Commit graph

743 commits

Author SHA1 Message Date
Ivan Tashkinov 2958a7d246 Fixed OAuth restrictions for :api routes. Made auth info dropped for :api routes if OAuth check was neither performed nor explicitly skipped. 2020-04-22 18:50:25 +03:00
Egor Kislitsyn e7771424a8 Fix blocks import 2020-04-22 19:27:28 +04:00
Egor Kislitsyn 88b82e5c3e Fix follow import 2020-04-22 19:27:28 +04:00
Ivan Tashkinov f685cbd309 Automatic checks of authentication / instance publicity. Definition of missing OAuth scopes in AdminAPIController. Refactoring. 2020-04-21 16:29:19 +03:00
Egor Kislitsyn 736fead494 Merge branch 'develop' into openapi/account 2020-04-20 18:40:02 +04:00
Haelwenn a17bfb5fab Merge branch 'feature/1584-client-captcha-options' into 'develop'
Creating trusted app from adminFE & mix task

Closes #1584

See merge request pleroma/pleroma!2252
2020-04-17 09:19:35 +00:00
Egor Kislitsyn b08ded6c2f
Add spec for AccountController.create 2020-04-13 17:38:59 +04:00
Ivan Tashkinov fc81e5a49c Enforcement of OAuth scopes check for authenticated API endpoints, :skip_plug plug to mark a plug explicitly skipped (disabled). 2020-04-06 10:20:44 +03:00
Egor Kislitsyn 94a6590e3c
Partially restore /api/statusnet/config.json 2020-03-26 17:59:45 +04:00
Egor Kislitsyn 3189c44a0c
Remove some TwitterAPI endpoints 2020-03-24 15:21:40 +04:00
Alexander Strizhakov a6ee6784bc
creating trusted app from adminFE & mix task 2020-03-23 10:44:47 +03:00
Ivan Tashkinov 027714b519 Merge remote-tracking branch 'remotes/origin/develop' into 1560-non-federating-instances-routes-restrictions 2020-03-06 11:48:30 +03:00
lain 6f7a8c43a2 Merge branch 'fix/no-email-no-fail' into 'develop'
Do not fail when user has no email

See merge request pleroma/pleroma!2249
2020-03-04 12:43:06 +00:00
Mark Felder 05da5f5cca Update Copyrights 2020-03-03 16:44:49 -06:00
Ivan Tashkinov 99a6c660a9 Merge remote-tracking branch 'remotes/origin/develop' into 1560-non-federating-instances-routes-restrictions 2020-03-02 18:41:12 +03:00
Haelwenn (lanodan) Monnier 6da6540036
Bump copyright years of files changed after 2020-01-07
Done via the following command:
git diff fcd5dd259a --stat --name-only | xargs sed -i '/Pleroma Authors/c# Copyright © 2017-2020 Pleroma Authors <https:\/\/pleroma.social\/>'
2020-03-02 06:08:45 +01:00
Egor Kislitsyn cb60a9c42f
Do not fail when user has no email 2020-02-27 17:27:49 +04:00
Ivan Tashkinov 0cf1d4fcd0 [#1560] Restricted AP- & OStatus-related routes for non-federating instances. 2020-02-22 19:48:41 +03:00
Haelwenn (lanodan) Monnier 7bfb8ed14d
remote_follow_controller.ex: Redirect to the user page on success
Closes: https://git.pleroma.social/pleroma/pleroma/issues/1245
2020-01-21 16:46:16 +01:00
Mark Felder 2f5b8fbeb3 Merge branch 'develop' into issue/1354 2020-01-12 12:12:15 -06:00
Maksim Pechnikov 933dc12043 added code of mr#2067 2019-12-25 15:12:43 +03:00
Maksim Pechnikov bdd71669da update test 2019-12-22 21:21:31 +03:00
Maksim 4c505bc615 Apply suggestion to lib/pleroma/web/twitter_api/views/remote_follow_view.ex 2019-12-22 17:58:54 +00:00
Maksim c9a44ec4a6 Apply suggestion to lib/pleroma/web/twitter_api/controllers/remote_follow_controller.ex 2019-12-22 17:58:45 +00:00
Maksim Pechnikov 5b84156013 moved remote follow in separate controller 2019-12-21 21:27:42 +03:00
Ivan Tashkinov ead2d18826 Merge remote-tracking branch 'remotes/origin/develop' into oauth-scopes-tweaks-and-tests 2019-12-19 17:24:08 +03:00
Thomas Citharel d2f1c4f658
Add ActivityPub Object Event type support
Adds Event support in the same way Video objects are handled, with the
name of the object as message header.

