Merge branch 'release/1.1.6' into 'stable'
Release/1.1.6 See merge request pleroma/pleroma!1995
This commit is contained in:
commit
0ba3f1ffb2
16
CHANGELOG.md
16
CHANGELOG.md
|
@ -3,6 +3,22 @@ All notable changes to this project will be documented in this file.
|
|||
|
||||
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
|
||||
|
||||
## [1.1.6] - 2019-11-19
|
||||
### Fixed
|
||||
- Not being able to log into to third party apps when the browser is logged into mastofe
|
||||
- Email confirmation not being required even when enabled
|
||||
- Mastodon API: conversations API crashing when one status is malformed
|
||||
|
||||
### Bundled Pleroma-FE Changes
|
||||
#### Added
|
||||
- About page
|
||||
- Meme arrows
|
||||
|
||||
#### Fixed
|
||||
- Image modal not closing unless clicked outside of image
|
||||
- Attachment upload spinner not being centered
|
||||
- Showing follow counters being 0 when they are actually hidden
|
||||
|
||||
## [1.1.5] - 2019-11-09
|
||||
### Fixed
|
||||
- Polls having different numbers in timelines/notifications/poll api endpoints due to cache desyncronization
|
||||
|
|
|
@ -71,7 +71,7 @@ defp fetch_user_and_token(token) do
|
|||
)
|
||||
|
||||
# credo:disable-for-next-line Credo.Check.Readability.MaxLineLength
|
||||
with %Token{user: %{info: %{deactivated: false} = _} = user} = token_record <- Repo.one(query) do
|
||||
with %Token{user: user} = token_record <- Repo.one(query) do
|
||||
{:ok, user, token_record}
|
||||
end
|
||||
end
|
||||
|
|
|
@ -10,10 +10,14 @@ def init(options) do
|
|||
options
|
||||
end
|
||||
|
||||
def call(%{assigns: %{user: %User{info: %{deactivated: true}}}} = conn, _) do
|
||||
def call(%{assigns: %{user: %User{} = user}} = conn, _) do
|
||||
if User.auth_active?(user) do
|
||||
conn
|
||||
else
|
||||
conn
|
||||
|> assign(:user, nil)
|
||||
end
|
||||
end
|
||||
|
||||
def call(conn, _) do
|
||||
conn
|
||||
|
|
|
@ -70,6 +70,8 @@ defmodule Pleroma.User do
|
|||
def auth_active?(%User{info: %User.Info{confirmation_pending: true}}),
|
||||
do: !Pleroma.Config.get([:instance, :account_activation_required])
|
||||
|
||||
def auth_active?(%User{info: %User.Info{deactivated: true}}), do: false
|
||||
|
||||
def auth_active?(%User{}), do: true
|
||||
|
||||
def visible_for?(user, for_user \\ nil)
|
||||
|
|
|
@ -1671,9 +1671,10 @@ def conversations(%{assigns: %{user: user}} = conn, params) do
|
|||
participations = Participation.for_user_with_last_activity_id(user, params)
|
||||
|
||||
conversations =
|
||||
Enum.map(participations, fn participation ->
|
||||
ConversationView.render("participation.json", %{participation: participation, for: user})
|
||||
end)
|
||||
ConversationView.safe_render_many(participations, ConversationView, "participation.json", %{
|
||||
as: :participation,
|
||||
for: user
|
||||
})
|
||||
|
||||
conn
|
||||
|> add_link_headers(:conversations, participations)
|
||||
|
|
|
@ -35,7 +35,7 @@ def authorize(%Plug.Conn{} = conn, %{"authorization" => _} = params) do
|
|||
authorize(conn, Map.merge(params, auth_attrs))
|
||||
end
|
||||
|
||||
def authorize(%Plug.Conn{assigns: %{token: %Token{}}} = conn, params) do
|
||||
def authorize(%Plug.Conn{assigns: %{token: %Token{}}} = conn, %{"force_login" => _} = params) do
|
||||
if ControllerHelper.truthy_param?(params["force_login"]) do
|
||||
do_authorize(conn, params)
|
||||
else
|
||||
|
@ -43,6 +43,22 @@ def authorize(%Plug.Conn{assigns: %{token: %Token{}}} = conn, params) do
