Commit Graph

332 Commits

Author SHA1 Message Date
Haelwenn 05879a3b3e Merge branch '2339-local-remote-mixup' into 'develop'
User: Don't allow local users in remote changesets

Closes #2339

See merge request pleroma/pleroma!3185
2020-12-03 01:28:54 +00:00
Mark Felder 126d236455 We no longer expect mentions to link if they are prefixed with too many @'s 2020-12-02 10:27:55 -06:00
lain 8fb259e739 Emoji: Only accept RGI emoji.
"recommended for general interchange"
2020-12-02 16:46:19 +01:00
lain 3b3cf63118 Emoji: Add test for ZWJ sequence emoji 2020-12-02 16:18:08 +01:00
Egor Kislitsyn c9afb350e7
Document follow relationship updates and cleanup 2020-12-02 19:16:36 +04:00
lain 1adee08321 Emoji: Update to Unicode 13.1, switch base file, allow multichar. 2020-12-02 16:15:03 +01:00
lain 5d15486098 SideEffects: fix test 2020-12-02 14:48:11 +01:00
lain 222312900e User: Don't allow local users in remote changesets 2020-12-02 12:18:43 +01:00
Egor Kislitsyn 35ba48494f
Stream follow updates 2020-12-02 00:18:58 +04:00
rinpatch fc9ebe5073 Search tests: Use on_exit for restoring `persistent_term` state
Otherwise if the assertion failed, the code below which resets the
state would never be reached
2020-12-01 19:45:25 +03:00
Ivan Tashkinov d50a3345ae [#3112] Allowed revoking same-user token from any apps. Added tests. 2020-11-30 21:55:48 +03:00
Ivan Tashkinov 50e47a215f Merge remote-tracking branch 'remotes/origin/develop' into auth-improvements 2020-11-28 21:51:27 +03:00
Ivan Tashkinov f1b07a2b2b OAuth form user remembering feature. Local MastoFE login / logout fixes. 2020-11-28 21:51:06 +03:00
Alexander Strizhakov 6aadb1cb40
digest algorithm is taken from header 2020-11-27 08:10:52 +03:00
Maksim Pechnikov fb72f2034a fix spec 2020-11-25 22:44:27 +03:00
Ivan Tashkinov 62993db499 Merge remote-tracking branch 'remotes/origin/develop' into auth-improvements 2020-11-25 21:48:18 +03:00
Ivan Tashkinov 12a5981cc3 Session token setting on token exchange. Auth-related refactoring. 2020-11-25 21:47:23 +03:00
Mark Felder 3283d0805f Use Jason instead of Poison in tests 2020-11-23 13:28:55 -06:00
lain 67b15cc033 Search: Save detected pg version in a persistent term. 2020-11-23 15:29:55 +01:00
lain f9a4cf2097 Merge branch 'develop' of git.pleroma.social:pleroma/pleroma into websearch 2020-11-23 15:18:19 +01:00
Ivan Tashkinov 489b12cde4 Merge remote-tracking branch 'remotes/origin/develop' into auth-improvements 2020-11-21 19:47:46 +03:00
Ivan Tashkinov ccc2cf0e87 Session-based OAuth auth fixes (token expiration check), refactoring, tweaks. 2020-11-21 19:47:25 +03:00
Alex Gleason 30ed7b502f
Merge remote-tracking branch 'upstream/develop' into registration-workflow 2020-11-21 10:23:53 -06:00
feld ecd1ef8cb5 Merge branch 'fix/2302-report-duplicates' into 'develop'
Fix for forwarded reports

Closes #2303 and #2302

See merge request pleroma/pleroma!3146
2020-11-20 18:40:15 +00:00
lain 8532325d65 SearchController Test: Fix test. 2020-11-20 16:29:11 +01:00
lain 9a1e5f5d48 Search: Change search method based on detected pg version 2020-11-20 16:26:43 +01:00
feld 79a509ee61 Merge branch '2301-users-search-discoverability-fix' into 'develop'
[#2301] Proper handling of User.is_discoverable

Closes #2301

See merge request pleroma/pleroma!3162
2020-11-19 20:33:52 +00:00
feld cd1b4155d5 Merge branch 'oban-jobs-to-simple-tasks' into 'develop'
Moving some background jobs into simple tasks