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2019-12-17 16:16:21 +01:00
Ivan Tashkinov 7973cbdb9f OAuthScopesPlug: disallowed nil token (unless with :fallback option). WIP: controller tests modification: OAuth scopes usage. 2019-12-15 22:32:42 +03:00
Ivan Tashkinov e8843974cb [#1304] Moved remaining fields from User.Info to User.
Misc. fixes / improvements.
2019-10-20 13:42:42 +03:00
Ivan Tashkinov 10ff01acd9 [#1304] Moved all non-mutes / non-blocks fields from User.Info to User. WIP. 2019-10-16 21:59:21 +03:00
Ivan Tashkinov b93856874d [#1234] Merge remote-tracking branch 'remotes/upstream/develop' into 1234-mastodon-2-4-3-oauth-scopes
# Conflicts:
#	CHANGELOG.md
#	lib/pleroma/web/mastodon_api/controllers/mastodon_api_controller.ex
#	lib/pleroma/web/router.ex
2019-10-06 17:12:17 +03:00
Ivan Tashkinov 64095961fe [#1234] Merge remote-tracking branch 'remotes/upstream/develop' into 1234-mastodon-2-4-3-oauth-scopes
# Conflicts:
#	CHANGELOG.md
#	lib/pleroma/web/mastodon_api/controllers/mastodon_api_controller.ex
#	lib/pleroma/web/router.ex
2019-10-02 20:42:40 +03:00
Maksim Pechnikov 3d722dc200 Merge branch 'develop' into tests/mastodon_api_controller.ex 2019-09-26 16:16:30 +03:00
kaniini 48a82c4609 Merge branch 'refactor/user' into 'develop'
Simplify updating user's `info`

