Commit graph

69 commits

Author SHA1 Message Date
Dessalines 2d5a50e80f
Fixing broken websocket sends. Removing WebSocketInfo (#1098) 2020-08-24 11:58:24 +00:00
nutomic 14f2d190e5 Implement context (#86)
Implement context

Co-authored-by: Felix Ableitner <me@nutomic.com>
Reviewed-on: https://yerbamate.dev/LemmyNet/lemmy/pulls/86
2020-08-18 13:43:50 +00:00
Felix Ableitner 4981eb38fb
Merge pull request #1075 from LemmyNet/fix_online_counts
Fixing online counts. Fixes #664
2020-08-13 11:41:45 +00:00
nutomic a496d8af65 Implement undo<dislike> for activitypub (#83)
Merge branch 'main' into undo-dislike

Implement undo<dislike> for activitypub

Fix some TODOs in activitypub code

Add post_read back in, do some cleanup

Add some delete functions back in

Merge branch 'main' into remove-dead-code

Replace body of unused db functions with unimplemented!()

Remove dead code

Remove remaining usages of unwrap() from activitypub code

Remove most usage of Option::unwrap() from activitypub code

Co-authored-by: Felix Ableitner <me@nutomic.com>
Reviewed-on: https://yerbamate.dev/LemmyNet/lemmy/pulls/83
2020-08-12 14:43:45 +00:00
Dessalines 8daeba450c
Removing unnecessary oper struct. Fixes #660 (#1077) 2020-08-12 11:31:45 +00:00
Dessalines 1c3ed864e7 Fixing online counts. Fixes #664 2020-08-11 17:46:58 -04:00
nutomic 76cd6ac6bc Add more checks in inbox, plus some refactoring (#76)
Merge branch 'main' into more-inbox-permissions

Move check_community_ban() into helper function

Move slur check into helper functions

Move Claims::decode and site ban check into helper function

Note: this changes behaviour in that site ban is checked in more
places now. we could easily add a boolean parameter
check_for_site_ban to get the previous behaviour back

Rewrite user_inbox and community_inbox in the same way as shared_inbox

Add check against instance allowlist etc in shared_inbox

Co-authored-by: dessalines <dessalines@noreply.yerbamate.dev>
Co-authored-by: Felix Ableitner <me@nutomic.com>
Reviewed-on: https://yerbamate.dev/LemmyNet/lemmy/pulls/76
2020-08-04 14:39:55 +00:00
Dessalines d1342afe93
Remove extra jwt claims (for user settings) (#1025)
* Remove extra jwt claims (for user settings)

- The JWT token only contains the issuer, and your user id now.
- Now only a page refresh is necessary to pick up your settings on all
  clients, including theme, language, etc.
- GetSiteResponse now gives you your user and settings if logged in.
- Fixes #773

* Remove extra comment line, I tested nsfw

* Adding a todo to add a User_::readSafe()
2020-07-27 09:23:08 -04:00
Dessalines 59da2976ab Some more API cleanup.
- Extracted methods for is_mod_or_admin, and is_admin.
- Removed admins from GetPostResponse and GetCommunityResponse.
- Some cleanup.
2020-07-22 14:20:08 -04:00
Dessalines 5e5063cbdd Adding some helper functions. 2020-07-21 13:52:57 -04:00
Dessalines 4b6a762a56 Added an is_mod_or_admin function to Community 2020-07-21 10:15:17 -04:00
Dessalines 2eac037408 Adding post delete, remove, lock, and sticky. 2020-07-20 23:46:36 -04:00
eiknat 03758a4f92
validate post URLs on the backend (#990)
* added serverside url validation

* api.post: use if let instead of is_some

also add "invalid_url" to en.json

Co-authored-by: John Doe <dhas8m@protonmail.com>
2020-07-17 18:46:59 -04:00
ryexandra 29037b4995
Security/fix permission bugs (#966)
* secure the `EditPost` API endpoint

* Check user is moderator in BanFromCommunity

* secure the `EditComment` API endpoint

* pass orig `read` prob when not explicitly updating it.

* Block random users from adding mods.

* use cleaner logic from `EditPost`

* prevent editing a community by a mod from transfering ownership to them

* secure `read` action in `EditPrivateMessage`

* Add check in UserMention

* only let the indended recipient mark as read

* simplify booleans to satisfy clippy

* requested changes + cargo +nightly fmt

* fix to pass federation tests for deleting comments and posts

Co-authored-by: chiminh <chiminh.tutanota.com>
Co-authored-by: Hex Bear <buildadangtrain@protonmail.com>
2020-07-14 09:17:25 -04:00
Dessalines 7556f8615f
Adding a community_name option to GetPosts /post/list . Fixes #800 (#942) 2020-07-13 09:50:13 -04:00
Tony Antonov 8d24659892
Forbid users to use empty titles for posts (#930)
- Add a regex that checks if string contains anything but whitespace
- Check for whitespace-only titles on post creation and edit
- Trim whitespace from titles before saving
- Add frontend validation to title
2020-07-10 21:15:53 -04:00
nutomic 80aef61aed Split code into cargo workspaces (#67)
More fixes

- fixed docker builds
- fixed mentions regex test
- fixed DATABASE_URL stuff
- change schema path in diesel.toml

Address review comments

- add jsonb column back into activity table
- remove authors field from cargo.toml
- adjust LEMMY_DATABASE_URL env var usage
- rename all occurences of LEMMY_DATABASE_URL to DATABASE_URL

