Commit Graph

2257 Commits

Author SHA1 Message Date
lain 7d5720f2e4 Fix merge. 2018-12-05 21:31:02 +01:00
lain 76d6b1c6ab Merge remote-tracking branch 'origin' into follower-hiding 2018-12-05 21:27:56 +01:00
lain 3ea4476445 MastodonAPI: Show users their own network. 2018-12-05 21:25:06 +01:00
lain fdac215091 TwitterAPI: Show users their own network. 2018-12-05 21:14:06 +01:00
Vald 3ccfe226c0 added data attrs for user and tag 2018-12-06 01:05:41 +05:30
Ivan Tashkinov 3b5be09f45 [#210] Stylistic change. 2018-12-05 21:48:21 +03:00
lain 839526a913 TwitterAPI: Add network hiding. 2018-12-05 19:22:40 +01:00
Rin Toshaka dfc9c08796 formating 2018-12-05 19:12:23 +01:00
Rin Toshaka ffec96d8cc Everything should use Mix.Task.Run 2018-12-05 19:05:37 +01:00
lambda 5f0c2372bc Merge branch 'support/oauth_fetch_token' into 'develop'
[#273] bugfix/273

See merge request pleroma/pleroma!502
2018-12-05 17:55:51 +00:00
Ivan Tashkinov c4f3c5e939 [#210] Stylistic change. 2018-12-05 20:23:28 +03:00
Rin Toshaka facfd03bc1 Move relay tasks to relay.ex 2018-12-05 18:11:59 +01:00
Rin Toshaka e8ba579efe Switch from User.info_changeset because it is deprecated 2018-12-05 17:58:26 +01:00
Rin Toshaka c3519132df Sorry 2018-12-05 16:44:15 +01:00
Rin Toshaka 5427d2af3a Update mix tasks since User.info.info_changeset is deprecated 2018-12-05 16:41:50 +01:00
Maksim Pechnikov c524c50509 fix/273 2018-12-05 17:32:06 +03:00
Rin Toshaka 9938fa3293 Merge develop to refactor/mix-tasks 2018-12-05 14:16:55 +01:00
Ivan Tashkinov 848151f7cb [#210] [TwitterAPI] Made actor be stored for uploads. Added ownership check
to `update_media` action. Added controller tests for `upload` and `update_media` actions.
Refactoring.
2018-12-05 13:37:06 +03:00
Ivan Tashkinov be187f82f7 [#210] Further refactoring. 2018-12-05 11:48:50 +03:00
hakabahitoyo a418547bdf debug /api/v1/suggestions 2018-12-05 16:08:34 +09:00
William Pitcock 956f3c75ca user: put default user info when registering a user 2018-12-05 03:35:41 +00:00
scarlett 8a1df182cf Add a MRF Policy for appending re: to identical subjects in replies. 2018-12-04 23:35:07 +00:00
kaniini ec1ec32f20 Merge branch 'optional-retry-queue' into 'develop'
Make retry queue optional.

See merge request pleroma/pleroma!498
2018-12-04 19:00:18 +00:00
lain 925b05054f Make retry queue optional.
At the moment, it can use a lot of memory really fast.
2018-12-04 19:54:42 +01:00
kaniini 114b95cee2 Merge branch 'feature/integration_tesla' into 'develop'
[#354] Move all http interactions to Tesla

See merge request pleroma/pleroma!487
2018-12-04 18:41:00 +00:00
William Pitcock b57d83e3c9 MRF: simple policy: fix media removal 2018-12-04 18:30:01 +00:00
Rin Toshaka 6396f1b58f change new to gen in instance.ex . Refactor user.ex 2018-12-04 19:00:45 +01:00
Ivan Tashkinov 48e6193bf2 [#210] Refactoring. 2018-12-04 19:24:41 +03:00
Ivan Tashkinov 826fc446d5 [#210] TwitterAPI: implemented /api/media/metadata/create
to allow uploads description (alt text) setting.
2018-12-04 18:35:57 +03:00
Maksim Pechnikov 50e72f6c48 remove httpoison_mock 2018-12-04 18:09:22 +03:00
Maksim Pechnikov dd8aee332c formatting the code 2018-12-04 17:48:55 +03:00
Maksim Pechnikov a9e4a97586 update test 2018-12-04 14:04:06 +03:00
Maksim Pechnikov 87109482f3 status_code -> status 2018-12-04 14:04:06 +03:00
Maksim Pechnikov 97252a27d9 fix http request in Salmon 2018-12-04 14:04:06 +03:00
Maksim Pechnikov ec34de0c1f WebSub fix test 2018-12-04 14:03:32 +03:00
Maksim Pechnikov 3ce16e5a56 init tesla and updated the http requests in Pleroma.Web.Websub 2018-12-04 14:03:32 +03:00
lambda 88b05aeabb Merge branch 'fix/parse-user-bio' into 'develop'
Parse user's bio on register

See merge request pleroma/pleroma!492
2018-12-03 16:31:00 +00:00
lambda 42ef7cd227 Merge branch 'fix-media-proxy-defaults' into 'develop'
Fix media proxy config defaults

