Commit graph

7839 commits

Author SHA1 Message Date
lain
477c6c8e55 Merge branch 'auth-improvements' into 'develop'
Cookie auth rework / Auth subsystem refactoring and tweaks

Closes pleroma/secteam/pleroma#3

See merge request pleroma/pleroma!3112
2020-12-09 15:55:45 +00:00
lain
1436a2fa2d Merge branch 'stream-follow-updates' into 'develop'
Stream follow updates

Closes #2299

See merge request pleroma/pleroma!3183
2020-12-09 15:52:31 +00:00
lain
e73d878b38 Merge branch 'feat/warn-large-pool-size' into 'develop'
Add a startup error for modified Repo pool_size

See merge request pleroma/pleroma!3190
2020-12-08 16:36:51 +00:00
lain
50d16a9e27 ApplicationRequirements: Add test, more text for pool size. 2020-12-08 17:30:10 +01:00
lain
5b9b7b4888 Apply 1 suggestion(s) to 1 file(s) 2020-12-08 16:16:43 +00:00
Mark Felder
fb3fd692c6 Add a startup error for modified Repo pool_size 2020-12-07 16:44:55 -06:00
Haelwenn (lanodan) Monnier
1403798820
instance.reachable?: Limit to binary input 2020-12-07 21:20:44 +01:00
Haelwenn (lanodan) Monnier
e1a2e8b17c
instance: Do not fetch unreachable instances
Closes: https://git.pleroma.social/pleroma/pleroma/-/issues/2346
2020-12-07 20:11:47 +01:00
Ivan Tashkinov
c8e7ace812 Merge remote-tracking branch 'remotes/origin/develop' into auth-improvements
# Conflicts:
#	CHANGELOG.md
2020-12-07 21:45:04 +03:00
lain
ed76323776 Merge branch 'feature/configdb-mix-tasks' into 'develop'
Add mix tasks to give additional ConfigDB recovery and debugging options

See merge request pleroma/pleroma!3174
2020-12-07 18:06:06 +00:00
Mark Felder
93428d7c11 Print out settings that will be removed when specifying the group and key for consistency
Fix error message when specified key doesn't exist
2020-12-07 11:45:56 -06:00
Mark Felder
61494b5245 Formatting 2020-12-07 11:22:07 -06:00
feld
d817bae802 Apply 1 suggestion(s) to 1 file(s) 2020-12-07 17:13:29 +00:00
Ivan Tashkinov
e00c667145 [#3174] Refactoring: ConfigDB fetching functions, ConfigDB tests.
Minor fixes.
2020-12-06 18:02:30 +03:00
Ivan Tashkinov
a010c5b16a Merge remote-tracking branch 'remotes/origin/develop' into auth-improvements 2020-12-06 13:59:35 +03:00
Ivan Tashkinov
e9859b68fc [#3112] Ensured presence and consistency of :user and :token assigns (EnsureUserTokenAssignsPlug). Refactored auth info dropping functions. 2020-12-06 13:59:10 +03:00
Mark Felder
50aadc3d5c shell_yes?/1 was not showing the correct message and always defaults to yes which is dangerous 2020-12-04 11:49:56 -06:00
feld
6adad96c79 Merge branch 'issue/2256' into 'develop'
[#2256] added subject actor to moderation log

See merge request pleroma/pleroma!3164
2020-12-04 17:49:05 +00:00
Mark Felder
9dfda37821 More compact representation 2020-12-04 11:37:49 -06:00
Mark Felder
3bf5c5b015 Ensure deleting entire group prints out settings that will be removed before actually removing them 2020-12-04 11:30:48 -06:00
Mark Felder
696d39c3dc Fix deleting an entire group. Also utilize Pleroma.ConfigDB.delete/1 2020-12-04 11:19:58 -06:00
Mark Felder
685e5c8509 Use Pleroma.ConfigDB.delete/1 instead of rolling our own 2020-12-04 11:09:13 -06:00
Mark Felder
4aad066091 Use Enum.any? to ensure we return true if there are results 2020-12-04 11:04:53 -06:00
rinpatch
1d04bd0894 Merge branch 'supported-emojos' into 'develop'
Update Emoji support to unicode 13.1, support all RGI emoji.

