Commit Graph

2608 Commits

Author SHA1 Message Date
Ivan Tashkinov d3fe2c8ec6 [#468] Formatting fix. 2019-02-17 14:07:35 +03:00
Ivan Tashkinov bc4f77b10b [#468] Merged `upstream/develop`, resolved conflicts. 2019-02-17 14:07:04 +03:00
Ivan Tashkinov dcf24a3233 [#468] Refactored OAuth scopes' defaults & missing selection handling. 2019-02-17 13:49:14 +03:00
lain 269d3e1ca6 WelcomeMessage: Get rid of Ecto reference. 2019-02-16 17:24:48 +01:00
lain d812a347ca Add optional welcome message. 2019-02-16 16:42:34 +01:00
Ivan Tashkinov 2a4a4f3342 [#468] Defined OAuth restrictions for all applicable routes.
Improved missing "scopes" param handling.
Allowed "any of" / "all of" mode specification in OAuthScopesPlug.
Fixed auth UI / behavior when user selects no permissions at /oauth/authorize.
2019-02-15 19:54:37 +03:00
lambda 1ce1b7b58d Merge branch 'bugfix/oauth-token-padding' into 'develop'
oauth: never use base64 padding when returning tokens to applications

See merge request pleroma/pleroma!825
2019-02-15 14:58:13 +00:00
rinpatch 921571c19b Merge branch 'hellthread-filter-fix' into 'develop'
Hellthread filter fix

Closes #634

See merge request pleroma/pleroma!831
2019-02-15 13:18:35 +00:00
Karen Konou c2e0a0c8d4 Readd threshold is not 0 check, optmization? 2019-02-15 14:05:20 +01:00
Karen Konou dca6bee2f7 Rename test, add check for follower collection when delisting 2019-02-15 13:43:14 +01:00
rinpatch b63a5e309d Merge branch 'bugfix/actor-containment' into 'develop'
activitypub: correctly handle bare URIs in user lookup

Closes #645

See merge request pleroma/pleroma!829
2019-02-15 12:27:03 +00:00
Karen Konou d943c90249 Add tests, change default config values, fix a bug 2019-02-15 12:47:50 +01:00
William Pitcock da44cdd381 user: search: use get_or_fetch() instead of get_or_fetch_by_nickname()
get_or_fetch() handles the nickname verses URI differences transparently.
2019-02-14 20:00:04 +00:00
lambda ea2698beb7 Merge branch 'bugfix/activitypub-reserialization' into 'develop'
activitypub transmogrifier: fix reserialization edge cases

See merge request pleroma/pleroma!826
2019-02-14 19:54:16 +00:00
William Pitcock 56862f4ce1 activitypub: clean up logging statements a little 2019-02-14 19:42:33 +00:00
Ivan Tashkinov 027adbc9e5 [#468] Refactored OAuth scopes parsing / defaults handling. 2019-02-14 17:03:19 +03:00
Egor Kislitsyn 907306174b fix S3 links encoding in Mediaproxy 2019-02-14 15:55:21 +07:00
William Pitcock 72ba5b4ab7 activitypub: user view: formatting 2019-02-14 03:13:07 +00:00
William Pitcock 5307c211b8 activitypub: user view: report totalItems=0 for follows/followers when hidden 2019-02-14 03:10:00 +00:00
William Pitcock 6542b86292 activitypub: user view: remove totalItems from user outbox
(this is based on a counter in User.Info, but the counter is not reliable.)
2019-02-14 03:02:45 +00:00
William Pitcock ee2fa1a314 activitypub: user view: remove totalInbox from user inbox view
It is not really feasible to quickly calculate the totalItems value and
it shouldn't be trusted anyway.
2019-02-14 03:01:39 +00:00
kaniini bc9e5e6b65 Merge branch 'feature/activitypub-oauth-endpoints' into 'develop'
ActivityPub C2S oauth endpoints

