moon/spc-pleroma
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
14,786 Commits 2 Branches 0 Tags
Commit Graph

6479 Commits

Author SHA1 Message Date
Ilja
211e561e2a Show privileges to FE 
I added an extra key
We already had is_admin and is_moderator, now we have an extra privileges key
 2022-06-21 12:10:27 +02:00
Ilja
143ea7b80a Add deactivated status for privileged users 
Deactivated users are only visible to users privileged with :user_activation since fc317f3b17
Here we also make sure the users who are deactivated get the status deactivated for users who are allowed to see these users
 2022-06-21 12:10:27 +02:00
Ilja
e21ef5aef3 report notifications for privileged users 
Instead of `Pleroma.User.all_superusers()` we now use `Pleroma.User.all_superusers(:report_handle)`

I also changed it for sending emails, but there were no tests.
 2022-06-21 12:10:27 +02:00
Ilja
eab13fed3e Hide pleroma:report for non-privileged users 
Before we deleted the notifications, but that was a side effect and didn't always trigger any more.
Now we just hide them when an unprivileged user asks them.
 2022-06-21 12:10:27 +02:00
Ilja
bb61cfee8d Validator for deleting statusses is now done with priviledge instead of superuser 2022-06-21 12:10:27 +02:00
Ilja
7cf473c500 delete statusses is now privileged by :status_delete 
Instead of superusers, you now need a role with privilige :status_delete to delete other users statusses
I also cleaned up some other stuff I saw
 2022-06-21 12:10:27 +02:00
Ilja
c842e62675 Add last priviliges 
I still had three endpoints I didn't really know what to do with them. I added them under separate tags
* :instance_delete
* :moderation_log_read
* :stats_read

