William Pitcock
dfcfb184b1
activitypub: transmogrifier: make deletes secure
2018-11-17 21:22:57 +00:00
Haelwenn (lanodan) Monnier
0ca00b3a07
Web.AdminAPI.AdminAPIController: Fixes bugs found with ExUnit
2018-11-17 22:12:14 +01:00
Haelwenn (lanodan) Monnier
12ccf0c4f8
Change Relay from status
to {status, message}
2018-11-17 22:12:13 +01:00
Haelwenn (lanodan) Monnier
4634d99d0d
Web.Router: Change right to permission group (except for function names)
2018-11-17 22:12:13 +01:00
William Pitcock
0d1375f274
federator: return :ok or :error depending on if an AP doc was accepted or not
2018-11-17 21:00:37 +00:00
William Pitcock
3d9266a8cb
federator: do origin containment when processing inbound messages
2018-11-17 20:43:43 +00:00
William Pitcock
c88533209c
activitypub: user fetching: use fetch_and_contain_remote_object_from_id()
2018-11-17 20:16:03 +00:00
William Pitcock
daa8ec3d62
activitypub: factor out AP object fetching to it's own function and add ID-based containment
2018-11-17 20:15:59 +00:00
Haelwenn (lanodan) Monnier
e0b0fde713
Web.AdminAPI.AdminAPIController: Change right to permission group (except for function names)
2018-11-17 20:25:57 +01:00
Haelwenn (lanodan) Monnier
ccd6b1956d
lib/pleroma/web/admin_api/admin_api_controller.ex: Support status reply of Relay.{un,}follow
2018-11-17 20:25:56 +01:00
Haelwenn (lanodan) Monnier
265c8c5209
Pleroma.Web.ActivityPub.Relay: make {un,}follow return :ok only if it worked, :error if it didn’t
2018-11-17 20:25:56 +01:00
Haelwenn (lanodan) Monnier
4a79b89dba
lib/pleroma/plugs/user_is_admin_plug.ex: change 403 string to “User is not admin.”
2018-11-17 20:25:56 +01:00
Haelwenn (lanodan) Monnier
f9d05902fe
lib/pleroma/web/admin_api/admin_api_controller.ex: An admin cannot un-admin themselves
2018-11-17 20:25:56 +01:00
Haelwenn (lanodan) Monnier
a87ed2fad6
Pleroma.Web.AdminAPI.AdminAPIController: user_create statement format
2018-11-17 20:25:55 +01:00
Haelwenn (lanodan) Monnier
f48062488e
Add get endpoints for rights [AdminAPI]
2018-11-17 20:25:55 +01:00
Haelwenn (lanodan) Monnier
59ce7fedce
Fix connection returns make generic right endpoint [AdminAPI]
2018-11-17 20:25:55 +01:00
Haelwenn (lanodan) Monnier
c5a2bd6a65
admin_api_controller.ex: fix remaining params at once
2018-11-17 20:25:54 +01:00
Haelwenn (lanodan) Monnier
95b107b6cc
admin_api_controller.ex: Add documentation, fix get_invite_token
2018-11-17 20:25:54 +01:00
Haelwenn (lanodan) Monnier
578a911737
admin_api_controller.ex: get_password_reset: fix params and response
2018-11-17 20:25:54 +01:00
Haelwenn (lanodan) Monnier
5732eef16b
lib/pleroma/web/admin_api/admin_api_controller.ex: Pleroma.Web.AdminAPI.Controller → Pleroma.Web.AdminAPI.AdminAPIController
2018-11-17 20:25:53 +01:00
Haelwenn (lanodan) Monnier
c8b8f1d32c
[Pleroma.Plugs.UserIsAdminPlug]: Check if admin is true instead of false, fix error reporting
2018-11-17 20:25:53 +01:00
Haelwenn (lanodan) Monnier
7076d45cb6
lib/pleroma/plugs/user_is_admin_plug.ex: Create
2018-11-17 20:25:52 +01:00
Haelwenn (lanodan) Monnier
77d2fd54dd
admin_api_controller: Have some basic code
2018-11-17 20:25:52 +01:00
Haelwenn (lanodan) Monnier
ee2e1328ad
admin_api_controller.ex: Create
2018-11-17 20:25:52 +01:00
William Pitcock
603fccf175
activitypub: fetch_object_from_id(): prefer actor
over attributedTo
to avoid spoofing
2018-11-17 18:17:17 +00:00
kaniini
05967472f2
Merge branch 'feature/uploader-mdii' into 'develop'
...
