Commit Graph

8908 Commits

Author SHA1 Message Date
Lain Soykaf 4a32b584e1 StatusView: Fix warning 2022-12-15 18:02:33 -05:00
Lain Soykaf 9838790a7d AttachmentValidator: Actually require url 2022-12-15 17:46:20 -05:00
Lain Soykaf 63d00f8123 Merge branch 'develop' of git.pleroma.social:pleroma/pleroma into update-deps 2022-12-15 17:19:36 -05:00
tusooa 2554028097
Make SimplePolicy Update-aware
This is inspired by d5828f1c5e
2022-12-15 11:57:45 -05:00
tusooa dc7efcd08b
Make TagPolicy Update-aware
This is inspired by d5828f1c5e
2022-12-15 11:08:24 -05:00
tusooa 62c27e0164
Fix failure when registering a user with no email when approval required 2022-12-14 01:04:42 -05:00
duponin 9876742358 Return 413 when an actor's banner or background exceeds the size limit 2022-12-11 23:15:08 +01:00
duponin 452595baed Uploading an avatar media exceeding max size returns a 413
Until now it was returning a 500 because the upload plug were going
through the changeset and ending in the JSON encoder, which raised
because struct has to @derive the encoder.
2022-12-11 22:54:47 +01:00
Haelwenn 204fd6faae Merge branch 'from/upstream-develop/tusooa/report-fake' into 'develop'
Report an Object, not a Create Activity

Closes #2986

See merge request pleroma/pleroma!3788
2022-12-09 14:25:24 +00:00
ave 0f88c2bca4 Change follow_operation schema to use type BooleanLike 2022-11-28 00:13:34 +00:00
Hélène 542bb17258 ArticleNotePageValidator: fix replies fixing
Some software, like GoToSocial, expose replies as ActivityPub
Collections, but do not expose any item array directly in the object,
causing validation to fail via the ObjectID validator. Now, Pleroma will
drop that field in this situation too.
2022-11-27 04:54:19 +01:00
FloatingGhost 747311f623 fix resolution of GTS user keys 2022-11-27 04:54:18 +01:00
Tusooa Zhu 11d5ad24c5 Make local-only posts stream in local timeline 2022-11-27 04:39:32 +01:00
Tusooa Zhu e46c3a0595 Do not stream out Create of ChatMessage 2022-11-27 04:39:32 +01:00
Tusooa Zhu 09ab51eebb Make mutes and blocks behave the same as other lists 2022-11-27 04:21:58 +01:00
Haelwenn (lanodan) Monnier 7ec3469bea Transmogrifier: Use validating regex for "mediaType" 2022-11-27 04:21:31 +01:00
Haelwenn (lanodan) Monnier 8640d217b1 AttachmentValidator: Use custom ecto type and regex for "mediaType" 2022-11-27 04:21:31 +01:00
Haelwenn (lanodan) Monnier da71092003 EctoType: Add MIME validator 2022-11-27 04:21:31 +01:00
Ilja 4504c81080 Delete report notifs when demoting from superuser
When someone isn't a superuser any more, they shouldn't see the reporsts any more either.
Here we delete the report notifications from a user when that user gets updated from being a superuser to a non-superuser.
2022-11-27 04:20:11 +01:00
Haelwenn 7f0b3161ea Merge branch 'akoma/deactivated-users' into 'develop'
Timeline query performance improvements

See merge request pleroma/pleroma!3779
2022-11-20 23:40:58 +00:00
tusooa 9d99e76a3a
Fix unit tests 2022-11-20 00:57:04 -05:00
tusooa 0e0c316c76
Fix report api 2022-11-20 00:35:52 -05:00
tusooa a69e9ae2ef
Flag an Object, not an Activity 2022-11-19 23:51:43 -05:00
HJ a31d3589ed Update http_security_plug.ex 2022-11-17 12:03:01 -05:00
HJ 79bd363a68 Update lib/pleroma/web/plugs/http_security_plug.ex 2022-11-17 12:03:01 -05:00
Henry Jameson db76ea578a try to fix ruffle on chrome 2022-11-17 12:03:01 -05:00
feld a9d991d31e Merge branch 'develop' into 'akoma/deactivated-users'
# Conflicts:
#   CHANGELOG.md
2022-11-14 14:03:11 +00:00
lain 0e1356ef9c Merge branch 'akkoma/delete-improvements' into 'develop'
Alter priority of Delete activities to be lowest

See merge request pleroma/pleroma!3782
2022-11-14 07:24:46 +00:00
lain 76ed0da09f Merge branch 'bugfix/reset-unreachable-on-fetch' into 'develop'
Object.Fetcher: Set reachable on successful fetch