See merge request pleroma/pleroma!821
2019-02-14 02:50:06 +00:00
William Pitcock 64620d8980 activitypub: user view: do not expose oAuth endpoints for instance users 2019-02-14 02:41:21 +00:00
William Pitcock e9ef4b8da6 oauth: never use base64 padding when returning tokens to applications
The normal Base64 alphabet uses the equals sign (=) as a padding character.  Since
Base64 strings are self-synchronizing, padding characters are unnecessary, so don't
generate them in the first place.
2019-02-14 01:10:04 +00:00
William Pitcock e05bf2940f activitypub: transmogrifier: correctly handle nil inReplyTo value 2019-02-14 00:35:54 +00:00
William Pitcock 94cbbb0e3a activitypub: transmogrifier: do not attempt to expand pre-existing AS2 tag objects 2019-02-14 00:35:53 +00:00
Mark Felder f62c1d6266 Improve login error for OAuth flow 2019-02-13 22:33:22 +00:00
Ivan Tashkinov 063baca5e4 [#468] User UI for OAuth permissions restriction. Standardized storage format for `scopes` fields, updated usages. 2019-02-14 00:29:29 +03:00
William Pitcock 9bd6ed975e activitypub: user view: use route helpers instead of hardcoded URIs 2019-02-13 19:34:43 +00:00
William Pitcock 29e946ace4 activitypub: user view: add oauthRegistrationEndpoint to user profiles 2019-02-13 19:34:43 +00:00
William Pitcock db8abd958d activitypub: user view: fix up endpoints rendering 2019-02-13 19:34:43 +00:00
William Pitcock 90facd3598 user view: add AP C2S oauth endpoints to local user profiles 2019-02-13 19:34:43 +00:00
Karen Konou bef9b9cb66 refactored code 2019-02-13 16:23:09 +01:00
Karen Konou adcdd21f16 Merge branch 'develop' into hellthread-filter-fix 2019-02-13 16:22:14 +01:00
lain 88a4de24f9 User.follow_all: Respect blocks in both directions. 2019-02-13 13:52:27 +01:00
hakabahitoyo b7bc666200 bugfix mdii uploader 2019-02-13 15:46:42 +09:00
Karen Konou 1d727cd069 added checks for public url and follower collections 2019-02-13 00:01:34 +01:00
Haelwenn (lanodan) Monnier da4c662af3
Plugs.HTTPSecurityPlug: Add webpacker to connect-src 2019-02-12 22:12:12 +01:00
Haelwenn (lanodan) Monnier 00e8f0b07d
Plugs.HTTPSecurityPlug: Add unsafe-eval to script-src when in dev mode
This is needed to run dev mode mastofe at the same time
2019-02-12 22:12:11 +01:00
shibayashi ea1058929c
Use url[:scheme] instead of protocol to determine if https is enabled 2019-02-12 00:08:52 +01:00
rinpatch 379d04692c Filter summary in keywordpolicy 2019-02-11 21:35:40 +03:00
rinpatch 39383a6b79 Merge branch 'feature/thread-muting' into 'develop'
Feature/thread muting

See merge request pleroma/pleroma!796
2019-02-11 15:02:14 +00:00
lambda 044616292b Merge branch 'feature/rich-media-limits' into 'develop'
rich media: tighten fetching timeouts and size limits

See merge request pleroma/pleroma!809
2019-02-11 12:33:58 +00:00
Karen Konou ac72b578da Merge branch 'develop' into feature/thread-muting 2019-02-11 12:10:49 +01:00
Karen Konou c01ef574c1 Refactor as per Rin's suggestions, add endpoint tests 2019-02-11 12:04:02 +01:00
lambda d53e36bf1e Revert "Merge branch 'object-creation' into 'develop'"
This reverts merge request !802
2019-02-11 08:07:39 +00:00
William Pitcock 45e57dd187 rich media: tighten fetching timeouts and size limits 2019-02-10 21:54:08 +00:00
kaniini 6c8d15da11 Merge branch 'fix/credo-issues' into 'develop'
Fix credo issues

See merge request pleroma/pleroma!786
2019-02-10 20:54:21 +00:00
Karen Konou cc21fc5f53 refactor, status view updating, error handling 2019-02-10 10:42:30 +01:00
rinpatch e0de0fcf22 Merge branch 'object-creation' into 'develop'
Do object insertion through Cachex

See merge request pleroma/pleroma!802
2019-02-10 07:39:27 +00:00