Commit Graph

4847 Commits

Author SHA1 Message Date
rinpatch 6ca709816f Fix object spoofing vulnerability in attachments
Validate the content-type of the response when fetching an object,
according to https://www.w3.org/TR/activitypub/#x3-2-retrieving-objects.

content-type headers had to be added to many mocks in order to support
this, some of this was done with a regex. While I did go over the
resulting files to check I didn't modify anything unrelated, there is a
 possibility I missed something.

Closes pleroma#1948
2020-11-12 15:25:33 +03:00
Haelwenn 99bc175f02 Merge branch 'title-injection-change' into 'develop'
Title injection change

See merge request pleroma/pleroma!3132
2020-11-12 08:50:26 +00:00
Mark Felder 966663c3f8 Fix tests for other attachment types 2020-11-11 16:17:35 -06:00
Mark Felder 2254e5e595 Render blurhashes in Mastodon API 2020-11-11 12:51:13 -06:00
Mark Felder 6fd72e9e85 Ingest blurhash for attachments if they were federated 2020-11-11 12:27:51 -06:00
Egor Kislitsyn d26a449396
Change endpoint path 2020-11-11 20:39:57 +04:00
Egor Kislitsyn 435bf1f945
Remove FrontendInstallerWorker 2020-11-11 20:12:35 +04:00
lain 631def2df2 RedirectController: Don't replace title, but inject into the meta 2020-11-11 17:10:59 +01:00
Egor Kislitsyn 08cbd655d1
Merge branch 'develop' into frontend-admin-api 2020-11-11 19:53:40 +04:00
Egor Kislitsyn 0118ccb53c
Add `local` visibility 2020-11-11 18:54:01 +04:00
feld 3cd7ea693f Merge branch 'feature/2222-config-descriptions-for-custom-modules' into 'develop'
Config descriptions for custom MRF policies

Closes #2222

See merge request pleroma/pleroma!3128
2020-11-11 13:48:03 +00:00
Alexander Strizhakov 8d218ebaf5
Moving some background jobs into simple tasks
- fetching activity data
- attachment prefetching
- using limiter to prevent overload
2020-11-11 13:39:49 +03:00
Alexander Strizhakov f97f24b067
making credo happy and test fix 2020-11-11 10:48:03 +03:00
Alexander Strizhakov 485697d96c
config descriptions for custom MRF policies 2020-11-10 19:20:14 +03:00
lain 88f6b61a5e Merge branch '2260-wrong-report-link' into 'develop'
Resolve "Wrong user link in Report email"

Closes #2260

See merge request pleroma/pleroma!3121
2020-11-10 11:04:19 +00:00
Alexander Strizhakov 0c68b9ac13
escaping summary and other fields in xml templates 2020-11-10 10:46:57 +03:00
rinpatch cc45c69fff Remove release_env
While taking a final look at instance.gen before releasing I noticed
that the release_env task outputs messages in broken english. Upon
further inspection it seems to have even more severe issues which, in
my opinion, warrant it's at least temporary removal:
- We do not explain what it actually does, anywhere. Neither the task
 docs nor instance.gen, nor installation instructions.
- It does not respect FHS on OTP releases (uses /opt/pleroma/config even
 though we store the config in /etc/pleroma/config.exs).
- It doesn't work on OTP releases, which is the main reason it exists.
Neither systemd nor openrc service files for OTP include it.
- It is not mentioned in install guides other than the ones for Debian
and OTP releases.
2020-11-08 11:56:09 +03:00
Haelwenn (lanodan) Monnier e010bb292b
NoteHandlingTest: Poison → Jason 2020-11-06 14:04:03 +01:00
Haelwenn (lanodan) Monnier fa1f5d4442
Move TransmogrifierTest for Note to NoteHandlingTest 2020-11-06 08:57:16 +01:00
lain 6d850c46dc AdminEmail: Use AP id as user url. 2020-11-04 17:12:47 +01:00
lain dd2b3a8da9 Merge branch 'develop' of git.pleroma.social:pleroma/pleroma into feature/expire-mutes 2020-11-04 16:51:42 +01:00
lain 4800ee656b Merge branch 'features/federation-status' into 'develop'
Add a federation_status endpoint showing unreachable instances