Decouple utils and db

Split code into cargo workspaces

Co-authored-by: Felix Ableitner <me@nutomic.com>
Reviewed-on: https://yerbamate.dev/LemmyNet/lemmy/pulls/67
2020-07-10 18:15:41 +00:00
Riley a074564458
Federation async (#848)
* Asyncify more

* I guess these changed

* Clean PR a bit

* Convert more away from failure error

* config changes for testing federation

* It was DNS

So actix-web's client relies on TRust DNS Resolver to figure out
where to send data, but TRust DNS Resolver seems to not play nice
with docker, which expressed itself as not resolving the name to
an IP address _the first time_ when making a request. The fix was
literally to make the request again (which I limited to 3 times
total, and not exceeding the request timeout in total)

* Only retry for connecterror

Since TRust DNS Resolver was causing ConnectError::Timeout,
this change limits the retry to only this error, returning
immediately for any other error

* Use http sig norm 0.4.0-alpha for actix-web 3.0 support

* Blocking function, retry http requests

* cargo +nightly fmt

* Only create one pictrs dir

* Don't yarn build

* cargo +nightly fmt
2020-07-01 08:54:29 -04:00
Dessalines 86dc50f9f0 Some fixes to federation.
- Advanced code migrations now disable then re-enable triggers.
  Brings run time down to < 15 seconds, no need to thread them.
- Changing ap_ids and actor_ids in migrations to a fake url,
  so it doesn't break XsdAnyUri in activitystreams.
2020-06-26 21:12:41 -04:00
Dessalines dc94e58cbf Merge branch 'master' into federation_merge_from_master_2 2020-06-23 21:11:38 -04:00
Dessalines 4cf1f080bf Adding delete picture via pict-rs delete tokens. Fixes #505 2020-06-10 22:47:06 -04:00
Dessalines 2fbd44c59d Adding pictrs thumbnail caching for urls and embeds. 2020-06-10 18:22:57 -04:00
Felix Ableitner 52206998aa more fixes 2020-05-30 15:38:01 +02:00
Felix Ableitner d6e2119277 make comments work (more or less) 2020-05-28 20:09:37 +02:00
Felix 9e61c3be94 Rework imports 2020-05-16 20:04:17 +02:00
Dessalines fab22e3d8a Add federated comment and post undo like. 2020-05-03 20:34:04 -04:00
Dessalines a09c818746 Adding federated mod remove actions. 2020-05-03 10:00:59 -04:00
Dessalines 5366797a4b Add undos for delete community, post, and comment. 2020-05-01 15:01:29 -04:00
Dessalines 2f1cd9976d Adding federated community, comment, and post deletes.
- Unit tests added too.
- No undeletes working yet.
2020-05-01 10:07:38 -04:00
Felix c43f06124a Address comments, implement delete for posts and comments 2020-04-29 16:51:25 +02:00
Dessalines 9721b77317 1/3rd done with post likes 2020-04-27 22:47:26 -04:00
Dessalines 22abbebd41 Lots of additions to federation.
- Added a shared inbox.
- Added federated comments, comment updates, and tests.
- Abstracted ap object sends into a common trait.
2020-04-27 12:57:00 -04:00
Dessalines 3ce0618362 Making a trait function for follow and accept. 2020-04-26 13:20:42 -04:00
Dessalines f0026065f5 Merge branch 'master' into federation_merge_from_master_1 2020-04-21 10:25:29 -04:00
asonix ac43b86b60 Change RateLimit to act as a middleware 2020-04-19 22:59:07 -05:00
Dessalines f300c67a4d Adding websocket notification system.
- HTTP and APUB clients can now send live updating messages to websocket
  clients
- Rate limiting now affects both HTTP and websockets
- Rate limiting / Websocket logic is now moved into the API Perform
  functions.
- TODO This broke getting current online users, but that will have to
  wait for the perform trait to be made async.
- Fixes #446
2020-04-19 18:08:25 -04:00
Felix fdaf0b3364 Get inbox working properly 2020-04-13 15:06:41 +02:00
Felix 483d11e772 Minor code cleanup 2020-04-09 21:26:22 +02:00
Felix 0b617377df Implement create activity 2020-04-09 21:04:31 +02:00
Felix Ableitner b7103a7e14 Store remote communities/posts in db, federate posts! 2020-04-07 18:47:19 +02:00
Dessalines 85ea1046f0 Adding post and comment ap_id columns. 2020-04-03 20:04:57 -04:00
Felix Ableitner 390b204272 Rewrite federation settings 2020-03-18 22:09:00 +01:00
Felix Ableitner 8ebcc7ac02 Implemented basics for post federation, plus a bunch of other stuff 2020-03-14 22:03:05 +01:00
Felix Ableitner 5896a9d251 Move apub related code from websocket into api package 2020-03-14 13:15:23 +01:00
Felix Ableitner b01f4f75d6 WIP: federate posts between instances 2020-03-14 01:05:42 +01:00
Dessalines ac280782b2 Iframely and pictshare backend mostly done. 2020-03-07 18:31:13 -05:00
Dessalines 65a6e7731c Increasing post title length limit to 200. Fixes #515 2020-02-06 13:10:43 -05:00
Dessalines ee2038a75a Returning specific slurs from slur filter on failure. Fixes #463 2020-02-02 22:51:54 -05:00
Dessalines 96a7e99e57 Removing PostLikeResponse in favor of PostResponse. Consolidating comment and post_sends. 2020-02-02 12:45:41 -05:00
Dessalines 8036474dda Starting to work on user message scope. 2020-01-31 20:02:20 -05:00