See merge request pleroma/pleroma!495
2018-12-03 16:14:58 +00:00
Maxim Filippov 4b70e5eae9 Parse bio for MastodonAPI 2018-12-03 18:59:50 +03:00
rinpatch 343b0adfa6 Merge branch 'develop' into fix/theora-detection-read-bytes 2018-12-03 00:34:04 +03:00
rinpatch a3953ca37a Change @read_bytes to 35 2018-12-03 00:22:19 +03:00
Rin Toshaka 03b2d1016d F O R M A T I N G 2018-12-02 20:27:49 +01:00
Rin Toshaka 57c71f8468 Move generate_invite to user.ex 2018-12-02 20:26:15 +01:00
Rin Toshaka d924b6cd3d Refactor copypasta to a private function in instance.ex 2018-12-02 20:04:33 +01:00
Maxim Filippov ce98d5eb9b Parse user's bio on register 2018-12-02 22:03:53 +03:00
Rin Toshaka cbe22deb51 Lint fix 2018-12-02 19:20:50 +01:00
Rin Toshaka faf1f2b304 Move gen.instance to instance.ex 2018-12-02 19:18:06 +01:00
lain 8c9a4e8b40 TwitterAPI: Implement hide_network. 2018-12-02 18:14:13 +01:00
Rin Toshaka 7983b0bdfe Move unsubscribe user task to pleroma/user.ex. Delete unsubscribe_user.ex. Fix pleroma.user toggle_activated to work not only on local users. 2018-12-02 18:05:59 +01:00
lain 2a639de9b3 MastodonApi: Implement hide_network. 2018-12-02 17:48:00 +01:00
lain 6be0ab1e55 Hide network in ap. 2018-12-02 17:35:32 +01:00
href 43d5e4f7fa
Fix media proxy config defaults 2018-12-02 11:24:02 +01:00
lain e3f3d13d99 Add uuid generation extension to sample_psql.eex. 2018-12-02 11:20:49 +01:00
lain 91065e1968 Fix background updating / handling. 2018-12-02 11:20:38 +01:00
Rin Toshaka 31b3ac05ac Lint fix 2018-12-02 10:01:17 +01:00
Rin Toshaka a8ef6b1190 Add admin option to pleroma.user new. Add user existence checking to toggle_activated 2018-12-02 09:36:31 +01:00
rinpatch ae82852330 Move set_admin task to lib/mix/tasks/pleroma/user.ex 2018-12-01 18:55:52 +03:00
rinpatch 6f174cbb71 Delete reactivate user task 2018-12-01 18:34:26 +03:00
rinpatch 5f91d6b859 Fix toggle_deactivated to reactivate a deactivated user 2018-12-01 18:33:53 +03:00
rinpatch fe2759bc9f Attempt to resolve merge conflict 2018-12-01 18:12:27 +03:00
lain f18b86fd5f More fixes for Info schema. 2018-12-01 12:46:08 +01:00
lain 93f2dc19d9 TwitterAPI: Fix banner and background update. 2018-12-01 12:01:22 +01:00
lain 347df6421d Fix masto api user updating. 2018-12-01 10:40:01 +01:00
lain c443c9bd72 Merge branch 'develop' of git.pleroma.social:pleroma/pleroma into validate-user-info 2018-12-01 09:55:46 +01:00
lain 1c67277c80 Fix admin api. 2018-12-01 09:03:16 +01:00
href e9982c521b
Upload filter: anonymize filename
It replaces the original filename with a randomly generated string.
2018-11-30 19:33:34 +01:00
kaniini ca24ad2a2b Merge branch 'feature/reverse-proxy' into 'develop'
reverse proxy / uploads

See merge request pleroma/pleroma!470
2018-11-30 18:15:44 +00:00
href 8e0e20631c
Reverse proxy: default max read duration at 30 secs. 2018-11-30 19:12:03 +01:00
lambda e99bab8f27 Merge branch 'config-delete' into 'develop'
Add Pleroma.Config.delete/1

See merge request pleroma/pleroma!484
2018-11-30 17:57:06 +00:00
href 1d94c8f0f0
Fix supervisor order
This starts `Pleroma.Web.Endpoint` after all other processes and may
avoid some weird bugs (especially at start/restart).

Also properly ignores starting the gopher's gen_server if disabled.
2018-11-30 18:31:15 +01:00
href 253da275bd
Pleroma.Config.delete/1 2018-11-30 18:27:27 +01:00
href 7282937f33
MIME: video/audio ogg detection 2018-11-30 18:02:52 +01:00
href 680716b3c9
Config docs 2018-11-30 18:02:51 +01:00
href 65e7307d68
Upload: bring back base_url 2018-11-30 18:02:50 +01:00
href 5d92431350
Fix deprecation warnings 2018-11-30 18:02:50 +01:00
href 02d3dc6869
Uploads fun, part. 2 2018-11-30 18:02:37 +01:00
href 97b00d366f
reverse_proxy: more headers 2018-11-30 18:00:57 +01:00
href a2640c8088
Parse correctly content-type & do not forward content-length 2018-11-30 18:00:57 +01:00
href b19597f602
reverse proxy / uploads 2018-11-30 18:00:47 +01:00
lain d0ec2812bd Merge remote-tracking branch 'origin' into validate-user-info 2018-11-30 17:34:20 +01:00
lain 8f1fffebc6 Fix transmogrifier test. 2018-11-30 17:31:05 +01:00
lain d088ac6286 Fix OStatus user updates.
Breaks banner updating.
2018-11-30 17:21:58 +01:00
lain 48b95a9b95 Assorted fixes. 2018-11-30 17:08:02 +01:00
lain d407f662af Fix TwitterApiController. 2018-11-30 17:07:37 +01:00
lain a6812bc9df Remove "most recent notification" endpoint. 2018-11-30 16:47:37 +01:00
KokaKiwi 87098d1676 Streamer: Don't send unwanted DMs to list streams 2018-11-27 20:50:19 +01:00
lain e002858071 Fix ostatus test. 2018-11-27 18:37:46 +01:00
lain 3c61df6b9e Webfinger fixes. 2018-11-27 18:31:44 +01:00
lain badbe2656c More fixes. 2018-11-27 18:12:03 +01:00
kaniini b9bc83097d Merge branch 'ogg-theora-detection' into 'develop'
Add Theora detection to upload.ex

