Commit Graph

6862 Commits

Author SHA1 Message Date
rinpatch 45c299e5b5 Merge branch '2130-mfa-users-oauth-login-fix' into 'develop'
[#2130] Fixed OAuth OOB authentication for users with enabled MFA

Closes #2130

See merge request pleroma/pleroma!2979
2020-09-10 18:38:48 +00:00
rinpatch 01fa68fe45 Websocket handler: fix never matching code on failed auth
`:cowboy_req.reply` does not return tuples since 2.0, see
https://ninenines.eu/docs/en/cowboy/2.4/manual/cowboy_req.reply/
2020-09-10 21:26:52 +03:00
rinpatch e16e8f9816 Websocket handler: do not raise if handler is terminated before switching protocols
Closes #2131
2020-09-10 21:14:23 +03:00
rinpatch cb06e98da2 websocket handler: Do not log client ping frames as errors 2020-09-10 21:14:23 +03:00
Alexander Strizhakov e8bfb50fa3
pass options without adapter key 2020-09-10 20:09:44 +03:00
Alexander Strizhakov 8af1fd3223
oban warning 2020-09-10 16:01:20 +03:00
Alexander Strizhakov 7dd986a563
expire mfa tokens through Oban 2020-09-10 16:01:19 +03:00
Alexander Strizhakov 3ce658b930
schedule expired oauth tokens deletion with Oban 2020-09-10 16:01:19 +03:00
Ivan Tashkinov cad69669fc [#2130] Fixed OAuth OOB authentication for users with enabled MFA. 2020-09-09 22:44:38 +03:00
rinpatch 0d2814ec8e Metadata: Move restriction check from Feed provider to activated_providers 2020-09-08 20:21:34 +03:00
Mark Felder 2011142ed9 Use :restrict_unauthenticated testing for more granular control 2020-09-08 20:21:34 +03:00
Mark Felder a85ed6defb Do not serve RSS/Atom feeds when instance is private 2020-09-08 20:21:34 +03:00
Mark Felder 14d07081fd Feed provider only generates a redirect, so always activate it.
Making this configurable is misleading.
2020-09-08 20:21:34 +03:00
Mark Felder ff07014b26 Disable providers of user and status metadata when instance is private 2020-09-08 20:21:34 +03:00
Mark Felder 630444ee08 Do not make RelMe metadata provider optional.
There's really no sound reason to turn this off anyway.
2020-09-08 20:21:34 +03:00
Haelwenn (lanodan) Monnier 947ee55ae2 user: harden get_friends_query(), get_followers_query() and their wrappers 2020-09-08 20:21:34 +03:00
Haelwenn (lanodan) Monnier 16c451f8f1 search: Apply following filter only when user is usable 2020-09-08 20:21:34 +03:00
Haelwenn (lanodan) Monnier 10ef532c63 AP C2S: Restrict character limit on Note 2020-09-08 20:21:34 +03:00
Egor Kislitsyn a781ac6ca5 Fix atom leak in AdminAPIController 2020-09-08 20:21:34 +03:00
rinpatch 27c3973b78 Merge branch 'temp-hackney-fix' into 'develop'
temp hackney fix

See merge request pleroma/pleroma!2951
2020-09-08 19:45:44 +03:00
rinpatch 7490b76bbf Merge branch 'fix/upload-filter-exiftool-webp' into 'develop'
Skip processing webp image files because we can't strip EXIF

Closes #2080

See merge request pleroma/pleroma!2924
2020-09-08 19:45:44 +03:00
Haelwenn (lanodan) Monnier 921f926e96
Remove OStatus in testsuite 2020-09-08 18:43:57 +02:00
Haelwenn (lanodan) Monnier ee0e05f930
Drop unused "inReplyToAtomUri" in objects 2020-09-08 18:43:57 +02:00
Alexander Strizhakov 87d2805791
combo fixes 2020-09-08 17:40:23 +02:00
Mark Felder 21efda2edb Merge branch 'develop' of git.pleroma.social:pleroma/pleroma into unlisted 2020-09-08 09:31:26 -05:00
rinpatch 0a05670b44 Merge branch 'fix/upload-filter-exiftool-webp' into 'develop'
Skip processing webp image files because we can't strip EXIF

Closes #2080

See merge request pleroma/pleroma!2924
2020-09-08 12:21:33 +00:00
rinpatch 4b76d7ce67 Merge branch 'fix/admin-controller-atom-leak' into 'develop'
Fix atom leak in AdminAPIController

