Commit graph

2967 commits

Author SHA1 Message Date
eugenijm 7342b5a45f Preserve parameters in link headers (Mastodon API) 2019-03-07 09:12:16 +03:00
kaniini 0fe715f3ba Merge branch 'chore/merge-search-into-list-users' into 'develop'
Merge search endpoint into /users

See merge request pleroma/pleroma!898
2019-03-06 22:27:42 +00:00
kaniini 39b766cc43 Merge branch 'bugfix/connect-src-https' into 'develop'
Plugs.HTTPSecurityPlug: Add static_url to CSP's connect-src

See merge request pleroma/pleroma!900
2019-03-06 13:22:02 +00:00
kaniini 07f8c79a69 Merge branch 'bugfix/rel-me_list' into 'develop'
Web.RelMe: Fix having other values in rel attr

See merge request pleroma/pleroma!901
2019-03-06 13:20:51 +00:00
Maksim bc7570c282 [#647] tests for web push 2019-03-06 13:20:12 +00:00
Haelwenn 96901b6554 Merge branch 'fix/escape-reserved-chars-in-filenames' into 'develop'
Properly escape reserved URI charachters in upload urls

Closes #700

See merge request pleroma/pleroma!905
2019-03-06 01:45:17 +00:00
Karen Konou 28d5b40d0a Add handling of objects not in database 2019-03-05 23:15:22 +01:00
rinpatch 4263edc9c9 Properly escape reserved URI charachters in upload urls 2019-03-05 18:09:23 +03:00
rinpatch bcd8ef65e0 Merge branch 'add-admin-to-node-info' into 'develop'
Include admins in nodeinfo

Closes #689

See merge request pleroma/pleroma!899
2019-03-05 07:05:44 +00:00
Haelwenn (lanodan) Monnier 788a354ce0
Web.RelMe: Fix having other values in rel attr
One example of this is Github which puts a rel="nofollow me" on the
profile link.
2019-03-05 02:13:22 +01:00
Haelwenn (lanodan) Monnier fc37e5815f
Plugs.HTTPSecurityPlug: Add static_url to CSP's connect-src
Closes: https://git.pleroma.social/pleroma/pleroma/merge_requests/469
2019-03-05 01:44:24 +01:00
eugenijm d1de0a30cc Include admins in nodeinfo 2019-03-05 03:17:24 +03:00
Maxim Filippov 2d30fc279f Typo 2019-03-05 02:11:15 +03:00
William Pitcock b7aa1ea9e6 rich media: helpers: rework validate_page_url() 2019-03-04 18:39:13 +00:00
William Pitcock 9f3cb38012 helpers: use AutoLinker to validate URIs as well as the other tests 2019-03-04 18:31:49 +00:00
William Pitcock d38d537bee rich media: don't crawl bogus URIs 2019-03-04 18:31:49 +00:00
kaniini d45dbdce5a Merge branch 'feature/add-status-text-to-notifications' into 'develop'
Add status text to notifications (mentions and reposts)

Closes #696

See merge request pleroma/pleroma!897
2019-03-04 18:29:13 +00:00
Maxim Filippov f620199836 Merge search endpoint into /users 2019-03-04 21:26:32 +03:00
Maxim Filippov 0245ce842f Remove unused code 2019-03-04 20:49:20 +03:00
Maxim Filippov cc7b35e097 Add status text to notifications (mentions and reposts) 2019-03-04 20:47:34 +03:00
kaniini ca5d894e68 Merge branch 'fix/like-adressing' into 'develop'
Stop adresssing like activities to actor's follower collection on non-public posts

See merge request pleroma/pleroma!896
2019-03-04 15:59:57 +00:00
rinpatch 33c614bce0 Stop adresssing like activities to actor's follower collection on non-public posts 2019-03-04 18:09:58 +03:00
kaniini 10248d86a2 Merge branch 'unify-follow' into 'develop'
Unify follow code with CommonAPI

Closes #690

See merge request pleroma/pleroma!889
2019-03-04 13:25:32 +00:00
KokaKiwi bf43f055dd Set content types settings on mastofe endpoint. 2019-03-04 12:00:02 +01:00
KokaKiwi b57913b13a Fix supported TLS versions as TLS 1.3 support seems buggy. 2019-03-04 11:30:26 +01:00
Karen Konou 1445dc25d4 fix format 2019-03-04 11:18:45 +01:00
Karen Konou aab86698a5 Expand "to" of delete activities 2019-03-04 11:18:45 +01:00
eugenijm 86e4b48a5e Fix DM visibility for blocking users 2019-03-04 06:24:27 +03:00
eugenijm 594694607c Unify Mastodon and Twitter follow implementations using CommonAPI 2019-03-04 01:00:37 +03:00
kaniini dd5865535e Merge branch 'muting' into 'develop'
Don't stream muted accounts