See merge request pleroma/pleroma!3086
2020-11-04 15:00:52 +00:00
lain 5db4c823b2 Merge branch 'restrict-domain' into 'develop'
View a remote server's timeline

See merge request pleroma/pleroma!2713
2020-11-04 14:54:53 +00:00
Ivan Tashkinov 73e66fd31f Merge remote-tracking branch 'remotes/origin/develop' into auth-improvements 2020-11-04 17:48:10 +03:00
Haelwenn 9c09ea01aa Merge branch '2284-voters-count' into 'develop'
Always return voters_count in polls

See merge request pleroma/pleroma!3120
2020-11-04 14:44:45 +00:00
lain 504a829edb Merge branch 'develop' of git.pleroma.social:pleroma/pleroma into features/federation-status 2020-11-04 15:38:10 +01:00
lain cb3cd3a761 TopicsTest: Small addition. 2020-11-04 15:24:10 +01:00
lain 329aa19c9f Merge branch 'develop' of git.pleroma.social:pleroma/pleroma into alexgleason/pleroma-restrict-domain 2020-11-04 15:05:01 +01:00
lain bc4d9c4ffc Merge branch 'hide-muted-chats' into 'develop'
Hide chats from muted users

Closes #2230

See merge request pleroma/pleroma!3116
2020-11-04 13:48:15 +00:00
Egor Kislitsyn ca95cbe0b4
Add `with_muted` param to ChatController.index/2 2020-11-04 16:40:12 +04:00
lain e46c95b826 Merge branch 'develop' of git.pleroma.social:pleroma/pleroma into frontend-admin-api 2020-11-04 13:23:18 +01:00
lain c7bcbfbc1d Merge branch 'develop' of git.pleroma.social:pleroma/pleroma into feature/local-only-scope 2020-11-04 11:47:41 +01:00
lain 1cfc3278c0 Poll View: Always return `voters_count`. 2020-11-04 10:14:00 +01:00
lain c37118e6f2 Conversations: A few refactors 2020-11-03 13:56:12 +01:00
lain 91f6c32430 Merge branch 'develop' of git.pleroma.social:pleroma/pleroma into a1batross/pleroma-patch-4 2020-11-03 13:45:09 +01:00
Mark Felder 53dd048590 Test the note is returned when fetching a single report 2020-11-02 15:49:07 -06:00
Egor Kislitsyn be52819a11
Hide chats from muted users 2020-11-02 17:51:54 +04:00
lain 24ce324973 Merge branch 'bugfix/poll_replies_count' into 'develop'
side_effects: Don’t increase_replies_count when it’s an Answer

Closes #2274

See merge request pleroma/pleroma!3114
2020-11-02 12:08:20 +00:00
minibikini 6163fbf553 Merge branch 'develop' into 'frontend-admin-api'
# Conflicts:
#   lib/pleroma/web/router.ex
2020-11-02 10:43:45 +00:00
Haelwenn (lanodan) Monnier 4caad4e910
side_effects: Don’t increase_replies_count when it’s an Answer 2020-11-02 05:56:17 +01:00
feld 38b481d112 Merge branch 'feature/account-export' into 'develop'
Add account export

