Commit graph

467 commits

Author SHA1 Message Date
Ivan Tashkinov 2c68cf7e9e OAuth2 security fixes: redirect URI validation, "Mastodon-Local" security breach fix.
(`POST /api/v1/apps` could create "Mastodon-Local" app wth any redirect_uris,
and if that happened before /web/login is accessed for the first time
then Pleroma used this externally created record with arbitrary
redirect_uris and client_secret known by creator).
2019-02-07 22:14:06 +03:00
Karen Konou f4ff4ffba2 Migration and some boilerplate stuff 2019-02-07 17:36:14 +01:00
Mark Felder 74518d0b60 hide_followings was renamed to hide_followers in the FE, but never synced up in the BE
This was a dirty regex replace which worked on my server
2019-02-06 22:34:44 +00:00
William Pitcock 65a4b9fbea mastodon api: rich media: don't clobber %URI struct with a string 2019-02-06 18:02:15 +00:00
kaniini eb2b1960e0 Merge branch 'feature/split-hide-network-v2' into 'develop'
Split hide_network into hide_followers & hide_followings (fixed)

See merge request pleroma/pleroma!765
2019-02-05 18:56:59 +00:00
William Pitcock 1d94b67e40 mastodon api: fix rendering of cards without image URLs (closes #597) 2019-02-05 18:30:27 +00:00
rinpatch 00835bf678 Merge branch 'fix/rich-media-relative-path' into 'develop'
Fix rich media relative path

Closes #588

See merge request pleroma/pleroma!759
2019-02-04 16:01:34 +00:00
Maxim Filippov 16ce129e38 Split hide_network into hide_followers & hide_followings (fixed) 2019-02-03 21:55:04 +03:00
rinpatch 68d461b3a9 Check if rich media uri is relative 2019-02-02 12:24:24 +03:00
rinpatch 833404f0f5 Use with instead of if in the card 2019-02-02 12:04:18 +03:00
rinpatch e4d18f328b merge only if page_url is an absolute path 2019-02-02 11:53:46 +03:00
rinpatch cbadf9d333 Fix rich media relative path 2019-02-02 11:38:37 +03:00
kaniini 486749064f Revert "Merge branch 'feature/split-hide-network' into 'develop'"
This reverts merge request !733
2019-02-01 20:22:58 +00:00
eugenijm d747bd9870 Use String.replace_leading instead of String.replace for getting websocket streaming api url.
Extract the login responsible for obtaining websocket URL into the corresponding
Endpoint function.
2019-02-01 21:58:43 +03:00
Haelwenn (lanodan) Monnier 74c6119f28
MastodonAPI.MastodonAPIController: Return a 404 when we fail to get a list 2019-02-01 18:21:16 +01:00
kaniini 0a82a7e6d6 Merge branch 'feature/split-hide-network' into 'develop'
Split hide_network into hide_followers & hide_followings

See merge request pleroma/pleroma!733
2019-02-01 17:05:29 +00:00
Haelwenn 00d4333373 Merge branch 'features/glitch-soc-frontend' into 'develop'
Features/glitch soc frontend

See merge request pleroma/pleroma!192
2019-01-31 10:16:11 +00:00
href 4aff4efa8d
Use multiple hackney pools
* federation (ap, salmon)
* media (rich media, media proxy)
* upload (uploader proxy)

Each "part" will stop fighting others ones -- a huge federation outbound
could before make the media proxy fail to checkout a connection in time.

splitted media and uploaded media for the good reason than an upload
pool will have all connections to the same host (the uploader upstream).
it also has a longer default retention period for connections.
2019-01-30 15:06:46 +01:00
Haelwenn ebb3496386 Merge branch 'feature/rich-media-part-2-electric-boogaloo' into 'develop'
Rich Media support, part 2.

