Commit Graph

6484 Commits

Author SHA1 Message Date
Alexander Strizhakov 5a9ea98baf XML WebFinger user representation correct domain 2022-11-03 09:48:59 -04:00
Alexander Strizhakov 4121bca895 expanding WebFinger 2022-11-03 09:48:24 -04:00
tusooa 9fbf01f7a9 Merge branch 'push-updates' into 'develop'
Push.Impl: support edits

See merge request pleroma/pleroma!3760
2022-10-27 12:51:29 +00:00
Haelwenn (lanodan) Monnier 16b06160ac CommonAPI: generate ModerationLog for all admin/moderator deletes
As a side-effect it also changes the ChatMessage delete ID to an
Activity.id rather than MessageReference.id

Closes: https://git.pleroma.social/pleroma/pleroma/-/issues/2958
2022-10-14 18:51:08 +02:00
Tusooa Zhu dd82fd234f
Merge branch 'release/2.4.4' into mergeback/2.4.4 2022-10-08 22:15:09 -04:00
marcin mikołajczak 1b238a4fad Push.Impl: support edits
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
2022-10-01 23:28:02 +02:00
Ilja 2d7ea263a1 Add extra routes to :users_manage_credentials privilege 2022-09-24 13:52:28 +02:00
tusooa 1a7107f4a5 Merge branch 'remove_from_followers' into 'develop'
MastoAPI: POST /api/v1/accounts/:id/remove_from_followers

See merge request pleroma/pleroma!3647
2022-09-16 23:24:13 +00:00
Tusooa Zhu ea60c4e709
Fix wrong relationship direction 2022-09-14 20:24:04 -04:00
Hélène 0b19625bfb
ObjectView: do not fetch an object for its ID
Non-Create/Listen activities had their associated object field
normalized and fetched, but only to use their `id` field, which is both
slow and redundant. This also failed on Undo activities, which delete
the associated object/activity in database.

Undo activities will now render properly and database loads should
improve ever so slightly.
2022-09-11 04:54:04 +02:00
Haelwenn b8d6cb5845 Merge branch 'from/upstream-develop/tusooa/2892-backup-scope' into 'develop'
Make backups require its own scope

Closes #2892

See merge request pleroma/pleroma!3721
2022-09-05 15:42:02 +00:00
Haelwenn 346c130ddc Merge branch 'fix/user-private-key-generation' into 'develop'
User: generate private keys on user creation

See merge request pleroma/pleroma!3737
2022-09-05 15:38:15 +00:00
tusooa f7c2073103 Merge branch 'bump/min-elixir-1.10' into 'develop'
Bump minimum Elixir version to 1.10

See merge request pleroma/pleroma!3741
2022-09-05 15:19:34 +00:00
tusooa 9874b4c985 Merge branch 'develop' into 'from/upstream-develop/tusooa/2892-backup-scope'
# Conflicts:
#   CHANGELOG.md
2022-09-05 15:00:19 +00:00
Hélène cd237d22f1
User: generate private keys on user creation
This fixes a race condition bug where keys could be regenerated
post-federation, causing activities and HTTP signatures from an user to
be dropped due to key differences.
2022-09-05 03:51:17 +02:00
tusooa f8afba95b2 Merge branch 'fix/gts-federation' into 'develop'
GoToSocial federation fixes

See merge request pleroma/pleroma!3725
2022-09-05 01:10:34 +00:00
tusooa 20347898e2 Merge branch 'fix/federation-context-issues' into 'develop'
Fix reply context fixing (Pleroma replies to Misskey threads) and removal of context objects

See merge request pleroma/pleroma!3717
2022-09-04 18:43:36 +00:00
Hélène 4477c6baff
Metadata/Utils: use summary as description if set
When generating OpenGraph and TwitterCard metadata for a post, the
summary field will be used first if it is set to generate the post
description.
2022-09-03 17:17:48 +02:00
Haelwenn 299255b9bb Merge branch 'from/upstream-develop/tusooa/assoc-object-id' into 'develop'
Add function to calculate associated object id

Closes #2307

See merge request pleroma/pleroma!3692
2022-09-03 02:50:40 +00:00
Haelwenn e40c221c31 Merge branch 'from/upstream-develop/tusooa/edits' into 'develop'
Editing

Closes #1429, #2859, and #2288

See merge request pleroma/pleroma!3678
2022-09-03 02:16:42 +00:00
Haelwenn 07ef72f493 Merge branch 'from/develop/tusooa/2807-remote-xact-post' into 'develop'
Remote interaction with posts

Closes #2807 and #978

See merge request pleroma/pleroma!3587
2022-09-03 02:03:48 +00:00
Haelwenn (lanodan) Monnier 21ab7369ca Bump minimum Elixir version to 1.10
With the release of Elixir 1.14, Elixir 1.9 is now end-of-life.

