Merge branch 'develop' of git.pleroma.social:pleroma/pleroma into remove/mastofe
This commit is contained in:
commit
1841bd8383
24 changed files with 323 additions and 219 deletions
|
@ -18,11 +18,14 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
|
|||
- HTTPSecurityPlug now sends a response header to opt out of Google's FLoC (Federated Learning of Cohorts) targeted advertising.
|
||||
- Email address is now returned if requesting user is the owner of the user account so it can be exposed in client and FE user settings UIs.
|
||||
- Improved Twittercard and OpenGraph meta tag generation including thumbnails and image dimension metadata when available.
|
||||
- AdminAPI: sort users so the newest are at the top.
|
||||
- ActivityPub Client-to-Server(C2S): Limitation on the type of Activity/Object are lifted as they are now passed through ObjectValidators
|
||||
|
||||
### Added
|
||||
|
||||
- MRF (`FollowBotPolicy`): New MRF Policy which makes a designated local Bot account attempt to follow all users in public Notes received by your instance. Users who require approving follower requests or have #nobot in their profile are excluded.
|
||||
- Return OAuth token `id` (primary key) in POST `/oauth/token`.
|
||||
- AdminAPI: return `created_at` date with users.
|
||||
- `AnalyzeMetadata` upload filter for extracting image/video attachment dimensions and generating blurhashes for images. Blurhashes for videos are not generated at this time.
|
||||
- Attachment dimensions and blurhashes are federated when available.
|
||||
- Pinned posts federation
|
||||
|
@ -33,6 +36,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
|
|||
- Remote users can no longer reappear after being deleted.
|
||||
- Deactivated users may now be deleted.
|
||||
- Mix task `pleroma.database prune_objects`
|
||||
- Fixed rendering of JSON errors on ActivityPub endpoints.
|
||||
- Linkify: Parsing crash with URLs ending in unbalanced closed paren, no path separator, and no query parameters
|
||||
|
||||
### Removed
|
||||
|
|
|
@ -457,7 +457,7 @@ config :pleroma, :shout,
|
|||
enabled: true,
|
||||
limit: 5_000
|
||||
|
||||
config :phoenix, :format_encoders, json: Jason
|
||||
config :phoenix, :format_encoders, json: Jason, "activity+json": Jason
|
||||
|
||||
config :phoenix, :json_library, Jason
|
||||
|
||||
|
|
|
@ -292,7 +292,8 @@ defmodule Pleroma.Activity do
|
|||
get_in_reply_to_activity_from_object(Object.normalize(activity, fetch: false))
|
||||
end
|
||||
|
||||
def normalize(obj) when is_map(obj), do: get_by_ap_id_with_object(obj["id"])
|
||||
def normalize(%Activity{data: %{"id" => ap_id}}), do: get_by_ap_id_with_object(ap_id)
|
||||
def normalize(%{"id" => ap_id}), do: get_by_ap_id_with_object(ap_id)
|
||||
def normalize(ap_id) when is_binary(ap_id), do: get_by_ap_id_with_object(ap_id)
|
||||
def normalize(_), do: nil
|
||||
|
||||
|
|
|
@ -91,7 +91,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do
|
|||
|
||||
defp increase_replies_count_if_reply(_create_data), do: :noop
|
||||
|
||||
@object_types ~w[ChatMessage Question Answer Audio Video Event Article Note]
|
||||
@object_types ~w[ChatMessage Question Answer Audio Video Event Article Note Page]
|
||||
@impl true
|
||||
def persist(%{"type" => type} = object, meta) when type in @object_types do
|
||||
with {:ok, object} <- Object.create(object) do
|
||||
|
|
|
@ -11,7 +11,6 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubController do
|
|||
alias Pleroma.Object.Fetcher
|
||||
alias Pleroma.User
|
||||
alias Pleroma.Web.ActivityPub.ActivityPub
|
||||
alias Pleroma.Web.ActivityPub.Builder
|
||||
alias Pleroma.Web.ActivityPub.InternalFetchActor
|
||||
alias Pleroma.Web.ActivityPub.ObjectView
|
||||
alias Pleroma.Web.ActivityPub.Pipeline
|
||||
|
@ -403,83 +402,90 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubController do
|
|||
|> json(err)
|
||||
end
|
||||
|
||||
defp handle_user_activity(
|
||||
%User{} = user,
|
||||
%{"type" => "Create", "object" => %{"type" => "Note"} = object} = params
|
||||
) do
|
||||
content = if is_binary(object["content"]), do: object["content"], else: ""
|
||||
name = if is_binary(object["name"]), do: object["name"], else: ""
|
||||
summary = if is_binary(object["summary"]), do: object["summary"], else: ""
|
||||
length = String.length(content <> name <> summary)
|
||||
defp fix_user_message(%User{ap_id: actor}, %{"type" => "Create", "object" => object} = activity)
|
||||
when is_map(object) do
|
||||
length =
|
||||
[object["content"], object["summary"], object["name"]]
|
||||
|> Enum.filter(&is_binary(&1))
|
||||