Closes #1790

See merge request pleroma/pleroma!3129
2020-11-19 20:32:32 +00:00
Maksim Pechnikov 66f411fba0 added subject actor to moderation log 2020-11-19 22:13:45 +03:00
Ivan Tashkinov b27d8f7437 Merge remote-tracking branch 'remotes/origin/develop' into 2301-users-search-discoverability-fix
# Conflicts:
#	CHANGELOG.md
2020-11-19 19:35:44 +03:00
lain 5e04f4156c Merge branch 'develop' of git.pleroma.social:pleroma/pleroma into websearch 2020-11-19 17:32:57 +01:00
Ivan Tashkinov e164c37139 [#2301] Proper handling of `User.is_discoverable`: users appear in in-service search but are hidden from external services like search bots. 2020-11-19 19:30:02 +03:00
Haelwenn c8d11c3064 Merge branch '2317-old-reset-tokens' into 'develop'
Resolve "Don't allow old password reset tokens"

Closes #2317

See merge request pleroma/pleroma!3160
2020-11-19 16:22:14 +00:00
lain 783fa797bb SearchController Test: Fix test 2020-11-19 16:53:26 +01:00
lain 81b6f02a5e Search Test: linting 2020-11-19 16:48:51 +01:00
lain a60242464e Search: Add option to search with the websearch function 2020-11-19 16:12:01 +01:00
Ivan Tashkinov fcad3e716a [#2301] Quick fix: users with is_discoverable == false (default!) are included in search results. 2020-11-19 18:08:22 +03:00
Alexander Strizhakov 46dab37351
little fix 2020-11-19 15:29:26 +03:00
lain 11e0d5f9ac Password Resets: Don't accept tokens above a certain age.
By default, one day
2020-11-19 12:27:06 +01:00
Alexander Strizhakov 4aaffe3a10
log capture 2020-11-19 09:58:32 +03:00
Alexander Strizhakov be0b874e1d
fix for mastodon forwarded reports 2020-11-19 09:53:14 +03:00
Alexander Strizhakov a840aefda8
formatting 2020-11-19 09:53:13 +03:00
Alexander Strizhakov e2bf6b1f7e
fix for forwarded reports 2020-11-19 09:53:13 +03:00
minibikini 6669ac5bf7 Merge branch 'develop' into 'hide-muted-reactions'
# Conflicts:
#   CHANGELOG.md
2020-11-18 20:22:40 +00:00
lain aae669d05e Merge branch 'fix/webpush-and-emojireact' into 'develop'
Push notifications: add pleroma:emoji_reaction, improve tests

Closes #2185

See merge request pleroma/pleroma!3141
2020-11-18 18:33:48 +00:00
lain 6b32e1de23 Merge branch 'frontend-admin-api' into 'develop'
Add an API to manage frontends

Closes #2238

See merge request pleroma/pleroma!3108
2020-11-18 17:51:57 +00:00
Maksim Pechnikov 9c5d1cb9ed fix tests 2020-11-18 09:58:51 +03:00
Mark Felder 415481a4d9 Add test for POST when push is disabled
Also group together the tests verifiying failure when disabled
2020-11-17 22:18:22 +00:00
Mark Felder 3eaa5335c9 Revert adding extra alert types here 2020-11-17 21:37:17 +00:00
Mark Felder d9732fb7d3 Fix incorrect test description 2020-11-17 21:34:18 +00:00
Mark Felder ff7a4b6aa2 Test that we ignore invalid subscription alert types separately. 2020-11-17 20:22:25 +00:00
Mark Felder 30f140e570 Ensure all supported push notification subscription alert types are tested 2020-11-17 20:22:25 +00:00
Mark Felder 499faa82f6 Synchronize reaction notification text with PleromaFE's style 2020-11-17 20:22:24 +00:00
Mark Felder 67a6abd071 Update OpenAPI spec/schema and test to verify support for pleroma:emoji_reaction subscriptions 2020-11-17 20:20:00 +00:00
Mark Felder 3ce11b830e Add capability for emoji reaction push notifications 2020-11-17 20:20:00 +00:00
lain bb9650f3c2 FrontendController: Return error on installation error. 2020-11-17 16:43:07 +01:00
feld d33b9e7b33 Merge branch 'remove/fedsockets' into 'develop'
Remove FedSockets