See merge request pleroma/pleroma!888
2019-03-03 21:10:10 +00:00
William Pearson 818a7894da Don't stream muted accounts 2019-03-03 20:54:53 +00:00
link0ff 88a672fe88 Move LDAP code to LDAPAuthenticator. Use Authenticator for token_exchange with grant_type as well 2019-03-03 21:20:36 +02:00
link0ff 19e2b85247 Merge remote-tracking branch 'upstream/develop' into feature/openldap-support 2019-03-03 18:29:37 +02:00
kaniini ace4231628 Merge branch 'features/bio_rel_me' into 'develop'
Add rel=me to the User bio

Closes #423

See merge request pleroma/pleroma!813
2019-03-03 16:00:49 +00:00
kaniini 6c6a2dbfdd Merge branch 'feature/add-pagination-to-users-admin-api' into 'develop'
Add pagination and search to users

See merge request pleroma/pleroma!873
2019-03-03 15:59:15 +00:00
kaniini b531e366df Merge branch 'get-follow-requests-sql' into 'develop'
Use sql query in User.get_follow_requests/1 for filtering logic

See merge request pleroma/pleroma!883
2019-03-03 15:51:32 +00:00
kaniini 413cf00cc3 Merge branch 'atomic-note-count-updates' into 'develop'
Atomic update for note count and follower count

See merge request pleroma/pleroma!885
2019-03-03 15:50:41 +00:00
kaniini c93479c6f5 Merge branch 'count-only-public-statuses' into 'develop'
Increment user note count only on public activities #703

See merge request pleroma/pleroma!884
2019-03-03 15:49:19 +00:00
eugenijm d5418e9ff7 Remove follow_request_count as it's not needed for FE anymore.
MastoFE uses `GET /api/v1/follow_requests` and PleromaFE uses
`GET /api/pleroma/friend_requests` which they query on the initial page
load.
2019-03-03 18:42:27 +03:00
eugenijm af0039a3a0 Use atomic update for note count and follower count 2019-03-03 17:41:34 +03:00
lambda 9b63fda9c7 Merge branch 'fix/dont-show-dms-in-mentions-timeline' into 'develop'
[#675] Do not show DMs in mentions timeline

See merge request pleroma/pleroma!877
2019-03-03 11:13:59 +00:00
eugenijm c46950d3b1 Increment user note count only on public activities 2019-03-03 14:08:43 +03:00
eugenijm 1a1f4520cd Use sql query in User.get_follow_requests/1 for filtering logic 2019-03-02 22:18:56 +03:00
Maxim Filippov 2ec8cf5665 Add pagination to search 2019-03-02 17:21:30 +03:00
rinpatch f38c316e6e Merge branch 'bugfix/oauth-scopes-join' into 'develop'
Bugfix: OAuth scopes formatting

Closes #702

See merge request pleroma/pleroma!881
2019-03-02 06:39:07 +00:00
Haelwenn (lanodan) Monnier f2452d5700
Pleroma.User: mix format 2019-03-02 07:04:49 +01:00
Haelwenn (lanodan) Monnier 8e6f7fdb86
RelMe.maybe_put_rel_me/2: When true put "me" otherwise nil 2019-03-02 06:58:42 +01:00
Haelwenn (lanodan) Monnier 39a5bea9b7
Pleroma.User: Fix syntax and user.ap_id call 2019-03-02 06:57:28 +01:00
Haelwenn (lanodan) Monnier 3d22642352
Pleroma.User: Pass an array to profile_urls 2019-03-02 06:33:15 +01:00
Haelwenn (lanodan) Monnier 9b83236fb0
Pleroma.Web.RelMe: fixups 2019-03-02 06:32:03 +01:00
Haelwenn (lanodan) Monnier 56d4e39012
Pleroma.User: Add rel=me to URLs where it linkbacks to the profile 2019-03-02 05:36:48 +01:00
Haelwenn (lanodan) Monnier b6a001a34c
Web.OAuth.OAuthController: Fix scopes Enum.join for OAuth response 2019-03-02 04:04:16 +01:00
Maxim Filippov f635b675b2 Refactor a little bit 2019-03-01 21:17:23 +03:00
Maxim Filippov f1a4c3163b Show current user in users list as well 2019-03-01 20:23:03 +03:00
Maxim Filippov 5b08b470f6 Add "local" params to users search 2019-03-01 20:13:02 +03:00
William Pitcock 689b0730f8 activitypub: fix date header format
HTTP date header specification says that days must always be two-digit.
Accordingly, change the format string used to ensure days are always
represented as two-digit (e.g. 01).
2019-03-01 12:22:45 +00:00
lambda 2f00814475 Merge branch 'bugfix/236-ambiguous-route-for-numerical-handles' into 'develop'
Bugfix #236 Prefer user look-up by nickname

