Commit Graph

2141 Commits

Author SHA1 Message Date
tusooa f7c2073103 Merge branch 'bump/min-elixir-1.10' into 'develop'
Bump minimum Elixir version to 1.10

See merge request pleroma/pleroma!3741
2022-09-05 15:19:34 +00:00
Hélène cd237d22f1
User: generate private keys on user creation
This fixes a race condition bug where keys could be regenerated
post-federation, causing activities and HTTP signatures from an user to
be dropped due to key differences.
2022-09-05 03:51:17 +02:00
tusooa f8afba95b2 Merge branch 'fix/gts-federation' into 'develop'
GoToSocial federation fixes

See merge request pleroma/pleroma!3725
2022-09-05 01:10:34 +00:00
tusooa 20347898e2 Merge branch 'fix/federation-context-issues' into 'develop'
Fix reply context fixing (Pleroma replies to Misskey threads) and removal of context objects

See merge request pleroma/pleroma!3717
2022-09-04 18:43:36 +00:00
Haelwenn 299255b9bb Merge branch 'from/upstream-develop/tusooa/assoc-object-id' into 'develop'
Add function to calculate associated object id

Closes #2307

See merge request pleroma/pleroma!3692
2022-09-03 02:50:40 +00:00
Haelwenn e40c221c31 Merge branch 'from/upstream-develop/tusooa/edits' into 'develop'
Editing

Closes #1429, #2859, and #2288

See merge request pleroma/pleroma!3678
2022-09-03 02:16:42 +00:00
Haelwenn (lanodan) Monnier 21ab7369ca Bump minimum Elixir version to 1.10
With the release of Elixir 1.14, Elixir 1.9 is now end-of-life.

Elixir 1.10 Release Notes:
https://github.com/elixir-lang/elixir/releases/tag/v1.10.0
2022-09-02 22:53:54 +02:00
Tusooa Zhu 3885ee182a
Switch to associated_object_id index 2022-08-20 20:43:46 -04:00
Hélène 4661b56720
ArticleNotePageValidator: fix replies fixing
Some software, like GoToSocial, expose replies as ActivityPub
Collections, but do not expose any item array directly in the object,
causing validation to fail via the ObjectID validator. Now, Pleroma will
drop that field in this situation too.
2022-08-19 02:45:49 +02:00
Hélène bb02ee99f5
CommonFixes: more predictable context generation
`context` fields for objects and activities can now be generated based
on the object/activity `inReplyTo` field or its ActivityPub ID, as a
fallback method in cases where `context` fields are missing for incoming
activities and objects.
2022-08-15 01:46:55 +02:00
Hélène 3b6784b1de
CreateGenericValidator: fix reply context fixing
Incoming Pleroma replies to a Misskey thread were rejected due to a
broken context fix, which caused them to not be visible until a
non-Pleroma user interacted with the replies.

This fix properly sets the post-fix object context to its parent Create
activity as well, if it was changed.
2022-08-10 02:29:38 +02:00
Hélène 7f71e3d0fe
CommonFields: remove context_id 2022-08-09 20:10:43 +02:00
Hélène f3e061c964
Object: remove context_id field
30 to 70% of the objects in the object table are simple JSON objects
containing a single field, 'id', being the context's ID. The reason for
the creation of an object per context seems to be an old relic from the
StatusNet era, and has only been used nowadays as an helper for threads
in Pleroma-FE via the `pleroma.conversation_id` field in status views.
An object per context was created, and its numerical ID (table column)
was used and stored as 'context_id' in the object and activity along
with the full 'context' URI/string.

This commit removes this field and stops creation of objects for each
context, which will also allow incoming activities to use activity IDs
as contexts, something which was not possible before, or would have been
very broken under most circumstances.