I also checked and these are the last changes done by MR https://git.pleroma.social/pleroma/pleroma/-/merge_requests/3480/diffs this is trying to fix
 2022-06-21 12:10:27 +02:00
Ilja
ecd42a2ce1 Add privilige :emoji_management 2022-06-21 12:10:27 +02:00
Ilja
0ee8f33250 Add privilige :status_delete 
It also allows to update a message, so it's not just deleting. I need a better name...
 2022-06-21 12:10:27 +02:00
Ilja
34a98990db last off :statuses_read 
From the endpoints left to do, I believe these should be under :statuses_read.
These should be the last for that privilege for this MR
 2022-06-21 12:10:27 +02:00
Ilja
cbb26262a5 Add privileges for :user_read 2022-06-21 12:10:27 +02:00
Ilja
3f26f1b30f Add privileges for :report_handle 2022-06-21 12:10:27 +02:00
Ilja
14e697a64f Add privileges for :user_invite 2022-06-21 12:10:27 +02:00
Ilja
e102d25d23 Add privileges for :user_activation 2022-06-21 12:10:27 +02:00
Ilja
cb60cc4e02 Add privileges for :user_tag 2022-06-21 12:10:27 +02:00
Ilja
5a65e2dac5 Remove privileged_staff 
Everything that was done through this setting, can now be set by giving the proper privileges to the roles.
 2022-06-21 12:10:27 +02:00
Ilja
b1ff5241c2 Add priviledges for :statuses_read 
This was the last in :require_privileged_staff. I'll remove that in the next commit
 2022-06-21 12:10:27 +02:00
Ilja
8a9144ca8b Add priviledges for :user_credentials 
I only moved the ones from the :require_privileged_staff block for now
 2022-06-21 12:10:27 +02:00
Ilja
9f6c364759 Add privilege :user_deletion 2022-06-21 12:10:27 +02:00
Ilja
5b19543f0a Add new setting and Plug to allow for privilege settings for staff 2022-06-21 12:10:26 +02:00
marcin mikołajczak
b0f83aea29 Store mutes expiration date 
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
 2022-06-16 20:38:37 +02:00
Tusooa Zhu
44613db853
Show original status at the first of history 2022-06-11 19:52:07 -04:00
Tusooa Zhu
95b3922328
Workaround with_index does not support function in Elixir 1.9 2022-06-11 17:02:29 -04:00
Tusooa Zhu
7451f0e81f
Send the correct update in streamer 
get_create_by_ap_id_with_object() seems to fetch the old object.
Why this happens needs further investigation.
 2022-06-11 12:02:16 -04:00
Tusooa Zhu
27f3d802f2
Expose history and source apis to anon users 2022-06-11 10:35:36 -04:00
Tusooa Zhu
c3593639ad
Fix incorrectly cached content after editing 2022-06-09 11:39:51 -04:00
Tusooa Zhu
aafd7a687d
Return the corresponding object id in attachment view 2022-06-08 11:45:24 -04:00
Tusooa Zhu
532f6ae3ed
Return update notification in mastodon api 2022-06-05 16:34:42 -04:00
Tusooa Zhu
fe2d4778ee
Expose content type of status sources 2022-06-04 12:57:30 -04:00
Tusooa Zhu
3249ac1f12
Show edited_at in MastodonAPI/show 2022-06-03 21:47:40 -04:00
Tusooa Zhu
8bac8147d4
Stream out edits 2022-06-03 21:15:17 -04:00
Tusooa Zhu
fa31ae50e6
Inject history when object is refetched 2022-06-01 19:49:04 -04:00
Tusooa Zhu
410e177b2a
Strip internal fields in formerRepresentation 2022-06-01 12:02:03 -04:00
Tusooa Zhu
b613a9ec6b
Implement mastodon api for editing status 2022-05-31 14:32:28 -04:00
Tusooa Zhu
393b508846
Implement viewing source 2022-05-30 00:59:23 -04:00
Tusooa Zhu
c004eb0fa2
Implement mastodon api for showing edit history 2022-05-29 23:50:31 -04:00
Tusooa Zhu
8acfe95f3e
Allow updating polls 2022-05-29 22:16:03 -04:00
Tusooa Zhu
5e8aac0e07
Record edit history for Note and Question Updates 2022-05-29 13:54:16 -04:00
Tusooa Zhu
0f6a5eb9a2
Handle Note and Question Updates 2022-05-29 12:54:57 -04:00
Tusooa Zhu
547def67a7
Allow Updates by every actor on the same origin 2022-05-29 11:36:00 -04:00
Hélène
a74ce2d77a
StealEmojiPolicy: fix String rejected_shortcodes 
* rejected_shortcodes is defined as a list of strings in the
  configuration description. As such, database-based configuration was
  led to handle those settings as strings, and not as the actually
  expected type, Regex.
* This caused each message passing through this MRF, if a rejected
  shortcode was set and the emoji did not exist already on the instance,
  to fail federating, as an exception was raised, swiftly caught and
  mostly silenced.
* This commit fixes the issue by introducing new behavior: strings are
  now handled as perfect matches for an emoji shortcode (meaning that if
  the emoji-to-be-pulled's shortcode is in the blacklist, it will be
  rejected), while still supporting Regex types as before.
 2022-05-18 21:25:10 +02:00
Tusooa Zhu
f1722a9f4a
Make lint happy 
Ref: fix-local-public
 2022-05-09 18:53:32 -04:00
Tusooa Zhu
38444aa92a
Allow authenticated users to access local-only posts in MastoAPI 
Ref: fix-local-public
 2022-05-09 18:53:18 -04:00
Haelwenn
4605efe272 Merge branch 'improve_anti_followbot_policy' into 'develop' 
Also use actor_type to determine if an account is a bot in antiFollowbotPolicy

Closes #2561

See merge request pleroma/pleroma!3498
 2022-05-08 18:10:40 +00:00
Ilja
a8093732bd Also use actor_type to determine if an account is a bot in antiFollowbotPolicy 2022-05-08 18:10:40 +00:00
Tusooa Zhu
fe933b9bf2
Prevent remote access of local-only posts via /objects 
Ref: fix-local-public
 2022-05-06 13:54:21 -04:00
Tusooa Zhu
c48be59f58
Show local-only statuses in public timeline for authenticated users 
Ref: fix-local-public
 2022-05-06 13:54:02 -04:00
Tusooa Zhu
57c030a0a7 Skip cache when /objects or /activities is authenticated 
Ref: fix-local-public
 2022-05-06 10:23:26 +02:00
Tusooa Zhu
e2d24eda57 Allow to skip cache in Cache plug 
Ref: fix-local-public
 2022-05-06 10:23:26 +02:00
Tusooa Zhu
fa3157df96 Skip cache when /objects or /activities is authenticated 
Ref: fix-local-public
 2022-05-06 08:44:03 +02:00