on line 100 (unsure) 2019-02-09 16:31:17 +01:00
Haelwenn (lanodan) Monnier d924dc73ba
de-group import/s 2019-02-09 16:31:17 +01:00
Haelwenn (lanodan) Monnier 6a6a5b3251
de-group alias/es 2019-02-09 16:31:17 +01:00
Ivan Tashkinov a337bd114c [#468] MastodonAPI scope restrictions. Removed obsolete "POST /web/login" route. 2019-02-09 17:32:33 +03:00
Ivan Tashkinov 4ad843fb9d [#468] Prototype of OAuth2 scopes support. TwitterAPI scope restrictions. 2019-02-09 17:09:08 +03:00
Haelwenn (lanodan) Monnier 381fe44172
HTML.Scrubber.Default: Consistency 2019-02-09 14:59:21 +01:00
Haelwenn (lanodan) Monnier 2272934a5e
Stash 2019-02-09 14:59:21 +01:00
Haelwenn (lanodan) Monnier d2e4eb7c74
Web.ActivityPub.ActivityPub: assign the Enum.filter to recipients & simplify it 2019-02-09 14:59:21 +01:00
Haelwenn (lanodan) Monnier bd9b5fffbc
Mix.Tasks.Pleroma.Uploads: Fix typo in documentation 2019-02-09 14:59:21 +01:00
Haelwenn (lanodan) Monnier 473095faf2
Web.Federator: Fix unused variable 2019-02-09 14:59:20 +01:00
Haelwenn (lanodan) Monnier 60ea29dfe6
Credo fixes: alias grouping/ordering 2019-02-09 14:59:20 +01:00
Haelwenn (lanodan) Monnier 106f4e7a0f
Credo fixes: parameter consistency 2019-02-09 14:59:20 +01:00
Haelwenn (lanodan) Monnier 8bcfac93a8
Make credo happy 2019-02-09 14:59:20 +01:00
lain 563f04e81b Do autofollow first. 2019-02-09 13:39:57 +01:00
lain bbd0049fae Respect blocks in mass follow. 2019-02-09 13:24:23 +01:00
lambda 1eecbc1cd1 Merge branch 'feature/keyword-policy' into 'develop'
Add keyword policy

See merge request pleroma/pleroma!794
2019-02-09 11:38:37 +00:00
Karen Konou 7e47a810a2 help i am not good with git 2019-02-08 13:22:29 +01:00
Karen Konou 5c5b228f21 Added thread unmuting (still a bit buggy maybe) 2019-02-08 13:20:40 +01:00
Karen Konou a44e532fb1 Added thread unmuting (still a bit buggy maybe) 2019-02-08 13:17:11 +01:00
rinpatch 7356659273 wow 2019-02-08 15:12:13 +03:00
Karen Konou 98ec578f4d Merge branch 'develop' into feature/thread-muting 2019-02-08 12:44:02 +01:00
rinpatch f88dec8b33 What idiot did that? (me) 2019-02-08 13:16:50 +03:00
rinpatch 6c21f5aa16 Merge branch 'develop' into feature/keyword-policy 2019-02-08 13:12:33 +03:00
rinpatch 8a0b755c19 rename ftl_removal to federated_timeline_removal to keep consistent naming with SimplePolicy 2019-02-08 13:12:09 +03:00
rinpatch 2174f6eb4f Add default config for keyword policy 2019-02-08 12:48:39 +03:00
rinpatch 46aa8c18a2 Add keyword policy 2019-02-08 12:38:24 +03:00
Karen Konou c43f414a79 Somehow fixed the repo insert [skip-ci] 2019-02-07 23:44:49 +01:00
Karen Konou 7e3ec93ed0 made a silly oopsie 2019-02-07 22:59:53 +01:00
Karen Konou 77448de492 ugghhhh 2019-02-07 22:25:07 +01:00
Ivan Tashkinov 2c68cf7e9e OAuth2 security fixes: redirect URI validation, "Mastodon-Local" security breach fix.
(`POST /api/v1/apps` could create "Mastodon-Local" app wth any redirect_uris,
and if that happened before /web/login is accessed for the first time
then Pleroma used this externally created record with arbitrary
redirect_uris and client_secret known by creator).
2019-02-07 22:14:06 +03:00
Karen Konou f4ff4ffba2 Migration and some boilerplate stuff 2019-02-07 17:36:14 +01:00
Mark Felder 74518d0b60 hide_followings was renamed to hide_followers in the FE, but never synced up in the BE
This was a dirty regex replace which worked on my server
2019-02-06 22:34:44 +00:00
Haelwenn 1220a17146 Merge branch 'bugfix/rich-media-card' into 'develop'
rich media cards: bugfixes and regression tests