See merge request pleroma/pleroma!860
2019-03-01 09:48:24 +00:00
rinpatch 1341ee650e [#675] Do not show DMs in mentions timeline 2019-03-01 09:37:29 +03:00
William Pitcock 28b4093233 mastodon websocket: return errors using ok, not stop 2019-02-28 16:23:55 +00:00
William Pitcock 388a3f4ca2 mastodon websocket: bring back infinity timeout 2019-02-28 16:23:24 +00:00
Maxim Filippov 46f29b9da1 Add search users endpoint 2019-02-28 19:04:47 +03:00
William Pitcock f1d37a5e23 mastodon websocket: use pattern match to get query data, robustly handle errors 2019-02-28 16:02:48 +00:00
William Pitcock bc53dff5b6 mastodon api: websocket: update code for cowboy 2.x 2019-02-28 15:44:12 +00:00
Maxim Filippov 72b7a0797e Use Mastodon API views in Admin API 2019-02-28 17:43:09 +03:00
href a47cc5a2cf Merge branch 'customizable_auth' into 'develop'
Authenticator tweaks

See merge request pleroma/pleroma!875
2019-02-28 11:18:01 +00:00
Ivan Tashkinov 3281a3f074 Renamed *DatabaseAuthenticator to *Authenticator. 2019-02-28 14:12:41 +03:00
Ivan Tashkinov 4e77f68414 Added auth_template/0 to DatabaseAuthenticator. 2019-02-28 13:58:58 +03:00
kaniini cf426a719d Merge branch 'with-mutes' into 'develop'
Add `with_muted` param.

Closes #683

See merge request pleroma/pleroma!872
2019-02-28 10:22:19 +00:00
href 90a24fbf95 Merge branch 'customizable_auth' into 'develop'
Auth customization support

See merge request pleroma/pleroma!852
2019-02-28 10:12:26 +00:00
kaniini 089e2588a3 Merge branch 'speedup-follow-requests' into 'develop'
Speedup follow requests

Closes #677

See merge request pleroma/pleroma!871
2019-02-28 10:10:03 +00:00
kaniini 3c849d0438 Merge branch 'deactivated-in-user-view' into 'develop'
Add activation status to the regular user view

See merge request pleroma/pleroma!874
2019-02-28 10:08:31 +00:00
Ivan Tashkinov b6f915313f Made auth customization be runtime-configurable. 2019-02-28 13:00:54 +03:00
eugenijm 6b11011039 Added deactivated to the user view 2019-02-28 09:08:34 +03:00
Maxim Filippov 2883f75a3a Add pagination to users admin API 2019-02-28 01:11:56 +03:00
lain bbbdbec4fd Remove parts of the old activity view.
Not used anymore.
2019-02-27 17:24:51 +01:00
lain 9ade1242c2 Add user muted status info to twitterapi. 2019-02-27 16:52:03 +01:00
lain c1ae495878 Add user muted status info to MastodonAPI. 2019-02-27 16:46:47 +01:00
lain c4235f96bd Add with_muted param. 2019-02-27 16:37:42 +01:00
lain b24cc44e8d Follower requests: Utilize object index.
Closes #677
2019-02-27 15:01:54 +01:00
William Pitcock 1536640962 mastodon api: embed relationship card under account card for Pleroma FE convenience 2019-02-27 13:01:10 +00:00
Egor Kislitsyn 5d961d536c fix formatter 2019-02-27 15:40:30 +07:00
Egor c3ac9424d2 AutoLinker 2019-02-26 23:32:26 +00:00
Maxim Filippov 90d0d055fc Add more admin actions 2019-02-27 00:13:38 +03:00
Ivan Tashkinov e98d34e5fb Added missing copyright headers. 2019-02-26 16:26:54 +03:00
Ivan Tashkinov fd46edb473 Merge remote-tracking branch 'remotes/origin/develop' into customizable_auth 2019-02-26 15:29:43 +03:00
Ivan Tashkinov e82b70eb53 Database authenticator behaviour / Pleroma implementation refactoring. 2019-02-26 15:27:01 +03:00
William Pitcock fc9d895ebc twitter card: remove IO.inspect() spam 2019-02-24 18:56:44 +00:00
11backslashes efa506b874 delegate user retrieval to the User module 2019-02-24 13:23:47 -05:00
link0ff e278d47023 OpenLDAP support 2019-02-22 15:03:43 +02:00
lain 9e0686efa6 Move visibility into own module. 2019-02-22 13:29:52 +01:00
lain 62296f5a25 Fix private post card handling. 2019-02-22 12:02:51 +01:00
Ivan Tashkinov afddce45b3 Minor setting name adjustment (:app_template -> :app_layout). 2019-02-22 11:10:17 +03:00
kaniini 5a4e2905fe Merge branch 'fix/twittercards' into 'develop'
Fix Twitter Cards

See merge request pleroma/pleroma!815
2019-02-22 04:38:14 +00:00
KZ 7c722c08f5 Fix: Fixing an outbox related bug when local user activity is empty 2019-02-22 04:37:48 +00:00
Ivan Tashkinov 1097ce6d9f Auth customization support.
OAuthController#create_authorization user retrieval / creation, errors handling, template & layout selection.
2019-02-21 18:55:19 +03:00
lambda 2813f28b6f Merge branch 'bugfix/httpsig-sign-date' into 'develop'
activitypub: sign date header

