rinpatch
d9c0650ff9
Mastodon API: Fix lists leaking private posts
...
Our previous list visibility resolver grabbed posts if either follower
collection of the user in a list who is followed is in `to` or if
follower collection of the user in a list was in `cc`. This not only
missed unlisted posts but also lead to leaking private posts when
`fix_explicit_addressing` mistakingly started putting follower collections
to `cc` (also fixed in this MR).
Reported by @kurisu@iscute.moe via a DM
2019-05-31 15:25:17 +03:00
rinpatch
a9eaa55885
Fix fix_explicit_addressing moving follower collection to cc and add tests for it
2019-05-31 14:17:05 +03:00
lain
97fb50d9fa
Mastodon Conversation API: Don't return own account in 'accounts'.
2019-05-31 11:27:14 +02:00
Sergey Suprunenko
1690be991e
Replace missing non-nullable Card attributes with empty strings
2019-05-30 21:03:31 +00:00
lambda
91ac8b075b
Merge branch 'use-pleroma-config' into 'develop'
...
Use Pleroma.Config everywhere
See merge request pleroma/pleroma!1214
2019-05-30 13:16:08 +00:00
Egor Kislitsyn
99f70c7e20
Use Pleroma.Config everywhere
2019-05-30 15:33:58 +07:00
kaniini
6aec0d1b58
Revert "Merge branch 'feature/search-authenticated-only' into 'develop'"
...
This reverts merge request !1209
2019-05-29 22:10:16 +00:00
Mark Felder
672fddb721
Default search limit should be 40
...
https://docs.joinmastodon.org/api/rest/search/
2019-05-29 08:06:26 -05:00
William Pitcock
0159a6dbe9
router: require oauth_read for searching
...
Search calls are generally expensive and allow unauthenticated users to
crawl the instance for user profiles or posts which contain specified
keywords. An adversary can build a distributed search engine which not
only will consume significant instance resources, but also can be used
for undesirable purposes such as datamining.
Accordingly, require authenticated access to use the search API endpoints.
This acts as a nice balance as it allows guest users to make use of most
functionality available in Pleroma FE while ensuring that Pleroma
instances are reasonably protected from resource exhaustion. It also
removes Pleroma as a potential vector in distributed search engines.
2019-05-29 10:58:45 +00:00
lambda
5bb843ceec
Merge branch 'refactor/die-httpoison-die' into 'develop'
...
remove @httpoison, @ostatus and @websub compile-time constants
See merge request pleroma/pleroma!1203
2019-05-26 13:33:11 +00:00
William Pitcock
79503ce90f
mrf: simple policy: fix matching imported activitypub and ostatus statuses
2019-05-26 02:01:24 +00:00
William Pitcock
59a703fcbe
twitter api: user view: expose user notification settings under pleroma object
2019-05-25 05:31:13 +00:00
William Pitcock
56fd7dbdd7
remove @websub and @ostatus module-level constants
2019-05-25 04:43:11 +00:00
William Pitcock
9bec891eb4
kill @httpoison
2019-05-25 04:24:21 +00:00
Aaron Tinio
9415932af5
Keep nodeinfo available when not federating
2019-05-25 08:15:12 +08:00
feld
f916e4cdd9
Move the Cache Control header test to its own file
...
We can consolidate our cache control header tests here
2019-05-24 20:33:55 +00:00
rinpatch
8b2d39c1ec
Change the order of preloading when fetching activities for context
2019-05-23 14:03:16 +03:00
rinpatch
e6b175ed6c
Fix credo issues
2019-05-22 21:57:46 +03:00
William Pitcock
baf72d6c58
mrf: simple policy: add the ability to strip avatars and banners from user profiles
2019-05-22 18:53:12 +00:00
William Pitcock
60f882b09f
activitypub: run user objects through MRF filters
2019-05-22 18:53:12 +00:00
William Pitcock
75b6c4b004
mrf: defang policy modules for filtering user profile objects
2019-05-22 18:53:12 +00:00
rinpatch
ac7702f800
Exclude Answers from fetching by default
2019-05-22 21:52:12 +03:00
rinpatch
19c90d47c4
Normalize poll votes to Answer objects
2019-05-22 21:17:57 +03:00
Maksim
620908a2db
[ #699 ] add worker to clean expired oauth tokens
2019-05-22 15:44:50 +00:00
lambda
ff363f70b5
Merge branch 'refactor/keys' into 'develop'
...
