Commit graph

7089 commits

Author SHA1 Message Date
rinpatch 45c299e5b5 Merge branch '2130-mfa-users-oauth-login-fix' into 'develop'
[#2130] Fixed OAuth OOB authentication for users with enabled MFA

Closes #2130

See merge request pleroma/pleroma!2979
2020-09-10 18:38:48 +00:00
Alexander Strizhakov e8bfb50fa3
pass options without adapter key 2020-09-10 20:09:44 +03:00
Alexander Strizhakov ab56dd54e7
use Pleroma.HTTP in emoji packs tasks 2020-09-10 11:23:39 +03:00
Ivan Tashkinov cad69669fc [#2130] Fixed OAuth OOB authentication for users with enabled MFA. 2020-09-09 22:44:38 +03:00
rinpatch 0d2814ec8e Metadata: Move restriction check from Feed provider to activated_providers 2020-09-08 20:21:34 +03:00
Mark Felder 2011142ed9 Use :restrict_unauthenticated testing for more granular control 2020-09-08 20:21:34 +03:00
Mark Felder a85ed6defb Do not serve RSS/Atom feeds when instance is private 2020-09-08 20:21:34 +03:00
Mark Felder 14d07081fd Feed provider only generates a redirect, so always activate it.
Making this configurable is misleading.
2020-09-08 20:21:34 +03:00
Mark Felder ff07014b26 Disable providers of user and status metadata when instance is private 2020-09-08 20:21:34 +03:00
Mark Felder 630444ee08 Do not make RelMe metadata provider optional.
There's really no sound reason to turn this off anyway.
2020-09-08 20:21:34 +03:00
Haelwenn (lanodan) Monnier 947ee55ae2 user: harden get_friends_query(), get_followers_query() and their wrappers 2020-09-08 20:21:34 +03:00
Haelwenn (lanodan) Monnier 16c451f8f1 search: Apply following filter only when user is usable 2020-09-08 20:21:34 +03:00
Haelwenn (lanodan) Monnier 10ef532c63 AP C2S: Restrict character limit on Note 2020-09-08 20:21:34 +03:00
Egor Kislitsyn a781ac6ca5 Fix atom leak in AdminAPIController 2020-09-08 20:21:34 +03:00
Alexander Strizhakov 87d2805791
combo fixes 2020-09-08 17:40:23 +02:00
Mark Felder 21efda2edb Merge branch 'develop' of git.pleroma.social:pleroma/pleroma into unlisted 2020-09-08 09:31:26 -05:00
rinpatch 0a05670b44 Merge branch 'fix/upload-filter-exiftool-webp' into 'develop'
Skip processing webp image files because we can't strip EXIF

Closes #2080

See merge request pleroma/pleroma!2924
2020-09-08 12:21:33 +00:00
Mark Felder 4ea07f74e9 Revert/simplify.
We only need to check the content-type. There's no chance a webp file
will get mismatched as another image type.
2020-09-08 12:29:38 +03:00
Mark Felder 216c84a8f4 Bypass the filter based on content-type as well in case a webp image is uploaded with the wrong file extension. 2020-09-08 12:29:38 +03:00
Mark Felder 2165a24974 Improve upload filter return values so we can identify when filters make no changes to the input 2020-09-08 12:29:38 +03:00
Mark Felder fa347b9c2f Fix uploading webp image files when Exiftool Upload Filter is enabled 2020-09-08 12:29:38 +03:00
Alibek Omarov 95688c90ad ForceBotUnlistedPolicy: simplify code 2020-09-08 01:15:15 +02:00
Alibek Omarov 8b695c3eeb ForceBotUnlistedPolicy: format 2020-09-07 22:53:45 +02:00
Alibek Omarov 699224a900 ForceBotUnlistedPolicy: initial add, tiny clean up from my previous version 2020-09-07 22:15:42 +02:00
Alexander Strizhakov 18d21aed00
deprecation warnings 2020-09-07 19:59:17 +03:00
Alexander Strizhakov 696bf09433
passing adapter options directly without adapter key 2020-09-07 19:59:17 +03:00
Alexander Strizhakov a83916fdac
adapter options unification
not needed options deletion
2020-09-07 19:59:17 +03:00
Alexander Strizhakov ee67c98e55
removing Stats worker from Oban cron jobs 2020-09-07 19:16:14 +03:00
rinpatch 6c6de8e5df Merge branch 'temp-hackney-fix' into 'develop'
temp hackney fix