Closes #649 and #364

See merge request pleroma/pleroma!847
2019-02-21 08:20:06 +00:00
William Pitcock f8a72f2997 activitypub: sign http date header 2019-02-21 00:23:17 +00:00
William Pitcock 1803d9a022 fix fetching AP objects with application/json 2019-02-20 20:45:40 +00:00
William Pitcock 22e2ed235d logging: only return ISE reasons in API responses when in dev or test mode 2019-02-20 17:36:47 +00:00
William Pitcock 8b08096436 logging: improve visibility into ISE errors 2019-02-20 17:14:18 +00:00
Egor bff9eb5ef7 Reports 2019-02-20 16:51:25 +00:00
lain 59c27f29c8 Add some nicer urls in status view. 2019-02-20 17:36:16 +01:00
Ivan Tashkinov b574d97c2e [#468] Added support for push OAuth scope (Mastodon 2.4+). 2019-02-20 17:27:41 +03:00
Ivan Tashkinov 6fe7acd58e [#468] Merged upstream/develop. 2019-02-20 16:48:59 +03:00
lambda 11b3c10c54 Merge branch 'muting' into 'develop'
Implement muting, add it to the whole mastodon API

See merge request pleroma/pleroma!319
2019-02-20 13:19:37 +00:00
Ivan Tashkinov 3ad91ec3c1 [#468] Adjusted scope restriction for MastodonAPIController#index. 2019-02-20 14:05:02 +03:00
Ekaterina Vaartis 5a46d37af9 Update the mute implementation to the current codebase
Make it part of the info thing (and do a migration to ensure it's there)
2019-02-19 23:09:16 +03:00
Ekaterina Vaartis 465b547c90 Remove unused "muted" parameter, use piping for mute/block fns 2019-02-19 21:49:55 +03:00
Ekaterina Vaartis 092b1b1453 Do not unfollow muted users 2019-02-19 21:49:55 +03:00
Ekaterina Vaartis da64ea4a55 Implement mastodon mutes endpoint
Aparently i forgot to add it, it gets a list of muted users
2019-02-19 21:49:55 +03:00
Ekaterina Vaartis f41f017bbc Implement muting, add it to the mastodon API 2019-02-19 21:49:55 +03:00
href f4bfc628ca
Player: allow styles on CSP, loop videos 2019-02-19 18:56:57 +01:00
href aa9af1d639
CSP: Allow iframes on embed player 2019-02-19 18:19:13 +01:00
Mark Felder 2d21ea1a0e Merge branch 'develop' into fix/twittercards 2019-02-19 16:58:28 +00:00
href 10a11f083c
Embed player suitable for Twitter Cards 2019-02-19 17:47:48 +01:00
eugenijm 25b9e7a8c3 Added admin API for changing user activation status 2019-02-19 19:37:02 +03:00
Ivan Tashkinov c0ecbf6669 [#468] Merged upstream/develop. 2019-02-19 19:10:55 +03:00
lambda 1dd718e83c Merge branch 'set-cache-on-user-tag-update' into 'develop'
Update user cache when user tags are updated

See merge request pleroma/pleroma!840
2019-02-19 14:20:58 +00:00
lambda f25a3f4f78 Merge branch 'fix/check-follower-collection-in-is_private' into 'develop'
properly check for follower address in is_private?

See merge request pleroma/pleroma!841
2019-02-19 14:08:19 +00:00
lambda f53dc5ee08 Merge branch 'fix/ap_id-unique_constraint' into 'develop'
mark ap_id unique_constraint

See merge request pleroma/pleroma!842
2019-02-19 14:07:16 +00:00
rinpatch 109b01a631 mark ap_id unique_constraint 2019-02-19 13:52:15 +03:00
rinpatch 96dcacade1 properly check for follower address in is_private? 2019-02-19 13:23:13 +03:00
eugenijm fc35481445 Update user cache when user tags are updated 2019-02-19 10:43:38 +03:00
kaniini 833161b5d2 Merge branch 'feature/jobs' into 'develop'
Job Queue

See merge request pleroma/pleroma!732
2019-02-18 19:43:06 +00:00
kaniini a39a094cda Merge branch 'patch-image-description' into 'develop'
Patch to support image descriptions for pleroma-fe

See merge request pleroma/pleroma!626
2019-02-18 04:11:46 +00:00
kaniini 7456338ed3 Merge branch 'feature/add-oauth-tokens-endpoint' into 'develop'
Add OAuth tokens endpoint

See merge request pleroma/pleroma!805
2019-02-18 04:02:41 +00:00
kaniini c23bd05737 Merge branch 'features/flavour-switching' into 'develop'
[MastoAPI] Add switching of frontend flavours

See merge request pleroma/pleroma!807
2019-02-18 04:01:51 +00:00
kaniini cd019a5927 Merge branch 'follow-request-count' into 'develop'
Follow request count

See merge request pleroma/pleroma!817
2019-02-18 04:01:26 +00:00
kaniini 3f38a05571 Merge branch 'csv-export' into 'develop'
Add option to return all friends in twitter api.