Feature / MDII Uploader
See merge request pleroma/pleroma!454
2018-11-17 16:41:09 +00:00
hakabahitoyo
59e079f641
fallbacking into local uploader
2018-11-17 20:16:25 +09:00
hakabahitoyo
8fd0556c78
better config reading
2018-11-17 18:14:42 +09:00
lain
f87b315618
TwitterAPI: Fix dm_timeline displaying only half of the conversation.
2018-11-16 19:47:36 +01:00
lambda
2f639ea129
Merge branch 'feature/pleromafe-usersearch' into 'develop'
...
Add Twitter / Pleroma API user search
See merge request pleroma/pleroma!452
2018-11-16 18:13:47 +00:00
William Pitcock
c07464607d
http security: remove form-action from CSP definitions
2018-11-16 17:40:21 +00:00
lain
e8d8c84f79
Add better test for user search functionlity.
2018-11-16 18:31:32 +01:00
hakabahitoyo
55abd8482e
better config
2018-11-16 20:41:12 +09:00
hakabahitoyo
52224de39f
better extension detection
2018-11-16 20:22:36 +09:00
hakabahitoyo
4fbfacf5e1
debug
2018-11-15 16:08:55 +09:00
hakabahitoyo
8e707aba29
format
2018-11-15 15:11:59 +09:00
Hakaba Hitoyo
ebe658c169
debuf
2018-11-15 14:46:43 +09:00
Hakaba Hitoyo
698cb3587c
omplement mdii uploader
2018-11-15 14:38:45 +09:00
Hakaba Hitoyo
58af0787be
add mdii uploader
2018-11-15 14:19:10 +09:00
lain
27aa136aac
Format.
2018-11-14 20:41:12 +01:00
lain
7b170cd616
Add Pleroma user search api for PleromaFE.
2018-11-14 20:33:23 +01:00
lambda
cc45797f4e
Merge branch 'fix-media-proxy-filename' into 'develop'
...
media_proxy: use path only to retrieve filename
See merge request pleroma/pleroma!450
2018-11-14 18:17:10 +00:00
kaniini
69d557e86d
Merge branch 'twitter-api-direct-messages' into 'develop'
...
Twitter api direct messages
See merge request pleroma/pleroma!449
2018-11-14 08:52:08 +00:00
href
f52a1d1ec5
media_proxy: use path only to retrieve filename
2018-11-13 23:41:33 +01:00
lain
ea9a776d7b
TwitterApi: Add direct message endpoint
2018-11-13 20:08:50 +01:00
lain
2cf40237ff
MastodonAPI: Add pagination to private messages.
2018-11-13 19:46:34 +01:00
href
9b553a1087
media_proxy: CSP, content-disposition
...
* Adds CSP headers to the media proxy endpoint
* Sends `content-disposition: attachment; …` for non-image/video/audio
content types
The default list can be overwritten with `:media_proxy,
:safe_content_types` in the configuration.
* Also now appends the filename to the proxy URL (fixes some mobile apps,
it was requested a while ago)
2018-11-13 15:58:02 +01:00
shibayashi
87c76a9a2f
Add __Host- prefix when secure flag is enabled
2018-11-13 00:32:38 +01:00
scarlett
0ce5623134
Merge branch 'twitter-api-null-display-name' into 'develop'
...