See merge request pleroma/pleroma!479
2018-11-27 16:55:56 +00:00
lain ec464ef20a HTTP sig fixes. 2018-11-27 17:42:45 +01:00
rinpatch 0d229613df Fix lint error 2018-11-27 19:07:58 +03:00
rinpatch 7f20a3cf1f Add Theora detection to upload.ex 2018-11-27 17:51:02 +03:00
Haelwenn 5ae6088d37 Merge branch 'feature/mrf-user-allowlist' into 'develop'
MRF: user allowlist module

See merge request pleroma/pleroma!477
2018-11-27 00:12:03 +00:00
kaniini a76058fc1d Merge branch 'fix/pleromafe-title' into 'develop'
Replace hardcoded <title>

See merge request pleroma/pleroma!476
2018-11-26 23:59:30 +00:00
William Pitcock 271f9f1335 nodeinfo: add mrf_user_allowlist data 2018-11-26 23:52:19 +00:00
William Pitcock 8c05d19c7f MRF: add user allowlist module 2018-11-26 23:51:58 +00:00
Mark Felder 6cc94404d7 Replace this hardcoded <title> 2018-11-26 22:51:25 +00:00
Haelwenn (lanodan) Monnier 04daa0fa44
Plugs.HTTPSecurityPlug: Activate upgrade-insecure-requests only when there is https
This fixes running mastofe with MIX_ENV=dev
2018-11-26 21:41:36 +01:00
shibayashi 591b11eafc
Add manifest-src to allow manifest.json 2018-11-26 20:48:24 +01:00
Haelwenn (lanodan) Monnier ca029f0b69
Web.Streamer: Get unauthenticated statuses representation 2018-11-24 08:45:45 +01:00
Haelwenn (lanodan) Monnier d388a99143
Web.MastodonAPI.MastodonSocket: Put access_token at function-level 2018-11-24 06:43:03 +01:00
Haelwenn (lanodan) Monnier 5346fabf14
Web.MastodonAPI.MastodonSocket: Add unauthentified websocket endpoints
reported by soka on CRTNet
2018-11-24 06:13:36 +01:00
kaniini 675653ceb7 Merge branch 'feature/admin-api' into 'develop'
Add a admin API

See merge request pleroma/pleroma!366
2018-11-22 00:28:04 +00:00
kaniini 182e3e8da2 Merge branch 'feature/improve-version' into 'develop'
Improved version string

See merge request pleroma/pleroma!467
2018-11-21 16:53:38 +00:00
kaniini a591a044a9 Merge branch 'runtime-fixes' into 'develop'
Various runtime configuration fixes

See merge request pleroma/pleroma!468
2018-11-20 22:25:35 +00:00
lain 0bea0308f1 Merge branch 'validate-user-info' of git.pleroma.social:pleroma/pleroma into validate-user-info 2018-11-20 20:16:16 +01:00
lain d3180e0ccc Raise on usage of old function. 2018-11-20 20:14:38 +01:00
lain 0896cf4c0f Fix most mastodon api bugs. 2018-11-20 20:12:39 +01:00
Haelwenn c7d08bc1cf Merge branch 'feature/retry-queue' into 'develop'
Federator: add retry queue.