Closes #847

See merge request pleroma/pleroma!2918
2020-10-31 17:03:40 +00:00
Ivan Tashkinov 04f6b48ac1 Auth subsystem refactoring and tweaks.
Added proper OAuth skipping for SessionAuthenticationPlug. Integrated LegacyAuthenticationPlug into AuthenticationPlug. Adjusted tests & docs.
2020-10-31 13:38:35 +03:00
eugenijm 8e41baff40 Add idempotency_key to the chat_message entity. 2020-10-31 05:50:59 +03:00
Egor Kislitsyn a2a7a1f2ff
Merge remote-tracking branch 'origin/develop' into feature/account-export 2020-10-31 00:17:33 +04:00
Egor Kislitsyn d2113428c0
Merge remote-tracking branch 'origin/develop' into feature/account-export 2020-10-30 19:34:02 +04:00
Egor Kislitsyn 1a98476f48 Remove unused aliases 2020-10-30 18:42:43 +04:00
Alibek Omarov 1042c30fa5 ConversationViewTest: fix test 2020-10-30 13:59:53 +01:00
Alibek Omarov 0552a08dfd ConversationControllerTest: fix test, fix formatting 2020-10-30 13:59:53 +01:00
Alibek Omarov 9b93eef715 ConversationView: fix last_status.account being empty, fix current user being included in group conversations 2020-10-30 13:59:53 +01:00
Alibek Omarov 630eb0f939 ConversationViewTest: fix test #2 2020-10-30 12:58:51 +01:00
Alibek Omarov 149589c842 ConversationViewTest: fix test 2020-10-30 12:58:51 +01:00
Alibek Omarov 390a12d4c8 ConversationControllerTest: fix test 2020-10-30 12:58:51 +01:00
minibikini 1cc8e94506 Merge branch 'develop' into 'feature/local-only-scope'
# Conflicts:
#   CHANGELOG.md
2020-10-30 11:18:55 +00:00
Haelwenn 131f3219e6 Merge branch 'issue/2069' into 'develop'
[#2069] unread_conversation_count

See merge request pleroma/pleroma!2939
2020-10-29 23:39:15 +00:00
feld 1cce1bd729 Merge branch 'issue/2137-user-filters-admin-fe' into 'develop'
[#2137] admin/users filters

See merge request pleroma/pleroma!3016
2020-10-29 21:06:15 +00:00
Egor Kislitsyn d83c2bd330
Add support for install via `file` and `build_url` params 2020-10-29 16:37:50 +04:00
Egor Kislitsyn fa902867c0
Merge remote-tracking branch 'origin/develop' into mutes-blocks-pagination 2020-10-29 15:35:42 +04:00
Egor Kislitsyn 8542d2efee
Merge remote-tracking branch 'origin/develop' into feature/local-only-scope 2020-10-29 14:51:23 +04:00
Ivan Tashkinov ba50dc05a8 Merge remote-tracking branch 'remotes/origin/develop' into ostatus-controller-no-auth-check-on-non-federating-instances
# Conflicts:
#	CHANGELOG.md
2020-10-28 19:03:40 +03:00
Mark Felder d2b140a525 Merge branch 'develop' of git.pleroma.social:pleroma/pleroma into issue/2261 2020-10-28 08:48:26 -05:00
Egor Kislitsyn 4a2d7a7a5d
Merge remote-tracking branch 'origin/develop' into feature/account-export 2020-10-28 15:33:36 +04:00
Egor Kislitsyn 4f90077767
Fix warning 2020-10-28 15:32:44 +04:00
feld 1204aaa2e3 Merge branch 'feature/autofollowing' into 'develop'
autofollowing_nicknames

See merge request pleroma/pleroma!3087
2020-10-27 22:55:31 +00:00
Haelwenn d8d4bd15d0 Merge branch '2236-no-name' into 'develop'
Resolve "Account cannot be fetched by some instances"