See merge request pleroma/pleroma!719
2019-01-29 05:11:08 +00:00
Maxim Filippov 50d6183893 Split hide_network into hide_followers & hide_followings 2019-01-28 21:40:08 +03:00
Haelwenn de0fb88a9c Merge branch 'safe-render-activities' into 'develop'
remove unnecessary filter (re !723)

See merge request pleroma/pleroma!729
2019-01-28 11:48:03 +00:00
href df2f7b39dd
re f83bae7c: remove unnecessary filter 2019-01-28 12:24:14 +01:00
William Pitcock ddc7ae2c1a mastodon api: card: force OGP images through mediaproxy 2019-01-28 06:42:27 +00:00
William Pitcock 8e42251e06 rich media: add helpers module, use instead of MastodonAPI module 2019-01-28 06:04:54 +00:00
William Pitcock 24a103a1fe mastodon api: formatting 2019-01-28 05:53:17 +00:00
William Pitcock 5a37ddc2dc mastodon api: embed card in status object 2019-01-28 05:53:17 +00:00
William Pitcock 132d815f1f mastodon api: factor out status card fetching, move status card rendering to statusview, add opengraph extended data 2019-01-28 05:53:17 +00:00
Haelwenn (lanodan) Monnier cda1470e02
[MastoAPI][GlitchAPI] Add bookmarks 2019-01-28 04:47:32 +01:00
lambda 16ab1437d6 Merge branch 'safe-render-activities' into 'develop'
Views: wrap activity rendering in a rescue

See merge request pleroma/pleroma!723
2019-01-27 20:10:09 +00:00
href f83bae7c22
Views: wrap activity rendering in a rescue
this avoids complete timeline breakage when an activity fucks up
rendering.
2019-01-27 19:16:20 +01:00
kaniini 5eb81d2c72 Merge branch 'features/mastoapi-multi-hashtag' into 'develop'
MastodonAPI multi-hashtag

See merge request pleroma/pleroma!652
2019-01-27 12:45:50 +00:00
Haelwenn (lanodan) Monnier a65c188593
Web.MastodonAPI.AccountView: Add is_moderator and is_admin
Closes: https://git.pleroma.social/pleroma/pleroma/issues/557
2019-01-27 10:33:22 +01:00
Haelwenn (lanodan) Monnier de956b9e04
Web.MastodonAPI.MastodonAPIController: tag+any bookmark params in a array and flatten it 2019-01-26 16:46:20 +01:00
William Pitcock 1f7843b9b8 mastodon api: use OGP uri instead of page_url for deducing domain name, fix test 2019-01-26 15:24:16 +00:00
William Pitcock 86037e9c39 mastodon api: use HTML.extract_first_external_url() 2019-01-26 15:13:27 +00:00
William Pitcock 78047d57bf mastodon api: provider_name setting is required too on the card 2019-01-26 14:47:32 +00:00
Haelwenn (lanodan) Monnier 39863236eb Web.MastodonAPI.MastodonAPIController: generic get_status_card/1 function for MastoAPI 2.6.x
Mastodon API 2.6.x added a card key to the Status object so the Card can be shown in the timeline without an extra request at each status.
2019-01-26 14:18:23 +00:00
Haelwenn (lanodan) Monnier 3f64379b13 Web.MastodonAPI.MastodonAPIController: Add Rich-Media support 2019-01-26 14:18:23 +00:00
Haelwenn (lanodan) Monnier 5a84def6a6
Fix the logic in multi-hashtag TLs 2019-01-26 04:46:02 +01:00
Haelwenn (lanodan) Monnier f9cae0d04f
[WIP,MastoAPI] Multi-tag timelines 2019-01-26 04:45:36 +01:00
lain 2de208817c Merge branch 'develop' into rename/pleroma_activity_consistency 2019-01-23 13:05:58 +01:00
lambda 69454c8345 Merge branch 'feature/dm-sanity' into 'develop'
DM sanitization

See merge request pleroma/pleroma!458
2019-01-21 12:35:10 +00:00
Haelwenn (lanodan) Monnier 98c8184c1f
Activity: get_create_activity_by_object_ap_id/1 → get_create_by_object_ap_id/1 2019-01-21 08:00:41 +01:00
Haelwenn (lanodan) Monnier 2fdbd4d137
Activity: create_activity_by_object_id_query/1 → create_by_object_ap_id/1 when is_list 2019-01-21 08:00:40 +01:00
lambda f3045a179e Merge branch 'i1t/pleroma-477_user_search_improvements' into 'develop'
I1t/pleroma 477 user search improvements