See merge request pleroma/pleroma!1712
2019-09-26 03:00:38 +00:00
Maksim Pechnikov 1a858134ed Merge branch 'develop' into issue/1218 2019-09-25 12:24:12 +03:00
Egor Kislitsyn 035f22f784 Fix Credo warnings 2019-09-24 19:50:09 +07:00
Egor Kislitsyn 1bea67cb5e Cleanup Pleroma.User 2019-09-24 19:50:09 +07:00
Egor Kislitsyn 209395c7e6 Add User.change_info/2 and User.update_info/2 2019-09-24 19:50:07 +07:00
Maksim Pechnikov 179fa32dd5 Merge branch 'develop' into tests/mastodon_api_controller.ex 2019-09-23 21:41:57 +03:00
Ivan Tashkinov 01c1078015 [#1234] Merge remote-tracking branch 'remotes/upstream/develop' into 1234-mastodon-2-4-3-oauth-scopes
# Conflicts:
#	lib/pleroma/web/activity_pub/activity_pub_controller.ex
2019-09-17 22:53:26 +03:00
Ivan Tashkinov efbc2edba1 [#1234] Merge remote-tracking branch 'remotes/upstream/develop' into 1234-mastodon-2-4-3-oauth-scopes
# Conflicts:
#	lib/pleroma/web/activity_pub/activity_pub_controller.ex
#	lib/pleroma/web/router.ex
2019-09-15 18:52:27 +03:00
Ivan Tashkinov e6f43a831b [#1234] Permissions-related fixes / new functionality (Masto 2.4.3 scopes). 2019-09-15 18:22:08 +03:00
Ivan Tashkinov 6bcedb693c [#1149] Merge remote-tracking branch 'remotes/upstream/develop' into 1149-oban-job-queue
# Conflicts:
#	docs/config.md
#	mix.lock
2019-09-14 16:11:44 +03:00
Egor Kislitsyn 25d8216804 Add email change endpoint 2019-09-13 13:09:35 +07:00
Ivan Tashkinov b63faf9819 [#1234] Mastodon 2.4.3 hierarchical scopes initial support (WIP). 2019-09-08 15:00:03 +03:00
Maksim Pechnikov ab2f21e470 tests for mastodon_api_controller.ex 2019-09-06 21:50:00 +03:00
Maksim Pechnikov eb74c3d5c7 Merge branch 'develop' into issue/1218 2019-09-06 14:01:07 +03:00
Ivan Tashkinov ca1ba1e272 [#1149] Merge remote-tracking branch 'remotes/upstream/develop' into 1149-oban-job-queue
# Conflicts:
#	test/web/twitter_api/twitter_api_controller_test.exs
2019-09-06 13:26:05 +03:00
rinpatch 70eed0594c credo fixes 2019-08-31 13:08:43 +03:00
rinpatch bd3ed3a622 Add back /api/qvitter/statuses/notifications/read.json 2019-08-31 11:43:06 +03:00
rinpatch 64410497d2 Remove TwitterAPI representers 2019-08-31 10:41:15 +03:00
rinpatch 985122cc03 Remove Activity, User and Notification views from TwitterAPI 2019-08-31 10:31:15 +03:00
rinpatch 90c2dae9a4 Remove most of Pleroma.Web.TwitterAPI.TwitterAPI 2019-08-31 10:20:34 +03:00
Maksim Pechnikov 6ef0103ca0 added Emoji struct 2019-08-31 10:14:53 +03:00
Maksim Pechnikov d8098d142a added Emoji.Formatter 2019-08-30 22:04:17 +03:00
Maksim Pechnikov d7808b5db4 added code\path fields without html tags in ets 2019-08-30 07:30:54 +03:00
rinpatch eb1739c596 Remove most of TwitterAPIController 2019-08-27 12:29:19 +03:00
Ivan Tashkinov 256ff09aa8 [#1149] Merge remote-tracking branch 'remotes/upstream/develop' into 1149-oban-job-queue
# Conflicts:
#	lib/pleroma/application.ex
#	lib/pleroma/scheduled_activity_worker.ex
#	lib/pleroma/web/federator/retry_queue.ex
#	lib/pleroma/web/oauth/token/clean_worker.ex
#	test/user_test.exs
#	test/web/federator_test.exs
2019-08-22 20:59:58 +03:00
Egor Kislitsyn f7bbf99caa Use info.fields instead of source_data for remote users 2019-08-14 14:52:54 +07:00
Egor Kislitsyn a22f540fc4 Add custom fields to TwitterAPI.UserView 2019-08-14 14:52:54 +07:00
Ivan Tashkinov 0e1c481a94 [#1149] Added more oban workers. Refactoring. 2019-08-13 20:20:26 +03:00
Maksim 58443d0cd6 tests for TwitterApi/UtilController 2019-07-31 15:14:36 +00:00
Ariadne Conill 3850812503 twitter api: utils: rework do_remote_follow() to use CommonAPI
Closes #1138
2019-07-29 20:00:57 +00:00
Ariadne Conill b93498eb52 constants: add as_public constant and use it everywhere 2019-07-29 02:43:19 +00:00
kPherox e818381042
Use User.get_or_fetch/1 instead of OStatus.find_or_make_user/1 2019-07-23 19:47:27 +09:00
Maksim c2e2aadc42 #1110 fixed /api/pleroma/healthcheck 2019-07-19 16:20:23 +00:00
Eugenij 4bf2bb9cff Fix password reset for non-test env
Fixes `Plug.Conn.NotSentError` that causes a 5xx error in response
instead of 404 and 400.

Fixes pattern matching error caused by different response format
in test and non-test env: `Pleroma.Emails.Mailer.deliver_async` returns
:ok when PleromaJobQueue is enabled and `{:ok, _}` when it's disabled.
In tests, it's disabled.
2019-07-17 18:09:31 +00:00
Alexander Strizhakov 10f82c88b8 mastoapi password reset
added rate limit to password reset

configure rate limit in runtime
2019-07-16 21:44:50 +00:00
Moonman f98f7ad1b9 detect and use sha512-crypt for stored password hash. 2019-07-14 09:48:42 -07:00
Alexander Strizhakov e7c39b7ac8 Feature/1072 muting notifications 2019-07-14 13:29:31 +00:00
kaniini 1417627d07 Merge branch 'remove-avatar-header' into 'develop'
Ability to reset avatar, profile banner and backgroud

See merge request pleroma/pleroma!1187
2019-07-09 17:51:41 +00:00
Maksim a0c4ebb4d7 [#184] small refactoring reset password 2019-06-24 19:01:56 +00:00
Sachin Joshi a0c65bbd6c Merge branch 'develop' into 'remove-avatar-header'
# Conflicts:
#   CHANGELOG.md
2019-06-23 03:25:50 +00:00
Maksim Pechnikov 4f2e359687 Merge branch 'develop' into issue/941 2019-06-04 09:49:08 +03:00
Maksim Pechnikov f13d6c7f78 update api to set skip_thread_containment 2019-06-03 21:02:57 +03:00
kaniini 5402d04e3c Merge branch 'feature/notification-control-part-2' into 'develop'
notification controls, part 2