|> Enum.join("")
|
||||
|> String.length()
|
||||
|
||||
if length > Pleroma.Config.get([:instance, :limit]) do
|
||||
{:error, dgettext("errors", "Note is over the character limit")}
|
||||
else
|
||||
limit = Pleroma.Config.get([:instance, :limit])
|
||||
|
||||
if length < limit do
|
||||
object =
|
||||
object
|
||||
|> Map.merge(Map.take(params, ["to", "cc"]))
|
||||
|> Map.put("attributedTo", user.ap_id)
|
||||
|> Transmogrifier.fix_object()
|
||||
|> Transmogrifier.strip_internal_fields()
|
||||
|> Map.put("attributedTo", actor)
|
||||
|> Map.put("actor", actor)
|
||||
|> Map.put("id", Utils.generate_object_id())
|
||||
|
||||
ActivityPub.create(%{
|
||||
to: params["to"],
|
||||
actor: user,
|
||||
context: object["context"],
|
||||
object: object,
|
||||
additional: Map.take(params, ["cc"])
|
||||
})
|
||||
end
|
||||
end
|
||||
|
||||
defp handle_user_activity(%User{} = user, %{"type" => "Delete"} = params) do
|
||||
with %Object{} = object <- Object.normalize(params["object"], fetch: false),
|
||||
true <- user.is_moderator || user.ap_id == object.data["actor"],
|
||||
{:ok, delete_data, _} <- Builder.delete(user, object.data["id"]),
|
||||
{:ok, delete, _} <- Pipeline.common_pipeline(delete_data, local: true) do
|
||||
{:ok, delete}
|
||||
{:ok, Map.put(activity, "object", object)}
|
||||
else
|
||||
_ -> {:error, dgettext("errors", "Can't delete object")}
|
||||
{:error,
|
||||
dgettext(
|
||||
"errors",
|
||||
"Character limit (%{limit} characters) exceeded, contains %{length} characters",
|
||||
limit: limit,
|
||||
length: length
|
||||
)}
|
||||
end
|
||||
end
|
||||
|
||||
defp handle_user_activity(%User{} = user, %{"type" => "Like"} = params) do
|
||||
with %Object{} = object <- Object.normalize(params["object"], fetch: false),
|
||||
{_, {:ok, like_object, meta}} <- {:build_object, Builder.like(user, object)},
|
||||
{_, {:ok, %Activity{} = activity, _meta}} <-
|
||||
{:common_pipeline,
|
||||
Pipeline.common_pipeline(like_object, Keyword.put(meta, :local, true))} do
|
||||
defp fix_user_message(
|
||||
%User{ap_id: actor} = user,
|
||||
%{"type" => "Delete", "object" => object} = activity
|
||||
) do
|
||||
with {_, %Object{data: object_data}} <- {:normalize, Object.normalize(object, fetch: false)},
|
||||
{_, true} <- {:permission, user.is_moderator || actor == object_data["actor"]} do
|
||||
{:ok, activity}
|
||||
else
|
||||
_ -> {:error, dgettext("errors", "Can't like object")}
|
||||
{:normalize, _} ->
|
||||
{:error, "No such object found"}
|
||||
|
||||
{:permission, _} ->
|
||||
{:forbidden, "You can't delete this object"}
|
||||
end
|
||||
end
|
||||
|
||||
defp handle_user_activity(_, _) do
|
||||
{:error, dgettext("errors", "Unhandled activity type")}
|
||||
defp fix_user_message(%User{}, activity) do
|
||||
{:ok, activity}
|
||||
end
|
||||
|
||||
def update_outbox(
|
||||
%{assigns: %{user: %User{nickname: nickname} = user}} = conn,
|
||||
%{assigns: %{user: %User{nickname: nickname, ap_id: actor} = user}} = conn,
|
||||
%{"nickname" => nickname} = params
|
||||
) do
|
||||
actor = user.ap_id
|
||||
|
||||
params =
|
||||
params
|
||||
|> Map.drop(["id"])
|
||||
|> Map.drop(["nickname"])
|
||||
|> Map.put("id", Utils.generate_activity_id())
|
||||
|> Map.put("actor", actor)
|
||||
|> Transmogrifier.fix_addressing()
|
||||
|
||||
with {:ok, %Activity{} = activity} <- handle_user_activity(user, params) do
|
||||
with {:ok, params} <- fix_user_message(user, params),
|
||||
{:ok, activity, _} <- Pipeline.common_pipeline(params, local: true),
|
||||
%Activity{data: activity_data} <- Activity.normalize(activity) do
|
||||
conn
|
||||
|> put_status(:created)
|
||||
|> put_resp_header("location", activity.data["id"])
|
||||
|> json(activity.data)
|
||||
|> put_resp_header("location", activity_data["id"])
|
||||
|> json(activity_data)
|
||||
else
|
||||
{:forbidden, message} ->
|
||||
conn
|
||||
|> put_status(:forbidden)
|
||||
|> json(message)
|
||||
|
||||
{:error, message} ->
|
||||
conn
|
||||
|> put_status(:bad_request)
|
||||
|> json(message)
|
||||
|
||||
e ->
|
||||
Logger.warn(fn -> "AP C2S: #{inspect(e)}" end)
|
||||
|
||||
conn
|
||||
|> put_status(:bad_request)
|
||||
|> json("Bad Request")
|
||||
end
|
||||
end
|
||||
|
||||
|
|
|
@ -20,7 +20,7 @@ defmodule Pleroma.Web.ActivityPub.ObjectValidator do
|
|||
alias Pleroma.Web.ActivityPub.ObjectValidators.AddRemoveValidator
|
||||
alias Pleroma.Web.ActivityPub.ObjectValidators.AnnounceValidator
|
||||
alias Pleroma.Web.ActivityPub.ObjectValidators.AnswerValidator
|
||||
alias Pleroma.Web.ActivityPub.ObjectValidators.ArticleNoteValidator
