* Merge /site_inbox into /inbox (fixes#4137)
Get rid of different inboxes, only use /inbox
Remove shared_inbox_url db columns
add code migration
move to db migration, fixes
machete
fix sql
drop inbox url unique constraints
Dont create auth cookie in backend (#4136)
dont change individual inboxes to shared inbox
Dont send comment reply to user who has community blocked. Fixes#3684 (#4096)
* Dont send comment reply to user who has community blocked. Fixes#3684
* Adding source instance block check.
* Adding api test.
* Addressing PR comments.
* move site inbox rewrite to db
* fix test
* clippy
* clippy 2
* fix test
* Dont send comment reply to user who has community blocked. Fixes#3684
* Adding source instance block check.
* Adding api test.
* Addressing PR comments.
* Adding cors_origin to settings. Fixes#3665
* Fix result to option.
* Forgot to update config defaults.
* Setting a cors origin doku default.
* Adding comments for CORS.
* Use starts_with for forbidden unicode (Fix#3888)
* Require 3 visible chars in display name
* Run cargo fmt and scripts/lint
* Undo invisibly_starts_with_at
* Remove 3 min chars.count() check for display name
* Fixing problem with SaveUserSettings, when either the Person or LocalUser update is null.
- Fixes#4076
- Also upgrading api_test deps
* Move function into test.
* Adding /version route. Fixes#2914
* Using a simple version string.
* Use nginx rewriting to solve version.
* Forgot to remove version.
* Using an actix redirect.
* Revert "Convert more responses to SuccessResponse. Fixes#2860 (#4058)"
This reverts commit 8deb4e5752.
* Removing purgeitem and deletecustomemoji response.
* Adding back in utils building.
* Handle invalid ban expires values (fixes#4045)
* Adding a few missing expire time checks. Fixing up time conversions. (#4051)
* Adding a few missing expire time checks. Fixing up time conversions.
* Increase settings export wait time.
* get rid of RemoveCommunity.expires
* fmt
* tests
---------
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
* List distinguished comments first (fixes#3843)
* then_order_by
* Fixing assert.
* move line
* then
---------
Co-authored-by: Dessalines <tyhou13@gmx.com>
* feat: Add user setting for toggling avatar gif animations
* Add forgotten post listing mode option to settings form
* Fix compilation error
* Fix formatting
* Change name of column to be more general purpose
* Fix sql format.
* Fix comments
* Running format.
---------
Co-authored-by: Dessalines <tyhou13@gmx.com>
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
* Ignore activities in remote communities without local followers (fixes#3568)
* x
* comments
* prettier
* fix api test
* fix test
* cleanup
* fix remaining test
* clippy
* decrease delay
This is the fix suggested in #4019
I've manually tested both legacy pagination (`page=2&limit=20`) as well as the new pagination (`cursor_next=XXXXXXX&limit=20`) using the same endpoint as #4019, and both methods appear to work as expected.
* wip
* stuff
* fmt
* fmt 2
* fmt 3
* fix default feature
* use Authorization header
* store ip and user agent for each login
* add list_logins endpoint
* serde(skip) for token
* fix api tests
* A few suggestions for login_token (#3991)
* A few suggestions.
* Fixing SQL format.
* review
* review
* rename cookie
---------
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
* Make input length checks consistent with HTML maxlength attr (fixes#3688)
* ci
* Extricating min and max length checks (#4018)
* revert string change
---------
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
* Remove explicit auth params (ref #3725)
Only take auth via header or cookie. This requires a new version
of lemmy-js-client for api tests to pass.
* rework api_crud
* remove remaining auth params, move logic to session middleware
* fmt, fix test
* update js client
* remove auth param from api tests
* Pass auth as header
* add !
* url vars, setHeader
* cleanup
* fmt
* update
* Updating for new lemmy-js-client.