See merge request pleroma/secteam/pleroma!6
2020-09-08 14:00:00 +03:00
lain 9b85592b8b Merge branch 'fix/rich-media-fake-statuses' into 'develop'
Rich Media: Do not cache URLs for preview statuses

Closes #1987

See merge request pleroma/pleroma!2956
2020-09-08 13:56:42 +03:00
rinpatch 964bc8e2e8 Merge branch 'bugfix/favicon-too-long' into 'develop'
instance: Drop favicon URLs longer than 255 characters

Closes #2116

See merge request pleroma/pleroma!2949
2020-09-08 13:55:52 +03:00
feld 43b07c31cb Merge branch 'fix/2095-deactivated-account-reset' into 'develop'
Disallow password resets for deactivated accounts

Closes #2095

See merge request pleroma/pleroma!2935
2020-09-08 13:53:47 +03:00
rinpatch dccbed856d Merge branch 'http-fixes' into 'develop'
Improvements and fixes for http requests

See merge request pleroma/pleroma!2904
2020-09-08 13:53:16 +03:00
rinpatch ea4b6c64d6 Merge branch 'feat/rich-media-improvements' into 'develop'
Rich media improvements

See merge request pleroma/pleroma!2944
2020-09-08 13:00:49 +03:00
rinpatch 8c3241df44 Merge branch 'fix/2047-rich-media-parser' into 'develop'
RichMedia parser fix

Closes #2047

See merge request pleroma/pleroma!2941
2020-09-08 13:00:15 +03:00
rinpatch 13e606941c Merge branch 'fix/2087-metadata' into 'develop'
Fix/2087 metadata

See merge request pleroma/secteam/pleroma!11
2020-09-08 12:55:30 +03:00
rinpatch 74d46a1b09 Merge branch 'secfix/search-crash' into 'develop'
Fix crash done via search

See merge request pleroma/secteam/pleroma!12
2020-09-08 12:53:11 +03:00
rinpatch 84acfab156 Merge branch 'fix-searching-following' into 'develop'
search: fix 'following' query parameter

See merge request pleroma/pleroma!2943
2020-09-08 12:53:02 +03:00
rinpatch 718c7cc847 Merge branch 'fix/apc2s-limits' into 'develop'
AP C2S: Restrict character limit on Note

Closes #2

See merge request pleroma/secteam/pleroma!9
2020-09-08 12:51:38 +03:00
Mark Felder 4ea07f74e9 Revert/simplify.
We only need to check the content-type. There's no chance a webp file
will get mismatched as another image type.
2020-09-08 12:29:38 +03:00
Mark Felder 216c84a8f4 Bypass the filter based on content-type as well in case a webp image is uploaded with the wrong file extension. 2020-09-08 12:29:38 +03:00
Mark Felder 2165a24974 Improve upload filter return values so we can identify when filters make no changes to the input 2020-09-08 12:29:38 +03:00
Mark Felder fa347b9c2f Fix uploading webp image files when Exiftool Upload Filter is enabled 2020-09-08 12:29:38 +03:00
Alibek Omarov 95688c90ad ForceBotUnlistedPolicy: simplify code 2020-09-08 01:15:15 +02:00
Alibek Omarov 8b695c3eeb ForceBotUnlistedPolicy: format 2020-09-07 22:53:45 +02:00
Alibek Omarov 699224a900 ForceBotUnlistedPolicy: initial add, tiny clean up from my previous version 2020-09-07 22:15:42 +02:00
Alexander Strizhakov 18d21aed00
deprecation warnings 2020-09-07 19:59:17 +03:00
Alexander Strizhakov 696bf09433
passing adapter options directly without adapter key 2020-09-07 19:59:17 +03:00
Alexander Strizhakov a83916fdac
adapter options unification
not needed options deletion
2020-09-07 19:59:17 +03:00
Alexander Strizhakov ee67c98e55
removing Stats worker from Oban cron jobs 2020-09-07 19:16:14 +03:00
rinpatch 6c6de8e5df Merge branch 'temp-hackney-fix' into 'develop'
temp hackney fix

See merge request pleroma/pleroma!2951
2020-09-07 12:47:43 +00:00
rinpatch d5c286b802 Merge branch 'bugfix/favicon-too-long' into 'develop'
instance: Drop favicon URLs longer than 255 characters

Closes #2116

See merge request pleroma/pleroma!2949
2020-09-07 11:12:30 +00:00
lain fdab01ab56 Merge branch 'fix/rich-media-fake-statuses' into 'develop'
Rich Media: Do not cache URLs for preview statuses