|
||||
alias Pleroma.Web.ActivityPub.ObjectValidators.ArticleNotePageValidator
|
||||
alias Pleroma.Web.ActivityPub.ObjectValidators.AudioVideoValidator
|
||||
alias Pleroma.Web.ActivityPub.ObjectValidators.BlockValidator
|
||||
alias Pleroma.Web.ActivityPub.ObjectValidators.ChatMessageValidator
|
||||
|
@ -102,7 +102,7 @@ defmodule Pleroma.Web.ActivityPub.ObjectValidator do
|
|||
%{"type" => "Create", "object" => %{"type" => objtype} = object} = create_activity,
|
||||
meta
|
||||
)
|
||||
when objtype in ~w[Question Answer Audio Video Event Article Note] do
|
||||
when objtype in ~w[Question Answer Audio Video Event Article Note Page] do
|
||||
with {:ok, object_data} <- cast_and_apply(object),
|
||||
meta = Keyword.put(meta, :object_data, object_data |> stringify_keys),
|
||||
{:ok, create_activity} <-
|
||||
|
@ -115,15 +115,16 @@ defmodule Pleroma.Web.ActivityPub.ObjectValidator do
|
|||
end
|
||||
|
||||
def validate(%{"type" => type} = object, meta)
|
||||
when type in ~w[Event Question Audio Video Article Note] do
|
||||
when type in ~w[Event Question Audio Video Article Note Page] do
|
||||
validator =
|
||||
case type do
|
||||
"Event" -> EventValidator
|
||||
"Question" -> QuestionValidator
|
||||
"Audio" -> AudioVideoValidator
|
||||
"Video" -> AudioVideoValidator
|
||||
"Article" -> ArticleNoteValidator
|
||||
"Note" -> ArticleNoteValidator
|
||||
"Article" -> ArticleNotePageValidator
|
||||
"Note" -> ArticleNotePageValidator
|
||||
"Page" -> ArticleNotePageValidator
|
||||
end
|
||||
|
||||
with {:ok, object} <-
|
||||
|
@ -175,6 +176,8 @@ defmodule Pleroma.Web.ActivityPub.ObjectValidator do
|
|||
end
|
||||
end
|
||||
|
||||
def validate(o, m), do: {:error, {:validator_not_set, {o, m}}}
|
||||
|
||||
def cast_and_apply(%{"type" => "ChatMessage"} = object) do
|
||||
ChatMessageValidator.cast_and_apply(object)
|
||||
end
|
||||
|
@ -195,8 +198,8 @@ defmodule Pleroma.Web.ActivityPub.ObjectValidator do
|
|||
EventValidator.cast_and_apply(object)
|
||||
end
|
||||
|
||||
def cast_and_apply(%{"type" => type} = object) when type in ~w[Article Note] do
|
||||
ArticleNoteValidator.cast_and_apply(object)
|
||||
def cast_and_apply(%{"type" => type} = object) when type in ~w[Article Note Page] do
|
||||
ArticleNotePageValidator.cast_and_apply(object)
|
||||
end
|
||||
|
||||
def cast_and_apply(o), do: {:error, {:validator_not_set, o}}
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
|
||||
# SPDX-License-Identifier: AGPL-3.0-only
|
||||
|
||||
defmodule Pleroma.Web.ActivityPub.ObjectValidators.ArticleNoteValidator do
|
||||
defmodule Pleroma.Web.ActivityPub.ObjectValidators.ArticleNotePageValidator do
|
||||
use Ecto.Schema
|
||||
|
||||
alias Pleroma.EctoType.ActivityPub.ObjectValidators
|
||||
|
@ -113,7 +113,7 @@ defmodule Pleroma.Web.ActivityPub.ObjectValidators.ArticleNoteValidator do
|
|||
|
||||
defp validate_data(data_cng) do
|
||||
data_cng
|
||||
|> validate_inclusion(:type, ["Article", "Note"])
|
||||
|> validate_inclusion(:type, ["Article", "Note", "Page"])
|
||||
|> validate_required([:id, :actor, :attributedTo, :type, :context, :context_id])
|
||||
|> CommonValidations.validate_any_presence([:cc, :to])
|
||||
|> CommonValidations.validate_fields_match([:actor, :attributedTo])
|
|
@ -437,7 +437,7 @@ defmodule Pleroma.Web.ActivityPub.SideEffects do
|
|||
end
|
||||
|
||||
def handle_object_creation(%{"type" => objtype} = object, meta)
|
||||
when objtype in ~w[Audio Video Question Event Article Note] do
|
||||
when objtype in ~w[Audio Video Question Event Article Note Page] do
|
||||
with {:ok, object, meta} <- Pipeline.common_pipeline(object, meta) do
|
||||
{:ok, object, meta}
|
||||
end
|
||||
|
|
|
@ -353,29 +353,6 @@ defmodule Pleroma.Web.ActivityPub.Transmogrifier do
|
|||
end)
|
||||
end
|
||||
|
||||
# Compatibility wrapper for Mastodon votes
|
||||
defp handle_create(%{"object" => %{"type" => "Answer"}} = data, _user) do
|
||||
handle_incoming(data)
|
||||
end
|
||||
|
||||
defp handle_create(%{"object" => object} = data, user) do
|
||||
%{
|
||||
to: data["to"],
|
||||
object: object,
|
||||
actor: user,
|
||||
context: object["context"],
|
||||
local: false,
|
||||
published: data["published"],
|
||||
additional:
|
||||
Map.take(data, [
|
||||
"cc",
|
||||
"directMessage",
|
||||
"id"
|
||||
])
|
||||
}
|
||||
|> ActivityPub.create()
|
||||
end
|
||||
|
||||
def handle_incoming(data, options \\ [])
|
||||
|
||||
# Flag objects are placed ahead of the ID check because Mastodon 2.8 and earlier send them
|
||||
|
@ -407,43 +384,6 @@ defmodule Pleroma.Web.ActivityPub.Transmogrifier do