Twitter API: Fall back to user.nickname if user has no name
Closes #375
See merge request pleroma/pleroma!444
2018-11-12 17:08:54 +00:00
scarlett
cb6fd73861
Twitter API: Fall back to user.nickname if user has no name
2018-11-12 15:52:13 +00:00
kaniini
54923c2e55
Merge branch 'feature/csp-plug' into 'develop'
...
migrate CSP management to CSPPlug
See merge request pleroma/pleroma!441
2018-11-12 15:30:42 +00:00
William Pitcock
ee5932a504
http security: allow referrer-policy to be configured
2018-11-12 15:14:46 +00:00
William Pitcock
fe67665e19
rename CSPPlug to HTTPSecurityPlug.
2018-11-12 15:08:02 +00:00
KokaKiwi
1592fa2bea
Mastodon API: Fix list streaming
2018-11-11 14:18:15 +01:00
William Pitcock
df72978dce
csp plug: add support for certificate transparency
2018-11-11 06:55:44 +00:00
William Pitcock
331cf6ada1
csp plug: add sts support
2018-11-11 06:50:28 +00:00
William Pitcock
f516e317ea
plugs: add CSPPlug
2018-11-11 06:10:21 +00:00
William Pitcock
419ed3a0ca
oauth: fix token decode regression
2018-11-11 05:26:39 +00:00
William Pitcock
97e50f3191
activitypub: transmogrifier: sanitize internal representation details from outgoing objects
...
this causes JSON-LD parsers to get upset and has also lead to developer confusion from outside
projects which tried to parse our internal data. accordingly, it seems better to just remove
it.
2018-11-10 12:24:20 +00:00
William Pitcock
f8310114a6
activitypub: object view: sanitize both the activity and the object when an activity is given for rendering
2018-11-10 12:04:09 +00:00
kaniini
c9c1f9dee2
Merge branch 'bugfix/ostatus-as2-reflection' into 'develop'
...
ostatus: only federate activities concerning note objects
See merge request pleroma/pleroma!437
2018-11-10 11:50:02 +00:00
kaniini
7daa102fa4
Merge branch 'bugfix/local-jsonld-context' into 'develop'
...
Host LitePub JSON-LD context locally
See merge request pleroma/pleroma!435
2018-11-10 11:37:44 +00:00
William Pitcock
4f87b8362b
endpoint: move CORSPlug in front of Plug.Static
2018-11-10 11:23:50 +00:00
William Pitcock
03a9990baf
endpoint: fix formatting
2018-11-10 11:18:25 +00:00
William Pitcock
e6d246882d
federator: don't federate anything other than Note objects to OStatus
2018-11-10 10:06:10 +00:00
William Pitcock
e4971553c7
activitypub: utils: use same object type list for mention extraction as insertion
2018-11-09 13:40:39 +00:00
William Pitcock
b3c360ce2c
notification: add fallback get_notified_from_activity()
2018-11-09 09:07:40 +00:00
William Pitcock
b9871e7e5a
activitypub: utils: wrap Note objects in a Create when extracting mentions
2018-11-09 09:01:40 +00:00
William Pitcock
8c805ada32
user: remove obsolete User.get_notified_from_activity().
2018-11-09 09:01:40 +00:00
William Pitcock
6cadfcb21e
activitypub: utils: switch to using new Notification.get_notified_from_activity().
