Commit Graph

279 Commits

Author SHA1 Message Date
Haelwenn 454f892f37 Merge branch 'fix/emoji-react-qualification' into 'develop'
EmojiReactValidator: fix emoji qualification

See merge request pleroma/pleroma!3684
2022-07-21 17:45:47 +00:00
marcin mikołajczak 9022d855cd Check refute User.following?
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
2022-07-13 22:57:42 +02:00
Tusooa Zhu 11a6e88420
Test that Question updates are viable 2022-07-07 15:22:04 -04:00
Tusooa Zhu 069554e925
Guard against outdated Updates
It is possible for an earlier Update to be received by us later.
For this, we now
(1) only allows Updates to poll counts if there is no updated field,
    or the updated field is the same as the last updated date or
    creation date;
(2) does not allow updating anything if the updated field
    is older than the last updated date or creation date;
(3) allows updating updatable fields otherwise (normal updates);
(4) if only the updated field is changed, it does not create
    a new history item on its own.
2022-07-07 15:11:29 -04:00
Ilja f88ed1df75 Merge branch 'develop' of https://git.pleroma.social/pleroma/pleroma into fine_grained_moderation_privileges 2022-07-05 12:05:19 +02:00
Haelwenn 8c78fef56f EmojiReactValidator: apply lanodan's suggestions
These changes make the encoding for the fully-qualified heart emoji very visible in editors.
2022-07-04 00:25:54 +00:00
Tusooa Zhu 5ce118d970
Validate object data for incoming Update activities
In Create validator we do not validate the object data,
but that is because the object itself will go through the
pipeline again, which is not the case for Update. Thus,
we added validation for objects in Update activities.
2022-07-03 20:21:46 -04:00
Tusooa Zhu 4367489a3e
Pass history items through ObjectValidator for updatable object types 2022-07-03 20:02:52 -04:00
Tusooa Zhu 4edc867b87 Merge branch 'develop' into 'from/upstream-develop/tusooa/edits'
# Conflicts:
#   lib/pleroma/constants.ex
2022-07-03 22:24:57 +00:00
Haelwenn a15b45a589 Merge branch 'bugfix/mime-validation-no-list' into 'develop'
Bugfix: Validate mediaType only by it's format

See merge request pleroma/pleroma!3597
2022-07-03 21:04:41 +00:00
Ilja 37fdf148b0 Rename privilege tags
I first focussed on getting things working
Now that they do and we know what tags there are, I put some thought in providing better names

I use the form <what_it_controls>_<what_it_allows_you_to_do>

:statuses_read    => :messages_read
:status_delete    => :messages_delete

:user_read        => :users_read
:user_deletion    => :users_delete
:user_activation  => :users_manage_activation_state
:user_invite      => :users_manage_invites
:user_tag         => :users_manage_tags
:user_credentials => :users_manage_credentials

:report_handle    => :reports_manage_reports

:emoji_management => :emoji_manage_emoji
2022-07-01 10:28:09 +02:00
Hélène 11f9f2ef27
EmojiReactValidator: fix emoji qualification
Tries fully-qualifying emoji when receiving them, by adding the emoji
variation sequence to the received reaction emoji.

This issue arises when other instance software, such as Misskey, tries
reacting with emoji that have unqualified or minimally qualified
variants, like a red heart. Pleroma only accepts fully qualified emoji
in emoji reactions, and refused those emoji. Now, Pleroma will attempt
to properly qualify them first, and reject them if checks still fail.
2022-06-28 21:33:57 +02:00
Tusooa Zhu 014096aeef
Make outbound transmogrifier aware of edit history 2022-06-25 11:20:46 -04:00
Tusooa Zhu 5321fd0012
Do not put meta[:object_data] for local Updates 2022-06-25 10:03:19 -04:00
Tusooa Zhu ee07383191
Use meta[:object_data] in SideEffects for Update 2022-06-24 10:28:58 -04:00
Tusooa Zhu 01321c88b5
Convert incoming Updated object into Pleroma format 2022-06-24 10:25:22 -04:00
Ilja bb61cfee8d Validator for deleting statusses is now done with priviledge instead of superuser 2022-06-21 12:10:27 +02:00
Tusooa Zhu 72ac940618
Fix SideEffectsTest 2022-06-03 21:50:49 -04:00
Tusooa Zhu 410e177b2a
Strip internal fields in formerRepresentation 2022-06-01 12:02:03 -04:00
Tusooa Zhu 8acfe95f3e
Allow updating polls 2022-05-29 22:16:03 -04:00
Tusooa Zhu 5e8aac0e07
Record edit history for Note and Question Updates 2022-05-29 13:54:16 -04:00
Tusooa Zhu 0f6a5eb9a2
Handle Note and Question Updates 2022-05-29 12:54:57 -04:00
Tusooa Zhu 547def67a7
Allow Updates by every actor on the same origin 2022-05-29 11:36:00 -04:00
Hélène a74ce2d77a
StealEmojiPolicy: fix String rejected_shortcodes
* rejected_shortcodes is defined as a list of strings in the
  configuration description. As such, database-based configuration was
  led to handle those settings as strings, and not as the actually
  expected type, Regex.
* This caused each message passing through this MRF, if a rejected
  shortcode was set and the emoji did not exist already on the instance,
  to fail federating, as an exception was raised, swiftly caught and
  mostly silenced.
* This commit fixes the issue by introducing new behavior: strings are
  now handled as perfect matches for an emoji shortcode (meaning that if
  the emoji-to-be-pulled's shortcode is in the blacklist, it will be
  rejected), while still supporting Regex types as before.
2022-05-18 21:25:10 +02:00
Tusooa Zhu 6e5ef7f2eb
Test local-only in ap c2s outbox
Ref: fix-local-public
2022-05-09 18:53:32 -04:00
Haelwenn 4605efe272 Merge branch 'improve_anti_followbot_policy' into 'develop'
Also use actor_type to determine if an account is a bot in antiFollowbotPolicy