|
|||
def handle_incoming(%{"id" => id}, _options) when is_binary(id) and byte_size(id) < 8,
|
||||
do: :error
|
||||
|
||||
# TODO: validate those with a Ecto scheme
|
||||
# - tags
|
||||
# - emoji
|
||||
def handle_incoming(
|
||||
%{"type" => "Create", "object" => %{"type" => "Page"} = object} = data,
|
||||
options
|
||||
) do
|
||||
actor = Containment.get_actor(data)
|
||||
|
||||
with nil <- Activity.get_create_by_object_ap_id(object["id"]),
|
||||
{:ok, %User{} = user} <- User.get_or_fetch_by_ap_id(actor) do
|
||||
data =
|
||||
data
|
||||
|> Map.put("object", fix_object(object, options))
|
||||
|> Map.put("actor", actor)
|
||||
|> fix_addressing()
|
||||
|
||||
with {:ok, created_activity} <- handle_create(data, user) do
|
||||
reply_depth = (options[:depth] || 0) + 1
|
||||
|
||||
if Federator.allowed_thread_distance?(reply_depth) do
|
||||
for reply_id <- replies(object) do
|
||||
Pleroma.Workers.RemoteFetcherWorker.enqueue("fetch_remote", %{
|
||||
"id" => reply_id,
|
||||
"depth" => reply_depth
|
||||
})
|
||||
end
|
||||
end
|
||||
|
||||
{:ok, created_activity}
|
||||
end
|
||||
else
|
||||
%Activity{} = activity -> {:ok, activity}
|
||||
_e -> :error
|
||||
end
|
||||
end
|
||||
|
||||
def handle_incoming(
|
||||
%{"type" => "Listen", "object" => %{"type" => "Audio"} = object} = data,
|
||||
options
|
||||
|
@ -507,7 +447,7 @@ defmodule Pleroma.Web.ActivityPub.Transmogrifier do
|
|||
%{"type" => "Create", "object" => %{"type" => objtype, "id" => obj_id}} = data,
|
||||
options
|
||||
)
|
||||
when objtype in ~w{Question Answer ChatMessage Audio Video Event Article Note} do
|
||||
when objtype in ~w{Question Answer ChatMessage Audio Video Event Article Note Page} do
|
||||
fetch_options = Keyword.put(options, :depth, (options[:depth] || 0) + 1)
|
||||
|
||||
object =
|
||||
|
|
|
@ -57,6 +57,7 @@ defmodule Pleroma.Web.ActivityPub.Visibility do
|
|||
def is_list?(_), do: false
|
||||
|
||||
@spec visible_for_user?(Object.t() | Activity.t() | nil, User.t() | nil) :: boolean()
|
||||
def visible_for_user?(%Object{data: %{"type" => "Tombstone"}}, _), do: false
|
||||
def visible_for_user?(%Activity{actor: ap_id}, %User{ap_id: ap_id}), do: true
|
||||
def visible_for_user?(%Object{data: %{"actor" => ap_id}}, %User{ap_id: ap_id}), do: true
|
||||
def visible_for_user?(nil, _), do: false
|
||||
|
|
|
@ -17,7 +17,7 @@ defmodule Pleroma.Web.AdminAPI.Search do
|
|||
|> Map.drop([:page, :page_size])
|
||||
|> Map.put(:invisible, false)
|
||||
|> User.Query.build()
|
||||
|> order_by([u], u.nickname)
|
||||
|> order_by(desc: :id)
|
||||
|
||||
paginated_query =
|
||||
User.Query.paginate(query, params[:page] || 1, params[:page_size] || @page_size)
|
||||
|
|
|
@ -8,6 +8,7 @@ defmodule Pleroma.Web.AdminAPI.AccountView do
|
|||
alias Pleroma.User
|
||||
alias Pleroma.Web.AdminAPI
|
||||
alias Pleroma.Web.AdminAPI.AccountView
|
||||
alias Pleroma.Web.CommonAPI
|
||||
alias Pleroma.Web.MastodonAPI
|
||||
alias Pleroma.Web.MediaProxy
|
||||
|
||||
|
@ -81,7 +82,8 @@ defmodule Pleroma.Web.AdminAPI.AccountView do
|
|||
"is_approved" => user.is_approved,
|
||||
"url" => user.uri || user.ap_id,
|
||||
"registration_reason" => user.registration_reason,
|
||||
"actor_type" => user.actor_type
|
||||
"actor_type" => user.actor_type,
|
||||
"created_at" => CommonAPI.Utils.to_masto_date(user.inserted_at)
|
||||
}
|
||||
end
|
||||
|
||||
|
|
|
@ -193,7 +193,9 @@ defmodule Pleroma.Web.MastodonAPI.TimelineController do
|
|||
|> ActivityPub.fetch_activities_bounded(following, params)
|
||||
|> Enum.reverse()
|
||||
|
||||
render(conn, "index.json",
|
||||
conn
|
||||
|> add_link_headers(activities)
|
||||
|> render("index.json",
|
||||
activities: activities,
|
||||
for: user,
|
||||
as: :activity,
|
||||
|
|
23
lib/pleroma/web/plugs/user_is_staff_plug.ex
Normal file
23
lib/pleroma/web/plugs/user_is_staff_plug.ex
Normal file
|
@ -0,0 +1,23 @@
|
|||
# Pleroma: A lightweight social networking server
|
||||
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
|
||||
# SPDX-License-Identifier: AGPL-3.0-only
|
||||
|
||||
defmodule Pleroma.Web.Plugs.UserIsStaffPlug do
|
||||
import Pleroma.Web.TranslationHelpers
|
||||
import Plug.Conn
|
||||
|
||||
alias Pleroma.User
|
||||
|
||||
def init(options) do
|
||||
options
|
||||
end
|
||||
|
||||
def call(%{assigns: %{user: %User{is_admin: true}}} = conn, _), do: conn
|
||||
def call(%{assigns: %{user: %User{is_moderator: true}}} = conn, _), do: conn
|
||||
|
||||
def call(conn, _) do
|
||||
conn
|
||||
|> render_error(:forbidden, "User is not a staff member.")