Closes #2236

See merge request pleroma/pleroma!3101
2020-10-27 22:44:31 +00:00
feld 03a318af9a Merge branch 'develop' into 'feature/autofollowing'
# Conflicts:
#   CHANGELOG.md
2020-10-27 22:13:50 +00:00
Mark Felder f2b74f60f0 Merge branch 'develop' into feature/account-export 2020-10-27 15:16:22 -05:00
Maksim Pechnikov d28f72a55a FrontStatic plug: excluded invalid url 2020-10-27 22:59:27 +03:00
Mark Felder cbe41408e4 phoenix_controller_render_duration is no longer available in telemetry of Phoenix 1.5+ 2020-10-27 14:37:48 -05:00
minibikini 1bfd8528bb Merge branch 'develop' into 'feature/local-only-scope'
# Conflicts:
#   CHANGELOG.md
2020-10-27 18:59:19 +00:00
Mark Felder 291189357b Merge branch 'develop' into feature/account-export 2020-10-27 12:54:33 -05:00
Mark Felder 9e54ef086b Merge branch 'develop' into feature/account-export 2020-10-27 12:51:31 -05:00
feld 5aff479951 Merge branch '1668-prometheus-access-restrictions' into 'develop'
[#1668] App metrics endpoint (Prometheus) access restrictions

Closes #1668

See merge request pleroma/pleroma!3093
2020-10-27 17:47:56 +00:00
feld e062329a17 Merge branch 'develop' into 'feature/autofollowing'
# Conflicts:
#   CHANGELOG.md
2020-10-27 17:42:24 +00:00
Egor Kislitsyn 03e306785b
Add an API endpoint to install a new frontend 2020-10-27 19:20:21 +04:00
lain 9542c5d0f4 Merge branch 'develop' of git.pleroma.social:pleroma/pleroma into 2236-no-name 2020-10-26 16:30:48 +01:00
rinpatch df61071422 Merge branch '2242-nsfw-case' into 'develop'
Resolve "Posts tagged with #NSFW from GS aren't marked as sensitive"

Closes #2242

See merge request pleroma/pleroma!3094
2020-10-23 19:39:42 +00:00
lain 60e379ce0b User: Correctly handle whitespace names. 2020-10-23 13:53:01 +02:00
feld d6907e6e0c Merge branch 'chore/elixir-1.11' into 'develop'
Elixir 1.11 compatibility / Phoenix 1.5+

See merge request pleroma/pleroma!3059
2020-10-22 20:33:52 +00:00
lain 8d251096fe SideEffects: Correctly handle chat messages sent to yourself 2020-10-22 12:22:08 +02:00
Maksim Pechnikov ef627b9391 fix module name 2020-10-22 12:04:23 +03:00
Maksim Pechnikov add26817e3 update changelog 2020-10-22 11:54:32 +03:00
Maksim Pechnikov 44e5a57d1a admin api: added user filters by `actor_types` 2020-10-22 11:53:28 +03:00
Maksim Pechnikov 60663150b5 admin user search: added filter by `actor_type` 2020-10-22 11:53:28 +03:00
Maksim Pechnikov 46b420aa60 need_confirmed -> unconfirmed 2020-10-22 11:50:49 +03:00
Maksim Pechnikov cf4f393794 added AdminApi.UserController 2020-10-22 11:50:49 +03:00
Maksim Pechnikov 9ef46ce410 added 'unconfirmed' filter to admin/users 2020-10-22 11:50:49 +03:00
Egor Kislitsyn 034ac43f3a
Fix credo warnings 2020-10-20 17:47:04 +04:00
Egor Kislitsyn e87901c424
Merge remote-tracking branch 'origin/develop' into feature/account-export 2020-10-20 17:27:29 +04:00
Egor Kislitsyn ad605e3e16
Rename `Pleroma.Backup` to `Pleroma.User.Backup` 2020-10-20 17:16:58 +04:00
Egor Kislitsyn c1976d5b19 Fix credo warnings 2020-10-19 18:14:49 +04:00
lain 39fd4d7639 Transmogrifier: Downcase incoming Hashtags
Also, set sensitive to true if we have an nsfw hashtag present.
2020-10-19 15:40:50 +02:00
Egor Kislitsyn 98f32cf820
Fix tests 2020-10-19 17:19:45 +04:00
Egor Kislitsyn 76c4e80e5a
Merge branch 'develop' into mutes-blocks-pagination 2020-10-19 15:40:03 +04:00
Egor Kislitsyn 18a91d85e5
Merge branch 'develop' into feature/local-only-scope 2020-10-19 15:31:56 +04:00
Haelwenn 0495a07dc7 Merge branch '2239-mute-fixes' into 'develop'
ActivityPub: Show own replies to muted users.