See merge request pleroma/pleroma!323
2018-11-20 19:04:52 +00:00
William Pitcock 3456948cd1 mastodon api: fix up quite a few test failures 2018-11-20 19:02:23 +00:00
William Pitcock ef6c64a5d2 activitypub: fix restrict_blocked() 2018-11-20 18:58:08 +00:00
William Pitcock c196754b4d mastodon api: account view: fix tests 2018-11-20 18:54:48 +00:00
William Pitcock ece8656733 streamer: fix fetching the user's block list 2018-11-20 18:47:12 +00:00
William Pitcock 3356c7d1e9 oauth plug: fix deactivated check 2018-11-20 18:47:00 +00:00
William Pitcock 4ac849cb4a common api: fix moderator check when deleting posts 2018-11-20 18:42:28 +00:00
William Pitcock 312676f711 user: fix user.info lookup in User.locked?() 2018-11-20 18:41:44 +00:00
lain 6f0b9a5163 Fix Notification tests. 2018-11-20 19:15:28 +01:00
lain 2887f4ff1d Fix formatter tests. 2018-11-20 19:07:01 +01:00
href bc5cf2c192
Improved version string 2018-11-20 17:55:03 +01:00
href 7f4c3a1e99
mediaproxy: fix empty url & add some tests 2018-11-20 17:50:03 +01:00
eal 689b46efc8 RetryQueue: tiny refractor, add tests 2018-11-19 18:08:41 +02:00
href bcecdc3ab1
Various runtime configuration fixes 2018-11-19 10:09:24 +01:00
lain fbb70d25fe Several twitter api fixes. 2018-11-18 22:36:47 +01:00
lain 40d9d2098c Fix user updating from AP. 2018-11-18 22:15:03 +01:00
lain cafa15131a Mix format. 2018-11-18 21:41:35 +01:00
lain 4c918392c6 Fix most User tests. 2018-11-18 21:40:52 +01:00
lain e7cd6e9739 Fix setting of keys. 2018-11-18 19:33:43 +01:00
lain fc3bcf335e Fix following locked users. 2018-11-18 18:53:50 +01:00
lain d5af41b577 Fix note count update. 2018-11-18 18:52:21 +01:00
lain 6f90ceb2ed Fix follower count test. 2018-11-18 18:49:17 +01:00
lain 812f5b058a Fix blocking. 2018-11-18 18:40:31 +01:00
lain 756764266c Formatting. 2018-11-18 18:27:04 +01:00
lain b396dba425 Fix follower count setting. 2018-11-18 18:24:16 +01:00
lain 5c8f07f0a8 Fix note counting. 2018-11-18 18:17:56 +01:00
lain 47d883d3ab Fix User deactivation. 2018-11-18 18:06:02 +01:00
lain 50585d051b Add User.Info module
To validate and mutate the user.info field.
2018-11-18 18:04:42 +01:00
eal 62299be094 Federator: add retry queue. 2018-11-18 17:46:29 +02:00
William Pitcock f6be980f4f activitypub: object view: avoid leaking private details 2018-11-17 22:30:53 +00:00
William Pitcock 98795172a7 ostatus controller: respond with AS2 objects instead of activities to notice URIs 2018-11-17 22:10:15 +00:00
William Pitcock dfcfb184b1 activitypub: transmogrifier: make deletes secure 2018-11-17 21:22:57 +00:00
Haelwenn (lanodan) Monnier 0ca00b3a07
Web.AdminAPI.AdminAPIController: Fixes bugs found with ExUnit 2018-11-17 22:12:14 +01:00
Haelwenn (lanodan) Monnier 44b6200103
lib/mix/tasks/relay*: Use a with block 2018-11-17 22:12:13 +01:00
Haelwenn (lanodan) Monnier 12ccf0c4f8
Change Relay from `status` to `{status, message}` 2018-11-17 22:12:13 +01:00
Haelwenn (lanodan) Monnier 4634d99d0d
Web.Router: Change right to permission group (except for function names) 2018-11-17 22:12:13 +01:00
William Pitcock 0d1375f274 federator: return :ok or :error depending on if an AP doc was accepted or not 2018-11-17 21:00:37 +00:00
William Pitcock 3d9266a8cb federator: do origin containment when processing inbound messages 2018-11-17 20:43:43 +00:00
William Pitcock c88533209c activitypub: user fetching: use fetch_and_contain_remote_object_from_id() 2018-11-17 20:16:03 +00:00
William Pitcock daa8ec3d62 activitypub: factor out AP object fetching to it's own function and add ID-based containment 2018-11-17 20:15:59 +00:00
Haelwenn (lanodan) Monnier e0b0fde713
Web.AdminAPI.AdminAPIController: Change right to permission group (except for function names) 2018-11-17 20:25:57 +01:00
Haelwenn (lanodan) Monnier 1a31d71187
lib/mix/tasks/relay_{un,}follow.ex: Use a with block 2018-11-17 20:25:57 +01:00
Haelwenn (lanodan) Monnier ccd6b1956d
lib/pleroma/web/admin_api/admin_api_controller.ex: Support status reply of Relay.{un,}follow 2018-11-17 20:25:56 +01:00
Haelwenn (lanodan) Monnier 7fbfd2db96
lib/mix/tasks/relay_{un,}follow.ex: Support status reply of Relay.{un,}follow 2018-11-17 20:25:56 +01:00
Haelwenn (lanodan) Monnier 265c8c5209
Pleroma.Web.ActivityPub.Relay: make {un,}follow return :ok only if it worked, :error if it didn’t 2018-11-17 20:25:56 +01:00
Haelwenn (lanodan) Monnier 4a79b89dba
lib/pleroma/plugs/user_is_admin_plug.ex: change 403 string to “User is not admin.” 2018-11-17 20:25:56 +01:00
Haelwenn (lanodan) Monnier f9d05902fe
lib/pleroma/web/admin_api/admin_api_controller.ex: An admin cannot un-admin themselves 2018-11-17 20:25:56 +01:00
Haelwenn (lanodan) Monnier a87ed2fad6
Pleroma.Web.AdminAPI.AdminAPIController: user_create statement format 2018-11-17 20:25:55 +01:00
Haelwenn (lanodan) Monnier f48062488e
Add get endpoints for rights [AdminAPI] 2018-11-17 20:25:55 +01:00
Haelwenn (lanodan) Monnier 59ce7fedce
Fix connection returns make generic right endpoint [AdminAPI] 2018-11-17 20:25:55 +01:00
Haelwenn (lanodan) Monnier c5a2bd6a65
admin_api_controller.ex: fix remaining params at once 2018-11-17 20:25:54 +01:00
Haelwenn (lanodan) Monnier 95b107b6cc
admin_api_controller.ex: Add documentation, fix get_invite_token 2018-11-17 20:25:54 +01:00
Haelwenn (lanodan) Monnier 578a911737
admin_api_controller.ex: get_password_reset: fix params and response 2018-11-17 20:25:54 +01:00
Haelwenn (lanodan) Monnier 5732eef16b
lib/pleroma/web/admin_api/admin_api_controller.ex: Pleroma.Web.AdminAPI.Controller → Pleroma.Web.AdminAPI.AdminAPIController 2018-11-17 20:25:53 +01:00
Haelwenn (lanodan) Monnier c8b8f1d32c
[Pleroma.Plugs.UserIsAdminPlug]: Check if admin is true instead of false, fix error reporting 2018-11-17 20:25:53 +01:00
Haelwenn (lanodan) Monnier 011a2e36b1
lib/mix/tasks/make_admin.ex: New task 2018-11-17 20:25:53 +01:00
Haelwenn (lanodan) Monnier 7076d45cb6
lib/pleroma/plugs/user_is_admin_plug.ex: Create 2018-11-17 20:25:52 +01:00
Haelwenn (lanodan) Monnier 77d2fd54dd
admin_api_controller: Have some basic code 2018-11-17 20:25:52 +01:00
Haelwenn (lanodan) Monnier ee2e1328ad
admin_api_controller.ex: Create 2018-11-17 20:25:52 +01:00
William Pitcock 603fccf175 activitypub: fetch_object_from_id(): prefer `actor` over `attributedTo` to avoid spoofing 2018-11-17 18:17:17 +00:00
kaniini 05967472f2 Merge branch 'feature/uploader-mdii' into 'develop'
Feature / MDII Uploader