|
||||
|> halt()
|
||||
end
|
||||
end
|
|
@ -96,10 +96,14 @@ defmodule Pleroma.Web.Router do
|
|||
plug(Pleroma.Web.Plugs.AdminSecretAuthenticationPlug)
|
||||
plug(:after_auth)
|
||||
plug(Pleroma.Web.Plugs.EnsureAuthenticatedPlug)
|
||||
plug(Pleroma.Web.Plugs.UserIsAdminPlug)
|
||||
plug(Pleroma.Web.Plugs.UserIsStaffPlug)
|
||||
plug(Pleroma.Web.Plugs.IdempotencyPlug)
|
||||
end
|
||||
|
||||
pipeline :require_admin do
|
||||
plug(Pleroma.Web.Plugs.UserIsAdminPlug)
|
||||
end
|
||||
|
||||
pipeline :pleroma_html do
|
||||
plug(:browser)
|
||||
plug(:authenticate)
|
||||
|
@ -154,7 +158,7 @@ defmodule Pleroma.Web.Router do
|
|||
end
|
||||
|
||||
scope "/api/v1/pleroma/admin", Pleroma.Web.AdminAPI do
|
||||
pipe_through(:admin_api)
|
||||
pipe_through([:admin_api, :require_admin])
|
||||
|
||||
put("/users/disable_mfa", AdminAPIController, :disable_mfa)
|
||||
put("/users/tag", AdminAPIController, :tag_users)
|
||||
|
@ -259,7 +263,7 @@ defmodule Pleroma.Web.Router do
|
|||
|
||||
scope "/api/v1/pleroma/emoji", Pleroma.Web.PleromaAPI do
|
||||
scope "/pack" do
|
||||
pipe_through(:admin_api)
|
||||
pipe_through([:admin_api, :require_admin])
|
||||
|
||||
post("/", EmojiPackController, :create)
|
||||
patch("/", EmojiPackController, :update)
|
||||
|
@ -274,7 +278,7 @@ defmodule Pleroma.Web.Router do
|
|||
|
||||
# Modifying packs
|
||||
scope "/packs" do
|
||||
pipe_through(:admin_api)
|
||||
pipe_through([:admin_api, :require_admin])
|
||||
|
||||
get("/import", EmojiPackController, :import_from_filesystem)
|
||||
get("/remote", EmojiPackController, :remote)
|
||||
|
|
17
test/fixtures/tesla_mock/lemmy-page.json
vendored
Normal file
17
test/fixtures/tesla_mock/lemmy-page.json
vendored
Normal file
|
@ -0,0 +1,17 @@
|
|||
{
|
||||
"commentsEnabled": true,
|
||||
"sensitive": false,
|
||||
"stickied": false,
|
||||
"attributedTo": "https://enterprise.lemmy.ml/u/nutomic",
|
||||
"summary": "Hello Federation!",
|
||||
"url": "https://enterprise.lemmy.ml/pictrs/image/US52d9DPvf.jpg",
|
||||
"image": {
|
||||
"type": "Image",
|
||||
"url": "https://enterprise.lemmy.ml/pictrs/image/lwFAcXHUjS.jpg"
|
||||
},
|
||||
"published": "2020-09-14T15:03:11.909105+00:00",
|
||||
"to": "https://enterprise.lemmy.ml/c/main",
|
||||
"@context": "https://www.w3.org/ns/activitystreams",
|
||||
"id": "https://enterprise.lemmy.ml/post/3",
|
||||
"type": "Page"
|
||||
}
|
27
test/fixtures/tesla_mock/lemmy-user.json
vendored
Normal file
27
test/fixtures/tesla_mock/lemmy-user.json
vendored
Normal file
|
@ -0,0 +1,27 @@
|
|||
{
|
||||
"publicKey": {
|
||||
"id": "https://enterprise.lemmy.ml/u/nutomic#main-key",
|
||||
"owner": "https://enterprise.lemmy.ml/u/nutomic",
|
||||
"publicKeyPem": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvfwAYPxp1gOk2HcCRoUd\nupoecvmnpzRc5Gu6/N3YQyOyRsrYuiYLNQq2cgM3kcU80ZeEetkwkYgXkRJOKu/b\nBWb7i1zt2tdr5k6lUdW8dfCyjht8ooFPQdov8J3QYHfgBHyUYxuCNfSujryxx2wu\nLQcdjRQa5NIWcomSO8OXmCF5/Yhg2XWCbtnlxEq6Y+AFddr1mAlTOy5pBr5d+xZz\njLw/U3CioNJ79yGi/sJhgp6IyJqtUSoN3b4BgRIEts2QVvn44W1rQy9wCbRYQrO1\nBcB9Wel4k3rJJK8uHg+LpHVMaZppkNaWGkMBhMbzr8qmIlcNWNi7cbMK/p5vyviy\nSwIDAQAB\n-----END PUBLIC KEY-----\n"
|
||||
},
|
||||
"inbox": "https://enterprise.lemmy.ml/u/nutomic/inbox",
|
||||
"preferredUsername": "Nutomic",
|
||||
"endpoints": {
|
||||
"sharedInbox": "https://enterprise.lemmy.ml/inbox"
|
||||
},
|
||||
"summary": "some bio",
|
||||
"icon": {
|
||||
"type": "Image",
|
||||
"url": "https://enterprise.lemmy.ml/pictrs/image/F6Z7QcWZRJ.jpg"
|
||||
},
|
||||
"image": {
|
||||
"type": "Image",
|
||||
"url": "https://enterprise.lemmy.ml:/pictrs/image/Q79N9oCDEG.png"
|
||||
},
|
||||
"published": "2020-09-14T14:54:53.080949+00:00",
|
||||
"updated": "2020-10-14T10:58:28.139178+00:00",
|
||||
"@context": "https://www.w3.org/ns/activitystreams",
|
||||
"id": "https://enterprise.lemmy.ml/u/nutomic",
|
||||
"type": "Person",
|
||||
"name": "nutomic"
|
||||
}
|
|
@ -1334,9 +1334,12 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do
|
|||
activity: %{
|
||||
"@context" => "https://www.w3.org/ns/activitystreams",
|
||||
"type" => "Create",
|
||||
"object" => %{"type" => "Note", "content" => "AP C2S test"},
|
||||
"to" => "https://www.w3.org/ns/activitystreams#Public",
|
||||