See merge request pleroma/pleroma!3780
2022-11-14 07:22:33 +00:00
Mark Felder 2e0089dd5c Alter priority of Delete activities to be lowest
This will prevent a user with a large number of posts from negatively affecting performance of the outgoing federation queue if they delete their account.
2022-11-13 14:11:48 -05:00
Haelwenn a2db64b12b Merge branch 'fix-typo-in-csp-report-to-header-name' into 'develop'
Fix typo in CSP Report-To header name

See merge request pleroma/pleroma!3768
2022-11-13 18:53:59 +00:00
Mark Felder 47b9847edd Deletes do not generate notifications of any kind, so skip trying 2022-11-13 12:25:52 -05:00
Haelwenn (lanodan) Monnier b2713357b9 Object.Fetcher: Set reachable on successful fetch 2022-11-13 16:51:12 +01:00
Mark Felder edaf0a05f8 Add same optimized join for excluding invisible users 2022-11-12 18:06:28 -05:00
Mark Felder 749445dd50 Fix reports which do not have a user
The check for deactivated users was being applied to report activities.
2022-11-12 17:54:11 -05:00
FloatingGhost 4d321be05c Extract deactivated users query to a join 2022-11-12 17:52:28 -05:00
feld 3d1828f43b Merge branch 'oban-timeouts' into 'develop'
Define sane Oban Worker timeouts

See merge request pleroma/pleroma!3777
2022-11-12 22:13:28 +00:00
tusooa 1b0e47b79b Merge branch 'from/upstream-develop/tusooa/no-strip-report' into 'develop'
Give admin the choice to not strip reported statuses

Closes #2887

See merge request pleroma/pleroma!3773
2022-11-12 17:55:50 +00:00
Mark Felder 8be7f87e1f Define sane Oban Worker timeouts 2022-11-11 13:46:27 -05:00
Mark Felder 6b87b3f2ea Remove Quack logging backend 2022-11-11 12:36:29 -05:00
tusooa 717c5901f8
Render a generated reported activity properly 2022-11-09 23:02:27 -05:00
tusooa 6f047cc308
Do not strip reported statuses when configured not to 2022-11-09 22:36:57 -05:00
Haelwenn (lanodan) Monnier 648e012022 ObjectAgePolicy: Make strip_followers behavior for followers-only explicit 2022-11-07 14:58:47 +01:00
Thomas Citharel bdedc41cbc
Fix typo in CSP Report-To header name
The header name was Report-To, not Reply-To.

In any case, that's now being changed to the Reporting-Endpoints HTTP
Response Header.
https://w3c.github.io/reporting/#header
https://github.com/w3c/reporting/issues/177

CanIUse says the Report-To header is still supported by current Chrome
and friends.
https://caniuse.com/mdn-http_headers_report-to

It doesn't have any data for the Reporting-Endpoints HTTP header, but
this article says Chrome 96 supports it.
https://web.dev/reporting-api/

(Even though that's come out one year ago, that's not compatible with
Network Error Logging which's still using the Report-To version of the
API)

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2022-11-04 09:43:13 +01:00
Mark Felder 7c64f705f6 Update to Phoenix 1.6 and chase dependencies
Also bump minimum Elixir to 1.11
2022-11-03 16:13:07 +00:00
Alexander Strizhakov 8407e26b0c rebase fix 2022-11-03 10:06:36 -04:00
Alexander Strizhakov 5a9ea98baf XML WebFinger user representation correct domain 2022-11-03 09:48:59 -04:00
Alexander Strizhakov 4121bca895 expanding WebFinger 2022-11-03 09:48:24 -04:00
Haelwenn da0ef154a6 Merge branch 'from/upstream-develop/tusooa/2930-get-or-fetch' into 'develop'
Fix User.get_or_fetch/1 with usernames starting with http

Closes #2930

See merge request pleroma/pleroma!3751
2022-10-30 00:38:21 +00:00
tusooa 9fbf01f7a9 Merge branch 'push-updates' into 'develop'
Push.Impl: support edits

See merge request pleroma/pleroma!3760
2022-10-27 12:51:29 +00:00
feld 7a519b6a66 Merge branch 'fix-deprecation-text' into 'develop'
Fix deprecation warning for Gun timeout

See merge request pleroma/pleroma!3759
2022-10-24 14:22:49 +00:00
Haelwenn (lanodan) Monnier 16b06160ac CommonAPI: generate ModerationLog for all admin/moderator deletes
As a side-effect it also changes the ChatMessage delete ID to an
Activity.id rather than MessageReference.id