The `pleroma.conversation_id` field has been reimplemented in a way to
maintain backwards-compatibility by calculating a CRC32 of the full
context URI/string in the object, instead of relying on the row ID for
the created context object.
2022-08-09 20:10:43 +02:00
Tusooa Zhu a4fa286d20
Use actor_types() to determine whether the Update is for user 2022-08-02 10:37:28 -04:00
Haelwenn b2ba307f4d Merge branch 'from/upstream-develop/tusooa/2871-fix-local-public' into 'develop'
local only fixes

Closes #2871

See merge request pleroma/pleroma!3660
2022-08-02 05:39:50 +00:00
tusooa c80096522c Merge branch 'develop' into 'from/develop/tusooa/emit-move'
# Conflicts:
#   CHANGELOG.md
#   test/pleroma/user_test.exs
2022-07-31 21:32:49 +00:00
Hélène fb3f6e1975
EmojiReactValidator: use new qualification method 2022-07-25 16:49:23 +02:00
Hélène 388bbc4978
EmojiReactValidator: fix emoji qualification
Tries fully-qualifying emoji when receiving them, by adding the emoji
variation sequence to the received reaction emoji.

This issue arises when other instance software, such as Misskey, tries
reacting with emoji that have unqualified or minimally qualified
variants, like a red heart. Pleroma only accepts fully qualified emoji
in emoji reactions, and refused those emoji. Now, Pleroma will attempt
to properly qualify them first, and reject them if checks still fail.

This commit contains changes to tests proposed by lanodan.

Co-authored-by: Haelwenn <contact+git.pleroma.social@hacktivis.me>
2022-07-24 13:36:06 +02:00
Tusooa Zhu 997f08b350
Make AntiLinkSpamPolicy history-aware 2022-07-24 00:18:09 -04:00
Tusooa Zhu d877d2a4e7
Make HashtagPolicy history-aware 2022-07-24 00:02:39 -04:00
Tusooa Zhu 82c8fc1ede
Make NoEmptyPolicy work with Update 2022-07-23 23:24:25 -04:00
Tusooa Zhu 46a5c06853
Make NormalizeMarkup history-aware 2022-07-23 22:50:38 -04:00
Tusooa Zhu fc7ce5f93c
Make NoPlaceholderTextPolicy history-aware 2022-07-23 22:41:04 -04:00
Tusooa Zhu dce7e42928
Make MediaProxyWarmingPolicy history-aware 2022-07-23 22:34:03 -04:00
Tusooa Zhu 0a337063e1
Make ForceMentionsInContent history-aware 2022-07-23 22:23:57 -04:00
Tusooa Zhu cd19537f39
Make EnsureRePrepended history-aware 2022-07-23 17:48:39 -04:00
Tusooa Zhu eba9b0760f
Make MRF Keyword history-aware 2022-07-23 15:56:36 -04:00
Haelwenn cfb21d011f Revert "Merge branch 'fix/emoji-react-qualification' into 'develop'"
This reverts merge request !3684
2022-07-22 23:19:49 +00:00
Haelwenn (lanodan) Monnier eba1666575 AttachmentValidator: fix_media_type/1 fallback to application/octet-stream 2022-07-22 20:30:45 +02:00
Haelwenn (lanodan) Monnier be98900904 ArticleNotePageValidator: Fix when attachments are a Map (ie. owncast) 2022-07-22 20:30:45 +02:00
Haelwenn 454f892f37 Merge branch 'fix/emoji-react-qualification' into 'develop'
EmojiReactValidator: fix emoji qualification

See merge request pleroma/pleroma!3684
2022-07-21 17:45:47 +00:00
Tusooa Zhu f84ed44cea
Fix cannot get full history on object fetch 2022-07-06 01:19:53 -04:00
Ilja f88ed1df75 Merge branch 'develop' of https://git.pleroma.social/pleroma/pleroma into fine_grained_moderation_privileges 2022-07-05 12:05:19 +02:00
Tusooa Zhu 5ce118d970
Validate object data for incoming Update activities
In Create validator we do not validate the object data,
but that is because the object itself will go through the
pipeline again, which is not the case for Update. Thus,
we added validation for objects in Update activities.
2022-07-03 20:21:46 -04:00
Tusooa Zhu 4367489a3e
Pass history items through ObjectValidator for updatable object types 2022-07-03 20:02:52 -04:00
Tusooa Zhu 4edc867b87 Merge branch 'develop' into 'from/upstream-develop/tusooa/edits'
# Conflicts:
#   lib/pleroma/constants.ex
2022-07-03 22:24:57 +00:00
Haelwenn a15b45a589 Merge branch 'bugfix/mime-validation-no-list' into 'develop'
Bugfix: Validate mediaType only by it's format