2018-11-09 09:01:40 +00:00
William Pitcock
cdfdd77e30
notification: implement new Notification.get_notified_from_activity()
2018-11-09 09:01:36 +00:00
William Pitcock
d26cd6c1bf
user: factor out user set fetching from User.get_notified_from_activity()
2018-11-09 08:23:45 +00:00
William Pitcock
81d6ca1783
user: implement AS2 mention extraction + unify Announce handling
2018-11-08 20:19:56 +00:00
William Pitcock
6b4064fa5d
activitypub: transmogrifier: unify mention extraction
2018-11-08 19:41:36 +00:00
William Pitcock
0a2c1a3419
user: add optional local_only param to get_notified_from_activity()
2018-11-08 19:30:55 +00:00
Haelwenn (lanodan) Monnier
2fab32ab61
Pleroma.Web.Endpoint: Whitelist schemas directory
2018-11-08 20:22:12 +01:00
Haelwenn (lanodan) Monnier
934125695d
Move /litepub-1.0.jsonld to /schemas/litepub-0.1.jsonld
2018-11-08 20:21:45 +01:00
William Pitcock
4e93d6ae14
common api: utils: flip to/cc for mentions
2018-11-08 19:17:01 +00:00
William Pitcock
3e33479c05
activitypub: transmogrifier: only consider to
users as mention targets
2018-11-08 18:58:27 +00:00
William Pitcock
144dc048b8
user: only consider to
recipients as mention targets
2018-11-08 18:58:24 +00:00
Haelwenn (lanodan) Monnier
abcacec97d
Pleroma.Web.ActivityPub.Utils: Use locally-served JSON-LD Litepub context instead of Github-hosted one
2018-11-08 19:38:38 +01:00
William Pitcock
da16ada424
utils: use litepub @context instead of that huge mess
2018-11-08 16:52:14 +00:00
William Pitcock
f733470037
user view: unify a @context entry that was missed
2018-11-08 16:51:48 +00:00
lambda
59cf7cf235
Merge branch 'small-jsonld-refactor' into 'develop'
...
Small jsonld refactor
See merge request pleroma/pleroma!433
2018-11-08 16:23:58 +00:00
lain
34bd411781
Unify json ld header handling.
2018-11-08 16:39:38 +01:00
lain
3b02fd9fb7
Small refactor.
2018-11-08 16:05:28 +01:00
kaniini
4d627a5117
Merge branch 'feature/qvitter-notifications-dismiss' into 'develop'
...
qvitter notifications: add new "read notifications" API
See merge request pleroma/pleroma!431
2018-11-07 22:33:06 +00:00
kaniini
b451a92d78
Merge branch 'runtime-config' into 'develop'
...
Runtime configuration
See merge request pleroma/pleroma!430
2018-11-07 22:32:34 +00:00
href
e42f2efae4
/api/v1/accounts/relationships Return an empty array if no id in params
...
This copies Mastodon API behaviour & fixes Mastalab app.
2018-11-07 16:32:57 +01:00
href
9070588493
Runtime config: MRF changes
2018-11-07 10:40:24 +01:00
William Pitcock
b2105a3131
twitterapi: add notification read endpoint
2018-11-06 23:25:07 +00:00
William Pitcock
f16c2e0b1b
notification: add Notification.set_read_up_to()
2018-11-06 22:50:43 +00:00
href
5bb88fd174
Runtime configuration
...
Related to #85
Everything should now be configured at runtime, with the exception of
the `Pleroma.HTML` scrubbers (the scrubbers used can be
changed at runtime, but their configuration is compile-time) because
it's building a module with a macro.
2018-11-06 19:41:15 +01:00
kaniini
a68c18f0ad
Merge branch 'unify-mastodon-oauth' into 'develop'
...
Unify Mastodon Login with OAuth login.
See merge request pleroma/pleroma!429
2018-11-06 16:18:12 +00:00
kaniini
0f3e78addb
Merge branch 'runtime-router' into 'develop'
...
Runtime configured router
See merge request pleroma/pleroma!426
2018-11-06 15:35:19 +00:00
lain
a8f1e30cb8
Formatting.
2018-11-06 16:05:58 +01:00
href
7d328c658d
Small wrapper module around Application.get_env/put_env
...
Same API as the old Pleroma.Config
2018-11-06 16:00:48 +01:00
lain
4f640c43ed
Unify Mastodon Login with OAuth login.
...
This removes duplication in the login code.
2018-11-06 15:19:11 +01:00
href
2bc924ba45
Get rid of Pleroma.Config in favor of Application
...