"cc" => []
|
||||
"object" => %{
|
||||
"type" => "Note",
|
||||
"content" => "AP C2S test",
|
||||
"to" => "https://www.w3.org/ns/activitystreams#Public",
|
||||
"cc" => []
|
||||
}
|
||||
}
|
||||
]
|
||||
end
|
||||
|
@ -1442,19 +1445,19 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do
|
|||
user = User.get_cached_by_ap_id(note_activity.data["actor"])
|
||||
|
||||
data = %{
|
||||
type: "Delete",
|
||||
object: %{
|
||||
id: note_object.data["id"]
|
||||
"type" => "Delete",
|
||||
"object" => %{
|
||||
"id" => note_object.data["id"]
|
||||
}
|
||||
}
|
||||
|
||||
conn =
|
||||
result =
|
||||
conn
|
||||
|> assign(:user, user)
|
||||
|> put_req_header("content-type", "application/activity+json")
|
||||
|> post("/users/#{user.nickname}/outbox", data)
|
||||
|> json_response(201)
|
||||
|
||||
result = json_response(conn, 201)
|
||||
assert Activity.get_by_ap_id(result["id"])
|
||||
|
||||
assert object = Object.get_by_ap_id(note_object.data["id"])
|
||||
|
@ -1479,7 +1482,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do
|
|||
|> put_req_header("content-type", "application/activity+json")
|
||||
|> post("/users/#{user.nickname}/outbox", data)
|
||||
|
||||
assert json_response(conn, 400)
|
||||
assert json_response(conn, 403)
|
||||
end
|
||||
|
||||
test "it increases like count when receiving a like action", %{conn: conn} do
|
||||
|
@ -1557,7 +1560,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do
|
|||
|> post("/users/#{user.nickname}/outbox", activity)
|
||||
|> json_response(400)
|
||||
|
||||
assert result == "Note is over the character limit"
|
||||
assert result == "Character limit (5 characters) exceeded, contains 11 characters"
|
||||
end
|
||||
end
|
||||
|
||||
|
@ -1934,10 +1937,10 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do
|
|||
"object" => %{
|
||||
"type" => "Note",
|
||||
"content" => "AP C2S test, attachment",
|
||||
"attachment" => [object]
|
||||
},
|
||||
"to" => "https://www.w3.org/ns/activitystreams#Public",
|
||||
"cc" => []
|
||||
"attachment" => [object],
|
||||
"to" => "https://www.w3.org/ns/activitystreams#Public",
|
||||
"cc" => []
|
||||
}
|
||||
}
|
||||
|
||||
activity_response =
|
||||
|
|
|
@ -2,10 +2,10 @@
|
|||
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
|
||||
# SPDX-License-Identifier: AGPL-3.0-only
|
||||
|
||||
defmodule Pleroma.Web.ActivityPub.ObjectValidators.ArticleNoteValidatorTest do
|
||||
defmodule Pleroma.Web.ActivityPub.ObjectValidators.ArticleNotePageValidatorTest do
|
||||
use Pleroma.DataCase, async: true
|
||||
|
||||
alias Pleroma.Web.ActivityPub.ObjectValidators.ArticleNoteValidator
|
||||
alias Pleroma.Web.ActivityPub.ObjectValidators.ArticleNotePageValidator
|
||||
alias Pleroma.Web.ActivityPub.Utils
|
||||
|
||||
import Pleroma.Factory
|
||||
|
@ -29,7 +29,7 @@ defmodule Pleroma.Web.ActivityPub.ObjectValidators.ArticleNoteValidatorTest do
|
|||
end
|
||||
|
||||
test "a basic note validates", %{note: note} do
|
||||
%{valid?: true} = ArticleNoteValidator.cast_and_validate(note)
|
||||
%{valid?: true} = ArticleNotePageValidator.cast_and_validate(note)
|
||||
end
|
||||
end
|
||||
end
|
|
@ -0,0 +1,36 @@
|
|||
# Pleroma: A lightweight social networking server
|
||||
# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
|
||||
# SPDX-License-Identifier: AGPL-3.0-only
|
||||
|
||||
defmodule Pleroma.Web.ActivityPub.Transmogrifier.PageHandlingTest do
|
||||
use Oban.Testing, repo: Pleroma.Repo
|
||||
use Pleroma.DataCase
|
||||
|
||||
alias Pleroma.Object.Fetcher
|
||||
|
||||
test "Lemmy Page" do
|
||||
Tesla.Mock.mock(fn
|
||||
%{url: "https://enterprise.lemmy.ml/post/3"} ->
|
||||
%Tesla.Env{
|
||||
status: 200,
|
||||
headers: [{"content-type", "application/activity+json"}],
|
||||
body: File.read!("test/fixtures/tesla_mock/lemmy-page.json")
|
||||
}
|
||||
|
||||
%{url: "https://enterprise.lemmy.ml/u/nutomic"} ->
|
||||
%Tesla.Env{
|
||||
status: 200,
|
||||
headers: [{"content-type", "application/activity+json"}],
|
||||
body: File.read!("test/fixtures/tesla_mock/lemmy-user.json")
|
||||
}
|
||||
end)
|
||||
|
||||
{:ok, object} = Fetcher.fetch_object_from_id("https://enterprise.lemmy.ml/post/3")
|
||||
|
||||
assert object.data["summary"] == "Hello Federation!"