See merge request pleroma/pleroma!3597
2022-07-03 21:04:41 +00:00
Ilja 37fdf148b0 Rename privilege tags
I first focussed on getting things working
Now that they do and we know what tags there are, I put some thought in providing better names

I use the form <what_it_controls>_<what_it_allows_you_to_do>

:statuses_read    => :messages_read
:status_delete    => :messages_delete

:user_read        => :users_read
:user_deletion    => :users_delete
:user_activation  => :users_manage_activation_state
:user_invite      => :users_manage_invites
:user_tag         => :users_manage_tags
:user_credentials => :users_manage_credentials

:report_handle    => :reports_manage_reports

:emoji_management => :emoji_manage_emoji
2022-07-01 10:28:09 +02:00
Hélène 11f9f2ef27
EmojiReactValidator: fix emoji qualification
Tries fully-qualifying emoji when receiving them, by adding the emoji
variation sequence to the received reaction emoji.

This issue arises when other instance software, such as Misskey, tries
reacting with emoji that have unqualified or minimally qualified
variants, like a red heart. Pleroma only accepts fully qualified emoji
in emoji reactions, and refused those emoji. Now, Pleroma will attempt
to properly qualify them first, and reject them if checks still fail.
2022-06-28 21:33:57 +02:00
Tusooa Zhu 014096aeef
Make outbound transmogrifier aware of edit history 2022-06-25 11:20:46 -04:00
Tusooa Zhu 5321fd0012
Do not put meta[:object_data] for local Updates 2022-06-25 10:03:19 -04:00
Tusooa Zhu 9c6dae942d
Fix local updates causing emojis to be lost 2022-06-25 09:23:09 -04:00
Tusooa Zhu 99a6f50316
Unify the logic of updating objects 2022-06-25 00:32:22 -04:00
Tusooa Zhu e0d6da4e7d
Fix CommonAPITest 2022-06-24 10:54:11 -04:00
Tusooa Zhu ee07383191
Use meta[:object_data] in SideEffects for Update 2022-06-24 10:28:58 -04:00
Tusooa Zhu 01321c88b5
Convert incoming Updated object into Pleroma format 2022-06-24 10:25:22 -04:00
Ilja e21ef5aef3 report notifications for privileged users
Instead of `Pleroma.User.all_superusers()` we now use `Pleroma.User.all_superusers(:report_handle)`