---------
Co-authored-by: Dessalines <tyhou13@gmx.com>
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
* Rework the way 2FA is enabled/disabled (fixes#3309)
* postgres format
* change algo to sha1 for better compat
* review comments
* review
* clippy
---------
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
* User can block instances (fixes#2397)
* update comments
* review comments
* use route
* update
* add api test
* update tests
* fix
* fix test
* ci
---------
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
This removes the possibility of using a mix of sanitized and
non-sanitized values for `username` in code.
Signed-off-by: Apple Sheeple <AppleSheeple@github>
* persistent activity queue
* fixes
* fixes
* make federation workers function callable from outside
* log federation instances
* dead instance detection not needed here
* taplo fmt
* split federate bin/lib
* minor fix
* better logging
* log
* create struct to hold cancellable task for readability
* use boxfuture for readability
* reset submodule
* fix
* fix lint
* swap
* remove json column, use separate array columns instead
* some review comments
* make worker a struct for readability
* minor readability
* add local filter to community follower view
* remove separate lemmy_federate entry point
* fix remaining duration
* address review comments mostly
* fix lint
* upgrade actitypub-fed to simpler interface
* fix sql format
* increase delays a bit
* fixes after merge
* remove selectable
* fix instance selectable
* add comment
* start federation based on latest id at the time
* rename federate process args
* dead instances in one query
* filter follow+report activities by local
* remove synchronous federation
remove activity sender queue
* lint
* fix federation tests by waiting for results to change
* fix fed test
* fix comment report
* wait some more
* Apply suggestions from code review
Co-authored-by: SorteKanin <sortekanin@gmail.com>
* fix most remaining tests
* wait until private messages
* fix community tests
* fix community tests
* move arg parse
* use instance_id instead of domain in federation_queue_state table
---------
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
Co-authored-by: SorteKanin <sortekanin@gmail.com>
* Adding a scaled sort, to boost smaller communities.
- Previously referred to as *best* .
- Fixes#3622
* Fixing scheduled task update.
* Converting hot_rank integers to floats.
* Altering hot_rank psql function to default to zero after a week.
* Setting scaled_rank to zero, where hot_rank is zero.
* Adding image_upload table.
* Revert "Automatically resolve report when post/comment is removed (#3850)"
This reverts commit f7f6766650.
* Automatically resolve reports using db trigger
* lint
* use mod log tables
* fix migration
* fix ci
* fix clippy
* add logic to prevent downloading remote pictrs images
* apply formatting
* Do not attempt a pictrs fetch if the remote image is also on a pictrs instance
* Do not attempt a pictrs fetch if the remote image is also on a pictrs instance and cache_federated_images is false
* Generalising the no caching option to handle all remote images
* rustfmt
* Return None if the URL is not an image
* Updating defaults.hjson
* fixing typo
* Fixing typo
* Skip cloning the Url unless we need to
* using a HEAD request for checking the content type, saving bandwidth/improving perf
* Removing early returns
* Switching back to GET requests for Content-Type because pictrs does not handle HEAD requests
* Simplifying logic and using metadata_image instead of url if we do not get a pictrs thumbnail
* Removing unused import
* Return None as a thumbnail if caching is disabled
* formatting
---------
Co-authored-by: Djones4822 <david.jones4822@gmail.com>
* update api tests for new moderator view
* chage moderator view to be a listing type in get posts
Note: Internally, the listing type is called ListingType.ModeratorView,
but it's called "Moderator View" in the api endpoint
* fix formatting
* add support for moderator view to list comments
* add api test for moderator view when listing comments
* fix api test formatting
* retry tests
* don't filter out blocked users and communities when using moderator view
* fix cargo tests failing
* fix formatting
* fix previous merge
* Adding ModeratorView to listing_type_enums
* Fixing fmt.
* Adding a default to ListingType.
* Upgrading to use new lemmy-js-client.