Closes #602

See merge request pleroma/pleroma!833
2019-02-18 03:59:46 +00:00
Maxim Filippov 94708d6370 Render only "id", "valid_until" and "app_name" in TokenView 2019-02-17 23:57:35 +03:00
lambda f26582aae9 Merge branch 'mastoapi-stop-capping-attachments' into 'develop'
Remove a limit on attachments in Mastodon API and document the changes in responses from vanilla Mastodon

See merge request pleroma/pleroma!834
2019-02-17 17:37:48 +00:00
lambda ae84af4ad0 Merge branch 'fix/hellthread-policy-recipient-check' into 'develop'
Fix recipient count in hellthread policy

See merge request pleroma/pleroma!836
2019-02-17 16:57:57 +00:00
Ivan Tashkinov d3fe2c8ec6 [#468] Formatting fix. 2019-02-17 14:07:35 +03:00
Ivan Tashkinov bc4f77b10b [#468] Merged upstream/develop, resolved conflicts. 2019-02-17 14:07:04 +03:00
Ivan Tashkinov dcf24a3233 [#468] Refactored OAuth scopes' defaults & missing selection handling. 2019-02-17 13:49:14 +03:00
rinpatch 8f98d970c1 Fix recipient count in hellthread policy 2019-02-17 13:46:40 +03:00
Haelwenn (lanodan) Monnier 4df455f69b
[MastoAPI] Add switching of frontend flavours 2019-02-16 19:50:13 +01:00
rinpatch 96c725328b Remove a limit on attachments in Mastodon API and document the changes in responses from vanilla mastodon 2019-02-16 20:38:25 +03:00
lain 269d3e1ca6 WelcomeMessage: Get rid of Ecto reference. 2019-02-16 17:24:48 +01:00
lain 38e15930cb Add option to return all friends in twitter api.
Mainly useful for user export.
2019-02-16 17:01:15 +01:00
lain d812a347ca Add optional welcome message. 2019-02-16 16:42:34 +01:00
Ivan Tashkinov 2a4a4f3342 [#468] Defined OAuth restrictions for all applicable routes.
Improved missing "scopes" param handling.
Allowed "any of" / "all of" mode specification in OAuthScopesPlug.
Fixed auth UI / behavior when user selects no permissions at /oauth/authorize.
2019-02-15 19:54:37 +03:00
lambda 1ce1b7b58d Merge branch 'bugfix/oauth-token-padding' into 'develop'
oauth: never use base64 padding when returning tokens to applications

See merge request pleroma/pleroma!825
2019-02-15 14:58:13 +00:00
rinpatch 921571c19b Merge branch 'hellthread-filter-fix' into 'develop'
Hellthread filter fix

Closes #634

See merge request pleroma/pleroma!831
2019-02-15 13:18:35 +00:00
Karen Konou c2e0a0c8d4 Readd threshold is not 0 check, optmization? 2019-02-15 14:05:20 +01:00
Karen Konou dca6bee2f7 Rename test, add check for follower collection when delisting 2019-02-15 13:43:14 +01:00
rinpatch b63a5e309d Merge branch 'bugfix/actor-containment' into 'develop'
activitypub: correctly handle bare URIs in user lookup

Closes #645

See merge request pleroma/pleroma!829
2019-02-15 12:27:03 +00:00
Karen Konou d943c90249 Add tests, change default config values, fix a bug 2019-02-15 12:47:50 +01:00
eugenijm ecdf0657ba Add logic for keeping follow_request_count up-to-date on the follow,
`approve_friend_request`, and `deny_friend_request` actions.
Add follow_request_count to the user view.
2019-02-15 12:20:20 +03:00
William Pitcock da44cdd381 user: search: use get_or_fetch() instead of get_or_fetch_by_nickname()
get_or_fetch() handles the nickname verses URI differences transparently.
2019-02-14 20:00:04 +00:00
lambda ea2698beb7 Merge branch 'bugfix/activitypub-reserialization' into 'develop'
activitypub transmogrifier: fix reserialization edge cases

See merge request pleroma/pleroma!826
2019-02-14 19:54:16 +00:00
William Pitcock 56862f4ce1 activitypub: clean up logging statements a little 2019-02-14 19:42:33 +00:00
Wim Vanderbauwhede 04b1c13554 Merge remote-tracking branch 'upstream/develop' into patch-image-description 2019-02-14 16:41:40 +00:00
Ivan Tashkinov 027adbc9e5 [#468] Refactored OAuth scopes parsing / defaults handling. 2019-02-14 17:03:19 +03:00
Egor Kislitsyn 3f32d7b937 Fix queue name 2019-02-14 17:02:47 +07:00
Egor Kislitsyn 907306174b fix S3 links encoding in Mediaproxy 2019-02-14 15:55:21 +07:00
William Pitcock 72ba5b4ab7 activitypub: user view: formatting 2019-02-14 03:13:07 +00:00
William Pitcock 5307c211b8 activitypub: user view: report totalItems=0 for follows/followers when hidden 2019-02-14 03:10:00 +00:00
William Pitcock 6542b86292 activitypub: user view: remove totalItems from user outbox
(this is based on a counter in User.Info, but the counter is not reliable.)
2019-02-14 03:02:45 +00:00
William Pitcock ee2fa1a314 activitypub: user view: remove totalInbox from user inbox view
It is not really feasible to quickly calculate the totalItems value and
it shouldn't be trusted anyway.
2019-02-14 03:01:39 +00:00
kaniini bc9e5e6b65 Merge branch 'feature/activitypub-oauth-endpoints' into 'develop'
ActivityPub C2S oauth endpoints