Elixir 1.10 Release Notes:
https://github.com/elixir-lang/elixir/releases/tag/v1.10.0
2022-09-02 22:53:54 +02:00
Hélène 439c1baf25
OAuthPlug: use user cache instead of joining
As this plug is called on every request, this should reduce load on the
database by not requiring to select on the users table every single
time, and to instead use the by-ID user cache whenever possible.
2022-08-24 03:40:05 +02:00
Tusooa Zhu c59ee1f172
Expose availability of GET /main/ostatus via instance 2022-08-20 21:19:31 -04:00
Tusooa Zhu 4ec9eeb3f8
Make remote interaction page translatable 2022-08-20 21:14:26 -04:00
Tusooa Zhu 1218adacc5
Display status link in remote interaction form 2022-08-20 21:13:52 -04:00
Tusooa Zhu b7c75db0f7
Lint 2022-08-20 21:13:51 -04:00
Tusooa Zhu 779457d9a4
Add GET endpoints for remote subscription forms
There are two reasons for adding a GET endpoint:

0: Barely displaying the form does not change anything on the server.

1: It makes frontend development easier as they can now use a link,
instead of a form, to allow remote users to interact with local ones.
2022-08-20 21:13:51 -04:00
Tusooa Zhu a243a217a7
Fix form item name in status_interact.html 2022-08-20 21:13:51 -04:00
Tusooa Zhu 2701628786
Add remote interaction ui for posts 2022-08-20 21:13:51 -04:00
Tusooa Zhu 3885ee182a
Switch to associated_object_id index 2022-08-20 20:43:46 -04:00
Tusooa Zhu a31d6bb52c
Execute session disconnect in background 2022-08-19 20:24:24 -04:00
Tusooa Zhu f459c1260b
Lint 2022-08-19 20:24:24 -04:00
Tusooa Zhu c62a4f1c17
Disconnect streaming sessions when token is revoked 2022-08-19 20:22:45 -04:00
Hélène 4661b56720
ArticleNotePageValidator: fix replies fixing
Some software, like GoToSocial, expose replies as ActivityPub
Collections, but do not expose any item array directly in the object,
causing validation to fail via the ObjectID validator. Now, Pleroma will
drop that field in this situation too.
2022-08-19 02:45:49 +02:00
Hélène 61254111e5
HttpSignaturePlug: accept standard (request-target)
The (request-target) used by Pleroma is non-standard, but many HTTP
signature implementations do it this way due to a misinterpretation of
the draft 06 of HTTP signatures: "path" was interpreted as not having
the query, though later examples show that it must be the absolute path
with the query part of the URL as well.

This behavior is kept to make sure most software (Pleroma itself,
Mastodon, and probably others) do not break, but Pleroma now accepts
signatures for a (request-target) containing the query, as expected by
many HTTP signature libraries, and clarified in the draft 11 of HTTP
signatures.

Additionally, the new draft renamed (request-target) to @request-target.
We now support both for incoming requests' signatures.
2022-08-18 17:01:34 +02:00
Hélène bb02ee99f5
CommonFixes: more predictable context generation
`context` fields for objects and activities can now be generated based
on the object/activity `inReplyTo` field or its ActivityPub ID, as a
fallback method in cases where `context` fields are missing for incoming
activities and objects.
2022-08-15 01:46:55 +02:00
Haelwenn 93f12c0d0d Merge branch 'from/upstream-develop/tusooa/sync-settings' into 'develop'
Synchronized settings for apps (frontends)

See merge request pleroma/pleroma!3698
2022-08-12 01:34:36 +00:00
Mark Felder cbdc13b767 Fix Varnish 7 support by ensuring Media Preview Proxy fetches headers with a capitalized HEAD verb 2022-08-10 17:09:58 -04:00
Hélène 3b6784b1de
CreateGenericValidator: fix reply context fixing
Incoming Pleroma replies to a Misskey thread were rejected due to a
broken context fix, which caused them to not be visible until a
non-Pleroma user interacted with the replies.