See merge request pleroma/pleroma!454
2018-11-17 16:41:09 +00:00
hakabahitoyo 59e079f641 fallbacking into local uploader 2018-11-17 20:16:25 +09:00
hakabahitoyo 8fd0556c78 better config reading 2018-11-17 18:14:42 +09:00
lain f87b315618 TwitterAPI: Fix dm_timeline displaying only half of the conversation. 2018-11-16 19:47:36 +01:00
lambda 2f639ea129 Merge branch 'feature/pleromafe-usersearch' into 'develop'
Add Twitter / Pleroma API user search

See merge request pleroma/pleroma!452
2018-11-16 18:13:47 +00:00
William Pitcock c07464607d http security: remove form-action from CSP definitions 2018-11-16 17:40:21 +00:00
lain e8d8c84f79 Add better test for user search functionlity. 2018-11-16 18:31:32 +01:00
hakabahitoyo 55abd8482e better config 2018-11-16 20:41:12 +09:00
hakabahitoyo 52224de39f better extension detection 2018-11-16 20:22:36 +09:00
hakabahitoyo 4fbfacf5e1 debug 2018-11-15 16:08:55 +09:00
hakabahitoyo 8e707aba29 format 2018-11-15 15:11:59 +09:00
Hakaba Hitoyo ebe658c169 debuf 2018-11-15 14:46:43 +09:00
Hakaba Hitoyo 698cb3587c omplement mdii uploader 2018-11-15 14:38:45 +09:00
Hakaba Hitoyo 58af0787be add mdii uploader 2018-11-15 14:19:10 +09:00
lain 27aa136aac Format. 2018-11-14 20:41:12 +01:00
lain 7b170cd616 Add Pleroma user search api for PleromaFE. 2018-11-14 20:33:23 +01:00
lambda cc45797f4e Merge branch 'fix-media-proxy-filename' into 'develop'
media_proxy: use path only to retrieve filename

See merge request pleroma/pleroma!450
2018-11-14 18:17:10 +00:00
kaniini 69d557e86d Merge branch 'twitter-api-direct-messages' into 'develop'
Twitter api direct messages

See merge request pleroma/pleroma!449
2018-11-14 08:52:08 +00:00
href f52a1d1ec5
media_proxy: use path only to retrieve filename 2018-11-13 23:41:33 +01:00
lain ea9a776d7b TwitterApi: Add direct message endpoint 2018-11-13 20:08:50 +01:00
lain 2cf40237ff MastodonAPI: Add pagination to private messages. 2018-11-13 19:46:34 +01:00
href 9b553a1087
media_proxy: CSP, content-disposition
* Adds CSP headers to the media proxy endpoint

* Sends `content-disposition: attachment; …` for non-image/video/audio
content types

The default list can be overwritten with `:media_proxy,
:safe_content_types` in the configuration.

* Also now appends the filename to the proxy URL (fixes some mobile apps,
it was requested a while ago)
2018-11-13 15:58:02 +01:00
shibayashi 87c76a9a2f
Add __Host- prefix when secure flag is enabled 2018-11-13 00:32:38 +01:00
scarlett 0ce5623134 Merge branch 'twitter-api-null-display-name' into 'develop'
Twitter API: Fall back to user.nickname if user has no name

Closes #375

See merge request pleroma/pleroma!444
2018-11-12 17:08:54 +00:00
scarlett cb6fd73861 Twitter API: Fall back to user.nickname if user has no name 2018-11-12 15:52:13 +00:00
kaniini 54923c2e55 Merge branch 'feature/csp-plug' into 'develop'
migrate CSP management to CSPPlug