---------
Co-authored-by: Nutomic <me@nutomic.com>
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
Co-authored-by: Dessalines <tyhou13@gmx.com>
* Move admin flag from person to local_user (fixes#3060)
The person table is for federated data, but admin flag can only
apply to local users. Thats why it really belongs in the local_user
table. This will also prevent the federation code from accidentally
overwriting the admin flag
* fmt
* try to fix api tests
* lint
* fix person view
* ci
* ci
---------
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
* Lowercase domain on db query filters (#3849)
* Add test to get a community on different cased domain (#3849)
* Lowercase the identity for webfinger (#3849)
* Lowercase both sides of the domain comparison (#3849)
* Format api_tests (#3849)
* Lowercase domain lookup on Instance and Person (#3849)
---------
Co-authored-by: Freek van Zee <freek.van.zee@mediamonks.com>
Co-authored-by: Freakazoid182 <>
* generate sitemap.xml file
* set up endpoint for sitemap
* Update sitemap generation
- remove sitemap generation from scheduled tasks
- add posts query for sitemap
- create sitemap module in API crate
* remove priority and change freq from sitemap
* add configuration option for number of posts for sitemap
* fix default config
* rate limit sitemap endpoint
* update sitemap query
* update sitemap generation
- remove config value for query limit
- adjust sitemap generation to query changes
- tidy up error handling
* refactor sitemap generation loop
* remove `limit` argument
* refactor `generate_urlset` and add unit test
* change query to only fetch local posts of past 24h
* fix outdated comment and log
* cargo fmt
* Add person name to PersonIsBannedFromSite error (#3786)
* Log PersonId instead of Person name (#3850)
* Log actor_id for PersonIsBannedFromSite (#3850)
---------
Co-authored-by: Freek van Zee <freek.van.zee@mediamonks.com>
* Replace Option<bool> with bool for PostQuery and CommentQuery (#3819)
* Replace Option<bool> from all list queries (#3819)
---------
Co-authored-by: Freek van Zee <freek.van.zee@mediamonks.com>
* Allow filtering posts and comments by whether they were liked/disliked
* Switch to 2 args - liked_only, disliked_only - taking bools
* Make liked_only and disliked_only Option<bool>
* Fix unrelated is_profile_view compilation error
* remove n^2 part of person triggers, improve community aggregate trigger
* comment out comment_score tests since previously they only accidentally succeeded
* empty
* more robust test of unlike a comment, confirm replication to instance downstream from community home
* more robust 'delete a comment' test, confirm replication
* Far more robust "Report a comment" test. Many comments about situation, this is currently failing because gamma does not get the report
* typo and actually have Gamma comment check use gamma, not alpha
* prepare-drone-federation-test.sh has some more echo output and note about the LEMMY_DATABASE_URL format (#3651)
* Add http cache for webfingers (#3317)
* Add http cache for webfingers
* Remove the outgoing cache middleware & adjust the cache headers directive
* Use 1h & 3day cache header
* Update routes and adjust the cache headers location
* revert apub caching
---------
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
Co-authored-by: Felix Ableitner <me@nutomic.com>
* Rewrite activity lists to fix delete federation (fixes#3625)
* Revert "typo and actually have Gamma comment check use gamma, not alpha"
This reverts commit 7dfb6ee0f4.
* Revert "Far more robust "Report a comment" test. Many comments about situation, this is currently failing because gamma does not get the report"
This reverts commit 7bd3b20ae0.
* prettier TypeScript
* revised comments, as ResolveObject isn't using routine replication
* fmt
* fix api tests
* remove comment
---------
Co-authored-by: cetra3 <cetra3@hotmail.com>
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
Co-authored-by: Felix Ableitner <me@nutomic.com>
* HTML sanitization in apub code
* Sanitize API inputs
* fmt
* Dont allow html a, img tags
---------
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
* add option to only show posts from moderated communities
* rename moderated_only to moderator_view and show blocked users in moderator view
* add test for moderator view
* bump lemmy-js-client version for moderation view tests
* fix yarn lockfile
* retry build
* Delete logfile
* retry checks
* remove unused select statement from list posts
---------
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
* Added controversy rank property to posts and comments, and ability to sort by it
* Triggers instead of schedules tasks, integer -> double, TODO: comments don't seem to get updated with floats, divide SortTypes
* Created PersonSortType
* PersonSortType::MostComments case
* Removed unused PartialOrd trait
* Added new person sort type mappings
* SortType -> PersonSortType
* fixes
* cargo fmt
* fixes after merge with main
* Fixed bug in controversy rank trigger, removed TopX sorts from PersonSortType and added CommentScore instead
* Uncovered enum case
* clippy
* reset translation changes
* translations
* translations
* Added additional hot ordering on controversial posts and comments
* featured local and featured community added to controversy rank index, additional order_by removed (?), added post_score and post_count to PersonSortType
* Woodpecker rerun
* cargo fmt
* woodpecker rerun
* fixed controversy_rank order
* fix
* Readded migration as latest, removed second update statement for setting controversy rank
* Resolves issue #3685
If user isn't authenticated with resolve_object, only allow a local search instead of possibly making an http request.