Closes #1987

See merge request pleroma/pleroma!2956
2020-09-07 10:19:19 +00:00
Haelwenn (lanodan) Monnier 08aef7dd4e
instance: Log catch favicon errors as warnings 2020-09-07 08:40:52 +02:00
rinpatch 170599c390 RichMedia: do not log webpages missing metadata as errors
Also fixes the return value of Parser.parse on errors, previously
was just `:ok` due to the logger call in the end
2020-09-05 22:05:35 +03:00
rinpatch 129a2f48df ConnectionPool middleware: handle connection opening errors 2020-09-05 21:36:17 +03:00
rinpatch 9d6aca5bee ConnectionPool: fix the previous hotfix
I rushed the hotfix and forgot how `pop_in` actually works,
I want to die. We need some integration tests for the HTTP client
2020-09-05 21:27:06 +03:00
rinpatch 5298de3be6 ConnectionPool middleware: fix a crash due to unimplemented behaviour
Structs don't implement Access behaviour, so this crashed. Tests didn't
catch it and I didn't test that part of the codepath. Very sorry
2020-09-05 21:17:03 +03:00
rinpatch e198ba492e Rich Media: Do not cache URLs for preview statuses
Closes #1987
2020-09-05 20:53:46 +03:00
Haelwenn (lanodan) Monnier 0d91f65284
Prevent AccountView and instance.get_or_update_favicon fails 2020-09-05 05:43:50 +02:00
rinpatch 10da13c713 ConnectionPool middleware: Fix connection leak on ReverseProxy redirects
Requires a patched Tesla due to upstream not saving opts between
redirects, patch submitted at https://github.com/teamon/tesla/pull/414
2020-09-04 22:10:40 +03:00
Alexander Strizhakov 473458b0fb
fix for ReverseProxy 2020-09-04 14:45:30 +03:00
Alexander Strizhakov 8bd2b6eb13
temp hackney fix 2020-09-04 14:24:15 +03:00
rinpatch d34fe2840d HTTP: radically simplify pool checkin/checkout
Use a custom tesla middleware instead of adapter helper function +
custom redirect middleware.

This will also fix "Client died before releasing the connection"
messages when the request pool is overloaded. Since the checkout is
now done after passing ConcurrentLimiter.

This is technically less efficient, since the connection needs to be
checked in/out every time the middleware is left or entered respectively.
But I don't think the nanoseconds we might lose on redirects
to the same host are worth the complexity.
2020-09-03 23:44:13 +03:00
lain 9433311923 Merge branch 'bugfix/incoming-poll-emoji' into 'develop'
Fix emoji in Question, force generated context/context_id insertion

Closes #1870

See merge request pleroma/pleroma!2915
2020-09-03 11:50:30 +00:00
feld d1a6f67b1d Merge branch 'fix/2095-deactivated-account-reset' into 'develop'
Disallow password resets for deactivated accounts

Closes #2095

See merge request pleroma/pleroma!2935
2020-09-02 17:11:24 +00:00
lain 0ab03e8564 Merge branch 'fix/1991-tzdata-update' into 'develop'
user agent if Endpoint is not started yet

Closes #1991

See merge request pleroma/pleroma!2945
2020-09-02 17:09:55 +00:00
lain 119e11f455 Merge branch 'bugfix/mastoapi-lists' into 'develop'
Fix removing an account from a list

Closes #2103

See merge request pleroma/pleroma!2940
2020-09-02 17:03:45 +00:00
lain 581f382e71 ListController: DRY up stuff. 2020-09-02 18:32:00 +02:00
Mark Felder cbf7f0e029 Disallow password resets for deactivated accounts.
Ensure all responses to password reset events are identical.
2020-09-02 09:09:13 -05:00
rinpatch d48fc90978 StatusView: Start fetching rich media cards as soon as possible 2020-09-02 16:45:54 +03:00
Alexander Strizhakov a11f23c130
user agent if Endpoint is not started yet 2020-09-02 15:45:47 +03:00
rinpatch 19691389b9 Rich media: Add failure tracking 2020-09-02 14:59:52 +03:00
rinpatch 46236d1d87 html.ex: optimize external url extraction
By using a :not() selector and only extracting attributes from the
first match.
2020-09-02 12:45:20 +03:00
rinpatch 47ff425cfd Merge branch 'fix/2047-rich-media-parser' into 'develop'
RichMedia parser fix

Closes #2047

See merge request pleroma/pleroma!2941
2020-09-02 09:38:43 +00:00
rinpatch b2d776d77d Merge branch 'http-fixes' into 'develop'
Improvements and fixes for http requests