This fix properly sets the post-fix object context to its parent Create
activity as well, if it was changed.
2022-08-10 02:29:38 +02:00
Hélène def0f5dc2e
StatusView: implement pleroma.context field
This field replaces the now deprecated conversation_id field, and now
exposes the ActivityPub object `context` directly via the MastoAPI
instead of relying on StatusNet-era data concepts.
2022-08-10 02:29:38 +02:00
Tusooa Zhu 738ca484fd
Update api spec to reflect OAuth scope change 2022-08-09 18:15:25 -04:00
Hélène a9111bcaf2
StatusView: clear MSB on calculated conversation_id
This field seems to be a left-over from the StatusNet era.
If your application uses `pleroma.conversation_id`: this field is
deprecated.

It is currently stubbed instead by doing a CRC32 of the context, and
clearing the MSB to avoid overflow exceptions with signed integers on
the different clients using this field (Java/Kotlin code, mostly; see
Husky and probably other mobile clients.)

This should be removed in a future version of Pleroma. Pleroma-FE
currently depends on this field, as well.
2022-08-09 20:10:43 +02:00
Hélène 7f71e3d0fe
CommonFields: remove context_id 2022-08-09 20:10:43 +02:00
Hélène f3e061c964
Object: remove context_id field
30 to 70% of the objects in the object table are simple JSON objects
containing a single field, 'id', being the context's ID. The reason for
the creation of an object per context seems to be an old relic from the
StatusNet era, and has only been used nowadays as an helper for threads
in Pleroma-FE via the `pleroma.conversation_id` field in status views.
An object per context was created, and its numerical ID (table column)
was used and stored as 'context_id' in the object and activity along
with the full 'context' URI/string.

This commit removes this field and stops creation of objects for each
context, which will also allow incoming activities to use activity IDs
as contexts, something which was not possible before, or would have been
very broken under most circumstances.

The `pleroma.conversation_id` field has been reimplemented in a way to
maintain backwards-compatibility by calculating a CRC32 of the full
context URI/string in the object, instead of relying on the row ID for
the created context object.
2022-08-09 20:10:43 +02:00
Tusooa Zhu a7f01ffc1d
Make backups require its own scope 2022-08-09 00:34:04 -04:00
Tusooa Zhu a4fa286d20
Use actor_types() to determine whether the Update is for user 2022-08-02 10:37:28 -04:00
Haelwenn b2ba307f4d Merge branch 'from/upstream-develop/tusooa/2871-fix-local-public' into 'develop'
local only fixes

Closes #2871

See merge request pleroma/pleroma!3660
2022-08-02 05:39:50 +00:00
tusooa c80096522c Merge branch 'develop' into 'from/develop/tusooa/emit-move'
# Conflicts:
#   CHANGELOG.md
#   test/pleroma/user_test.exs
2022-07-31 21:32:49 +00:00
marcin mikołajczak 5d3d6a58f7 Use `duration` param for mute expiration duration
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
2022-07-31 17:22:34 +02:00
Haelwenn 0814d0e0cb Merge branch 'fix/proper-emoji-qualification' into 'develop'
Emoji: implement full-qualifier using combinations

See merge request pleroma/pleroma!3709
2022-07-28 04:46:15 +00:00
Haelwenn 0f9f3d2897 Merge branch 'from/upstream-develop/tusooa/2384-pagination' into 'develop'
Make mutes and blocks behave the same as other lists

Closes #2384

See merge request pleroma/pleroma!3693
2022-07-28 04:37:10 +00:00
Hélène fb3f6e1975
EmojiReactValidator: use new qualification method 2022-07-25 16:49:23 +02:00
Hélène 388bbc4978
EmojiReactValidator: fix emoji qualification
Tries fully-qualifying emoji when receiving them, by adding the emoji
variation sequence to the received reaction emoji.

This issue arises when other instance software, such as Misskey, tries
reacting with emoji that have unqualified or minimally qualified
variants, like a red heart. Pleroma only accepts fully qualified emoji
in emoji reactions, and refused those emoji. Now, Pleroma will attempt
to properly qualify them first, and reject them if checks still fail.

This commit contains changes to tests proposed by lanodan.