See merge request pleroma/pleroma!3155
2020-11-17 14:58:33 +00:00
Egor Kislitsyn f69fe36ebf
Merge branch 'develop' into frontend-admin-api 2020-11-17 18:34:04 +04:00
Egor Kislitsyn d48dbfab2b
Merge remote-tracking branch 'origin/develop' into hide-muted-reactions 2020-11-17 18:30:10 +04:00
Egor Kislitsyn 79d2d3f609
Merge branch 'develop' into hide-muted-reactions 2020-11-17 18:29:52 +04:00
rinpatch 2c55f7d7cb Remove FedSockets
Current FedSocket implementation has a bunch of problems. It doesn't
have proper error handling (in case of an error the server just doesn't
respond until the connection is closed, while the client doesn't match
any error messages and just assumes there has been an error after 15s)
and the code is full of bad descisions (see: fetch registry which uses
uuids for no reason and waits for a response by recursively querying a
 ets table until the value changes, or double JSON encoding).

Sometime ago I almost completed rewriting fedsockets from scrach to
adress these issues. However, while doing so, I realized that fedsockets
 are just too overkill for what they were trying to accomplish, which is
 reduce the overhead of federation by not signing every message.
This could be done without reimplementing failure states and endpoint
 logic we already have with HTTP by, for example, using TLS cert auth,
or switching to a more performant signature algorithm. I opened
https://git.pleroma.social/pleroma/pleroma/-/issues/2262 for further
discussion on alternatives to fedsockets.

From discussions I had with other Pleroma developers it seems like they
 would approve the descision to remove them as well,
therefore I am submitting this patch.
2020-11-17 17:28:30 +03:00
lain 61f86774d1 Merge branch 'chores/note-handling-move' into 'develop'
Chores/note handling move

See merge request pleroma/pleroma!3122
2020-11-17 14:16:53 +00:00
lain fec1ed802e Merge branch 'develop' of git.pleroma.social:pleroma/pleroma into feature/local-only-scope 2020-11-17 15:01:38 +01:00
lain 81293e5aad ActivityPubController: Don't return local only objects 2020-11-17 13:11:39 +01:00
Mark Felder b1466661eb Use absolute URLs to thumbnail and background in /api/v1/instance 2020-11-16 21:29:15 +00:00
Maksim Pechnikov e4b202d905 added test 2020-11-16 22:23:28 +03:00
Egor Kislitsyn fb41bd1a85 Hide reactions from muted and blocked users 2020-11-16 22:50:14 +04:00
Maksim Pechnikov e1d25bad0c fix tests 2020-11-16 21:45:37 +03:00
Alex Gleason 9546c1444c
Merge remote-tracking branch 'upstream/develop' into registration-workflow 2020-11-14 19:48:47 -06:00
Maksim Pechnikov 36ec604521 added test 2020-11-14 08:30:22 +03:00
lain 0d149502fe Merge branch 'fixes_2034_reports_should_send_a_notification_to_admins' into 'develop'
fixes 2034 Make notifs view work for reports

Closes #2034

See merge request pleroma/pleroma!2912
2020-11-13 13:35:47 +00:00
Ilja 70e4b86250 Make notifs view work for reports
* These are the first small steps for issue 2034 "Reports should send a notification to admins".
* I added a new type of notification "pleroma:report" to the the database manually (a migration will need to be written later)
* I added the new type to the notification_controller
* I made the view return the notification. It doesn't include the report itself (yet)
2020-11-13 13:35:46 +00:00
rinpatch 6ca709816f Fix object spoofing vulnerability in attachments
Validate the content-type of the response when fetching an object,
according to https://www.w3.org/TR/activitypub/#x3-2-retrieving-objects.

content-type headers had to be added to many mocks in order to support
this, some of this was done with a regex. While I did go over the
resulting files to check I didn't modify anything unrelated, there is a
 possibility I missed something.

