Commit Graph

2603 Commits

Author SHA1 Message Date
shibayashi 64035201b5
Security/Drops the sysadmin privilege from the daemon 2018-12-28 21:09:48 +01:00
Haelwenn 3370924b8b Merge branch 'add-manifest-src-to-csp' into 'develop'
Add manifest-src to CSP to allow manifest.json

See merge request pleroma/pleroma!474
2018-11-26 19:56:49 +00:00
shibayashi 591b11eafc
Add manifest-src to allow manifest.json 2018-11-26 20:48:24 +01:00
kaniini 39a3b1724a Merge branch 'bugfix/public-mastoapi-websocket' into 'develop'
Web.MastodonAPI.MastodonSocket: Add unauthentified websocket endpoints

See merge request pleroma/pleroma!471
2018-11-25 02:54:54 +00:00
Haelwenn (lanodan) Monnier cc8952b45f
Web.MastodonApi.MastodonSocketTest: Add test for unauthenticated websocket 2018-11-24 08:51:35 +01:00
Haelwenn (lanodan) Monnier ca029f0b69
Web.Streamer: Get unauthenticated statuses representation 2018-11-24 08:45:45 +01:00
Haelwenn (lanodan) Monnier d388a99143
Web.MastodonAPI.MastodonSocket: Put access_token at function-level 2018-11-24 06:43:03 +01:00
Haelwenn (lanodan) Monnier 5346fabf14
Web.MastodonAPI.MastodonSocket: Add unauthentified websocket endpoints
reported by soka on CRTNet
2018-11-24 06:13:36 +01:00
kaniini 675653ceb7 Merge branch 'feature/admin-api' into 'develop'
Add a admin API

See merge request pleroma/pleroma!366
2018-11-22 00:28:04 +00:00
kaniini 182e3e8da2 Merge branch 'feature/improve-version' into 'develop'
Improved version string

See merge request pleroma/pleroma!467
2018-11-21 16:53:38 +00:00
kaniini a591a044a9 Merge branch 'runtime-fixes' into 'develop'
Various runtime configuration fixes

See merge request pleroma/pleroma!468
2018-11-20 22:25:35 +00:00
Haelwenn c7d08bc1cf Merge branch 'feature/retry-queue' into 'develop'
Federator: add retry queue.

See merge request pleroma/pleroma!323
2018-11-20 19:04:52 +00:00
kaniini dbb483659a Merge branch 'fix/mediaproxy-empty-url' into 'develop'
mediaproxy: fix empty url & add some tests

See merge request pleroma/pleroma!466
2018-11-20 18:09:46 +00:00
href bc5cf2c192
Improved version string 2018-11-20 17:55:03 +01:00
href 7f4c3a1e99
mediaproxy: fix empty url & add some tests 2018-11-20 17:50:03 +01:00
eal 689b46efc8 RetryQueue: tiny refractor, add tests 2018-11-19 18:08:41 +02:00
href bcecdc3ab1
Various runtime configuration fixes 2018-11-19 10:09:24 +01:00
kaniini fbc3f2893a Merge branch 'update/pleroma-fe-20181118' into 'develop'
update pleroma frontend

See merge request pleroma/pleroma!464
2018-11-18 17:29:25 +00:00
William Pitcock db8f269cd3 update pleroma frontend 2018-11-18 17:27:48 +00:00
eal 62299be094 Federator: add retry queue. 2018-11-18 17:46:29 +02:00
lambda 5143501426 Merge branch 'security/as2-object-render-hardening' into 'develop'
activitypub: object view: avoid leaking private details

See merge request pleroma/pleroma!463
2018-11-17 22:43:45 +00:00
William Pitcock f6be980f4f activitypub: object view: avoid leaking private details 2018-11-17 22:30:53 +00:00
lambda b471344b63 Merge branch 'bugfix/notice-urls-should-return-objects' into 'develop'
ostatus controller: respond with AS2 objects instead of activities to notice URIs

Closes #289 and #383

See merge request pleroma/pleroma!462
2018-11-17 22:20:08 +00:00
William Pitcock 98795172a7 ostatus controller: respond with AS2 objects instead of activities to notice URIs 2018-11-17 22:10:15 +00:00
lambda d73c7cc0ca Merge branch 'security/spoofing-hardening' into 'develop'
security: spoofing hardening