Closes: https://git.pleroma.social/pleroma/pleroma/-/issues/2958
2022-10-14 18:51:08 +02:00
Tusooa Zhu dd82fd234f
Merge branch 'release/2.4.4' into mergeback/2.4.4 2022-10-08 22:15:09 -04:00
marcin mikołajczak 1b238a4fad Push.Impl: support edits
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
2022-10-01 23:28:02 +02:00
Mark Felder 1958f23fe7 Fix deprecation warning for Gun timeout 2022-09-30 12:22:06 -04:00
Haelwenn 3f1c31b7cd Merge branch 'fix/exclude-deactivated-in-search' into 'develop'
User: search: exclude inactive users from user search

See merge request pleroma/pleroma!3755
2022-09-27 23:58:45 +00:00
Haelwenn 5d7d623390 Merge branch 'bugfix/elixir-1.14' into 'develop'
Bugfix: Elixir 1.14

See merge request pleroma/pleroma!3740
2022-09-27 21:46:03 +00:00
Ilja 2d7ea263a1 Add extra routes to :users_manage_credentials privilege 2022-09-24 13:52:28 +02:00
tusooa 1a7107f4a5 Merge branch 'remove_from_followers' into 'develop'
MastoAPI: POST /api/v1/accounts/:id/remove_from_followers

See merge request pleroma/pleroma!3647
2022-09-16 23:24:13 +00:00
a1batross 7f63b4c315 User: search: exclude deactivated users from user search
This way we don't pollute search results with deactivated and deleted users
2022-09-16 00:49:16 +03:00
Tusooa Zhu ea60c4e709
Fix wrong relationship direction 2022-09-14 20:24:04 -04:00
Hélène 0b19625bfb
ObjectView: do not fetch an object for its ID
Non-Create/Listen activities had their associated object field
normalized and fetched, but only to use their `id` field, which is both
slow and redundant. This also failed on Undo activities, which delete
the associated object/activity in database.

Undo activities will now render properly and database loads should
improve ever so slightly.
2022-09-11 04:54:04 +02:00
Tusooa Zhu 50923f5438
Fix User.get_or_fetch/1 with usernames starting with http 2022-09-08 11:58:17 -04:00
Haelwenn b8d6cb5845 Merge branch 'from/upstream-develop/tusooa/2892-backup-scope' into 'develop'
Make backups require its own scope

Closes #2892

See merge request pleroma/pleroma!3721
2022-09-05 15:42:02 +00:00
Haelwenn 346c130ddc Merge branch 'fix/user-private-key-generation' into 'develop'
User: generate private keys on user creation

See merge request pleroma/pleroma!3737
2022-09-05 15:38:15 +00:00
tusooa f7c2073103 Merge branch 'bump/min-elixir-1.10' into 'develop'
Bump minimum Elixir version to 1.10

See merge request pleroma/pleroma!3741
2022-09-05 15:19:34 +00:00
tusooa 9874b4c985 Merge branch 'develop' into 'from/upstream-develop/tusooa/2892-backup-scope'
# Conflicts:
#   CHANGELOG.md
2022-09-05 15:00:19 +00:00
Hélène cd237d22f1
User: generate private keys on user creation
This fixes a race condition bug where keys could be regenerated
post-federation, causing activities and HTTP signatures from an user to
be dropped due to key differences.
2022-09-05 03:51:17 +02:00
tusooa f8afba95b2 Merge branch 'fix/gts-federation' into 'develop'
GoToSocial federation fixes

See merge request pleroma/pleroma!3725
2022-09-05 01:10:34 +00:00
tusooa 20347898e2 Merge branch 'fix/federation-context-issues' into 'develop'
Fix reply context fixing (Pleroma replies to Misskey threads) and removal of context objects

See merge request pleroma/pleroma!3717
2022-09-04 18:43:36 +00:00
Haelwenn c63cf954de Merge branch 'from/upstream-develop/tusooa/streaming-fix' into 'develop'
Streaming fix

Closes #2796

See merge request pleroma/pleroma!3738
2022-09-03 18:24:28 +00:00
Hélène 4477c6baff
Metadata/Utils: use summary as description if set
When generating OpenGraph and TwitterCard metadata for a post, the
summary field will be used first if it is set to generate the post
description.
2022-09-03 17:17:48 +02:00
Haelwenn 257601d67d Merge branch 'ssh-bbs-improvements' into 'develop'
BBS: add functionnalities and readability

See merge request pleroma/pleroma!3675
2022-09-03 11:15:07 +00:00
Haelwenn 299255b9bb Merge branch 'from/upstream-develop/tusooa/assoc-object-id' into 'develop'
Add function to calculate associated object id