Co-authored-by: Haelwenn <contact+git.pleroma.social@hacktivis.me>
2022-07-24 13:36:06 +02:00
Tusooa Zhu 997f08b350
Make AntiLinkSpamPolicy history-aware 2022-07-24 00:18:09 -04:00
Tusooa Zhu d877d2a4e7
Make HashtagPolicy history-aware 2022-07-24 00:02:39 -04:00
Tusooa Zhu 82c8fc1ede
Make NoEmptyPolicy work with Update 2022-07-23 23:24:25 -04:00
Tusooa Zhu 46a5c06853
Make NormalizeMarkup history-aware 2022-07-23 22:50:38 -04:00
Tusooa Zhu fc7ce5f93c
Make NoPlaceholderTextPolicy history-aware 2022-07-23 22:41:04 -04:00
Tusooa Zhu dce7e42928
Make MediaProxyWarmingPolicy history-aware 2022-07-23 22:34:03 -04:00
Tusooa Zhu 0a337063e1
Make ForceMentionsInContent history-aware 2022-07-23 22:23:57 -04:00
Tusooa Zhu cd19537f39
Make EnsureRePrepended history-aware 2022-07-23 17:48:39 -04:00
Tusooa Zhu eba9b0760f
Make MRF Keyword history-aware 2022-07-23 15:56:36 -04:00
tusooa 301ce5bc62 Merge branch 'mute-expiration' into 'develop'
MastoAPI: Show mutes expiration date

See merge request pleroma/pleroma!3682
2022-07-23 00:34:15 +00:00
Haelwenn cfb21d011f Revert "Merge branch 'fix/emoji-react-qualification' into 'develop'"
This reverts merge request !3684
2022-07-22 23:19:49 +00:00
Haelwenn (lanodan) Monnier eba1666575 AttachmentValidator: fix_media_type/1 fallback to application/octet-stream 2022-07-22 20:30:45 +02:00
Haelwenn (lanodan) Monnier be98900904 ArticleNotePageValidator: Fix when attachments are a Map (ie. owncast) 2022-07-22 20:30:45 +02:00
tusooa c589b8445f Merge branch 'birthday_fix' into 'develop'
Allow to unset birthday

See merge request pleroma/pleroma!3702
2022-07-21 21:27:16 +00:00
Haelwenn 454f892f37 Merge branch 'fix/emoji-react-qualification' into 'develop'
EmojiReactValidator: fix emoji qualification

See merge request pleroma/pleroma!3684
2022-07-21 17:45:47 +00:00
Tusooa Zhu 4350a205a4
Merge remote-tracking branch 'upstream/develop' into HEAD 2022-07-21 13:44:16 -04:00
Haelwenn 1f18ab36b5 Merge branch 'resolve/notice-compatibility-routes-nginx' into 'develop'
Document way to do notice compatibility routes with Nginx reverse-proxy, fixes #2900

Closes #2900

See merge request pleroma/pleroma!3701
2022-07-20 16:57:05 +00:00
marcin mikołajczak fb268c4378 Allow to unset birthday
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
2022-07-17 19:46:29 +02:00
Haelwenn bb4860e222 Merge branch 'from/upstream-develop/tusooa/config-translatable' into 'develop'
Translatable config descriptions

Closes pleroma-meta#65

See merge request pleroma/pleroma!3695
2022-07-17 17:34:21 +00:00
Sean King 64e16e6a4b
Document way to do notice compatibility routes with Nginx reverse-proxy instead 2022-07-16 23:44:37 -06:00
tusooa 8aba7c08d1 Merge branch 'notification_types' into 'develop'
MastoAPI: Use `types` for filtering notifications

See merge request pleroma/pleroma!3648
2022-07-17 03:17:43 +00:00
Tusooa Zhu 8371fd8ca2
Implement settings api 2022-07-16 01:20:25 -04:00
Tusooa Zhu 1d7e8d6e01
Pass in msgctxt for config translation strings 2022-07-14 17:41:33 -04:00
Ilja c045a49909 Add privilege for announcements 2022-07-14 08:40:26 +02:00
Ilja 44d14e8a9c Merge branch 'develop' of https://git.pleroma.social/pleroma/pleroma into fine_grained_moderation_privileges 2022-07-14 07:07:19 +02:00
Tusooa Zhu 20588517fc
Make admin api use translated config descriptions 2022-07-13 18:31:35 -04:00
tusooa fdc71f6051 Merge branch 'short-description' into 'develop'
Add short_description instance field