See merge request pleroma/pleroma!785
2019-02-06 18:39:13 +00:00
kaniini 18e783bcb2 Merge branch 'add-admin-and-moderator-fields' into 'develop'
Add admin and moderator badges to user view and make their visibility configurable

See merge request pleroma/pleroma!767
2019-02-06 18:19:47 +00:00
William Pitcock 65a4b9fbea mastodon api: rich media: don't clobber %URI struct with a string 2019-02-06 18:02:15 +00:00
rinpatch f7aedbcc55 Merge branch 'fix/activitypub-user-view-badmap' into 'develop'
Fix if clause in activity_pub user_view

See merge request pleroma/pleroma!783
2019-02-06 17:47:58 +00:00
href f753043ce0
Fix if clause in activity_pub user_view 2019-02-06 18:42:19 +01:00
Egor Kislitsyn 6f05f448f8 Merge branch 'develop' of git.pleroma.social:pleroma/pleroma into feature/jobs 2019-02-06 11:33:00 +07:00
eugenijm 035eaeb9b8 Allow to configure visibility for admin and moderator badges 2019-02-06 06:18:05 +03:00
eugenijm 398c81f9c8 Add is_admin and is_moderator boolean fields to the user view 2019-02-06 02:10:06 +03:00
William Pitcock d83dbd9070 rich media: parser: reject any data which cannot be explicitly encoded into JSON 2019-02-05 20:50:57 +00:00
kaniini d120aa63f0 Merge branch 'fix-dm-index' into 'develop'
Massage index until it actually does the stuff we want.

See merge request pleroma/pleroma!772
2019-02-05 20:27:31 +00:00
kaniini 681ba1e52f Merge branch 'feature/ap-c2s-whoami' into 'develop'
activitypub: c2s: add /api/ap/whoami endpoint for andstatus

See merge request pleroma/pleroma!773
2019-02-05 20:26:31 +00:00
kaniini eb2b1960e0 Merge branch 'feature/split-hide-network-v2' into 'develop'
Split hide_network into hide_followers & hide_followings (fixed)

See merge request pleroma/pleroma!765
2019-02-05 18:56:59 +00:00
kaniini ecdb0b7f57 Merge branch 'bugfix/rich-media-image-nil' into 'develop'
mastodon api: fix rendering of cards without image URLs (closes #597)

Closes #597

See merge request pleroma/pleroma!777
2019-02-05 18:53:43 +00:00
William Pitcock 1d94b67e40 mastodon api: fix rendering of cards without image URLs (closes #597) 2019-02-05 18:30:27 +00:00
lambda f8b831ecfd Merge branch 'bugfix/transmogrifier-bare-tags' into 'develop'
activitypub: transmogrifier: fix bare tags

See merge request pleroma/pleroma!774
2019-02-05 11:30:18 +00:00
William Pitcock a2bb5d890d html: don't attempt to parse nil content 2019-02-05 05:06:17 +00:00
William Pitcock e71ab5a10f activitypub: transmogrifier: fix bare tags 2019-02-05 00:43:28 +00:00
William Pitcock db1165f70f activitypub: c2s: add /api/ap/whoami endpoint for andstatus 2019-02-04 22:58:29 +00:00
lain f3c8b02d65 Massage index until it actually does the stuff we want.
Also makes the index a lot smoler.
2019-02-04 23:47:29 +01:00