move key generation functions into Pleroma.Keys module
See merge request pleroma/pleroma!1186
2019-05-22 06:28:16 +00:00
William Pitcock
1344c85e2f
salmon: fix credo
2019-05-22 05:58:51 +00:00
rinpatch
cdac5efd10
Merge branch 'bugfix/account_view_source.note' into 'develop'
...
MastoAPI AccountView: fill source.note with plaintext version of note
Closes #926
See merge request pleroma/pleroma!1189
2019-05-22 05:39:01 +00:00
Haelwenn (lanodan) Monnier
0e2c215a00
MastoAPI AccountView: fill source.note with plaintext version of note
...
Closes: https://git.pleroma.social/pleroma/pleroma/issues/926
2019-05-22 07:22:19 +02:00
kaniini
79c2cef2fb
Merge branch 'mongooseim-support' into 'develop'
...
MongooseIM: Add basic integration endpoints.
See merge request pleroma/pleroma!1172
2019-05-22 04:06:54 +00:00
William Pitcock
045803346d
move key generation functions into Pleroma.Keys module
2019-05-22 03:58:15 +00:00
Aaron Tinio
3ab9255eda
Respond with a 404 Not implemented JSON error message
...
when requested API is not implemented
2019-05-22 07:15:52 +08:00
rinpatch
63b0b7190c
MastoAPI: Add GET /api/v1/polls/:id
2019-05-21 20:40:35 +03:00
rinpatch
5f67c26baf
Accept strings in expires_in because sasuga javascript
2019-05-21 17:30:51 +03:00
rinpatch
0407ffe75f
Change validation error status codes to be more appropriate
2019-05-21 17:12:38 +03:00
rinpatch
ee68244141
Do not stream out poll replies
2019-05-21 16:58:15 +03:00
rinpatch
d7c4d029c8
Restrict poll replies when fetching activiites for context
2019-05-21 14:35:20 +03:00
rinpatch
f28747858b
Actual vote count in poll view
2019-05-21 14:27:09 +03:00
rinpatch
a53d062730
Fix posting non-polls from mastofe
2019-05-21 14:19:03 +03:00
rinpatch
aafe30d94e
Handle poll votes
2019-05-21 14:12:10 +03:00
rinpatch
3f96b3e4b8
Enforce poll limits and add error handling for MastodonAPI's post endpoint
2019-05-21 10:54:20 +03:00
rinpatch
76a7429bef
Add poll limits to /api/v1/instance and initial state
2019-05-21 09:13:10 +03:00
kaniini
d4847b17ca
Merge branch 'refactor/add-virtual-thread-muted-field' into 'develop'
...
Add virtual :thread_muted? field
Closes #901
See merge request pleroma/pleroma!1178
2019-05-20 23:30:19 +00:00
Aaron Tinio
eb02edcad9
Add virtual :thread_muted? field
...
that may be set when fetching activities
2019-05-21 00:35:46 +08:00
Sadposter
daeae8e2e7
Move default mascot configuration to config/
2019-05-20 16:12:55 +01:00
Sadposter
e81f0fc6d4
Add mascot get/set tests
2019-05-20 12:58:06 +01:00
Sadposter
54e9cb5c2d
Add API endpoints for a custom user mascot
2019-05-20 12:39:23 +01:00
Aaron Tinio
2375e9a95b
Add report filtering to MRF.SimplePolicy
2019-05-20 06:02:50 +08:00
rinpatch
6430cb1bf7
Restrict poll replies from fetch queries by default
2019-05-19 17:44:18 +03:00
rinpatch
1d90f9b969
Remove tags/mentions/rich text from poll options because Mastodon and
...