Closes #2561

See merge request pleroma/pleroma!3498
2022-05-08 18:10:40 +00:00
Ilja a8093732bd Also use actor_type to determine if an account is a bot in antiFollowbotPolicy 2022-05-08 18:10:40 +00:00
Tusooa Zhu fe933b9bf2
Prevent remote access of local-only posts via /objects
Ref: fix-local-public
2022-05-06 13:54:21 -04:00
Tusooa Zhu 57c030a0a7 Skip cache when /objects or /activities is authenticated
Ref: fix-local-public
2022-05-06 10:23:26 +02:00
Tusooa Zhu fa3157df96 Skip cache when /objects or /activities is authenticated
Ref: fix-local-public
2022-05-06 08:44:03 +02:00
Haelwenn (lanodan) Monnier 030183b35f AttachmentValidator: Use custom ecto type and regex for "mediaType" 2022-03-17 22:37:26 +01:00
Sean King 17aa3644be
Copyright bump for 2022 2022-02-25 23:11:42 -07:00
Alex Gleason 2d77976305
Add tests for mismatched context in replies 2022-02-02 12:19:35 -06:00
Alex Gleason 5a4e3aa715
Test that a Create/Note from Roadhouse validates 2022-02-02 11:02:23 -06:00
Alex Gleason 61dfeca1cc
Test that a Note from Roadhouse validates 2022-02-02 10:38:30 -06:00
Alex Gleason 3bf257171f
ForceMentionsInContent: improve display of Markdown posts 2022-01-27 14:15:06 -06:00
Alex Gleason 27cb3d6273
ForceMentionsInContent: don't apply it to top-level posts 2022-01-26 21:24:26 -06:00
Alex Gleason 0604b0dd09
ForceMentionsInContent: don't mention self 2022-01-25 12:33:47 -06:00
Alex Gleason 0f4e0e667e Merge branch 'recipients-inline' into 'develop'
ForceMentionsInContent: wrap mentions in a span, fix the formatting

See merge request pleroma/pleroma!3620
2022-01-25 17:43:39 +00:00
Alex Gleason 65b4d2ce84
ForceMentionsInContent: fix order of mentions 2022-01-25 10:42:34 -06:00
Alex Gleason 267184b70e
ForceMentionsInContentTest: return mentions in a not terrible format 2022-01-24 20:03:43 -06:00
marcin mikołajczak e3d394eef6 Birthdays: Fix tests, add test for misskey
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
2022-01-23 09:41:21 +01:00
Alex Gleason 6ffe43af70 Merge branch 'private-pins' into 'develop'
Support private pinned posts from Mastodon

See merge request pleroma/pleroma!3611
2022-01-20 23:18:24 +00:00
marcin mikołajczak 88c21b9282 Support private pinned posts from Mastodon
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
2022-01-20 12:35:32 +01:00
rinpatch a02cfd7f52 Add ForceMentionsInContentPolicy
Even though latest PleromaFE supports displaying these properly, mobile
apps still exist, so I think we should offer a workaround to those who
want it.
2022-01-19 21:04:57 +03:00
Tusooa Zhu 4f44fd32ea
Federate unfollow activity in move_following properly
0: Use the CommonAPI unfollow function to make sure the
unfollow activity is federated.

1: Limit the follow and unfollow to local followers only,
while let the romote servers decide whether to move their followers.