Closes #2307

See merge request pleroma/pleroma!3692
2022-09-03 02:50:40 +00:00
Haelwenn e40c221c31 Merge branch 'from/upstream-develop/tusooa/edits' into 'develop'
Editing

Closes #1429, #2859, and #2288

See merge request pleroma/pleroma!3678
2022-09-03 02:16:42 +00:00
Haelwenn 07ef72f493 Merge branch 'from/develop/tusooa/2807-remote-xact-post' into 'develop'
Remote interaction with posts

Closes #2807 and #978

See merge request pleroma/pleroma!3587
2022-09-03 02:03:48 +00:00
Haelwenn (lanodan) Monnier ec80a1e405 Bump minimum Elixir version to 1.10
1.9 being end-of-life
2022-09-03 03:58:22 +02:00
Haelwenn (lanodan) Monnier e124776d14 Elixir 1.14 formatting 2022-09-03 03:58:22 +02:00
Haelwenn (lanodan) Monnier 21ab7369ca Bump minimum Elixir version to 1.10
With the release of Elixir 1.14, Elixir 1.9 is now end-of-life.

Elixir 1.10 Release Notes:
https://github.com/elixir-lang/elixir/releases/tag/v1.10.0
2022-09-02 22:53:54 +02:00
Tusooa Zhu 20a0dd6516
Exclude Announce instead of restricting to Create in visibility_tags 2022-08-31 22:14:54 -04:00
Tusooa Zhu ffd379456b
Do not stream out Announces to public timelines 2022-08-31 15:57:06 -04:00
Tusooa Zhu f9b86c3c22
Make local-only posts stream in local timeline 2022-08-27 19:34:56 -04:00
Tusooa Zhu 3afa1903ee
Do not stream out Create of ChatMessage 2022-08-27 17:51:41 -04:00
tusooa a546e6f042 Merge branch 'feature/emoji-15-support' into 'develop'
emoji-test: update to latest 15.0 draft

See merge request pleroma/pleroma!3726
2022-08-27 00:59:22 +00:00
tusooa 59109f8f74 Merge branch 'fix_flaky_test_user_relationship_test.exs_81' into 'develop'
fix flaky test_user_relationship_test.exs:81

See merge request pleroma/pleroma!3697
2022-08-24 15:24:07 +00:00
Ilja 47e3a72b6e fix flaky test_user_relationship_test.exs:81 2022-08-24 15:24:07 +00:00
Hélène 439c1baf25
OAuthPlug: use user cache instead of joining
As this plug is called on every request, this should reduce load on the
database by not requiring to select on the users table every single
time, and to instead use the by-ID user cache whenever possible.
2022-08-24 03:40:05 +02:00
Tusooa Zhu c59ee1f172
Expose availability of GET /main/ostatus via instance 2022-08-20 21:19:31 -04:00
Tusooa Zhu 4ec9eeb3f8
Make remote interaction page translatable 2022-08-20 21:14:26 -04:00
Tusooa Zhu 1218adacc5
Display status link in remote interaction form 2022-08-20 21:13:52 -04:00
Tusooa Zhu b7c75db0f7
Lint 2022-08-20 21:13:51 -04:00
Tusooa Zhu 779457d9a4
Add GET endpoints for remote subscription forms
There are two reasons for adding a GET endpoint:

0: Barely displaying the form does not change anything on the server.

1: It makes frontend development easier as they can now use a link,
instead of a form, to allow remote users to interact with local ones.
2022-08-20 21:13:51 -04:00
Tusooa Zhu a243a217a7
Fix form item name in status_interact.html 2022-08-20 21:13:51 -04:00
Tusooa Zhu 2701628786
Add remote interaction ui for posts 2022-08-20 21:13:51 -04:00
Tusooa Zhu 3885ee182a
Switch to associated_object_id index 2022-08-20 20:43:46 -04:00
Tusooa Zhu a31d6bb52c
Execute session disconnect in background 2022-08-19 20:24:24 -04:00
Tusooa Zhu f459c1260b
Lint 2022-08-19 20:24:24 -04:00
Tusooa Zhu c62a4f1c17
Disconnect streaming sessions when token is revoked 2022-08-19 20:22:45 -04:00
Hélène 0cee3c6e93
emoji-test: update to latest 15.0 draft 2022-08-20 00:21:07 +02:00
Hélène 4661b56720
ArticleNotePageValidator: fix replies fixing
Some software, like GoToSocial, expose replies as ActivityPub
Collections, but do not expose any item array directly in the object,
causing validation to fail via the ObjectID validator. Now, Pleroma will
drop that field in this situation too.
2022-08-19 02:45:49 +02:00