|
||||
assert object.data["published"] == "2020-09-14T15:03:11.909105Z"
|
||||
|
||||
# WAT
|
||||
assert object.data["url"] == "https://enterprise.lemmy.ml/pictrs/image/US52d9DPvf.jpg"
|
||||
end
|
||||
end
|
|
@ -305,7 +305,7 @@ defmodule Pleroma.Web.AdminAPI.ReportControllerTest do
|
|||
|> get("/api/pleroma/admin/reports")
|
||||
|
||||
assert json_response(conn, :forbidden) ==
|
||||
%{"error" => "User is not an admin."}
|
||||
%{"error" => "User is not a staff member."}
|
||||
end
|
||||
|
||||
test "returns 403 when requested by anonymous" do
|
||||
|
|
|
@ -384,24 +384,22 @@ defmodule Pleroma.Web.AdminAPI.UserControllerTest do
|
|||
|
||||
conn = get(conn, "/api/pleroma/admin/users?page=1")
|
||||
|
||||
users =
|
||||
[
|
||||
user_response(
|
||||
admin,
|
||||
%{"roles" => %{"admin" => true, "moderator" => false}}
|
||||
),
|
||||
user_response(user, %{"local" => false, "tags" => ["foo", "bar"]}),
|
||||
user_response(
|
||||
user2,
|
||||
%{
|
||||
"local" => true,
|
||||
"is_approved" => false,
|
||||
"registration_reason" => "I'm a chill dude",
|
||||
"actor_type" => "Person"
|
||||
}
|
||||
)
|
||||
]
|
||||
|> Enum.sort_by(& &1["nickname"])
|
||||
users = [
|
||||
user_response(
|
||||
user2,
|
||||
%{
|
||||
"local" => true,
|
||||
"is_approved" => false,
|
||||
"registration_reason" => "I'm a chill dude",
|
||||
"actor_type" => "Person"
|
||||
}
|
||||
),
|
||||
user_response(user, %{"local" => false, "tags" => ["foo", "bar"]}),
|
||||
user_response(
|
||||
admin,
|
||||
%{"roles" => %{"admin" => true, "moderator" => false}}
|
||||
)
|
||||
]
|
||||
|
||||
assert json_response_and_validate_schema(conn, 200) == %{
|
||||
"count" => 3,
|
||||
|
@ -525,7 +523,7 @@ defmodule Pleroma.Web.AdminAPI.UserControllerTest do
|
|||
assert json_response_and_validate_schema(conn1, 200) == %{
|
||||
"count" => 2,
|
||||
"page_size" => 1,
|
||||
"users" => [user_response(user)]
|
||||
"users" => [user_response(user2)]
|
||||
}
|
||||
|
||||
conn2 = get(conn, "/api/pleroma/admin/users?query=a&page_size=1&page=2")
|
||||
|
@ -533,7 +531,7 @@ defmodule Pleroma.Web.AdminAPI.UserControllerTest do
|
|||
assert json_response_and_validate_schema(conn2, 200) == %{
|
||||
"count" => 2,
|
||||
"page_size" => 1,
|
||||
"users" => [user_response(user2)]
|
||||
"users" => [user_response(user)]
|
||||
}
|
||||
end
|
||||
|
||||
|
@ -565,18 +563,16 @@ defmodule Pleroma.Web.AdminAPI.UserControllerTest do
|
|||
|
||||
conn = get(conn, "/api/pleroma/admin/users?filters=local")
|
||||
|
||||
users =
|
||||
[
|
||||
user_response(user),
|
||||
user_response(admin, %{
|
||||
"roles" => %{"admin" => true, "moderator" => false}
|
||||
}),
|
||||
user_response(old_admin, %{
|
||||
"is_active" => true,
|
||||
"roles" => %{"admin" => true, "moderator" => false}
|
||||
})
|
||||
]
|
||||
|> Enum.sort_by(& &1["nickname"])
|
||||
users = [
|
||||
user_response(user),
|
||||
user_response(admin, %{
|
||||
"roles" => %{"admin" => true, "moderator" => false}
|
||||
}),
|
||||
user_response(old_admin, %{
|
||||
"is_active" => true,
|
||||
"roles" => %{"admin" => true, "moderator" => false}
|
||||
})
|
||||
]
|
||||
|
||||
assert json_response_and_validate_schema(conn, 200) == %{
|
||||
"count" => 3,
|
||||
|
@ -604,7 +600,6 @@ defmodule Pleroma.Web.AdminAPI.UserControllerTest do
|
|||
"is_approved" => true
|
||||
})
|
||||
end)
|
||||
|> Enum.sort_by(& &1["nickname"])
|
||||
|
||||
assert result == %{"count" => 2, "page_size" => 50, "users" => users}
|
||||
end
|
||||
|
@ -642,18 +637,16 @@ defmodule Pleroma.Web.AdminAPI.UserControllerTest do
|
|||
|
||||
conn = get(conn, "/api/pleroma/admin/users?filters=is_admin")
|
||||
|
||||
users =
|
||||
[
|
||||
user_response(admin, %{
|
||||
"is_active" => true,
|
||||
"roles" => %{"admin" => true, "moderator" => false}
|
||||
}),
|
||||
user_response(second_admin, %{
|
||||
"is_active" => true,
|
||||
"roles" => %{"admin" => true, "moderator" => false}
|
||||
})
|
||||
]
|
||||
|> Enum.sort_by(& &1["nickname"])
|
||||
users = [
|
||||
user_response(second_admin, %{
|
||||
"is_active" => true,
|
||||
"roles" => %{"admin" => true, "moderator" => false}
|
||||
}),
|
||||
user_response(admin, %{
|
||||
"is_active" => true,
|
||||
"roles" => %{"admin" => true, "moderator" => false}
|
||||
})
|
||||
]
|
||||
|
||||
assert json_response_and_validate_schema(conn, 200) == %{
|
||||
"count" => 2,
|
||||
|
@ -693,13 +686,11 @@ defmodule Pleroma.Web.AdminAPI.UserControllerTest do
|
|||
|> get(user_path(conn, :index), %{actor_types: ["Person"]})
|
||||
|> json_response_and_validate_schema(200)
|
||||
|
||||
users =
|
||||
[
|
||||