See merge request pleroma/pleroma!821
2019-02-14 02:50:06 +00:00
William Pitcock 64620d8980 activitypub: user view: do not expose oAuth endpoints for instance users 2019-02-14 02:41:21 +00:00
William Pitcock e9ef4b8da6 oauth: never use base64 padding when returning tokens to applications
The normal Base64 alphabet uses the equals sign (=) as a padding character.  Since
Base64 strings are self-synchronizing, padding characters are unnecessary, so don't
generate them in the first place.
2019-02-14 01:10:04 +00:00
William Pitcock e05bf2940f activitypub: transmogrifier: correctly handle nil inReplyTo value 2019-02-14 00:35:54 +00:00
William Pitcock 94cbbb0e3a activitypub: transmogrifier: do not attempt to expand pre-existing AS2 tag objects 2019-02-14 00:35:53 +00:00
Mark Felder f62c1d6266 Improve login error for OAuth flow 2019-02-13 22:33:22 +00:00
Ivan Tashkinov 063baca5e4 [#468] User UI for OAuth permissions restriction. Standardized storage format for scopes fields, updated usages. 2019-02-14 00:29:29 +03:00
William Pitcock 9bd6ed975e activitypub: user view: use route helpers instead of hardcoded URIs 2019-02-13 19:34:43 +00:00
William Pitcock 29e946ace4 activitypub: user view: add oauthRegistrationEndpoint to user profiles 2019-02-13 19:34:43 +00:00
William Pitcock db8abd958d activitypub: user view: fix up endpoints rendering 2019-02-13 19:34:43 +00:00
William Pitcock 90facd3598 user view: add AP C2S oauth endpoints to local user profiles 2019-02-13 19:34:43 +00:00
Karen Konou bef9b9cb66 refactored code 2019-02-13 16:23:09 +01:00
Karen Konou adcdd21f16 Merge branch 'develop' into hellthread-filter-fix 2019-02-13 16:22:14 +01:00
lain 88a4de24f9 User.follow_all: Respect blocks in both directions. 2019-02-13 13:52:27 +01:00
Maxim Filippov 760fec4cb8 Update token.ex 2019-02-13 12:59:56 +03:00
Maxim Filippov 62a45bdc11 Add revoke token 2019-02-13 12:59:56 +03:00
Maxim Filippov 61a4bc5095 Add OAuth tokens endpoint 2019-02-13 12:59:56 +03:00
hakabahitoyo b7bc666200 bugfix mdii uploader 2019-02-13 15:46:42 +09:00
Karen Konou 1d727cd069 added checks for public url and follower collections 2019-02-13 00:01:34 +01:00
Haelwenn (lanodan) Monnier da4c662af3
Plugs.HTTPSecurityPlug: Add webpacker to connect-src 2019-02-12 22:12:12 +01:00
Haelwenn (lanodan) Monnier 00e8f0b07d
Plugs.HTTPSecurityPlug: Add unsafe-eval to script-src when in dev mode
This is needed to run dev mode mastofe at the same time
2019-02-12 22:12:11 +01:00
Mark Felder c984e8272a Formatting 2019-02-12 00:37:22 +00:00
Mark Felder 4956ab5ea3 Fix compile 2019-02-12 00:25:12 +00:00
Mark Felder ac7ef0999d WIP: Fix Twitter Cards
Twitter cards were not passing any useful metadata. A few things were
being handled on Twitter's end by trying to match OpenGraph tags with
their own, but it wasn't working at all for media. This is an attempt to
fix that.

Common functions have been pulled out of opengraph and put into
utils. Twitter's functionality was entirely replaced with a direct copy
of Opengraph's and then modified as needed.

Profiles are now represented as Summary Cards

Posts with images are now represented as Summart with Large Image Cards

Posts with video and audio attachments are represented as Player Cards.

This now passes the Twitter Card Validator.