|
|||
end
|
||||
end
|
||||
|
||||
# Note: the token is set in oauth_plug, but the token and client do not always go together.
|
||||
# For example, MastodonFE's token is set if user requests with another client,
|
||||
# after user already authorized to MastodonFE.
|
||||
# So we have to check client and token.
|
||||
def authorize(
|
||||
%Plug.Conn{assigns: %{token: %Token{} = token}} = conn,
|
||||
%{"client_id" => client_id} = params
|
||||
) do
|
||||
with %Token{} = t <- Repo.get_by(Token, token: token.token) |> Repo.preload(:app),
|
||||
^client_id <- t.app.client_id do
|
||||
handle_existing_authorization(conn, params)
|
||||
else
|
||||
_ -> do_authorize(conn, params)
|
||||
end
|
||||
end
|
||||
|
||||
def authorize(%Plug.Conn{} = conn, params), do: do_authorize(conn, params)
|
||||
|
||||
defp do_authorize(%Plug.Conn{} = conn, params) do
|
||||
|
|
|
@ -13,6 +13,7 @@ defmodule Pleroma.Web.Router do
|
|||
pipeline :oauth do
|
||||
plug(:fetch_session)
|
||||
plug(Pleroma.Plugs.OAuthPlug)
|
||||
plug(Pleroma.Plugs.UserEnabledPlug)
|
||||
end
|
||||
|
||||
pipeline :api do
|
||||
|
|
2
mix.exs
2
mix.exs
|
@ -4,7 +4,7 @@ defmodule Pleroma.Mixfile do
|
|||
def project do
|
||||
[
|
||||
app: :pleroma,
|
||||
version: version("1.1.5"),
|
||||
version: version("1.1.6"),
|
||||
elixir: "~> 1.7",
|
||||
elixirc_paths: elixirc_paths(Mix.env()),
|
||||
compilers: [:phoenix, :gettext] ++ Mix.compilers(),
|
||||
|
|
|
@ -1 +1 @@
|
|||
<!DOCTYPE html><html lang=en><head><meta charset=utf-8><meta name=viewport content="width=device-width,initial-scale=1,user-scalable=no"><title>Pleroma</title><!--server-generated-meta--><link rel=icon type=image/png href=/favicon.png><link rel=stylesheet href=/static/font/css/fontello.css><link rel=stylesheet href=/static/font/css/animation.css><link href=/static/css/vendors~app.b2603a50868c68a1c192.css rel=stylesheet><link href=/static/css/app.fd71461124f3eb029b1b.css rel=stylesheet></head><body class=hidden><noscript>To use Pleroma, please enable JavaScript.</noscript><div id=app></div><script type=text/javascript src=/static/js/vendors~app.5c3fab032deb5f2793cb.js></script><script type=text/javascript src=/static/js/app.105d64a8fcdd6724ccde.js></script></body></html>
|
||||
<!DOCTYPE html><html lang=en><head><meta charset=utf-8><meta name=viewport content="width=device-width,initial-scale=1,user-scalable=no"><title>Pleroma</title><!--server-generated-meta--><link rel=icon type=image/png href=/favicon.png><link rel=stylesheet href=/static/font/css/fontello.css><link rel=stylesheet href=/static/font/css/animation.css><link href=/static/css/vendors~app.b2603a50868c68a1c192.css rel=stylesheet><link href=/static/css/app.fd71461124f3eb029b1b.css rel=stylesheet></head><body class=hidden><noscript>To use Pleroma, please enable JavaScript.</noscript><div id=app></div><script type=text/javascript src=/static/js/vendors~app.76db8e4cdf29decd5cab.js></script><script type=text/javascript src=/static/js/app.d20ca27d22d74eb7bce0.js></script></body></html>
|
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
|
@ -16,6 +16,23 @@ test "doesn't do anything if the user isn't set", %{conn: conn} do
|
|||
assert ret_conn == conn
|
||||
end
|
||||
|
||||
test "with a user that's not confirmed and a config requiring confirmation, it removes that user",
|
||||
%{conn: conn} do
|
||||
old = Pleroma.Config.get([:instance, :account_activation_required])
|
||||
Pleroma.Config.put([:instance, :account_activation_required], true)
|
||||
|
||||
user = insert(:user, info: %{confirmation_pending: true})
|
||||
|
||||
conn =
|
||||
conn
|
||||
|> assign(:user, user)
|
||||
|> UserEnabledPlug.call(%{})
|
||||
|
||||
assert conn.assigns.user == nil
|
||||
|
||||
Pleroma.Config.put([:instance, :account_activation_required], old)
|
||||
end
|
||||
|
||||
test "with a user that is deactivated, it removes that user", %{conn: conn} do
|
||||
user = insert(:user, info: %{deactivated: true})
|
||||
|
||||
|
|
|
@ -468,6 +468,29 @@ test "renders authentication page if user is already authenticated but `force_lo
|
|||
assert html_response(conn, 200) =~ ~s(type="submit")
|
||||
end
|
||||
|
||||
test "renders authentication page if user is already authenticated but user request with another client",
|
||||
%{
|
||||
app: app,
|
||||
conn: conn
|
||||
} do
|
||||
token = insert(:oauth_token, app_id: app.id)
|
||||
|
||||
conn =
|
||||
conn
|
||||
|> put_session(:oauth_token, token.token)
|
||||
|> get(
|
||||
"/oauth/authorize",
|
||||
%{
|
||||
"response_type" => "code",
|
||||
"client_id" => "another_client_id",
|
||||
"redirect_uri" => OAuthController.default_redirect_uri(app),
|
||||
"scope" => "read"
|
||||
}
|
||||
)
|
||||
|
||||
assert html_response(conn, 200) =~ ~s(type="submit")
|
||||
end
|
||||
|
||||
test "with existing authentication and non-OOB `redirect_uri`, redirects to app with `token` and `state` params",
|
||||
%{
|
||||
app: app,
|
||||
|
|
Loading…
Reference in New Issue