Closes #2239

See merge request pleroma/pleroma!3084
2020-10-19 04:26:35 +00:00
Ivan Tashkinov 524fb0e4c2 [#1668] Restricted access to app metrics endpoint by default. Added ability to configure IP whitelist for this endpoint.
Added tests and documentation.
2020-10-18 21:22:21 +03:00
Ivan Tashkinov 9ea31b373f Merge remote-tracking branch 'remotes/origin/develop' into chore/elixir-1.11 2020-10-17 17:53:47 +03:00
Ivan Tashkinov 049ece1ef3 Merge remote-tracking branch 'remotes/origin/develop' into ostatus-controller-no-auth-check-on-non-federating-instances
# Conflicts:
#	lib/pleroma/web/feed/user_controller.ex
#	lib/pleroma/web/o_status/o_status_controller.ex
#	lib/pleroma/web/router.ex
#	lib/pleroma/web/static_fe/static_fe_controller.ex
2020-10-17 13:12:39 +03:00
Mark Felder 1b8fd7e65a Adds feature to permit e.g., local admins and community moderators to automatically follow all newly registered accounts 2020-10-16 17:36:02 +00:00
Haelwenn (lanodan) Monnier aafdc975bd
federation_status: Add ApiSpec 2020-10-16 01:14:15 +02:00
Haelwenn (lanodan) Monnier 3b5a7a6b14
federation_status: New endpoint showing unreachable instances 2020-10-16 01:14:04 +02:00
Mark Felder fb056ce05b Merge branch 'develop' into refactor/discoverable_user_field 2020-10-15 16:39:01 -05:00
Maksim Pechnikov 2030ffd490 fix test 2020-10-15 22:31:52 +03:00
Maksim Pechnikov 20e68b30f0 added generated `pleroma.env` 2020-10-15 22:28:26 +03:00
Egor Kislitsyn 2a475622ee
Add Pleroma.Constants.as_local_public/0 2020-10-15 19:07:00 +04:00
Egor Kislitsyn 4f79bbbc31
Add local-only statuses 2020-10-15 18:37:44 +04:00
Egor Kislitsyn 3985c1b450
Fix warnings 2020-10-15 16:54:59 +04:00
lain 7a2f100061 ActivityPub: Show own replies to muted users.
Aligns mute with block behavior.
2020-10-15 12:28:25 +02:00
Mark Felder 1fb9452131 Merge branch 'develop' into feature/account-export 2020-10-14 15:27:15 -05:00
feld 2013705690 Merge branch 'feature/gen-magic' into 'develop'
Use libmagic via majic

Closes #1736

See merge request pleroma/pleroma!2534
2020-10-14 17:31:45 +00:00
Haelwenn 9a85ec0da0 Merge branch 'refactor/locked_user_field' into 'develop'
Change user.locked field to user.is_locked