Closes pleroma#1948
2020-11-12 15:25:33 +03:00
Haelwenn 99bc175f02 Merge branch 'title-injection-change' into 'develop'
Title injection change

See merge request pleroma/pleroma!3132
2020-11-12 08:50:26 +00:00
Mark Felder 966663c3f8 Fix tests for other attachment types 2020-11-11 16:17:35 -06:00
Mark Felder 2254e5e595 Render blurhashes in Mastodon API 2020-11-11 12:51:13 -06:00
Mark Felder 6fd72e9e85 Ingest blurhash for attachments if they were federated 2020-11-11 12:27:51 -06:00
Egor Kislitsyn d26a449396
Change endpoint path 2020-11-11 20:39:57 +04:00
Egor Kislitsyn 435bf1f945
Remove FrontendInstallerWorker 2020-11-11 20:12:35 +04:00
lain 631def2df2 RedirectController: Don't replace title, but inject into the meta 2020-11-11 17:10:59 +01:00
Egor Kislitsyn 08cbd655d1
Merge branch 'develop' into frontend-admin-api 2020-11-11 19:53:40 +04:00
Egor Kislitsyn 0118ccb53c
Add `local` visibility 2020-11-11 18:54:01 +04:00
feld 3cd7ea693f Merge branch 'feature/2222-config-descriptions-for-custom-modules' into 'develop'
Config descriptions for custom MRF policies

Closes #2222

See merge request pleroma/pleroma!3128
2020-11-11 13:48:03 +00:00
Alexander Strizhakov 8d218ebaf5
Moving some background jobs into simple tasks
- fetching activity data
- attachment prefetching
- using limiter to prevent overload
2020-11-11 13:39:49 +03:00
Alexander Strizhakov f97f24b067
making credo happy and test fix 2020-11-11 10:48:03 +03:00
Alexander Strizhakov 485697d96c
config descriptions for custom MRF policies 2020-11-10 19:20:14 +03:00
lain 88f6b61a5e Merge branch '2260-wrong-report-link' into 'develop'
Resolve "Wrong user link in Report email"

Closes #2260

See merge request pleroma/pleroma!3121
2020-11-10 11:04:19 +00:00
Alexander Strizhakov 0c68b9ac13
escaping summary and other fields in xml templates 2020-11-10 10:46:57 +03:00
Haelwenn (lanodan) Monnier e010bb292b
NoteHandlingTest: Poison → Jason 2020-11-06 14:04:03 +01:00
Haelwenn (lanodan) Monnier fa1f5d4442
Move TransmogrifierTest for Note to NoteHandlingTest 2020-11-06 08:57:16 +01:00
lain 6d850c46dc AdminEmail: Use AP id as user url. 2020-11-04 17:12:47 +01:00
lain dd2b3a8da9 Merge branch 'develop' of git.pleroma.social:pleroma/pleroma into feature/expire-mutes 2020-11-04 16:51:42 +01:00
lain 4800ee656b Merge branch 'features/federation-status' into 'develop'
Add a federation_status endpoint showing unreachable instances

See merge request pleroma/pleroma!3086
2020-11-04 15:00:52 +00:00
lain 5db4c823b2 Merge branch 'restrict-domain' into 'develop'
View a remote server's timeline

See merge request pleroma/pleroma!2713
2020-11-04 14:54:53 +00:00
Ivan Tashkinov 73e66fd31f Merge remote-tracking branch 'remotes/origin/develop' into auth-improvements 2020-11-04 17:48:10 +03:00
Haelwenn 9c09ea01aa Merge branch '2284-voters-count' into 'develop'
Always return voters_count in polls

See merge request pleroma/pleroma!3120
2020-11-04 14:44:45 +00:00
lain 504a829edb Merge branch 'develop' of git.pleroma.social:pleroma/pleroma into features/federation-status 2020-11-04 15:38:10 +01:00
lain cb3cd3a761 TopicsTest: Small addition. 2020-11-04 15:24:10 +01:00
lain 329aa19c9f Merge branch 'develop' of git.pleroma.social:pleroma/pleroma into alexgleason/pleroma-restrict-domain 2020-11-04 15:05:01 +01:00
lain bc4d9c4ffc Merge branch 'hide-muted-chats' into 'develop'
Hide chats from muted users