Discussed in https://git.pleroma.social/pleroma/pleroma/merge_requests/426#note_7232
2018-11-06 15:12:53 +01:00
href
013f7ba8c1
Add federating plug & public tests
2018-11-06 14:45:04 +01:00
href
83911b1443
Fix wrong return when finmoji is disabled
2018-11-05 21:17:47 +01:00
href
fd0e7d18d9
handle_continue is OTP21+
2018-11-05 18:04:43 +01:00
href
6fe23c5458
Runtime configured router
2018-11-05 15:19:03 +01:00
href
d096bc17bf
revert endpoint position in supervision tree
2018-11-05 14:05:04 +01:00
href
763fc7b44f
Runtime configured emojis
...
The changes are a bit heavy since the emojis were loaded into module
attributes from filesystem.
This introduces a GenServer using an ETS table to cache in memory the
emojis, and allows a runtime-reload with `Pleroma.Emoji.reload()`.
2018-11-05 13:24:00 +01:00
kaniini
007f1c73b1
Merge branch 'feature/cors-again' into 'develop'
...
Add CORSPlug to make web-based OAuth easier.
See merge request pleroma/pleroma!420
2018-11-03 15:36:23 +00:00
Haelwenn (lanodan) Monnier
3e50bb667f
Pleroma.Web.MastodonAPI.StatusView: Content isn’t nullable
2018-11-03 14:42:47 +01:00
lain
e954cfcc2c
Add CORSPlug to make web-based OAuth easier.
2018-11-03 13:38:01 +01:00
lambda
4bcdbb12a4
Merge branch 'fix_hashtag_search' into 'develop'
...
Fix hashtag search
See merge request pleroma/pleroma!418
2018-11-02 20:05:56 +00:00
Mark Felder
0cca7edbe0
Fix hashtag search
...
When we lowercase the search it will succesfully do a case insenstive
match. Now #Linux will match #linux and #LINUX whereas previously it
would only match the exact case.
2018-11-02 19:38:57 +00:00
lain
45ebc8dd9a
Check for empty string in_reply_to ids.
2018-11-02 17:33:51 +01:00
Haelwenn (lanodan) Monnier
3c7d4ff271
Pleroma.Web.TwitterAPI.ActivityView: Harden TwitterAPI against remnant of prismo
2018-11-01 15:07:27 +01:00
William Pitcock
24ba08de13
twitter api: add support for rendering Page objects
2018-11-01 10:01:35 +00:00
William Pitcock
4d8f076125
mastodon api: add support for rendering Page objects
2018-11-01 10:00:16 +00:00
William Pitcock
9f03b5c4f7
activitypub: transmogrifier: add support for Page objects
2018-11-01 09:59:43 +00:00
Lee Starnes
585b29337c
Ensure filters have a filter_id
2018-11-01 09:17:02 +00:00
kaniini
eba9a62024
Merge branch 'feature/relay-tests' into 'develop'
...
relay tests
See merge request pleroma/pleroma!411
2018-11-01 09:10:51 +00:00
Haelwenn
40676d7683
Merge branch 'bugfix/prismo.news_article_url' into 'develop'
...
Bugfix/prismo.news article url
Closes #352
See merge request pleroma/pleroma!410
2018-11-01 09:05:16 +00:00
lain
1e9ced5af4
Test Relay, switch to runtime configuration.
2018-11-01 09:01:43 +00:00
lain
e6ec01afb6
Start configuration manager.
2018-11-01 09:01:24 +00:00
lain
9b77030d3c
Add basic configuration management module.
2018-11-01 09:01:03 +00:00
Haelwenn (lanodan) Monnier
b2da5262ea
Pleroma.Web.ActivityPub.Transmogrifier: fix_url when not a string/empty
...