add custom emoji
2019-05-19 17:06:44 +03:00
rinpatch
5ece901af3
Resolve merge conflicts and remove IO.inspects
2019-05-18 13:37:38 +03:00
rinpatch
fd920c8973
Mastodon API: Add support for posting polls
2019-05-18 13:29:28 +03:00
William Pitcock
c4a55e167a
add Changelog entry
2019-05-17 23:00:14 +00:00
William Pitcock
dc08159538
also suppress link previews from posts marked #nsfw
2019-05-17 22:13:24 +00:00
William Pitcock
0da1233e8e
rich media: suppress link previews if post is marked as sensitive
2019-05-17 18:49:43 +00:00
William Pitcock
78588dbd80
mrf: simple policy: mark all posts instead of posts with media as sensitive if they match media_nsfw
2019-05-17 18:49:10 +00:00
lain
075eecec90
Linting.
2019-05-17 18:32:30 +02:00
lain
f959bf7aa6
MongooseIM: Add basic integration endpoints.
2019-05-17 18:21:11 +02:00
lain
412a3d8a0f
Merge branch 'develop' of git.pleroma.social:pleroma/pleroma into rum-index
2019-05-17 12:26:59 +02:00
lambda
1dcdcd8871
Merge branch 'bugfix/903-mastoapi-relationship-requested' into 'develop'
...
MastoAPI account_view.ex: requested is false when following is true
Closes #903
See merge request pleroma/pleroma!1169
2019-05-17 10:07:51 +00:00
lambda
46684db84d
Update account_view.ex
2019-05-17 09:53:44 +00:00
rinpatch
642a67dd44
Render polls in statuses
2019-05-17 11:44:47 +03:00
Alexander Strizhakov
7ed682213f
Fix/902 random compile failing
2019-05-17 07:25:20 +00:00
Haelwenn (lanodan) Monnier
68c75a08e8
MastoAPI account_view.ex: requested is false when following is true
...
Closes: https://git.pleroma.social/pleroma/pleroma/issues/903
2019-05-17 07:44:09 +02:00
Aaron Tinio
70235ce840
Fix typo: s/"tags"/"tag"/g
2019-05-17 09:02:34 +08:00
Sergey Suprunenko
e2b3a27204
Add Reports to Admin API
2019-05-16 19:09:18 +00:00
feld
e190b3022b
Merge branch 'fix/domain-unblocked-reblogs' into 'develop'
...
Fix domain-unblocked reblogs
Closes #892
See merge request pleroma/pleroma!1157
2019-05-16 18:57:14 +00:00
Mark Felder
ebb0482116
Merge branch 'develop' into conversations-import
2019-05-16 13:11:17 -05:00
lambda
fde30aee43
Merge branch 'feature/sql-thread-sat' into 'develop'
...
SQL thread visibility solver
See merge request pleroma/pleroma!971
2019-05-16 13:44:22 +00:00
William Pitcock
c31026423c
publisher: use the correct queue name for outgoing federation
2019-05-16 04:41:27 +00:00
Aaron Tinio
793f1834d2
Use named binding to conditionally join object
2019-05-16 06:25:14 +08:00
Aaron Tinio
2b6119dfbf
Restrict reblogs of activities from blocked domains
2019-05-16 05:53:51 +08:00
rinpatch
62e42b03ab
Handle incoming Question objects
2019-05-15 20:10:16 +03:00
William Pitcock
a591ab6112
activity pub: remove Ecto SQL query dumps
2019-05-15 16:56:46 +00:00
William Pitcock
31db31c587
activitypub: visibility: use SQL thread_visibility() function instead of manually walking the thread
2019-05-15 15:54:10 +00:00
William Pitcock
de114ffbb0
activitypub: remove contain_timeline()
2019-05-15 15:53:06 +00:00
William Pitcock
0387f52138
activitypub: add restrict_thread_visibility()
2019-05-15 15:53:06 +00:00
lain
f168a1cbdc
Merge remote-tracking branch 'origin/develop' into conversations-import
2019-05-15 17:47:29 +02:00
kaniini
62516be9c4
Merge branch 'fix/public-option-not-working' into 'develop'
...