See merge request pleroma/pleroma!1204
2019-06-02 08:25:37 +00:00
Egor Kislitsyn 99f70c7e20 Use Pleroma.Config everywhere 2019-05-30 15:33:58 +07:00
William Pitcock 59a703fcbe twitter api: user view: expose user notification settings under pleroma object 2019-05-25 05:31:13 +00:00
Sachin Joshi 0c53d91f3b fix merge conflict 2019-05-23 09:45:12 +02:00
Sachin Joshi 17bfd000d7 Ability to reset avatar, profile banner and backgroud 2019-05-22 06:47:18 +02:00
Aaron Tinio eb02edcad9 Add virtual :thread_muted? field
that may be set when fetching activities
2019-05-21 00:35:46 +08:00
William Pitcock de114ffbb0 activitypub: remove contain_timeline() 2019-05-15 15:53:06 +00:00
lain cbb3451023 CommonAPI: Refactor visibility, forbid public to private replies. 2019-05-15 16:30:08 +02:00
Sachin Joshi ee22fff5ac remove deprecated PleromaFE configuration 2019-05-15 15:29:59 +05:45
lambda 692919c7d2 Merge branch 'refactor/use-job-queue-everywhere' into 'develop'
use job queue everywhere

Closes #862

See merge request pleroma/pleroma!1142
2019-05-14 15:27:34 +00:00
William Pitcock ac3a3abf6b clean up follow/block imports a little 2019-05-14 15:07:38 +00:00
Egor Kislitsyn 5e2b491276 Merge remote-tracking branch 'pleroma/develop' into feature/disable-account 2019-05-14 18:15:56 +07:00
William Pitcock 69a9e0563c user: migrate follow/blocks import to job queue 2019-05-13 19:36:00 +00:00
Alexander Strizhakov a2be420f94 differences_in_mastoapi_responses.md: fullname & bio are optionnal
[ci skip]
2019-05-13 18:35:45 +00:00
Francis Dinh 2a54e8c1f5 Use "repeated" instead of "retweeted" for repeated statuses in Twitter API
This makes it consistent with the language used in Pleroma FE (at least
in English).

Resolves https://git.pleroma.social/pleroma/pleroma-fe/issues/533
2019-05-09 19:58:34 -04:00
William Pitcock d64c3b604e twitterapi: use order constraint to force descending order 2019-05-07 19:33:25 +00:00
Egor Kislitsyn 1557b99beb Merge remote-tracking branch 'pleroma/develop' into feature/disable-account 2019-05-07 16:51:11 +07:00
Alexander Strizhakov ce6ca0fefe Merge branch 'develop' of https://git.pleroma.social/pleroma/pleroma into feature/845-improve-status-deletion 2019-05-06 16:45:22 +00:00
Haelwenn (lanodan) Monnier 46bbf9e1cf
TwitterAPI: profile update with emoji_map 2019-05-03 16:30:24 +02:00
Haelwenn (lanodan) Monnier 85434669bb
Web.TwitterAPI.UserView: Also view local user emojis 2019-05-03 16:27:51 +02:00
Haelwenn (lanodan) Monnier 2f76a40d02
formatter.ex: Add get_emoji_map/1 2019-05-03 16:27:50 +02:00
Alex S bdfa3a6fa8 Merging with develop
Conflicts:
lib/pleroma/web/activity_pub/transmogrifier.ex
lib/pleroma/user.ex
2019-05-01 12:29:33 +07:00
rinpatch 61ca2f7a4e Fix rights in TwitterAPI's user entity being present only for
Admins/Moderators

In !1093 I reused `maybe_with_role` for `rights` object, however I
missed that `maybe_with_role` is called only for admins/moderators.
2019-04-28 19:42:43 +03:00
Egor Kislitsyn c157e27a00 Merge branch 'develop' into feature/disable-account 2019-04-25 13:41:10 +07:00
rinpatch 4baea6e6d9 Fix leaking private configuration parameters in Mastodon and Twitter APIs, and add new configuration parameters to Mastodon API
This patch:
- Fixes `rights` in twitterapi ignoring `show_role`
- Fixes exposing default scope of the user to anyone in Mastodon API
- Extends Mastodon API to be able to show and set `no_rich_text`, `default_scope`, `hide_follows`, `hide_followers`, `hide_favorites` (requested by the FE in #674)

Sorry in advance for 500 line one commit diff, I should have split it up to separate MRs
2019-04-24 20:01:42 +03:00