Commit Graph

15820 Commits

Author SHA1 Message Date
Hélène 4661b56720
ArticleNotePageValidator: fix replies fixing
Some software, like GoToSocial, expose replies as ActivityPub
Collections, but do not expose any item array directly in the object,
causing validation to fail via the ObjectID validator. Now, Pleroma will
drop that field in this situation too.
2022-08-19 02:45:49 +02:00
Hélène 61254111e5
HttpSignaturePlug: accept standard (request-target)
The (request-target) used by Pleroma is non-standard, but many HTTP
signature implementations do it this way due to a misinterpretation of
the draft 06 of HTTP signatures: "path" was interpreted as not having
the query, though later examples show that it must be the absolute path
with the query part of the URL as well.

This behavior is kept to make sure most software (Pleroma itself,
Mastodon, and probably others) do not break, but Pleroma now accepts
signatures for a (request-target) containing the query, as expected by
many HTTP signature libraries, and clarified in the draft 11 of HTTP
signatures.

Additionally, the new draft renamed (request-target) to @request-target.
We now support both for incoming requests' signatures.
2022-08-18 17:01:34 +02:00
FloatingGhost f41d970a59
fix resolution of GTS user keys 2022-08-16 18:51:34 +02:00
Hélène 88c1c76d3e
Migrations: delete contexts with BaseMigrator
Due to the lengthiness of this task, the migration has been adapted into
a BaseMigrator migration, running in the background instead.
2022-08-15 01:47:09 +02:00
Hélène bb02ee99f5
CommonFixes: more predictable context generation
`context` fields for objects and activities can now be generated based
on the object/activity `inReplyTo` field or its ActivityPub ID, as a
fallback method in cases where `context` fields are missing for incoming
activities and objects.
2022-08-15 01:46:55 +02:00
Mark Felder 80c32ae00b Document the changes for Varnish 7.0+ compatibility and RFC compliance 2022-08-12 15:06:45 -04:00
Haelwenn 06f9324afe Merge branch 'from/upstream-develop/tusooa/2912-receiver-reject-mrf' into 'develop'
Treat MRF rejects as success in Oban worker

Closes #2912

See merge request pleroma/pleroma!3720
2022-08-12 01:37:40 +00:00
Haelwenn 837d4dc87f Merge branch 'fix_flaky_tests_where_we_sometimes_loose_db_connections' into 'develop'
Fix flaky tests with DB connections; Allow higher amount of restarts for Pleroma.Repo during testing

See merge request pleroma/pleroma!3696
2022-08-12 01:36:11 +00:00
Haelwenn 93f12c0d0d Merge branch 'from/upstream-develop/tusooa/sync-settings' into 'develop'
Synchronized settings for apps (frontends)

See merge request pleroma/pleroma!3698
2022-08-12 01:34:36 +00:00
Haelwenn 6ce3f76b5d Merge branch 'from/upstream-develop/floatingghost/follow-state' into 'develop'
Backport: bugfix/follow-state

Closes #2902

See merge request pleroma/pleroma!3718
2022-08-12 01:32:20 +00:00
feld 514caed573 Merge branch 'fix-varnish7-support' into 'develop'
Fix Varnish7 support

See merge request pleroma/pleroma!3722
2022-08-11 15:14:16 +00:00
Mark Felder 73b4d0d9a7 Fix the mocks to use uppercase as well 2022-08-10 21:46:56 +00:00
Mark Felder 243ed7d60f Update the recommended VCL configuration 2022-08-10 17:18:06 -04:00
Mark Felder cbdc13b767 Fix Varnish 7 support by ensuring Media Preview Proxy fetches headers with a capitalized HEAD verb 2022-08-10 17:09:58 -04:00
Hélène 3b6784b1de
CreateGenericValidator: fix reply context fixing
Incoming Pleroma replies to a Misskey thread were rejected due to a
broken context fix, which caused them to not be visible until a
non-Pleroma user interacted with the replies.

This fix properly sets the post-fix object context to its parent Create
activity as well, if it was changed.
2022-08-10 02:29:38 +02:00
Hélène c559c240d1
Migrations: delete context objects
These objects represent from 30 to 70% of the rows on the objects table,
based on numbers from a few live instances (single-user, small, large.)