See merge request pleroma/pleroma!441
2018-11-12 15:30:42 +00:00
William Pitcock 2829fa4183 sample config: chase http_security change 2018-11-12 15:17:04 +00:00
William Pitcock ee5932a504 http security: allow referrer-policy to be configured 2018-11-12 15:14:46 +00:00
William Pitcock fe67665e19 rename CSPPlug to HTTPSecurityPlug. 2018-11-12 15:08:02 +00:00
KokaKiwi 1592fa2bea Mastodon API: Fix list streaming 2018-11-11 14:18:15 +01:00
William Pitcock df72978dce csp plug: add support for certificate transparency 2018-11-11 06:55:44 +00:00
William Pitcock 331cf6ada1 csp plug: add sts support 2018-11-11 06:50:28 +00:00
William Pitcock a2bf5426cb sample config: document how to make CSPPlug send STS headers (off by default to allow for SSL debugging) 2018-11-11 06:42:14 +00:00
William Pitcock f516e317ea plugs: add CSPPlug 2018-11-11 06:10:21 +00:00
William Pitcock 419ed3a0ca oauth: fix token decode regression 2018-11-11 05:26:39 +00:00
lambda f745e823f0 Merge branch 'bugfix/json-ld-object-sanitization' into 'develop'
JSON-LD: object sanitization

See merge request pleroma/pleroma!438
2018-11-10 12:37:18 +00:00
William Pitcock 97e50f3191 activitypub: transmogrifier: sanitize internal representation details from outgoing objects
this causes JSON-LD parsers to get upset and has also lead to developer confusion from outside
projects which tried to parse our internal data.  accordingly, it seems better to just remove
it.
2018-11-10 12:24:20 +00:00
Haelwenn (lanodan) Monnier 5ecb5629f6
lib/mix/tasks: s/@doc/@moduledoc/ 2018-11-10 13:09:39 +01:00
Haelwenn (lanodan) Monnier 5e3207045e
lib/mix/tasks/unsubscribe_user.ex: Fix syntax from bad line copy 2018-11-10 13:09:39 +01:00
Haelwenn (lanodan) Monnier 64c0289893
lib/mix/tasks: Add remaining documentation for mix tasks 2018-11-10 13:09:38 +01:00
Haelwenn (lanodan) Monnier 8b2541e4e7
Document the mix tasks in ex_doc instead 2018-11-10 13:09:37 +01:00
Haelwenn (lanodan) Monnier e1814bb322
Document mix tasks 2018-11-10 13:09:37 +01:00
William Pitcock f8310114a6 activitypub: object view: sanitize both the activity and the object when an activity is given for rendering 2018-11-10 12:04:09 +00:00
kaniini c9c1f9dee2 Merge branch 'bugfix/ostatus-as2-reflection' into 'develop'
ostatus: only federate activities concerning note objects

See merge request pleroma/pleroma!437
2018-11-10 11:50:02 +00:00
kaniini 7daa102fa4 Merge branch 'bugfix/local-jsonld-context' into 'develop'
Host LitePub JSON-LD context locally

See merge request pleroma/pleroma!435
2018-11-10 11:37:44 +00:00
William Pitcock 4f87b8362b endpoint: move CORSPlug in front of Plug.Static 2018-11-10 11:23:50 +00:00
William Pitcock 03a9990baf endpoint: fix formatting 2018-11-10 11:18:25 +00:00
William Pitcock e6d246882d federator: don't federate anything other than Note objects to OStatus 2018-11-10 10:06:10 +00:00
William Pitcock e4971553c7 activitypub: utils: use same object type list for mention extraction as insertion 2018-11-09 13:40:39 +00:00
William Pitcock b3c360ce2c notification: add fallback get_notified_from_activity() 2018-11-09 09:07:40 +00:00
William Pitcock b9871e7e5a activitypub: utils: wrap Note objects in a Create when extracting mentions 2018-11-09 09:01:40 +00:00
William Pitcock 8c805ada32 user: remove obsolete User.get_notified_from_activity(). 2018-11-09 09:01:40 +00:00
William Pitcock 6cadfcb21e activitypub: utils: switch to using new Notification.get_notified_from_activity(). 2018-11-09 09:01:40 +00:00
William Pitcock cdfdd77e30 notification: implement new Notification.get_notified_from_activity() 2018-11-09 09:01:36 +00:00
William Pitcock d26cd6c1bf user: factor out user set fetching from User.get_notified_from_activity() 2018-11-09 08:23:45 +00:00
William Pitcock 81d6ca1783 user: implement AS2 mention extraction + unify Announce handling 2018-11-08 20:19:56 +00:00
William Pitcock 6b4064fa5d activitypub: transmogrifier: unify mention extraction 2018-11-08 19:41:36 +00:00
William Pitcock 0a2c1a3419 user: add optional local_only param to get_notified_from_activity() 2018-11-08 19:30:55 +00:00
Haelwenn (lanodan) Monnier 2fab32ab61
Pleroma.Web.Endpoint: Whitelist schemas directory 2018-11-08 20:22:12 +01:00
Haelwenn (lanodan) Monnier 934125695d
Move /litepub-1.0.jsonld to /schemas/litepub-0.1.jsonld 2018-11-08 20:21:45 +01:00
William Pitcock 4e93d6ae14 common api: utils: flip to/cc for mentions 2018-11-08 19:17:01 +00:00
William Pitcock 3e33479c05 activitypub: transmogrifier: only consider `to` users as mention targets 2018-11-08 18:58:27 +00:00
William Pitcock 144dc048b8 user: only consider `to` recipients as mention targets 2018-11-08 18:58:24 +00:00
Haelwenn (lanodan) Monnier abcacec97d
Pleroma.Web.ActivityPub.Utils: Use locally-served JSON-LD Litepub context instead of Github-hosted one 2018-11-08 19:38:38 +01:00
William Pitcock da16ada424 utils: use litepub @context instead of that huge mess 2018-11-08 16:52:14 +00:00
William Pitcock f733470037 user view: unify a @context entry that was missed 2018-11-08 16:51:48 +00:00
lambda 59cf7cf235 Merge branch 'small-jsonld-refactor' into 'develop'
Small jsonld refactor