See merge request pleroma/pleroma!2904
2020-09-02 09:36:56 +00:00
Alexander Strizhakov 84fbf16161
timeout option moved to gun adapter helper 2020-09-02 10:50:51 +03:00
Alexander Strizhakov 1c57ef4498
default pool for tz_data client 2020-09-02 10:33:43 +03:00
Alexander Strizhakov 79f65b4374
correct pool and uniform headers format 2020-09-02 09:16:51 +03:00
Alexander Strizhakov 5e8adf91b4
don't overwrite passed pool option in http clients 2020-09-02 09:04:23 +03:00
Alexander Strizhakov c17d83cd73
improvements and fixes for http requests
- fix for gun worker termination in some circumstances
- pool for http clients (ex_aws, tzdata)
- default pool timeouts for gun
- gun retries on gun_down messages
- s3 upload timeout if streaming enabled
2020-09-02 09:04:23 +03:00
Karol Kosek 868057871a
search: fix 'following' query parameter
The parameter included the accounts that are following you (followers)
instead of those you are actually following.

Co-Authored-By: Haelwenn (lanodan) Monnier <contact@hacktivis.me>
2020-09-02 02:08:43 +02:00
Alexander Strizhakov 03d06062ab
don't fail on url fetch 2020-09-01 19:39:07 +03:00
Haelwenn (lanodan) Monnier d872858046
Fix removing an account from a list
Mastodon (Frontend) changed a different method for deletes,
keeping old format as mastodon documentation is too loose
2020-09-01 12:49:32 +02:00
rinpatch 126461942b User table: ensure bio is always a string
Gets rid of '|| ""' in multiple places and fixes #2067
2020-09-01 10:45:42 +03:00
Haelwenn (lanodan) Monnier d9a21e4784
fetcher: Remove fix_object call for Question activities 2020-09-01 08:35:00 +02:00
Haelwenn (lanodan) Monnier b960cede9a
common_fixes: Force inserting context and context_id 2020-09-01 08:35:00 +02:00
Haelwenn (lanodan) Monnier a142da3e4f
Add new Emoji Ecto.Type and fix emoji in Question 2020-09-01 08:34:57 +02:00
Haelwenn (lanodan) Monnier 2ecc7d9230
transmogrifier: Remove mastodon emoji-format from emoji field 2020-09-01 08:29:53 +02:00
rinpatch dc3a418c27 application.ex: disable warnings_as_errors at runtime
see changed files for rationale
2020-09-01 09:08:54 +03:00
Haelwenn 9d63b2c9db Merge branch 'chat-relation-constraints' into 'develop'
Chats: Add cascading delete on both referenced users.

See merge request pleroma/pleroma!2934
2020-08-31 20:55:05 +00:00
lain 0b621a834a Chats: Add cascading delete on both referenced users.
Also remove the now-superfluous join in the chat controller,
which was only used to filter out these cases.
2020-08-31 16:48:17 +02:00
lain d91c4feebe Notification: Small refactor. 2020-08-31 11:02:54 +02:00
Maksim Pechnikov f0fefc4f5c marks notifications as read after mute 2020-08-28 18:17:44 +03:00
lain 4e022fc16c Merge branch 'develop' of git.pleroma.social:pleroma/pleroma into pleroma-2.1-rc0 2020-08-28 11:33:11 +02:00
Haelwenn 6b01a09a08 Merge branch '2078-list-fixes' into 'develop'
Resolve "List timeline returns incorrectly assigned Account for replies and repeats"

Closes #2070 and #2078

See merge request pleroma/pleroma!2923
2020-08-27 17:05:53 +00:00
lain 82bf27172c Merge branch 'develop' of git.pleroma.social:pleroma/pleroma into pleroma-2.1-rc0 2020-08-27 15:38:03 +02:00
lain 78939c1d16 ChatController: Don't die if the recipient is gone. 2020-08-27 12:13:18 +02:00
lain cfc99fe05c TimelineController: Keys are atoms now.
Closes #2078
Closes #2070
2020-08-26 15:37:30 +02:00
lain fc42446755 Merge branch 'develop' of git.pleroma.social:pleroma/pleroma into pleroma-2.1-rc0 2020-08-26 13:17:39 +02:00
feld fb33321fa2 Merge branch 'feature/1952-read-muted-notifications' into 'develop'
Automatically mark notifications about statuses from muted users and threads as read

Closes #1952

See merge request pleroma/pleroma!2893
2020-08-25 21:32:32 +00:00
lain 112bec5225 Webfinger: Handle bogus ids better. 2020-08-25 17:35:59 +02:00