As those pseudo-objects prevent creating objects with those actual IDs,
deleting them is a better solution. This could have happened if an
object used another object's ID as its context.
2022-08-10 02:29:38 +02:00
Hélène def0f5dc2e
StatusView: implement pleroma.context field
This field replaces the now deprecated conversation_id field, and now
exposes the ActivityPub object `context` directly via the MastoAPI
instead of relying on StatusNet-era data concepts.
2022-08-10 02:29:38 +02:00
Tusooa Zhu e06f2b9f5e
Add changelog 2022-08-09 18:17:07 -04:00
Tusooa Zhu 738ca484fd
Update api spec to reflect OAuth scope change 2022-08-09 18:15:25 -04:00
Hélène a9111bcaf2
StatusView: clear MSB on calculated conversation_id
This field seems to be a left-over from the StatusNet era.
If your application uses `pleroma.conversation_id`: this field is
deprecated.

It is currently stubbed instead by doing a CRC32 of the context, and
clearing the MSB to avoid overflow exceptions with signed integers on
the different clients using this field (Java/Kotlin code, mostly; see
Husky and probably other mobile clients.)

This should be removed in a future version of Pleroma. Pleroma-FE
currently depends on this field, as well.
2022-08-09 20:10:43 +02:00
Hélène 7f71e3d0fe
CommonFields: remove context_id 2022-08-09 20:10:43 +02:00
Hélène f3e061c964
Object: remove context_id field
30 to 70% of the objects in the object table are simple JSON objects
containing a single field, 'id', being the context's ID. The reason for
the creation of an object per context seems to be an old relic from the
StatusNet era, and has only been used nowadays as an helper for threads
in Pleroma-FE via the `pleroma.conversation_id` field in status views.
An object per context was created, and its numerical ID (table column)
was used and stored as 'context_id' in the object and activity along
with the full 'context' URI/string.

This commit removes this field and stops creation of objects for each
context, which will also allow incoming activities to use activity IDs
as contexts, something which was not possible before, or would have been
very broken under most circumstances.

The `pleroma.conversation_id` field has been reimplemented in a way to
maintain backwards-compatibility by calculating a CRC32 of the full
context URI/string in the object, instead of relying on the row ID for
the created context object.
2022-08-09 20:10:43 +02:00
Tusooa Zhu a7f01ffc1d
Make backups require its own scope 2022-08-09 00:34:04 -04:00
Tusooa Zhu d487e0160c
Treat containment failure as cancel in ReceiverWorker 2022-08-08 08:41:33 -04:00
Ilja b53cf7d4b3 Change default moderator privileges to better match what we previously had
Moderators were able to delete statusses via pleroma-fe. For that reason I now gave them :messages_delete by default.

They are also able to recieve reports through the notifications. For that reason I now gave them :reports_manage_reports by default.

They were also able to see deactivated accounts through pleroma-fe. However
* they were unable to tell if the account is deactivated or not (which was a bug and fixed by thes privileges MR this commit is part of)
* they were not able to actually change the activation state.
Because of this, I decided to *not* give them the privilege :users_manage_activation_state as this would give significantly more
privileges, while not giving it will actually improve the current experience as it works around the existing bug of not showing activation state.
2022-08-07 07:22:33 +02:00
Tusooa Zhu 88e0e6acd5
Fix FederatorTest 2022-08-06 00:42:10 -04:00
Tusooa Zhu a0166e92fa
Treat MRF rejects as success in Oban worker 2022-08-06 00:33:18 -04:00
Tusooa Zhu 5d900a5cd1
Use latest alpine version for docker image 2022-08-05 23:47:53 -04:00
floatingghost f2a9285ff0
bugfix/follow-state (#104)
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/104
2022-08-03 01:07:53 -04:00
Tusooa Zhu a4fa286d20
Use actor_types() to determine whether the Update is for user 2022-08-02 10:37:28 -04:00
Haelwenn b2ba307f4d Merge branch 'from/upstream-develop/tusooa/2871-fix-local-public' into 'develop'
local only fixes

Closes #2871

See merge request pleroma/pleroma!3660
2022-08-02 05:39:50 +00:00
Haelwenn 7299795eb4 Merge branch 'from/upstream-develop/tusooa/backup-without-email' into 'develop'
Allow users to create backups without providing email address