See merge request pleroma/pleroma!433
2018-11-08 16:23:58 +00:00
lain 34bd411781 Unify json ld header handling. 2018-11-08 16:39:38 +01:00
lain 3b02fd9fb7 Small refactor. 2018-11-08 16:05:28 +01:00
kaniini 4d627a5117 Merge branch 'feature/qvitter-notifications-dismiss' into 'develop'
qvitter notifications: add new "read notifications" API

See merge request pleroma/pleroma!431
2018-11-07 22:33:06 +00:00
kaniini b451a92d78 Merge branch 'runtime-config' into 'develop'
Runtime configuration

See merge request pleroma/pleroma!430
2018-11-07 22:32:34 +00:00
href e42f2efae4
/api/v1/accounts/relationships Return an empty array if no id in params
This copies Mastodon API behaviour & fixes Mastalab app.
2018-11-07 16:32:57 +01:00
href 9070588493
Runtime config: MRF changes 2018-11-07 10:40:24 +01:00
William Pitcock b2105a3131 twitterapi: add notification read endpoint 2018-11-06 23:25:07 +00:00
William Pitcock f16c2e0b1b notification: add Notification.set_read_up_to() 2018-11-06 22:50:43 +00:00
href 5bb88fd174
Runtime configuration
Related to #85

Everything should now be configured at runtime, with the exception of
the `Pleroma.HTML` scrubbers (the scrubbers used can be
changed at runtime, but their configuration is compile-time) because
it's building a module with a macro.
2018-11-06 19:41:15 +01:00
kaniini a68c18f0ad Merge branch 'unify-mastodon-oauth' into 'develop'
Unify Mastodon Login with OAuth login.

See merge request pleroma/pleroma!429
2018-11-06 16:18:12 +00:00
kaniini 0f3e78addb Merge branch 'runtime-router' into 'develop'
Runtime configured router

See merge request pleroma/pleroma!426
2018-11-06 15:35:19 +00:00
lain a8f1e30cb8 Formatting. 2018-11-06 16:05:58 +01:00
href 7d328c658d
Small wrapper module around Application.get_env/put_env
Same API as the old Pleroma.Config
2018-11-06 16:00:48 +01:00
lain 4f640c43ed Unify Mastodon Login with OAuth login.
This removes duplication in the login code.
2018-11-06 15:19:11 +01:00
href 2bc924ba45
Get rid of Pleroma.Config in favor of Application
Discussed in https://git.pleroma.social/pleroma/pleroma/merge_requests/426#note_7232
2018-11-06 15:12:53 +01:00
href 013f7ba8c1
Add federating plug & public tests 2018-11-06 14:45:04 +01:00
href 83911b1443
Fix wrong return when finmoji is disabled 2018-11-05 21:17:47 +01:00
href fd0e7d18d9
handle_continue is OTP21+ 2018-11-05 18:04:43 +01:00
href 6fe23c5458
Runtime configured router 2018-11-05 15:19:03 +01:00
href d096bc17bf
revert endpoint position in supervision tree 2018-11-05 14:05:04 +01:00
href 763fc7b44f
Runtime configured emojis
The changes are a bit heavy since the emojis were loaded into module
attributes from filesystem.

This introduces a GenServer using an ETS table to cache in memory the
emojis, and allows a runtime-reload with `Pleroma.Emoji.reload()`.
2018-11-05 13:24:00 +01:00
kaniini 007f1c73b1 Merge branch 'feature/cors-again' into 'develop'
Add CORSPlug to make web-based OAuth easier.

See merge request pleroma/pleroma!420
2018-11-03 15:36:23 +00:00
Haelwenn (lanodan) Monnier 3e50bb667f
Pleroma.Web.MastodonAPI.StatusView: Content isn’t nullable 2018-11-03 14:42:47 +01:00
lain e954cfcc2c Add CORSPlug to make web-based OAuth easier. 2018-11-03 13:38:01 +01:00
lambda 4bcdbb12a4 Merge branch 'fix_hashtag_search' into 'develop'
Fix hashtag search

See merge request pleroma/pleroma!418
2018-11-02 20:05:56 +00:00
Mark Felder 0cca7edbe0 Fix hashtag search
When we lowercase the search it will succesfully do a case insenstive
match. Now #Linux will match #linux and #LINUX whereas previously it
would only match the exact case.
2018-11-02 19:38:57 +00:00
lain 45ebc8dd9a Check for empty string in_reply_to ids. 2018-11-02 17:33:51 +01:00
Haelwenn (lanodan) Monnier 3c7d4ff271
Pleroma.Web.TwitterAPI.ActivityView: Harden TwitterAPI against remnant of prismo 2018-11-01 15:07:27 +01:00
William Pitcock 24ba08de13 twitter api: add support for rendering Page objects 2018-11-01 10:01:35 +00:00
William Pitcock 4d8f076125 mastodon api: add support for rendering Page objects 2018-11-01 10:00:16 +00:00
William Pitcock 9f03b5c4f7 activitypub: transmogrifier: add support for Page objects 2018-11-01 09:59:43 +00:00
Lee Starnes 585b29337c Ensure filters have a filter_id 2018-11-01 09:17:02 +00:00
kaniini eba9a62024 Merge branch 'feature/relay-tests' into 'develop'
relay tests