See merge request pleroma/pleroma!3077
2020-10-14 16:17:32 +00:00
Mark Felder ed61002815 Undo API breaking changes 2020-10-14 11:03:17 -05:00
Mark Felder b001237b79 Finish undoing API breakage 2020-10-14 10:44:18 -05:00
Mark Felder 3242cfef20 Undo API breaking changes 2020-10-14 09:54:07 -05:00
Alex Gleason 755f58168b
Merge remote-tracking branch 'upstream/develop' into restrict-domain 2020-10-13 19:26:04 -05:00
Mark Felder 8b20c4d275 Missed tests 2020-10-13 16:15:28 -05:00
Egor Kislitsyn 6734abcbd4
Add pagination for Mutes 2020-10-13 21:58:18 +04:00
Haelwenn (lanodan) Monnier f5d8af1db1
Move Consistency.FileLocation to ./test
This fixes a compilation fail because of Credo's absence in MIX_ENV=prod
2020-10-13 19:57:45 +02:00
Mark Felder 09be8cb336 Credo 2020-10-13 12:49:43 -05:00
Egor Kislitsyn 33f4f39b1c
Add pagination for Blocks 2020-10-13 21:39:41 +04:00
Mark Felder 40f3cdc030 JPEG content_type must be image/jpeg 2020-10-13 10:37:24 -05:00
Mark Felder b738f70953 Merge branch 'develop' into feature/gen-magic 2020-10-13 10:08:38 -05:00
Mark Felder 64553ebae2 Merge branch 'develop' into chore/elixir-1.11 2020-10-13 09:54:53 -05:00
Mark Felder 409f694e4f Merge branch 'develop' into refactor/locked_user_field 2020-10-13 09:54:29 -05:00
Mark Felder 4ead0d564f Merge branch 'develop' into refactor/discoverable_user_field 2020-10-13 09:54:11 -05:00
Mark Felder 8bacdc3680 Change user.discoverable field to user.is_discoverable 2020-10-13 09:45:08 -05:00
Mark Felder 9968b7efed Change user.locked field to user.is_locked 2020-10-13 09:31:13 -05:00
Alexander Strizhakov 4c4ea9a348
changes after rebase 2020-10-13 17:10:34 +03:00
Alexander Strizhakov 5f2071c458
changes after rebase 2020-10-13 16:44:03 +03:00
Alexander Strizhakov bb111465a1
credo fix after rebase 2020-10-13 16:44:03 +03:00
Alexander Strizhakov 7f5dbb0201
changes after rebase 2020-10-13 16:44:03 +03:00
Alexander Strizhakov b081080dd9
fixes after rebase 2020-10-13 16:44:02 +03:00
Alexander Strizhakov f679486540
rebase 2020-10-13 16:44:02 +03:00
Alexander Strizhakov c4c5caedd8
changes after rebase 2020-10-13 16:44:02 +03:00
Alexander Strizhakov c8418e2d1f
fix after rebase 2020-10-13 16:44:01 +03:00
Alexander Strizhakov b720ad2264
files consistency after rebase 2020-10-13 16:44:01 +03:00
Alexander Strizhakov c5efded5fd
files consistency for new files 2020-10-13 16:44:00 +03:00
Alexander Strizhakov 207211a2b3
update files consistency after rebase 2020-10-13 16:44:00 +03:00
Alexander Strizhakov e33782455d
updates after rebase 2020-10-13 16:43:59 +03:00
Alexander Strizhakov 9f4fe5485b
alias alphabetically order 2020-10-13 16:43:59 +03:00
Alexander Strizhakov 3ef4e9d170
AdminSecretAuthenticationPlug module name 2020-10-13 16:43:58 +03:00
Alexander Strizhakov c497558d43
AuthenticationPlug module name 2020-10-13 16:43:58 +03:00
Alexander Strizhakov c1777e7479
BasicAuthDecoderPlug module name 2020-10-13 16:43:58 +03:00
Alexander Strizhakov 66e0b0065b
Cache plug module name 2020-10-13 16:43:57 +03:00
Alexander Strizhakov c6baa811d6
EnsureAuthenticatedPlug module name 2020-10-13 16:43:57 +03:00
Alexander Strizhakov 011525a3d1
EnsurePublicOrAuthenticatedPlug module name 2020-10-13 16:43:57 +03:00
Alexander Strizhakov 8e301a4c37
EnsureUserKeyPlug module name 2020-10-13 16:43:56 +03:00
Alexander Strizhakov d6cb1a3b46
ExpectAuthenticatedCheckPlug module name 2020-10-13 16:43:56 +03:00
Alexander Strizhakov 99e4ed21b1
ExpectPublicOrAuthenticatedCheckPlug module name 2020-10-13 16:43:56 +03:00
Alexander Strizhakov 8c993c5f63
FederatingPlug module name 2020-10-13 16:43:55 +03:00