Fix public option not working
Closes #873
See merge request pleroma/pleroma!1143
2019-05-15 15:42:21 +00:00
lambda
4440e23547
Merge branch 'chore/extricate-http-signatures' into 'develop'
...
switch to pleroma/http_signatures library
See merge request pleroma/pleroma!1155
2019-05-15 15:37:31 +00:00
lain
7a92e701b9
CommonAPI: Visibility refactor.
2019-05-15 16:35:33 +02:00
lain
cbb3451023
CommonAPI: Refactor visibility, forbid public to private replies.
2019-05-15 16:30:08 +02:00
lain
f1e67bdc31
Search: Add optional rum indexing / searching.
2019-05-15 15:28:01 +02:00
Sachin Joshi
ee22fff5ac
remove deprecated PleromaFE configuration
2019-05-15 15:29:59 +05:45
Aaron Tinio
70c81b95d0
Pipe requests to public endpoints through EnsurePublicOrAuthenticatedPlug
2019-05-15 05:09:32 +08:00
William Pitcock
071f78733a
switch to pleroma/http_signatures library
2019-05-14 20:03:13 +00:00
lambda
692919c7d2
Merge branch 'refactor/use-job-queue-everywhere' into 'develop'
...
use job queue everywhere
Closes #862
See merge request pleroma/pleroma!1142
2019-05-14 15:27:34 +00:00
William Pitcock
ac3a3abf6b
clean up follow/block imports a little
2019-05-14 15:07:38 +00:00
Maksim
52297920e7
Refactoring oauth response.
2019-05-14 14:49:45 +00:00
Egor Kislitsyn
5e2b491276
Merge remote-tracking branch 'pleroma/develop' into feature/disable-account
2019-05-14 18:15:56 +07:00
Mark Felder
bbacdf2352
Bump Mastodon API level
2019-05-13 15:52:16 -05:00
Mark Felder
498bfdf403
Switch to Jason over Poison
2019-05-13 15:37:38 -05:00
William Pitcock
69a9e0563c
user: migrate follow/blocks import to job queue
2019-05-13 19:36:00 +00:00
William Pitcock
57d11ac9db
activitypub: move post rich media fetching to job queue
2019-05-13 19:36:00 +00:00
lambda
b14a314ce7
Merge branch 'feature/federator-behaviours' into 'develop'
...
federator modularization (outgoing)
See merge request pleroma/pleroma!1140
2019-05-13 18:58:04 +00:00
Alexander Strizhakov
a2be420f94
differences_in_mastoapi_responses.md: fullname & bio are optionnal
...