Closes #2230

See merge request pleroma/pleroma!3116
2020-11-04 13:48:15 +00:00
Egor Kislitsyn ca95cbe0b4
Add `with_muted` param to ChatController.index/2 2020-11-04 16:40:12 +04:00
lain e46c95b826 Merge branch 'develop' of git.pleroma.social:pleroma/pleroma into frontend-admin-api 2020-11-04 13:23:18 +01:00
lain c7bcbfbc1d Merge branch 'develop' of git.pleroma.social:pleroma/pleroma into feature/local-only-scope 2020-11-04 11:47:41 +01:00
lain 1cfc3278c0 Poll View: Always return `voters_count`. 2020-11-04 10:14:00 +01:00
lain c37118e6f2 Conversations: A few refactors 2020-11-03 13:56:12 +01:00
lain 91f6c32430 Merge branch 'develop' of git.pleroma.social:pleroma/pleroma into a1batross/pleroma-patch-4 2020-11-03 13:45:09 +01:00
Mark Felder 53dd048590 Test the note is returned when fetching a single report 2020-11-02 15:49:07 -06:00
Egor Kislitsyn be52819a11
Hide chats from muted users 2020-11-02 17:51:54 +04:00
lain 24ce324973 Merge branch 'bugfix/poll_replies_count' into 'develop'
side_effects: Don’t increase_replies_count when it’s an Answer

Closes #2274

See merge request pleroma/pleroma!3114
2020-11-02 12:08:20 +00:00
minibikini 6163fbf553 Merge branch 'develop' into 'frontend-admin-api'
# Conflicts:
#   lib/pleroma/web/router.ex
2020-11-02 10:43:45 +00:00
Haelwenn (lanodan) Monnier 4caad4e910
side_effects: Don’t increase_replies_count when it’s an Answer 2020-11-02 05:56:17 +01:00
feld 38b481d112 Merge branch 'feature/account-export' into 'develop'
Add account export

Closes #847

See merge request pleroma/pleroma!2918
2020-10-31 17:03:40 +00:00
Ivan Tashkinov 04f6b48ac1 Auth subsystem refactoring and tweaks.
Added proper OAuth skipping for SessionAuthenticationPlug. Integrated LegacyAuthenticationPlug into AuthenticationPlug. Adjusted tests & docs.
2020-10-31 13:38:35 +03:00
eugenijm 8e41baff40 Add idempotency_key to the chat_message entity. 2020-10-31 05:50:59 +03:00
Egor Kislitsyn a2a7a1f2ff
Merge remote-tracking branch 'origin/develop' into feature/account-export 2020-10-31 00:17:33 +04:00
Egor Kislitsyn d2113428c0
Merge remote-tracking branch 'origin/develop' into feature/account-export 2020-10-30 19:34:02 +04:00
Egor Kislitsyn 1a98476f48 Remove unused aliases 2020-10-30 18:42:43 +04:00
Alibek Omarov 1042c30fa5 ConversationViewTest: fix test 2020-10-30 13:59:53 +01:00
Alibek Omarov 0552a08dfd ConversationControllerTest: fix test, fix formatting 2020-10-30 13:59:53 +01:00
Alibek Omarov 9b93eef715 ConversationView: fix last_status.account being empty, fix current user being included in group conversations 2020-10-30 13:59:53 +01:00
Alibek Omarov 630eb0f939 ConversationViewTest: fix test #2 2020-10-30 12:58:51 +01:00
Alibek Omarov 149589c842 ConversationViewTest: fix test 2020-10-30 12:58:51 +01:00
Alibek Omarov 390a12d4c8 ConversationControllerTest: fix test 2020-10-30 12:58:51 +01:00
minibikini 1cc8e94506 Merge branch 'develop' into 'feature/local-only-scope'
# Conflicts:
#   CHANGELOG.md
2020-10-30 11:18:55 +00:00
Haelwenn 131f3219e6 Merge branch 'issue/2069' into 'develop'
[#2069] unread_conversation_count

See merge request pleroma/pleroma!2939
2020-10-29 23:39:15 +00:00
feld 1cce1bd729 Merge branch 'issue/2137-user-filters-admin-fe' into 'develop'
[#2137] admin/users filters