See merge request pleroma/pleroma!685
2019-01-20 10:24:05 +00:00
William Pitcock 75dfa1f0b0 mastodon api: get_visibility(): DMs never have a cc list. 2019-01-20 02:27:48 +00:00
Mark Felder 8c368d42a2 Make attachment links configurable
Thanks @href!
2019-01-17 15:48:14 +00:00
lain 943324b661 MastoAPI: Don't break on missing users. 2019-01-16 15:13:09 +01:00
Ivan Tashkinov dc45ec62c2 [#477] User search improvements: tsquery search with field weights, friends & followers boosting. 2019-01-14 20:04:45 +03:00
Sadposter 9daf162461 Honour parameters on MastoAPI /favourites 2019-01-12 14:42:52 +00:00
Sadposter 144b48da95 Add link headers to MastoAPI /favourites
As documented at https://docs.joinmastodon.org/api/rest/favourites/
2019-01-12 14:03:35 +00:00
Egor Kislitsyn e679da4c34 add pinned property to StatusView 2019-01-08 15:27:02 +07:00
Egor Kislitsyn f24087f96e Merge branch 'develop' of git.pleroma.social:pleroma/pleroma into feature/pinned-posts 2019-01-07 20:55:32 +07:00
Egor Kislitsyn 380e9fba21 add pinned posts 2019-01-07 20:45:33 +07:00
scarlett 36fa5e8802 Check visible_for_user when performing a search using a direct link. 2019-01-07 10:36:31 +00:00
Rin Toshaka 846082e54f Different caches based on the module. Remove scrubber version since it is not relevant anymore 2019-01-05 00:19:46 +01:00
kaniini 90e157ef80 Merge branch 'features/admin-api-user-views' into 'develop'
User/Account views: Add rights.admin

Closes #472

See merge request pleroma/pleroma!589
2018-12-31 15:49:34 +00:00
William Pitcock 980b5288ed update copyright years to 2019 2018-12-31 15:41:47 +00:00
Rin Toshaka 7e09c2bd7d Move scrubber cache-related functions to Pleroma.HTML 2018-12-31 08:19:48 +01:00
Rin Toshaka dec23500d8 Resolve merge conflict 2018-12-30 21:00:40 +01:00
Rin Toshaka 535fddd286 Friendship ended with Postgresql now Cachex is my best friend 2018-12-30 19:33:36 +01:00
Rin Toshaka d9f40b05b3 Added get_stripped_html_for_object. Renamed a few things 2018-12-30 16:51:16 +01:00
Rin Toshaka 19f9889fbe I am not sure what's going on anymore so I'll just commit and reset all the other files to HEAD 2018-12-29 17:45:50 +01:00
kaniini dd8f2196f6 Merge branch '483_blocks_import_export' into 'develop'
[#483] Blocked users list import & export

Closes #483

See merge request pleroma/pleroma!603
2018-12-29 11:34:51 +00:00
Ivan Tashkinov 0a41786624 [#467] Refactored valid / invalid user rendering. 2018-12-28 22:47:42 +03:00
Ivan Tashkinov 6e9a15b181 [#483] Blocked users export for TwitterAPI. 2018-12-28 21:08:07 +03:00
Haelwenn (lanodan) Monnier b43d630f30
Web.TwitterAPI.UserView: Add rights.admin 2018-12-28 17:38:32 +01:00
Ivan Tashkinov 0d1788ce44 [#471] Factored out User.visible_for?/2. 2018-12-28 14:35:25 +03:00
Ivan Tashkinov e6aeb1d4a5 [#471] Prevented rendering of inactive local accounts. 2018-12-27 15:46:18 +03:00
William Pitcock 2791ce9a1f add license boilerplate to pleroma core 2018-12-23 20:56:42 +00:00
William Pitcock 32dfc1d12a mastodon api: status view: remove obsolete peertube hack 2018-12-23 13:40:33 +00:00
Ivan Tashkinov 279096228c [#114] Made MastodonAPI and TwitterAPI user show actions return 404 for auth-inactive users
unless requested by admin or moderator.
2018-12-19 18:56:52 +03:00
Ivan Tashkinov aed0f90287 [#114] Added pleroma.confirmation_pending to user views, adjusted view tests. 2018-12-18 17:22:45 +03:00
href 77b5154c82
Cowboy handler for Mastodon WebSocket 2018-12-17 17:06:18 +01:00
href 5dcb7aecea
More put_view. 2018-12-16 17:51:22 +01:00
href f672555ad3
Upgrade to Phoenix 1.4 2018-12-16 17:15:07 +01:00
eal 28478a9c4f Merge branch 'fix/masto-put-settings' into 'develop'
Mastodon API: Fix PUT /api/web/settings