I also changed it for sending emails, but there were no tests.
2022-06-21 12:10:27 +02:00
Ilja bb61cfee8d Validator for deleting statusses is now done with priviledge instead of superuser 2022-06-21 12:10:27 +02:00
Tusooa Zhu c3593639ad
Fix incorrectly cached content after editing 2022-06-09 11:39:51 -04:00
Tusooa Zhu 8bac8147d4
Stream out edits 2022-06-03 21:15:17 -04:00
Tusooa Zhu fa31ae50e6
Inject history when object is refetched 2022-06-01 19:49:04 -04:00
Tusooa Zhu 410e177b2a
Strip internal fields in formerRepresentation 2022-06-01 12:02:03 -04:00
Tusooa Zhu b613a9ec6b
Implement mastodon api for editing status 2022-05-31 14:32:28 -04:00
Tusooa Zhu c004eb0fa2
Implement mastodon api for showing edit history 2022-05-29 23:50:31 -04:00
Tusooa Zhu 8acfe95f3e
Allow updating polls 2022-05-29 22:16:03 -04:00
Tusooa Zhu 5e8aac0e07
Record edit history for Note and Question Updates 2022-05-29 13:54:16 -04:00
Tusooa Zhu 0f6a5eb9a2
Handle Note and Question Updates 2022-05-29 12:54:57 -04:00
Tusooa Zhu 547def67a7
Allow Updates by every actor on the same origin 2022-05-29 11:36:00 -04:00
Hélène a74ce2d77a
StealEmojiPolicy: fix String rejected_shortcodes
* rejected_shortcodes is defined as a list of strings in the
  configuration description. As such, database-based configuration was
  led to handle those settings as strings, and not as the actually
  expected type, Regex.
* This caused each message passing through this MRF, if a rejected
  shortcode was set and the emoji did not exist already on the instance,
  to fail federating, as an exception was raised, swiftly caught and
  mostly silenced.
* This commit fixes the issue by introducing new behavior: strings are
  now handled as perfect matches for an emoji shortcode (meaning that if
  the emoji-to-be-pulled's shortcode is in the blacklist, it will be
  rejected), while still supporting Regex types as before.
2022-05-18 21:25:10 +02:00
Tusooa Zhu f1722a9f4a
Make lint happy
Ref: fix-local-public
2022-05-09 18:53:32 -04:00
Tusooa Zhu 38444aa92a
Allow authenticated users to access local-only posts in MastoAPI
Ref: fix-local-public
2022-05-09 18:53:18 -04:00
Haelwenn 4605efe272 Merge branch 'improve_anti_followbot_policy' into 'develop'
Also use actor_type to determine if an account is a bot in antiFollowbotPolicy

Closes #2561

See merge request pleroma/pleroma!3498
2022-05-08 18:10:40 +00:00
Ilja a8093732bd Also use actor_type to determine if an account is a bot in antiFollowbotPolicy 2022-05-08 18:10:40 +00:00
Tusooa Zhu fe933b9bf2
Prevent remote access of local-only posts via /objects
Ref: fix-local-public
2022-05-06 13:54:21 -04:00
Tusooa Zhu c48be59f58
Show local-only statuses in public timeline for authenticated users
Ref: fix-local-public
2022-05-06 13:54:02 -04:00
Tusooa Zhu 57c030a0a7 Skip cache when /objects or /activities is authenticated
Ref: fix-local-public
2022-05-06 10:23:26 +02:00
Haelwenn (lanodan) Monnier 83338c25a5 Transmogrifier: Use validating regex for "mediaType" 2022-03-17 22:37:26 +01:00
Haelwenn (lanodan) Monnier 030183b35f AttachmentValidator: Use custom ecto type and regex for "mediaType" 2022-03-17 22:37:26 +01:00
Sean King 17aa3644be
Copyright bump for 2022 2022-02-25 23:11:42 -07:00
marcin mikołajczak f8f2a17754 Birthdays: Fix outgoing federation of birth dates
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
2022-02-01 12:00:26 +01:00
Alex Gleason 3bf257171f
ForceMentionsInContent: improve display of Markdown posts 2022-01-27 14:15:06 -06:00
Alex Gleason 27cb3d6273
ForceMentionsInContent: don't apply it to top-level posts 2022-01-26 21:24:26 -06:00
bot a4de79ced0 ForceBotUnlistedPolicy: fix to stop unlisting my posts >:( 2022-01-26 22:53:02 +00:00
Alex Gleason 0604b0dd09
ForceMentionsInContent: don't mention self 2022-01-25 12:33:47 -06:00
Alex Gleason 0f4e0e667e Merge branch 'recipients-inline' into 'develop'
ForceMentionsInContent: wrap mentions in a span, fix the formatting