See merge request pleroma/pleroma!411
2018-11-01 09:10:51 +00:00
Haelwenn 40676d7683 Merge branch 'bugfix/prismo.news_article_url' into 'develop'
Bugfix/prismo.news article url

Closes #352

See merge request pleroma/pleroma!410
2018-11-01 09:05:16 +00:00
lain 1e9ced5af4 Test Relay, switch to runtime configuration. 2018-11-01 09:01:43 +00:00
lain e6ec01afb6 Start configuration manager. 2018-11-01 09:01:24 +00:00
lain 9b77030d3c Add basic configuration management module. 2018-11-01 09:01:03 +00:00
Haelwenn (lanodan) Monnier b2da5262ea
Pleroma.Web.ActivityPub.Transmogrifier: fix_url when not a string/empty
Thanks prismo.news, I hate it
2018-11-01 09:56:37 +01:00
Haelwenn (lanodan) Monnier 755f166406
Pleroma.Web.MastodonAPI.StatusView: Do not fail when URL isn’t a string 2018-11-01 09:55:38 +01:00
William Pitcock 2b3a40d038 object: split object_cache from user_cache 2018-11-01 08:41:46 +00:00
William Pitcock f584a603f9 user: make User.delete() return data consistent with Object.delete() 2018-11-01 07:56:21 +00:00
William Pitcock 2c3bfd7f76 user: delete user_info data in User.invalidate_cache() 2018-11-01 07:52:58 +00:00
William Pitcock 10f3958468 object: return the deleted object as well 2018-11-01 07:47:50 +00:00
William Pitcock 2bf358d7b4 activitypub: use Object.delete() instead of mutating the database and cache directly 2018-11-01 07:29:12 +00:00
William Pitcock c4e43da63e object: add safe object deletion function 2018-11-01 07:28:48 +00:00
Haelwenn (lanodan) Monnier 558e6a84d6
[Pleroma.Web.CommonAPI]: Delete post cache entry when it’s deleted
Closes: https://git.pleroma.social/pleroma/pleroma/issues/346
2018-11-01 06:52:01 +01:00
William Pitcock 47f76bf4b1 common api: allow self-liking objects
mastodon allows this, for whatever reason.

closes #347.
2018-10-31 22:29:49 +00:00
kaniini 5fea3d9eca Merge branch 'allow-abbr' into 'develop'
Allow use of the `abbr` HTML tag.

See merge request pleroma/pleroma!405
2018-10-30 23:22:48 +00:00
scarlett 795634c90f Allow use of the `abbr` HTML tag. 2018-10-30 21:40:06 +00:00
scarlett b92e38d2d4 Add user reactivation task. 2018-10-29 23:13:15 +00:00
kaniini a880e0a527 Merge branch 'feature/upload-limits' into 'develop'
configurable media upload limits

Closes #118

See merge request pleroma/pleroma!401
2018-10-29 20:14:10 +00:00
William Pitcock 676c97b8c7 nodeinfo: expose configured upload limits 2018-10-29 20:07:52 +00:00
William Pitcock 36825932eb s3 uploader: add new feature to force public attachment URIs to go through media proxy 2018-10-29 18:00:59 +00:00
William Pitcock f407831120 common api: prefer formatting attachments using the attachment's name instead of URI 2018-10-29 17:59:24 +00:00
William Pitcock 784b3a615d utils: fix another possible leak with private S3 backends using mediaproxy
same rationale as the other mediaproxy changes
2018-10-29 17:26:15 +00:00
William Pitcock 181f3bb56a mastodon api: enforce upload limits for avatars and banners 2018-10-29 16:43:05 +00:00
William Pitcock e12489e2fe twitter api: enforce upload limits for avatars, banners and backgrounds 2018-10-29 16:43:05 +00:00
William Pitcock 167d3789a5 activitypub: upload: pass through an upload limit if one is provided 2018-10-29 16:43:05 +00:00
William Pitcock fa483cd7c2 upload: add new optional argument designating an upload size limit 2018-10-29 16:43:00 +00:00
William Pitcock 5c6ec2d9fc twitter/mastodon api: always use mediaproxy URLs in attachments
if using local media, the mediaproxy will not replace the URL anyway.
2018-10-29 15:19:32 +00:00
William Pitcock 69192f36ff mix tasks: add new task to unsubscribe all users from, and then ban a remote user (e.g. followbots) 2018-10-28 19:47:56 +00:00
kaniini 39103a91be Merge branch 'bugfix/broken-thread-filtering-false-positive' into 'develop'
activitypub: fix possible false positives with broken thread filtering

See merge request pleroma/pleroma!398
2018-10-28 05:52:51 +00:00
William Pitcock 72ea54de6e activitypub: fix possible false positives with broken thread filtering 2018-10-28 05:45:33 +00:00
Greizgh a494508320 Cleanup postgresql setup script
Drop unused CREATEDB privilege.
Do not try to handle multiple run.
2018-10-27 14:31:51 +02:00