[ci skip]
2019-05-13 18:35:45 +00:00
Sachin Joshi
7701a4c841
Make irreversible field default to false in filters
2019-05-14 00:13:15 +05:45
William Pitcock
44b182732e
nodeinfo: gather supported protocol names from federation modules
2019-05-12 19:15:29 +00:00
William Pitcock
28f7f4c6de
webfinger: build the response based on enabled federation modules
2019-05-12 19:05:03 +00:00
William Pitcock
55fa4b812a
federator: websub removal
2019-05-12 05:04:24 +00:00
William Pitcock
c23276a59a
activitypub: publisher: fixups
2019-05-12 05:04:24 +00:00
William Pitcock
fedaca15a3
websub: adapt to work as a federator publishing module
2019-05-12 05:04:24 +00:00
William Pitcock
179293e51c
salmon: refactor to work as a federator publishing module
2019-05-12 05:04:21 +00:00
William Pitcock
2aee62a456
federator: publisher: only attempt publishing if we know the activity is representable
2019-05-12 05:04:16 +00:00
William Pitcock
69158f1065
ostatus: only as:Public activities are representable
2019-05-12 05:04:16 +00:00
William Pitcock
85377c0b67
federator: move activitypub relaying to the AP publisher module
2019-05-12 05:04:16 +00:00
William Pitcock
676752bb83
federator: hook up Publisher.publish()
2019-05-12 05:04:16 +00:00
William Pitcock
f7a6a37c4e
federator: remove no longer used :publish_single_ap
2019-05-12 05:04:16 +00:00
William Pitcock
10695a28d2
federator: publisher: add publish() wrapper
2019-05-12 05:04:16 +00:00
William Pitcock
0afc8d7856
federator: publisher: integrate job queue, simplify publish_one logic
2019-05-12 05:04:16 +00:00
William Pitcock
ef1f9e8d4e
activitypub: split out outgoing federation into a federation module
2019-05-12 05:04:11 +00:00
William Pitcock
e7d292f80e
federator: add publisher module defining a contract for publishing behaviours
2019-05-12 03:08:50 +00:00
kaniini
131f883207
Merge branch 'fix/ostatus-activity-representer-depends-on-emebeded-objects' into 'develop'
...
Fix get_in_reply_to in OStatus' activity representer depending on embedded objects
See merge request pleroma/pleroma!1129
2019-05-11 16:52:26 +00:00
lain
01c45ddc9e
Search: Use RUM index.
2019-05-11 11:26:46 +02:00
Sachin Joshi
f01f995816
make url uniform in admin api
2019-05-11 14:46:00 +05:45
feld
c953ae8c3d
Initial bundle of basic AdminFE
...
Due to CSP headers we only allow connecting to self. If you want to
host AdminFE on a separate domain without CSP headers you will be able
to connect to any public Pleroma host.
2019-05-11 01:34:17 +00:00
rinpatch
1d78e42fd4
Remove get_in_reply_to calls in some functions because the result is unused and it does not have any side-effects
2019-05-10 13:49:34 +03:00
Francis Dinh
2a54e8c1f5
Use "repeated" instead of "retweeted" for repeated statuses in Twitter API
...
This makes it consistent with the language used in Pleroma FE (at least
in English).
Resolves https://git.pleroma.social/pleroma/pleroma-fe/issues/533
2019-05-09 19:58:34 -04:00
rinpatch
e4523c3010
Fix get_in_reply_to in OStatus' activity representer depending on embedded objects
2019-05-09 22:27:00 +03:00
lain
a33bec7d58
Conversations: Import order, import as read.
2019-05-09 16:39:28 +02:00
lain
e6d7f8d223
Credo fixes.
2019-05-08 18:19:20 +02:00
lain
a4598b5e8b
Visibility: Make it more resilient.
2019-05-08 18:08:50 +02:00
lain
920bd47055
ActivityPub: Remove leftover printf debugging.
2019-05-08 17:40:24 +02:00
lain
fcf2f38d20
Conversations: Add a function to 'import' old DMs.
2019-05-08 17:37:00 +02:00
Alexander Strizhakov
bfeb33e951
Merge develop
...
Merge conflict in lib/pleroma/activity.ex
2019-05-08 14:34:36 +00:00
Maksim
799e1f48b5
Refactoring functions for dealing with oauth scopes.
2019-05-08 10:52:13 +00:00
kaniini
14deed7f7d
Merge branch 'refactor/preload-bookmarks-with-activities' into 'develop'
...