See merge request pleroma/pleroma!3620
2022-01-25 17:43:39 +00:00
Alex Gleason 65b4d2ce84
ForceMentionsInContent: fix order of mentions 2022-01-25 10:42:34 -06:00
Alex Gleason 267184b70e
ForceMentionsInContentTest: return mentions in a not terrible format 2022-01-24 20:03:43 -06:00
Alex Gleason c5a20c80c4
ForceMentionsInContent: simplify finding users 2022-01-24 19:44:44 -06:00
Alex Gleason d5644a52aa
ForceMentionsInContent: wrap inline mentions with span tag 2022-01-24 19:11:45 -06:00
Alex Gleason 1bbc701a3a
ForceMentionsInContent: use `to` instead of `tag` 2022-01-24 19:11:14 -06:00
marcin mikołajczak 0266bc3c96 Birthdays: hide_birthday -> show_birthday
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
2022-01-23 09:13:33 +01:00
Alex Gleason aaa9314f4c
Merge remote-tracking branch 'origin/develop' into birth-dates 2022-01-22 14:24:50 -06:00
Alex Gleason 66e8c6f90f
Birthdays: birth_date --> birthday 2022-01-22 13:21:55 -06:00
Alex Gleason 6ffe43af70 Merge branch 'private-pins' into 'develop'
Support private pinned posts from Mastodon

See merge request pleroma/pleroma!3611
2022-01-20 23:18:24 +00:00
marcin mikołajczak 88c21b9282 Support private pinned posts from Mastodon
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
2022-01-20 12:35:32 +01:00
rinpatch a02cfd7f52 Add ForceMentionsInContentPolicy
Even though latest PleromaFE supports displaying these properly, mobile
apps still exist, so I think we should offer a workaround to those who
want it.
2022-01-19 21:04:57 +03:00
marcin mikołajczak c180f9276f check if remote bday is valid
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
2022-01-19 17:19:28 +01:00
marcin mikołajczak b108b05650 Birth dates, birthday reminders API, allow instance admins to require minimum age
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
2022-01-18 14:57:48 +01:00
Tusooa Zhu e41eee5ed1
Make Move activity federate properly
Ref: emit-move
2021-12-28 01:11:08 -05:00
marcin mikołajczak de006443f0 MastoAPI: Profile directory 2021-12-26 02:35:17 +00:00
Alex Gleason d9746ae4cb Merge branch 'from/develop/tusooa/2802-propagate-reject' into 'develop'
Handle Reject for already-accepted Follows properly

Closes #2766 and #2802

See merge request pleroma/pleroma!3568
2021-12-23 16:00:16 +00:00
Alex Gleason df5359aa72 Merge branch 'replies-count' into 'develop'
Fix replies count for remote replies

See merge request pleroma/pleroma!3541
2021-12-19 17:36:25 +00:00
Tusooa Zhu 3d41ccc47b
Allow updating accepted follow activities in Web.ActivityPub.Utils.update_follow_state_for_all/2
Mastodon uses the Reject activity also for the purpose of removing
a follower, in addition to reject a follow request. We should
also update the original Follow activity in this case.
2021-12-17 14:17:51 -05:00
Alex Gleason 2c96668a2c
Merge remote-tracking branch 'origin/develop' into fix-attachment-dimensions 2021-12-07 13:41:54 -05:00
Alex Gleason 3f03d71ea6
AttachmentValidator: ingest width and height 2021-12-07 12:59:03 -05:00
Lain Soykaf ca8c676867 Linting. 2021-12-07 12:12:23 -05:00
Finn Behrens 8af53101fb move result into with guard 2021-12-07 09:18:53 +01:00
marcin mikołajczak d64d1b1d45 Fix replies count for remote replies
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
2021-11-23 11:31:09 +01:00
lain e2772d6bf1 Merge branch 'block-behavior' into 'develop'
Configurable block visibility, fixes #2123

Closes #2123

See merge request pleroma/pleroma!3242
2021-11-15 14:27:59 +00:00
Haelwenn (lanodan) Monnier 23e91ec8dd activity_pub_controller: Fix misleading debug warning in post_inbox_fallback 2021-11-10 01:11:35 +01:00