See merge request pleroma/pleroma!2951
2020-09-07 12:47:43 +00:00
rinpatch d5c286b802 Merge branch 'bugfix/favicon-too-long' into 'develop'
instance: Drop favicon URLs longer than 255 characters

Closes #2116

See merge request pleroma/pleroma!2949
2020-09-07 11:12:30 +00:00
lain fdab01ab56 Merge branch 'fix/rich-media-fake-statuses' into 'develop'
Rich Media: Do not cache URLs for preview statuses

Closes #1987

See merge request pleroma/pleroma!2956
2020-09-07 10:19:19 +00:00
Haelwenn (lanodan) Monnier 08aef7dd4e
instance: Log catch favicon errors as warnings 2020-09-07 08:40:52 +02:00
rinpatch 170599c390 RichMedia: do not log webpages missing metadata as errors
Also fixes the return value of Parser.parse on errors, previously
was just `:ok` due to the logger call in the end
2020-09-05 22:05:35 +03:00
rinpatch 129a2f48df ConnectionPool middleware: handle connection opening errors 2020-09-05 21:36:17 +03:00
rinpatch 9d6aca5bee ConnectionPool: fix the previous hotfix
I rushed the hotfix and forgot how `pop_in` actually works,
I want to die. We need some integration tests for the HTTP client
2020-09-05 21:27:06 +03:00
rinpatch 5298de3be6 ConnectionPool middleware: fix a crash due to unimplemented behaviour
Structs don't implement Access behaviour, so this crashed. Tests didn't
catch it and I didn't test that part of the codepath. Very sorry
2020-09-05 21:17:03 +03:00
rinpatch e198ba492e Rich Media: Do not cache URLs for preview statuses
Closes #1987
2020-09-05 20:53:46 +03:00
Haelwenn (lanodan) Monnier 0d91f65284
Prevent AccountView and instance.get_or_update_favicon fails 2020-09-05 05:43:50 +02:00
rinpatch 10da13c713 ConnectionPool middleware: Fix connection leak on ReverseProxy redirects
Requires a patched Tesla due to upstream not saving opts between
redirects, patch submitted at https://github.com/teamon/tesla/pull/414
2020-09-04 22:10:40 +03:00
Alexander Strizhakov 473458b0fb
fix for ReverseProxy 2020-09-04 14:45:30 +03:00
Alexander Strizhakov 8bd2b6eb13
temp hackney fix 2020-09-04 14:24:15 +03:00
rinpatch d34fe2840d HTTP: radically simplify pool checkin/checkout
Use a custom tesla middleware instead of adapter helper function +
custom redirect middleware.

This will also fix "Client died before releasing the connection"
messages when the request pool is overloaded. Since the checkout is
now done after passing ConcurrentLimiter.

This is technically less efficient, since the connection needs to be
checked in/out every time the middleware is left or entered respectively.
But I don't think the nanoseconds we might lose on redirects
to the same host are worth the complexity.
2020-09-03 23:44:13 +03:00
lain 9433311923 Merge branch 'bugfix/incoming-poll-emoji' into 'develop'
Fix emoji in Question, force generated context/context_id insertion

Closes #1870

See merge request pleroma/pleroma!2915
2020-09-03 11:50:30 +00:00
lain f26b580e80 Merge branch 'develop' of git.pleroma.social:pleroma/pleroma into seanking/pleroma-fix_install_fe_bug 2020-09-03 11:29:39 +02:00
feld d1a6f67b1d Merge branch 'fix/2095-deactivated-account-reset' into 'develop'
Disallow password resets for deactivated accounts

Closes #2095

See merge request pleroma/pleroma!2935
2020-09-02 17:11:24 +00:00
lain 0ab03e8564 Merge branch 'fix/1991-tzdata-update' into 'develop'
user agent if Endpoint is not started yet

Closes #1991

See merge request pleroma/pleroma!2945
2020-09-02 17:09:55 +00:00
lain 119e11f455 Merge branch 'bugfix/mastoapi-lists' into 'develop'
Fix removing an account from a list

Closes #2103

See merge request pleroma/pleroma!2940
2020-09-02 17:03:45 +00:00
lain 581f382e71 ListController: DRY up stuff. 2020-09-02 18:32:00 +02:00
Mark Felder cbf7f0e029 Disallow password resets for deactivated accounts.
Ensure all responses to password reset events are identical.
2020-09-02 09:09:13 -05:00
rinpatch d48fc90978 StatusView: Start fetching rich media cards as soon as possible 2020-09-02 16:45:54 +03:00