Ref: emit-move
2021-12-28 01:11:08 -05:00
Tusooa Zhu e41eee5ed1
Make Move activity federate properly
Ref: emit-move
2021-12-28 01:11:08 -05:00
Tusooa Zhu 8376e83f61
Lint 2021-12-17 16:52:50 -05:00
Tusooa Zhu 951d1592c7
Add test to ensure removed follower cease to have relationship with ex-followee
https://git.pleroma.social/pleroma/pleroma/-/issues/2802
2021-12-17 16:44:22 -05:00
Tusooa Zhu bfd870380c
Add test to ensure the blocked cease to have follow relationship to the blocker
https://git.pleroma.social/pleroma/pleroma/-/issues/2766
2021-12-17 14:44:28 -05:00
Tusooa Zhu 3d41ccc47b
Allow updating accepted follow activities in Web.ActivityPub.Utils.update_follow_state_for_all/2
Mastodon uses the Reject activity also for the purpose of removing
a follower, in addition to reject a follow request. We should
also update the original Follow activity in this case.
2021-12-17 14:17:51 -05:00
Alex Gleason 01cc099c8e
VideoHandlingTest: remove nil values 2021-12-07 21:55:54 -05:00
Haelwenn 992d9287d0 Apply alexgleason's suggestion(s) to 1 file(s) 2021-12-07 22:53:36 +00:00
Alex Gleason 2c96668a2c
Merge remote-tracking branch 'origin/develop' into fix-attachment-dimensions 2021-12-07 13:41:54 -05:00
Alex Gleason 335684182a
Fix VideoHandlingTest 2021-12-07 13:35:34 -05:00
Alex Gleason 3f03d71ea6
AttachmentValidator: ingest width and height 2021-12-07 12:59:03 -05:00
Alex Gleason d9349bc52f
Transmogrifier: test fix_attachments/1 2021-12-07 01:10:47 -05:00
FloatingGhost db46913dcc make linter happy 2021-12-06 11:50:51 +00:00
FloatingGhost cd8bdbc761 Make deactivated user check into a subquery
Fixes #2792
2021-12-06 11:44:17 +00:00
lain 4d341f51e1 Merge branch 'fix-tests' into 'develop'
Test fixes

See merge request pleroma/pleroma!3532
2021-11-15 14:31:27 +00:00
lain e2772d6bf1 Merge branch 'block-behavior' into 'develop'
Configurable block visibility, fixes #2123

Closes #2123

See merge request pleroma/pleroma!3242
2021-11-15 14:27:59 +00:00
Lain Soykaf 2dea4a8c04 StealEmojiPolicyTest: Make mocks explicit. 2021-11-14 11:44:24 +01:00
Haelwenn (lanodan) Monnier 23161526d4 object_validators: Group common fields in CommonValidations
Notes:
- QuestionValidator didn't have a :name field but that seems like a mistake
- `_fields` functions can't inherit others because of some Validators
- bto/bcc fields were absent in activities, also seems like a mistake
  (Well IIRC we don't or barely support bto/bcc anyway)
2021-10-10 02:50:06 +02:00
Haelwenn bc62a35282 Merge branch 'features/ingestion-no-nil' into 'develop'
ObjectValidator.stringify_keys: filter out nil values

See merge request pleroma/pleroma!3506
2021-08-28 16:07:35 +00:00
Haelwenn 773708cfe8 Merge branch 'builder-note' into 'develop'
CommonAPI.Utils.make_note_data/1 --> ActivityPub.Builder.note/1

See merge request pleroma/pleroma!3511
2021-08-14 18:32:40 +00:00
Alex Gleason ba6049aa81
Builder.note/1: return {:ok, map(), keyword()} like other Builder functions 2021-08-14 11:24:55 -05:00
Alex Gleason a2eacfc525
CommonAPI.Utils.make_note_data/1 --> ActivityPub.Builder.note/1 2021-08-14 11:01:06 -05:00
Haelwenn (lanodan) Monnier 8baaa36a16
ObjectAgePolicy: Fix pattern matching on published
Backport of: https://git.pleroma.social/pleroma/pleroma/-/merge_requests/3500
2021-08-13 17:56:46 +02:00
Haelwenn (lanodan) Monnier 61d233921c
ObjectValidator.stringify_keys: filter out nil values 2021-08-11 21:38:10 +02:00
Haelwenn (lanodan) Monnier c64eae40a2
ObjectAgePolicy: Fix pattern matching on published 2021-08-10 07:41:06 +02:00
Haelwenn 901204df22 Merge branch 'poll-notification' into 'develop'
MastodonAPI: Support poll notification