Validator and Docs are below

https://cards-dev.twitter.com/validator
https://developer.twitter.com/en/docs/tweets/optimize-with-cards/overview/abouts-cards
2019-02-11 23:59:04 +00:00
shibayashi ea1058929c
Use url[:scheme] instead of protocol to determine if https is enabled 2019-02-12 00:08:52 +01:00
rinpatch 379d04692c Filter summary in keywordpolicy 2019-02-11 21:35:40 +03:00
rinpatch 39383a6b79 Merge branch 'feature/thread-muting' into 'develop'
Feature/thread muting

See merge request pleroma/pleroma!796
2019-02-11 15:02:14 +00:00
lambda 044616292b Merge branch 'feature/rich-media-limits' into 'develop'
rich media: tighten fetching timeouts and size limits

See merge request pleroma/pleroma!809
2019-02-11 12:33:58 +00:00
Karen Konou ac72b578da Merge branch 'develop' into feature/thread-muting 2019-02-11 12:10:49 +01:00
Karen Konou c01ef574c1 Refactor as per Rin's suggestions, add endpoint tests 2019-02-11 12:04:02 +01:00
lambda d53e36bf1e Revert "Merge branch 'object-creation' into 'develop'"
This reverts merge request !802
2019-02-11 08:07:39 +00:00
Egor Kislitsyn 305d219413 Merge branch 'develop' of git.pleroma.social:pleroma/pleroma into feature/jobs
# Conflicts:
#	lib/pleroma/web/federator/federator.ex
#	lib/pleroma/web/websub/websub.ex
2019-02-11 13:54:21 +07:00
William Pitcock 45e57dd187 rich media: tighten fetching timeouts and size limits 2019-02-10 21:54:08 +00:00
kaniini 6c8d15da11 Merge branch 'fix/credo-issues' into 'develop'
Fix credo issues

See merge request pleroma/pleroma!786
2019-02-10 20:54:21 +00:00
Karen Konou cc21fc5f53 refactor, status view updating, error handling 2019-02-10 10:42:30 +01:00
rinpatch e0de0fcf22 Merge branch 'object-creation' into 'develop'
Do object insertion through Cachex

See merge request pleroma/pleroma!802
2019-02-10 07:39:27 +00:00
kaniini d5fe05c37e Merge branch 'follow-enhancements' into 'develop'
Respect blocks in mass follow.

See merge request pleroma/pleroma!797
2019-02-09 21:03:42 +00:00
lain f8388be9c6 Do object insertion through Cachex
So we don't flood our postgres logs with errors. Should also make things
slightly faster.
2019-02-09 22:01:08 +01:00
Karen Konou 6a150de3bd Add unique index and unique constraint check, uniqueness test fails 2019-02-09 20:52:11 +01:00
Karen Konou 638456ce8f elixir too new for CI's mix format lol 2019-02-09 18:08:46 +01:00
Karen Konou a0d732ec55 it works!! 2019-02-09 17:47:57 +01:00
Haelwenn (lanodan) Monnier d924dc73ba
de-group import/s 2019-02-09 16:31:17 +01:00
Haelwenn (lanodan) Monnier 6a6a5b3251
de-group alias/es 2019-02-09 16:31:17 +01:00
Ivan Tashkinov a337bd114c [#468] MastodonAPI scope restrictions. Removed obsolete "POST /web/login" route. 2019-02-09 17:32:33 +03:00
Ivan Tashkinov 4ad843fb9d [#468] Prototype of OAuth2 scopes support. TwitterAPI scope restrictions. 2019-02-09 17:09:08 +03:00
Haelwenn (lanodan) Monnier 381fe44172
HTML.Scrubber.Default: Consistency 2019-02-09 14:59:21 +01:00
Haelwenn (lanodan) Monnier 2272934a5e
Stash 2019-02-09 14:59:21 +01:00
Haelwenn (lanodan) Monnier d2e4eb7c74
Web.ActivityPub.ActivityPub: assign the Enum.filter to recipients & simplify it 2019-02-09 14:59:21 +01:00
Haelwenn (lanodan) Monnier 473095faf2
Web.Federator: Fix unused variable 2019-02-09 14:59:20 +01:00
Haelwenn (lanodan) Monnier 60ea29dfe6
Credo fixes: alias grouping/ordering 2019-02-09 14:59:20 +01:00
Haelwenn (lanodan) Monnier 106f4e7a0f
Credo fixes: parameter consistency 2019-02-09 14:59:20 +01:00
Haelwenn (lanodan) Monnier 8bcfac93a8
Make credo happy 2019-02-09 14:59:20 +01:00
lain 563f04e81b Do autofollow first. 2019-02-09 13:39:57 +01:00
lain bbd0049fae Respect blocks in mass follow. 2019-02-09 13:24:23 +01:00
lambda 1eecbc1cd1 Merge branch 'feature/keyword-policy' into 'develop'
Add keyword policy