See merge request pleroma/pleroma!557
2018-12-16 11:21:26 +00:00
eal 4c783e35c0 Mastodon API: Fix PUT /api/web/settings 2018-12-16 13:15:34 +02:00
href acec11626d Merge branch 'fix/issue_272' into 'develop'
[#272] fix tags

See merge request pleroma/pleroma!540
2018-12-14 20:20:30 +00:00
Maksim Pechnikov ea72ac549b fix case when tags is invalid 2018-12-14 23:16:12 +03:00
Maksim Pechnikov d3ec09bb38 fix tags 2018-12-14 22:09:04 +03:00
href 0b4c61e8d5
Fix warning 2018-12-14 13:56:42 +01:00
href ec0e613eca
Pleroma.Activity.mastodon_notification_type/1 2018-12-14 13:22:10 +01:00
href 331396cbcd
Properly disable Web Push if no VAPID key is set 2018-12-14 13:05:51 +01:00
Egor Kislitsyn 658edb166f
fix and improve web push; add configuration docs 2018-12-14 13:05:29 +01:00
lambda ff10b9927b Merge branch 'support/bugfix_272' into 'develop'
[#272] fix hashtags in api

See merge request pleroma/pleroma!510
2018-12-10 19:05:16 +00:00
Maksim Pechnikov e94c3442f4 updates 2018-12-10 13:27:37 +03:00
Maksim Pechnikov 074fa790ba fix compile warnings 2018-12-09 20:50:08 +03:00
Maksim Pechnikov 068353ac0b formatting 2018-12-09 11:24:46 +03:00
Maksim Pechnikov 9442588ae9 fix hashtags in api response 2018-12-09 11:24:46 +03:00
lambda 94d8f1ab30 Merge branch '394_user_tags' into 'develop'
[#394] User tags

Closes #394

See merge request pleroma/pleroma!508
2018-12-07 18:25:38 +00:00
Ivan Tashkinov 7a2162bbcb [#394] User view (Twitter & Mastadon API): wrapped "tags" in "pleroma" map. 2018-12-06 22:26:25 +03:00
Ivan Tashkinov 7bcb6a183a [#394] Refactoring. 2018-12-06 20:23:16 +03:00
Ivan Tashkinov 7b19487389 [#394] Added users.tags and admin routes to tag and untag users. Added tests. 2018-12-06 20:06:50 +03:00
kaniini 1d531fd2f3 Merge branch 'fix/mastodon-api-settings' into 'develop'
Fix put_settings and remove info_changeset

See merge request pleroma/pleroma!507
2018-12-06 16:01:58 +00:00
kaniini abead01ab6 Merge branch 'correct-and-improve-http-options' into 'develop'
Correct and improve http options

See merge request pleroma/pleroma!505
2018-12-06 15:57:56 +00:00
rinpatch 2ae1128d9f MastoAPI: Fix put_settings 2018-12-06 17:42:07 +03:00
Egor Kislitsyn 79668c08fc cleanup 2018-12-06 20:50:20 +07:00
Egor Kislitsyn 3d492795b7 clean up 2018-12-06 20:42:00 +07:00
Egor Kislitsyn 4944498133 Merge branch 'develop' into feature/compat/push-subscriptions
# Conflicts:
#	lib/pleroma/application.ex
#	lib/pleroma/plugs/oauth_plug.ex
2018-12-06 20:15:16 +07:00