See merge request pleroma/pleroma!3016
2020-10-29 21:06:15 +00:00
Egor Kislitsyn d83c2bd330
Add support for install via `file` and `build_url` params 2020-10-29 16:37:50 +04:00
Egor Kislitsyn fa902867c0
Merge remote-tracking branch 'origin/develop' into mutes-blocks-pagination 2020-10-29 15:35:42 +04:00
Egor Kislitsyn 8542d2efee
Merge remote-tracking branch 'origin/develop' into feature/local-only-scope 2020-10-29 14:51:23 +04:00
Ivan Tashkinov ba50dc05a8 Merge remote-tracking branch 'remotes/origin/develop' into ostatus-controller-no-auth-check-on-non-federating-instances
# Conflicts:
#	CHANGELOG.md
2020-10-28 19:03:40 +03:00
Mark Felder d2b140a525 Merge branch 'develop' of git.pleroma.social:pleroma/pleroma into issue/2261 2020-10-28 08:48:26 -05:00
Egor Kislitsyn 4a2d7a7a5d
Merge remote-tracking branch 'origin/develop' into feature/account-export 2020-10-28 15:33:36 +04:00
Egor Kislitsyn 4f90077767
Fix warning 2020-10-28 15:32:44 +04:00
feld 1204aaa2e3 Merge branch 'feature/autofollowing' into 'develop'
autofollowing_nicknames

See merge request pleroma/pleroma!3087
2020-10-27 22:55:31 +00:00
Haelwenn d8d4bd15d0 Merge branch '2236-no-name' into 'develop'
Resolve "Account cannot be fetched by some instances"

Closes #2236

See merge request pleroma/pleroma!3101
2020-10-27 22:44:31 +00:00
feld 03a318af9a Merge branch 'develop' into 'feature/autofollowing'
# Conflicts:
#   CHANGELOG.md
2020-10-27 22:13:50 +00:00
Mark Felder f2b74f60f0 Merge branch 'develop' into feature/account-export 2020-10-27 15:16:22 -05:00
Maksim Pechnikov d28f72a55a FrontStatic plug: excluded invalid url 2020-10-27 22:59:27 +03:00
Mark Felder cbe41408e4 phoenix_controller_render_duration is no longer available in telemetry of Phoenix 1.5+ 2020-10-27 14:37:48 -05:00
minibikini 1bfd8528bb Merge branch 'develop' into 'feature/local-only-scope'
# Conflicts:
#   CHANGELOG.md
2020-10-27 18:59:19 +00:00
Mark Felder 291189357b Merge branch 'develop' into feature/account-export 2020-10-27 12:54:33 -05:00
Mark Felder 9e54ef086b Merge branch 'develop' into feature/account-export 2020-10-27 12:51:31 -05:00
feld 5aff479951 Merge branch '1668-prometheus-access-restrictions' into 'develop'
[#1668] App metrics endpoint (Prometheus) access restrictions

Closes #1668

See merge request pleroma/pleroma!3093
2020-10-27 17:47:56 +00:00
feld e062329a17 Merge branch 'develop' into 'feature/autofollowing'
# Conflicts:
#   CHANGELOG.md
2020-10-27 17:42:24 +00:00
Egor Kislitsyn 03e306785b
Add an API endpoint to install a new frontend 2020-10-27 19:20:21 +04:00
lain 9542c5d0f4 Merge branch 'develop' of git.pleroma.social:pleroma/pleroma into 2236-no-name 2020-10-26 16:30:48 +01:00
rinpatch df61071422 Merge branch '2242-nsfw-case' into 'develop'
Resolve "Posts tagged with #NSFW from GS aren't marked as sensitive"

Closes #2242

See merge request pleroma/pleroma!3094
2020-10-23 19:39:42 +00:00
lain 60e379ce0b User: Correctly handle whitespace names. 2020-10-23 13:53:01 +02:00
feld d6907e6e0c Merge branch 'chore/elixir-1.11' into 'develop'
Elixir 1.11 compatibility / Phoenix 1.5+

See merge request pleroma/pleroma!3059
2020-10-22 20:33:52 +00:00
lain 8d251096fe SideEffects: Correctly handle chat messages sent to yourself 2020-10-22 12:22:08 +02:00