user_response(admin, %{"roles" => %{"admin" => true, "moderator" => false}}),
|
||||
user_response(user1),
|
||||
user_response(user2)
|
||||
]
|
||||
|> Enum.sort_by(& &1["nickname"])
|
||||
users = [
|
||||
user_response(user2),
|
||||
user_response(user1),
|
||||
user_response(admin, %{"roles" => %{"admin" => true, "moderator" => false}})
|
||||
]
|
||||
|
||||
assert response == %{"count" => 3, "page_size" => 50, "users" => users}
|
||||
end
|
||||
|
@ -716,14 +707,12 @@ defmodule Pleroma.Web.AdminAPI.UserControllerTest do
|
|||
|> get(user_path(conn, :index), %{actor_types: ["Person", "Service"]})
|
||||
|> json_response_and_validate_schema(200)
|
||||
|
||||
users =
|
||||
[
|
||||
user_response(admin, %{"roles" => %{"admin" => true, "moderator" => false}}),
|
||||
user_response(user1),
|
||||
user_response(user2),
|
||||
user_response(user_service, %{"actor_type" => "Service"})
|
||||
]
|
||||
|> Enum.sort_by(& &1["nickname"])
|
||||
users = [
|
||||
user_response(user2),
|
||||
user_response(user1),
|
||||
user_response(user_service, %{"actor_type" => "Service"}),
|
||||
user_response(admin, %{"roles" => %{"admin" => true, "moderator" => false}})
|
||||
]
|
||||
|
||||
assert response == %{"count" => 4, "page_size" => 50, "users" => users}
|
||||
end
|
||||
|
@ -752,12 +741,10 @@ defmodule Pleroma.Web.AdminAPI.UserControllerTest do
|
|||
|
||||
conn = get(conn, "/api/pleroma/admin/users?tags[]=first&tags[]=second")
|
||||
|
||||
users =
|
||||
[
|
||||
user_response(user1, %{"tags" => ["first"]}),
|
||||
user_response(user2, %{"tags" => ["second"]})
|
||||
]
|
||||
|> Enum.sort_by(& &1["nickname"])
|
||||
users = [
|
||||
user_response(user2, %{"tags" => ["second"]}),
|
||||
user_response(user1, %{"tags" => ["first"]})
|
||||
]
|
||||
|
||||
assert json_response_and_validate_schema(conn, 200) == %{
|
||||
"count" => 2,
|
||||
|
@ -781,8 +768,8 @@ defmodule Pleroma.Web.AdminAPI.UserControllerTest do
|
|||
"count" => 2,
|
||||
"page_size" => 50,
|
||||
"users" => [
|
||||
%{"id" => ^admin_id},
|
||||
%{"id" => ^user_id}
|
||||
%{"id" => ^user_id},
|
||||
%{"id" => ^admin_id}
|
||||
]
|
||||
} = json_response_and_validate_schema(conn, 200)
|
||||
end
|
||||
|
@ -921,7 +908,8 @@ defmodule Pleroma.Web.AdminAPI.UserControllerTest do
|
|||
"is_approved" => true,
|
||||
"url" => user.ap_id,
|
||||
"registration_reason" => nil,
|
||||
"actor_type" => "Person"
|
||||
"actor_type" => "Person",
|
||||
"created_at" => CommonAPI.Utils.to_masto_date(user.inserted_at)
|
||||
}
|
||||
|> Map.merge(attrs)
|
||||
end
|
||||
|
|
|
@ -151,9 +151,9 @@ defmodule Pleroma.Web.AdminAPI.SearchTest do
|
|||
|
||||
{:ok, [^user_service], 1} = Search.user(%{actor_types: ["Service"]})
|
||||
{:ok, [^user_application], 1} = Search.user(%{actor_types: ["Application"]})
|
||||
{:ok, [^user1, ^user2], 2} = Search.user(%{actor_types: ["Person"]})
|
||||
{:ok, [^user2, ^user1], 2} = Search.user(%{actor_types: ["Person"]})
|
||||
|
||||
{:ok, [^user_service, ^user1, ^user2], 3} =
|
||||
{:ok, [^user2, ^user1, ^user_service], 3} =
|
||||
Search.user(%{actor_types: ["Person", "Service"]})
|
||||
end
|
||||
|
||||
|
|
47
test/pleroma/web/plugs/user_is_staff_plug_test.exs
Normal file
47
test/pleroma/web/plugs/user_is_staff_plug_test.exs
Normal file
|
@ -0,0 +1,47 @@
|
|||
# Pleroma: A lightweight social networking server
|
||||
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
|
||||
# SPDX-License-Identifier: AGPL-3.0-only
|
||||
|
||||
defmodule Pleroma.Web.Plugs.UserIsStaffPlugTest do
|
||||
use Pleroma.Web.ConnCase, async: true
|
||||
|
||||
alias Pleroma.Web.Plugs.UserIsStaffPlug
|
||||
import Pleroma.Factory
|
||||
|
||||
test "accepts a user that is an admin" do
|
||||
user = insert(:user, is_admin: true)
|
||||
|
||||
conn = assign(build_conn(), :user, user)
|
||||
|
||||
ret_conn = UserIsStaffPlug.call(conn, %{})
|
||||
|
||||
assert conn == ret_conn
|
||||
end
|
||||
|
||||
test "accepts a user that is a moderator" do
|
||||
user = insert(:user, is_moderator: true)
|
||||
|
||||
conn = assign(build_conn(), :user, user)
|
||||
|
||||
ret_conn = UserIsStaffPlug.call(conn, %{})
|
||||
|
||||
assert conn == ret_conn
|
||||
end
|
||||
|
||||
test "denies a user that isn't a staff member" do
|
||||
user = insert(:user)
|
||||
|
||||
conn =
|
||||
build_conn()
|
||||
|> assign(:user, user)
|
||||
|> UserIsStaffPlug.call(%{})
|
||||
|
||||
assert conn.status == 403
|
||||
end
|
||||
|
||||
test "denies when a user isn't set" do
|
||||
conn = UserIsStaffPlug.call(build_conn(), %{})
|
||||
|
||||
assert conn.status == 403
|
||||
end
|
||||
end
|
Loading…
Reference in a new issue