See merge request pleroma/pleroma!3484
2021-08-09 10:02:37 +00:00
Ilja 27fe7b0274
Make quarentine work with list of tuples instead of strings 2021-08-06 07:59:52 +02:00
Ilja dd947d9bc8
Add tests for setting `:instance, :quarantined_instances`
No test was done for quarantined instances yet. I added a factory for followers_only notes and checked
* That no followers only post is send when the target server is quarantined
* That a followers only post is send when the target server is not quarantined
2021-08-06 07:59:52 +02:00
Ilja 4ba0beb60c
Make mrfSimple work with tuples
* Changed SimplePolicy
* I also grepped in test/ for ':mrf_simple' to see what other things could be affected
2021-08-06 07:58:58 +02:00
Alex Gleason 62bf6d67e3
Merge remote-tracking branch 'pleroma/develop' into poll-notification-fixes 2021-07-18 11:49:22 -05:00
Alex Gleason 0b1c05ca1e
Poll notification: trigger PollWorker through common_pipeline 2021-07-18 11:10:23 -05:00
Haelwenn 173e977e28 Merge branch 'features/ingestion-page' into 'develop'
Pipeline Ingestion: Page

See merge request pleroma/pleroma!3097
2021-07-12 05:05:49 +00:00
Haelwenn (lanodan) Monnier 6dc78f5f6f
AP C2S: Remove restrictions and make it go through pipeline 2021-07-12 06:49:41 +02:00
Haelwenn (lanodan) Monnier c839078a75
ObjectValidators.{Announce,EmojiReact,Like}: Fix context, actor & addressing 2021-06-09 04:23:02 +02:00
Haelwenn (lanodan) Monnier eb7313b0d3
Pipeline Ingestion: Page 2021-06-04 20:06:33 +02:00
feld 0ddf492c5d Merge branch 'cycles-base-url' into 'develop'
Deprecate Pleroma.Web.base_url/0

See merge request pleroma/pleroma!3432
2021-06-01 16:15:27 +00:00
Haelwenn c4b4258374 Merge branch 'features/validators-note' into 'develop'
Pipeline Ingestion: Note

Closes #290

See merge request pleroma/pleroma!2984
2021-06-01 01:51:38 +00:00
Alex Gleason f2134e605b
Merge remote-tracking branch 'pleroma/develop' into cycles-base-url 2021-05-31 16:49:46 -05:00
Alex Gleason 51a9f97e87
Deprecate Pleroma.Web.base_url/0
Use Pleroma.Web.Endpoint.url/0 directly instead. Reduces compiler cycles.
2021-05-31 16:48:03 -05:00
feld 359ded086c Merge branch 'simplepolicy-announce-leak' into 'develop'
SimplePolicy: filter nested objects, fixes #2582

Closes #2582

See merge request pleroma/pleroma!3376
2021-05-28 19:05:13 +00:00
Mark Felder 4694853766 Provide totalItems field for featured collections 2021-05-27 12:17:31 -05:00
Alex Gleason ff02511057
Merge remote-tracking branch 'upstream/develop' into attachment-meta 2021-05-12 20:10:52 -05:00
Alex Gleason 4c060ae733
Ingest remote attachment width/height 2021-05-12 15:38:49 -05:00
Alex Gleason 926a233cc4
Merge remote-tracking branch 'upstream/develop' into simplepolicy-announce-leak 2021-04-30 14:21:17 -05:00
Alex Gleason c16c7fdb87
SimplePolicy: filter string Objects 2021-04-30 14:20:54 -05:00
Alex Gleason 3d742c3c1a
SimplePolicy: filter nested objects 2021-04-30 14:20:37 -05:00
Alex Gleason 762be6ce10
Merge remote-tracking branch 'upstream/develop' into block-behavior 2021-04-29 11:14:32 -05:00
rinpatch 15f87cf658 Merge branch 'features/ingestion-ecto-tag' into 'develop'
TagValidator: New

See merge request pleroma/pleroma!3244
2021-04-16 09:55:55 +00:00
rinpatch 79376b4afb Merge branch 'feature/521-pinned-post-federation' into 'develop'
Pinned posts federation

Closes #521

See merge request pleroma/pleroma!3312
2021-04-16 09:53:47 +00:00
Haelwenn (lanodan) Monnier 53193b84b1
utils: Fix maybe_splice_recipient when "object" isn’t a map 2021-04-05 19:19:12 +02:00
Haelwenn (lanodan) Monnier b0c778fde7
NoteHandlingTest: remove fix_explicit_addressing-related test 2021-04-05 19:19:12 +02:00
Haelwenn (lanodan) Monnier d1205406d9
ActivityPubControllerTest: Apply same addr changes to object 2021-04-05 19:19:12 +02:00
Haelwenn (lanodan) Monnier 641184fc7a
recipients fixes/hardening for CreateGenericValidator 2021-04-05 19:19:11 +02:00
Haelwenn (lanodan) Monnier c944932674
Pipeline Ingestion: Note 2021-04-05 19:19:11 +02:00
Haelwenn (lanodan) Monnier e2a3365b5c
ObjectValidator.CommonFixes: Introduce fix_objects_defaults and fix_activity_defaults 2021-04-05 19:19:11 +02:00