Closes #380, #381, and #382

See merge request pleroma/pleroma!461
2018-11-17 21:52:51 +00:00
William Pitcock e10f839e9b tests: federator: fix formatting 2018-11-17 21:41:08 +00:00
William Pitcock dfcfb184b1 activitypub: transmogrifier: make deletes secure 2018-11-17 21:22:57 +00:00
Haelwenn (lanodan) Monnier 52681f7fd0
Web.AdminAPI.AdminAPIControllerTest: New Test 2018-11-17 22:12:14 +01:00
Haelwenn (lanodan) Monnier 0ca00b3a07
Web.AdminAPI.AdminAPIController: Fixes bugs found with ExUnit 2018-11-17 22:12:14 +01:00
Haelwenn (lanodan) Monnier 76bd80d462
test/plugs/user_is_admin_plug_test: New test 2018-11-17 22:12:13 +01:00
Haelwenn (lanodan) Monnier 44b6200103
lib/mix/tasks/relay*: Use a with block 2018-11-17 22:12:13 +01:00
Haelwenn (lanodan) Monnier 12ccf0c4f8
Change Relay from `status` to `{status, message}` 2018-11-17 22:12:13 +01:00
Haelwenn (lanodan) Monnier 4634d99d0d
Web.Router: Change right to permission group (except for function names) 2018-11-17 22:12:13 +01:00
William Pitcock b1a6e8d80d test: add sanity tests for federator handling of AP docs 2018-11-17 21:01:19 +00:00
William Pitcock 0d1375f274 federator: return :ok or :error depending on if an AP doc was accepted or not 2018-11-17 21:00:37 +00:00
William Pitcock 3d9266a8cb federator: do origin containment when processing inbound messages 2018-11-17 20:43:43 +00:00
William Pitcock 55640c4804 tests: add a test to verify the general fake direction protection works in all cases 2018-11-17 20:31:20 +00:00
William Pitcock dc1d8e13b4 tests: add a testcase for user collision 2018-11-17 20:20:45 +00:00
William Pitcock c88533209c activitypub: user fetching: use fetch_and_contain_remote_object_from_id() 2018-11-17 20:16:03 +00:00
William Pitcock 1a940cb46e tests: add tests for contain_origin_from_id() 2018-11-17 20:16:03 +00:00
William Pitcock daa8ec3d62 activitypub: factor out AP object fetching to it's own function and add ID-based containment 2018-11-17 20:15:59 +00:00
Haelwenn (lanodan) Monnier e0b0fde713
Web.AdminAPI.AdminAPIController: Change right to permission group (except for function names) 2018-11-17 20:25:57 +01:00
Haelwenn (lanodan) Monnier 1a31d71187
lib/mix/tasks/relay_{un,}follow.ex: Use a with block 2018-11-17 20:25:57 +01:00
Haelwenn (lanodan) Monnier ccd6b1956d
lib/pleroma/web/admin_api/admin_api_controller.ex: Support status reply of Relay.{un,}follow 2018-11-17 20:25:56 +01:00
Haelwenn (lanodan) Monnier 7fbfd2db96
lib/mix/tasks/relay_{un,}follow.ex: Support status reply of Relay.{un,}follow 2018-11-17 20:25:56 +01:00
Haelwenn (lanodan) Monnier 265c8c5209
Pleroma.Web.ActivityPub.Relay: make {un,}follow return :ok only if it worked, :error if it didn’t 2018-11-17 20:25:56 +01:00
Haelwenn (lanodan) Monnier 4a79b89dba
lib/pleroma/plugs/user_is_admin_plug.ex: change 403 string to “User is not admin.” 2018-11-17 20:25:56 +01:00
Haelwenn (lanodan) Monnier f9d05902fe
lib/pleroma/web/admin_api/admin_api_controller.ex: An admin cannot un-admin themselves 2018-11-17 20:25:56 +01:00
Haelwenn (lanodan) Monnier a87ed2fad6
Pleroma.Web.AdminAPI.AdminAPIController: user_create statement format 2018-11-17 20:25:55 +01:00
Haelwenn (lanodan) Monnier f48062488e
Add get endpoints for rights [AdminAPI] 2018-11-17 20:25:55 +01:00