Thanks prismo.news, I hate it
2018-11-01 09:56:37 +01:00
Haelwenn (lanodan) Monnier
755f166406
Pleroma.Web.MastodonAPI.StatusView: Do not fail when URL isn’t a string
2018-11-01 09:55:38 +01:00
William Pitcock
2b3a40d038
object: split object_cache from user_cache
2018-11-01 08:41:46 +00:00
William Pitcock
f584a603f9
user: make User.delete() return data consistent with Object.delete()
2018-11-01 07:56:21 +00:00
William Pitcock
2c3bfd7f76
user: delete user_info data in User.invalidate_cache()
2018-11-01 07:52:58 +00:00
William Pitcock
10f3958468
object: return the deleted object as well
2018-11-01 07:47:50 +00:00
William Pitcock
2bf358d7b4
activitypub: use Object.delete() instead of mutating the database and cache directly
2018-11-01 07:29:12 +00:00
William Pitcock
c4e43da63e
object: add safe object deletion function
2018-11-01 07:28:48 +00:00
Haelwenn (lanodan) Monnier
558e6a84d6
[Pleroma.Web.CommonAPI]: Delete post cache entry when it’s deleted
...
Closes: https://git.pleroma.social/pleroma/pleroma/issues/346
2018-11-01 06:52:01 +01:00
William Pitcock
47f76bf4b1
common api: allow self-liking objects
...
mastodon allows this, for whatever reason.
closes #347 .
2018-10-31 22:29:49 +00:00
kaniini
5fea3d9eca
Merge branch 'allow-abbr' into 'develop'
...
Allow use of the `abbr` HTML tag.
See merge request pleroma/pleroma!405
2018-10-30 23:22:48 +00:00
scarlett
795634c90f
Allow use of the abbr
HTML tag.
2018-10-30 21:40:06 +00:00
scarlett
b92e38d2d4
Add user reactivation task.
2018-10-29 23:13:15 +00:00
kaniini
a880e0a527
Merge branch 'feature/upload-limits' into 'develop'
...
configurable media upload limits
Closes #118
See merge request pleroma/pleroma!401
2018-10-29 20:14:10 +00:00
William Pitcock
676c97b8c7
nodeinfo: expose configured upload limits
2018-10-29 20:07:52 +00:00
William Pitcock
36825932eb
s3 uploader: add new feature to force public attachment URIs to go through media proxy
2018-10-29 18:00:59 +00:00
William Pitcock
f407831120
common api: prefer formatting attachments using the attachment's name instead of URI
2018-10-29 17:59:24 +00:00
William Pitcock
784b3a615d
utils: fix another possible leak with private S3 backends using mediaproxy
...
same rationale as the other mediaproxy changes
2018-10-29 17:26:15 +00:00
William Pitcock
181f3bb56a
mastodon api: enforce upload limits for avatars and banners
2018-10-29 16:43:05 +00:00
William Pitcock
e12489e2fe
twitter api: enforce upload limits for avatars, banners and backgrounds
2018-10-29 16:43:05 +00:00
William Pitcock
167d3789a5
activitypub: upload: pass through an upload limit if one is provided
2018-10-29 16:43:05 +00:00
William Pitcock
fa483cd7c2
upload: add new optional argument designating an upload size limit
2018-10-29 16:43:00 +00:00
William Pitcock
5c6ec2d9fc
twitter/mastodon api: always use mediaproxy URLs in attachments
...
if using local media, the mediaproxy will not replace the URL anyway.
2018-10-29 15:19:32 +00:00
William Pitcock
72ea54de6e
activitypub: fix possible false positives with broken thread filtering
2018-10-28 05:45:33 +00:00
kaniini
44762daf51
Merge branch 'feature/broken-thread-filtering' into 'develop'
...
broken thread filtering, part 1
See merge request pleroma/pleroma!394
2018-10-26 06:45:38 +00:00
William Pitcock
c302c619b9
http: fix mediaproxy
2018-10-26 06:38:08 +00:00
William Pitcock
26eb11c172
activitypub: add support for filtering broken threads out of timelines
2018-10-26 06:16:51 +00:00
William Pitcock
7338368ad9
http: enable keepalive / connection pooling ( closes #336 )
2018-10-26 03:06:42 +00:00
William Pitcock
f6cb963df2
activitypub utils: fix recipient check when the message is unaddressed (mastodon)
2018-10-26 01:24:22 +00:00