* Making sure to validate auth before doing a potential remote lookup.
* add new flag to api
* add new ui settings for local user
* remove extraneous def
* add props to application reg.
* fix clippy updated these
* re-order db schema entries
* remove dupe
* update lemmy sdk
* update lemmy js client
---------
Co-authored-by: Nutomic <me@nutomic.com>
* detailed error message for blocked domains (#3698)
* Pass the domain as an error param
Not formatting the error message to support i18n
---------
Co-authored-by: Freek van Zee <freek.van.zee@mediamonks.com>
I noticed that stopping the Lemmy process with ctrl+c wasnt working
because the activity channel isnt properly closed. This is now fixed.
Later we should also move the channel from static into LemmyContext,
Im not doing that now to avoid conflicts with #3670.
* Denormalize community_id into post_aggregates for a 1000x speed-up when loading posts
* Remove unused index
* Add creator_id to post_aggregates
* Use post_aggregates as main table for PostQuery
* Make post_aggregates the main table for PostView
* Reformat SQL
* Remove SendActivity and Perform traits, rely on channel
These traits arent necessary anymore now that websocket is removed.
Removing them allows us to use normal actix http handler methods
which are much more flexible, and allow using different middlewares
as well as setting response attributes.
* compiling and create post federating
* clippy
* rename methods, join outgoing activities task
* fix api tests
* no unwrap
* conditional compile
* add back getrandom
* make crates optional
* fmt
* add new function build_post_response_deleted_allowed
* PostDelete uses new function build_post_response_deleted_allowed
* RemovePost uses new build_post_response_deleted_allowed function
* code comments about mod or admin flag having other use
* reformat "cargo +nightly fmt --all"
* Try using drone cache plugin
* Try another path
* Include volume
* Fix formatting
* Include fmt
* Exclude cargo dir from prettier
* Don't override cargo
* Just do check
* Add cache key
* Use different cache plugin
* Add clippy
* Try minio
* Add quotes
* Try adding secrets
* Try again
* Again
* Use correct secret formation
* Add back clippy
* Use secret for the root bucket name
* Try drone cache instead
* Add region
* Add path-style option
* Include cargo clippy
* Include everything again
* Fix formatting
* Don't run clippy twice
* Add `allow` statements for tests to pass
* Adjust endpoint to be a secret
* Fix prettier
* Merge & fix tests
* Try to restart the woodpecker test
* Change the ENV var name
---------
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
* change pool fields to parameters for list
* remove my_person_id and admin fields
* Change recipient id to list param
* Remove TypedBuilder from db_views and db_views_actor
* Split activity table into sent and received parts (fixes#3103)
The received activities are only stored in order to avoid processing
the same incoming activity multiple times. For this purpose it is
completely unnecessary to store the data. So we can split the
table into sent_activity and received_activity parts, where
only sent_activity table needs to store activity data. This should
reduce storage use significantly.
Also reduces activity storage duration to three months, we can reduce
this further if necessary.
Additionally the id columns of activity tables are removed because
they are completely unused and risk overflowing (fixes#3560).
* address review
* move insert_received_activity() methods to verify handlers
* remove unnecessary conflict line
* clippy
* use on conflict, add tests