See merge request pleroma/pleroma!3665
2022-08-02 05:23:49 +00:00
Haelwenn f8540b0a9d Merge branch 'weblate' into 'develop'
Translations update from Pleroma Weblate

See merge request pleroma/pleroma!3716
2022-08-02 05:10:51 +00:00
Yating Zhan 99d4823ab1 Translated using Weblate (Chinese (Simplified))
Currently translated at 18.9% (189 of 998 strings)

Translation: Pleroma/Pleroma Backend (domain config_descriptions)
Translate-URL: http://weblate.pleroma-dev.ebin.club/projects/pleroma/pleroma-backend-domain-config_descriptions/zh_Hans/
2022-07-31 22:00:56 +00:00
tusooa cc533e6956 Translated using Weblate (Chinese (Simplified))
Currently translated at 18.9% (189 of 998 strings)

Translation: Pleroma/Pleroma Backend (domain config_descriptions)
Translate-URL: http://weblate.pleroma-dev.ebin.club/projects/pleroma/pleroma-backend-domain-config_descriptions/zh_Hans/
2022-07-31 22:00:56 +00:00
Haelwenn 7de21ec991 Merge branch 'from/develop/tusooa/emit-move' into 'develop'
Implement moving account

See merge request pleroma/pleroma!3524
2022-07-31 22:00:40 +00:00
Haelwenn 5ef2dc317d Change test case wording 2022-07-31 21:34:23 +00:00
tusooa c80096522c Merge branch 'develop' into 'from/develop/tusooa/emit-move'
# Conflicts:
#   CHANGELOG.md
#   test/pleroma/user_test.exs
2022-07-31 21:32:49 +00:00
Haelwenn b5266097a1 Merge branch 'mutes' into 'develop'
MastoAPI: Use `duration` param for mute expiration duration

See merge request pleroma/pleroma!3715
2022-07-31 19:41:25 +00:00
marcin mikołajczak 5d3d6a58f7 Use `duration` param for mute expiration duration
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
2022-07-31 17:22:34 +02:00
Haelwenn 0814d0e0cb Merge branch 'fix/proper-emoji-qualification' into 'develop'
Emoji: implement full-qualifier using combinations

See merge request pleroma/pleroma!3709
2022-07-28 04:46:15 +00:00
Haelwenn 0f9f3d2897 Merge branch 'from/upstream-develop/tusooa/2384-pagination' into 'develop'
Make mutes and blocks behave the same as other lists

Closes #2384

See merge request pleroma/pleroma!3693
2022-07-28 04:37:10 +00:00
Haelwenn 18d6a58c7e Merge branch 'from/upstream-develop/tusooa/gettext-extract' into 'develop'
Extract translatable strings

See merge request pleroma/pleroma!3712
2022-07-28 04:33:17 +00:00
Hélène 7167de592e
Emoji: apply recommended tail call changes
Behavior matches previous code.

Co-authored-by: Tusooa Zhu <tusooa@kazv.moe>
2022-07-27 02:08:46 +02:00
Tusooa Zhu 4bdd8e349c
Extract translatable strings 2022-07-26 10:50:29 -04:00
tusooa 36d79468ec Merge branch 'authorized-fetch' into 'develop'
Add authorized_fetch_mode to description.exs

See merge request pleroma/pleroma!3710
2022-07-26 14:48:00 +00:00
Hélène b99f5d6183
Emoji: split qualification variation into a module 2022-07-26 02:04:12 +02:00
marcin mikołajczak 5153eba3a8 Add authorized_fetch_mode to description.exs
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
2022-07-25 19:53:51 +02:00
Hélène fb3f6e1975
EmojiReactValidator: use new qualification method 2022-07-25 16:49:23 +02:00
Hélène 01d396585e
Emoji: implement full-qualifier using combinations
This implements fully_qualify_emoji/1, which will return the
fully-qualified version of an emoji if it knows of one, or return the
emoji unmodified if not.
This code generates combinations per emoji: for each FE0F, all possible
combinations of the character being removed or staying will be
generated. This is made as an attempt to find all partially-qualified
and unqualified versions of a fully-qualified emoji.

I have found *no cases* for which this would be a problem, after
browsing the entire emoji list in emoji-test.txt. This is safe, and,
sadly, most likely the sanest too.
2022-07-25 16:20:12 +02:00