See merge request pleroma/pleroma!794
2019-02-09 11:38:37 +00:00
Karen Konou 7e47a810a2 help i am not good with git 2019-02-08 13:22:29 +01:00
Karen Konou 5c5b228f21 Added thread unmuting (still a bit buggy maybe) 2019-02-08 13:20:40 +01:00
Karen Konou a44e532fb1 Added thread unmuting (still a bit buggy maybe) 2019-02-08 13:17:11 +01:00
rinpatch 7356659273 wow 2019-02-08 15:12:13 +03:00
Karen Konou 98ec578f4d Merge branch 'develop' into feature/thread-muting 2019-02-08 12:44:02 +01:00
rinpatch f88dec8b33 What idiot did that? (me) 2019-02-08 13:16:50 +03:00
rinpatch 6c21f5aa16 Merge branch 'develop' into feature/keyword-policy 2019-02-08 13:12:33 +03:00
rinpatch 8a0b755c19 rename ftl_removal to federated_timeline_removal to keep consistent naming with SimplePolicy 2019-02-08 13:12:09 +03:00
rinpatch 2174f6eb4f Add default config for keyword policy 2019-02-08 12:48:39 +03:00
rinpatch 46aa8c18a2 Add keyword policy 2019-02-08 12:38:24 +03:00
Karen Konou c43f414a79 Somehow fixed the repo insert [skip-ci] 2019-02-07 23:44:49 +01:00
Karen Konou 7e3ec93ed0 made a silly oopsie 2019-02-07 22:59:53 +01:00
Karen Konou 77448de492 ugghhhh 2019-02-07 22:25:07 +01:00
Ivan Tashkinov 2c68cf7e9e OAuth2 security fixes: redirect URI validation, "Mastodon-Local" security breach fix.
(`POST /api/v1/apps` could create "Mastodon-Local" app wth any redirect_uris,
and if that happened before /web/login is accessed for the first time
then Pleroma used this externally created record with arbitrary
redirect_uris and client_secret known by creator).
2019-02-07 22:14:06 +03:00
Karen Konou f4ff4ffba2 Migration and some boilerplate stuff 2019-02-07 17:36:14 +01:00
Mark Felder 74518d0b60 hide_followings was renamed to hide_followers in the FE, but never synced up in the BE
This was a dirty regex replace which worked on my server
2019-02-06 22:34:44 +00:00
Haelwenn 1220a17146 Merge branch 'bugfix/rich-media-card' into 'develop'
rich media cards: bugfixes and regression tests

See merge request pleroma/pleroma!785
2019-02-06 18:39:13 +00:00
kaniini 18e783bcb2 Merge branch 'add-admin-and-moderator-fields' into 'develop'
Add admin and moderator badges to user view and make their visibility configurable

See merge request pleroma/pleroma!767
2019-02-06 18:19:47 +00:00
William Pitcock 65a4b9fbea mastodon api: rich media: don't clobber %URI struct with a string 2019-02-06 18:02:15 +00:00
rinpatch f7aedbcc55 Merge branch 'fix/activitypub-user-view-badmap' into 'develop'
Fix if clause in activity_pub user_view

See merge request pleroma/pleroma!783
2019-02-06 17:47:58 +00:00
href f753043ce0
Fix if clause in activity_pub user_view 2019-02-06 18:42:19 +01:00
Egor Kislitsyn 6f05f448f8 Merge branch 'develop' of git.pleroma.social:pleroma/pleroma into feature/jobs 2019-02-06 11:33:00 +07:00
eugenijm 035eaeb9b8 Allow to configure visibility for admin and moderator badges 2019-02-06 06:18:05 +03:00
eugenijm 398c81f9c8 Add is_admin and is_moderator boolean fields to the user view 2019-02-06 02:10:06 +03:00
William Pitcock d83dbd9070 rich media: parser: reject any data which cannot be explicitly encoded into JSON 2019-02-05 20:50:57 +00:00
kaniini d120aa63f0 Merge branch 'fix-dm-index' into 'develop'
Massage index until it actually does the stuff we want.

See merge request pleroma/pleroma!772
2019-02-05 20:27:31 +00:00
kaniini 681ba1e52f Merge branch 'feature/ap-c2s-whoami' into 'develop'
activitypub: c2s: add /api/ap/whoami endpoint for andstatus

See merge request pleroma/pleroma!773
2019-02-05 20:26:31 +00:00
kaniini eb2b1960e0 Merge branch 'feature/split-hide-network-v2' into 'develop'
Split hide_network into hide_followers & hide_followings (fixed)

See merge request pleroma/pleroma!765
2019-02-05 18:56:59 +00:00
kaniini ecdb0b7f57 Merge branch 'bugfix/rich-media-image-nil' into 'develop'
mastodon api: fix rendering of cards without image URLs (closes #597)

Closes #597

See merge request pleroma/pleroma!777
2019-02-05 18:53:43 +00:00
William Pitcock 1d94b67e40 mastodon api: fix rendering of cards without image URLs (closes #597) 2019-02-05 18:30:27 +00:00
lambda f8b831ecfd Merge branch 'bugfix/transmogrifier-bare-tags' into 'develop'
activitypub: transmogrifier: fix bare tags

See merge request pleroma/pleroma!774
2019-02-05 11:30:18 +00:00
William Pitcock a2bb5d890d html: don't attempt to parse nil content 2019-02-05 05:06:17 +00:00
William Pitcock e71ab5a10f activitypub: transmogrifier: fix bare tags 2019-02-05 00:43:28 +00:00
William Pitcock db1165f70f activitypub: c2s: add /api/ap/whoami endpoint for andstatus 2019-02-04 22:58:29 +00:00
lain f3c8b02d65 Massage index until it actually does the stuff we want.
Also makes the index a lot smoler.
2019-02-04 23:47:29 +01:00