Closes #2865

See merge request pleroma/pleroma!3651
2022-07-13 04:42:24 +00:00
Tusooa Zhu c1874bc8f9
Make mutes and blocks behave the same as other lists 2022-07-12 19:03:18 -04:00
Haelwenn 420da14b61 Merge branch 'from/upstream-develop/tusooa/2830-remote-fo-mp' into 'develop'
Pass remote follow avatar into media proxy

Closes #2830

See merge request pleroma/pleroma!3690
2022-07-10 16:19:16 +00:00
Tusooa Zhu 2efc0ffcf0
Pass remote follow avatar into media proxy 2022-07-10 00:12:53 -04:00
Tusooa Zhu 04ded94a50
Fix remote emoji in subject disappearing after edits 2022-07-09 18:00:42 -04:00
Tusooa Zhu f84ed44cea
Fix cannot get full history on object fetch 2022-07-06 01:19:53 -04:00
Ilja f88ed1df75 Merge branch 'develop' of https://git.pleroma.social/pleroma/pleroma into fine_grained_moderation_privileges 2022-07-05 12:05:19 +02:00
Tusooa Zhu 5ce118d970
Validate object data for incoming Update activities
In Create validator we do not validate the object data,
but that is because the object itself will go through the
pipeline again, which is not the case for Update. Thus,
we added validation for objects in Update activities.
2022-07-03 20:21:46 -04:00
Tusooa Zhu 4367489a3e
Pass history items through ObjectValidator for updatable object types 2022-07-03 20:02:52 -04:00
Tusooa Zhu 4edc867b87 Merge branch 'develop' into 'from/upstream-develop/tusooa/edits'
# Conflicts:
#   lib/pleroma/constants.ex
2022-07-03 22:24:57 +00:00
Haelwenn a15b45a589 Merge branch 'bugfix/mime-validation-no-list' into 'develop'
Bugfix: Validate mediaType only by it's format

See merge request pleroma/pleroma!3597
2022-07-03 21:04:41 +00:00
Haelwenn 6b937d1473 Merge branch 'from/upstream-develop/tusooa/server-announcements' into 'develop'
Server announcements (1st pass)

See merge request pleroma/pleroma!3643
2022-07-03 20:58:20 +00:00
Ilja 42d4bd3a5d Rename pipelines and add forgotten tags
I renamed some tags before, but forgot to rename the pipelines
I also had some tags which I forgot to add to the config, description, etc.

These have now been done/added
2022-07-02 08:55:14 +02:00
Ilja c0e4b1b3e2 Fix typo's
priviledge |-> privilege
2022-07-02 07:52:39 +02:00
Ilja 37fdf148b0 Rename privilege tags
I first focussed on getting things working
Now that they do and we know what tags there are, I put some thought in providing better names

I use the form <what_it_controls>_<what_it_allows_you_to_do>

:statuses_read    => :messages_read
:status_delete    => :messages_delete

:user_read        => :users_read
:user_deletion    => :users_delete
:user_activation  => :users_manage_activation_state
:user_invite      => :users_manage_invites
:user_tag         => :users_manage_tags
:user_credentials => :users_manage_credentials

:report_handle    => :reports_manage_reports

:emoji_management => :emoji_manage_emoji
2022-07-01 10:28:09 +02:00
Hélène 11f9f2ef27
EmojiReactValidator: fix emoji qualification
Tries fully-qualifying emoji when receiving them, by adding the emoji
variation sequence to the received reaction emoji.

This issue arises when other instance software, such as Misskey, tries
reacting with emoji that have unqualified or minimally qualified
variants, like a red heart. Pleroma only accepts fully qualified emoji
in emoji reactions, and refused those emoji. Now, Pleroma will attempt
to properly qualify them first, and reject them if checks still fail.
2022-06-28 21:33:57 +02:00
Tusooa Zhu 014096aeef
Make outbound transmogrifier aware of edit history 2022-06-25 11:20:46 -04:00
Tusooa Zhu 5321fd0012
Do not put meta[:object_data] for local Updates 2022-06-25 10:03:19 -04:00
Tusooa Zhu 9c6dae942d
Fix local updates causing emojis to be lost 2022-06-25 09:23:09 -04:00
Tusooa Zhu 99a6f50316
Unify the logic of updating objects 2022-06-25 00:32:22 -04:00