Optimize bookmarks by preloading them with activities
Closes #861
See merge request pleroma/pleroma!1121
2019-05-07 19:37:41 +00:00
William Pitcock
d64c3b604e
twitterapi: use order constraint to force descending order
2019-05-07 19:33:25 +00:00
William Pitcock
6020ff3fb6
activitypub: add optional order constraint to timeline query builder
2019-05-07 19:33:22 +00:00
rinpatch
4c5125dedc
Remove bookmarks
assoc and add a fake bookmark
assoc instead
2019-05-07 19:33:22 +00:00
rinpatch
3a7c14645e
- Actually use preloaded bookmarks in views
...
- Preload bookmarks in bookmark timeline
- Rework bookmark preload tests
2019-05-07 19:33:22 +00:00
rinpatch
f841eb7cdb
Preload bookmarks wherever the object is preloaded
2019-05-07 19:33:22 +00:00
rinpatch
06947c9147
Remove bookmarks assoc
2019-05-07 19:33:22 +00:00
kaniini
a1a0df19c4
Merge branch 'docs/MRF-modules' into 'develop'
...
Documentation: MRF Modules
See merge request pleroma/pleroma!1122
2019-05-07 16:15:27 +00:00
lambda
238dd72fad
Merge branch 'conversations_three' into 'develop'
...
Conversations once more.
See merge request pleroma/pleroma!1119
2019-05-07 14:43:21 +00:00
Egor Kislitsyn
1557b99beb
Merge remote-tracking branch 'pleroma/develop' into feature/disable-account
2019-05-07 16:51:11 +07:00
Maksim
1040caf096
fix format
...
Modified-by: Maksim Pechnikov <parallel588@gmail.com>
2019-05-06 17:51:03 +00:00
Alexander Strizhakov
ce6ca0fefe
Merge branch 'develop' of https://git.pleroma.social/pleroma/pleroma into feature/845-improve-status-deletion
2019-05-06 16:45:22 +00:00
Haelwenn (lanodan) Monnier
e41a2f98d5
mrf/tag_policy.ex: Add some documentation
...
mrf_tag:disable-remote-subscription exact way of working is quite
unclear to me. Is it the requester that is denied if they have a tag,
or is it the requestee if they have one?
2019-05-06 04:53:11 +02:00
Haelwenn (lanodan) Monnier
af62ace954
Add short documentation on every MRF Policy
2019-05-06 04:49:50 +02:00
rinpatch
d089ff2460
Merge branch 'fix/embeded-relationship-in-follows' into 'develop'
...
Fix embeded relationships in Mastodon API
See merge request pleroma/pleroma!1118
2019-05-03 20:36:13 +00:00
Haelwenn (lanodan) Monnier
b5ad1715b2
MastoAPI: profile update with emoji_map
2019-05-03 16:41:23 +02:00
Haelwenn (lanodan) Monnier
46bbf9e1cf
TwitterAPI: profile update with emoji_map
2019-05-03 16:30:24 +02:00
Haelwenn (lanodan) Monnier
85434669bb
Web.TwitterAPI.UserView: Also view local user emojis
2019-05-03 16:27:51 +02:00
Haelwenn (lanodan) Monnier
2f76a40d02
formatter.ex: Add get_emoji_map/1
2019-05-03 16:27:50 +02:00
Haelwenn (lanodan) Monnier
d70af32127
Pleroma.User: remove emojify on parse_bio
2019-05-03 16:27:50 +02:00
lain
c42ded13a2
Credo fixes.
2019-05-03 13:53:17 +02:00
feld
acb04306b6
Standardize construction of websocket URL
...
This follows up on the change made in d747bd98
2019-05-03 11:45:04 +00:00
lain
a0c755cc4a
MastodonApi: Bump api level.
2019-05-03 13:40:43 +02:00
lain
81d1aa424d
Streamer: Stream out Conversations/Participations.
2019-05-03 13:39:14 +02:00
rinpatch
38b79461df
Fix embeded relationships in Mastodon API
...
Currently some endpoints render accounts without for user resulting in
embedded relationship being empty. It causes bugs in followers/following
tab in pleroma-fe but I fixed it for other endpoints as well just in
case
2019-05-03 00:49:17 +03:00