See merge request pleroma/pleroma!3186
2020-12-03 18:29:42 +00:00
Alexander Strizhakov
a02eb88396
config_db search methods 2020-12-03 19:34:23 +03:00
Mark Felder
7fd4f4908b dump_key/2 no longer used 2020-12-03 10:03:44 -06:00
feld
60c4ac0f70 Apply 6 suggestion(s) to 1 file(s) 2020-12-03 16:03:14 +00:00
Mark Felder
95e908e4e2 Credo 2020-12-03 09:58:24 -06:00
lain
fa0d0b602f Emoji: Also accept regional indicators 2020-12-03 16:17:39 +01:00
Mark Felder
16bdc2bcd0 Make the --force flag for reset command consistent with the others and deduplicate db truncation 2020-12-02 16:34:23 -06:00
Mark Felder
e379ab8277 Add --force flag for delete and reset commands
Bunch of reorganization and consolidation
2020-12-02 16:24:32 -06:00
Mark Felder
20a911f9f7 Add comment for this mysterious behavior 2020-12-02 14:25:07 -06:00
Mark Felder
25fab7da69 No need for a separate functions here 2020-12-02 14:20:11 -06:00
Mark Felder
13947999ad Use a callback strategy to short circuit the functions and print a nice error 2020-12-02 12:33:34 -06:00
Mark Felder
a7b5280b5b Centralize check that configdb is enabled which now raises an exception 2020-12-02 10:43:22 -06:00
Mark Felder
53a5ec1952 Left public during debugging 2020-12-02 10:43:22 -06:00
Mark Felder
5135a8189f Use inspect instead of faking the output 2020-12-02 10:43:22 -06:00
Mark Felder
6334ba9ad3 Remove unnecessary keys command 2020-12-02 10:43:22 -06:00
Mark Felder
d0cb73527f Ensure scary warning starts on a new line 2020-12-02 10:43:22 -06:00
Mark Felder
0847e3e496 Print whole config when resetting and include a scary looking message. 2020-12-02 10:43:22 -06:00
Mark Felder
d4320e0daf Both are really atoms 2020-12-02 10:43:22 -06:00
Mark Felder
4bdfcf1682 Transform strings to atoms for all cases, including when the atom is a module like Pleroma.Emails.Mailer 2020-12-02 10:43:22 -06:00
Mark Felder
3df115b2b0 Support atoms and strings as args to the mix task
Improve output. Show the user what will be deleted before the prompt.
2020-12-02 10:43:22 -06:00
Mark Felder
ae7d37de06 Fix deletion regression due to strings instead of atoms
Improve message after successful deletion
2020-12-02 10:43:22 -06:00
Mark Felder
c6a0ca2213 Improve dumping groups and specific keys; add prompts for delete and reset 2020-12-02 10:43:22 -06:00
Mark Felder
67437feafc Support listing groups, listing keys in a group, and dumping the config based on group or specific key in that group 2020-12-02 10:43:22 -06:00
Mark Felder
a51da3c1d8 Sort output by group
Not the best sorting, but better than nothing.
2020-12-02 10:43:22 -06:00
Mark Felder
ada073f251 Rename keys to groups 2020-12-02 10:43:22 -06:00
Mark Felder
e8a4062d9d Document how to delete individual configuration groups and completely reset the config without SQL 2020-12-02 10:43:22 -06:00
Mark Felder
a82ba66662 Better deletion message 2020-12-02 10:43:22 -06:00
Mark Felder
6dcc36baa9 Add mix tasks to give additional recovery and debugging options
- pleroma.config dump: prints the entire config as it would be exported to the filesystem
- pleroma.config dump KEY: prints the configuration under a specific ConfigDB key in the database
- pleroma.config keylist: lists the available keys in ConfigDB
- pleroma.config keydel KEY: deletes ConfigDB entry stored under the key

This should prevent the need for users to manually execute SQL queries.
2020-12-02 10:43:22 -06:00
lain
8fb259e739 Emoji: Only accept RGI emoji.
"recommended for general interchange"
2020-12-02 16:46:19 +01:00
Egor Kislitsyn
c9afb350e7
Document follow relationship updates and cleanup 2020-12-02 19:16:36 +04:00
lain
b6f5e9ac9c Emoji: Remove unused emoji-data.txt 2020-12-02 16:15:31 +01:00
lain
1adee08321 Emoji: Update to Unicode 13.1, switch base file, allow multichar. 2020-12-02 16:15:03 +01:00
lain
04af0bbe44 User: Remove left-over (wrong) fix. 2020-12-02 13:39:29 +01:00
lain
222312900e User: Don't allow local users in remote changesets 2020-12-02 12:18:43 +01:00
Egor Kislitsyn
35ba48494f
Stream follow updates 2020-12-02 00:18:58 +04:00
Ivan Tashkinov
d50a3345ae [#3112] Allowed revoking same-user token from any apps. Added tests. 2020-11-30 21:55:48 +03:00
Ivan Tashkinov
50e47a215f Merge remote-tracking branch 'remotes/origin/develop' into auth-improvements 2020-11-28 21:51:27 +03:00
Ivan Tashkinov
f1b07a2b2b OAuth form user remembering feature. Local MastoFE login / logout fixes. 2020-11-28 21:51:06 +03:00
Alexander Strizhakov
6aadb1cb40
digest algorithm is taken from header 2020-11-27 08:10:52 +03:00
Maksim Pechnikov
fb72f2034a fix spec 2020-11-25 22:44:27 +03:00
Mark Felder
751712d970 Prevent mix tasks from spewing any internal logging unless DEBUG is in the env
e.g., DEBUG=1 mix pleroma.config migrate_from_db
2020-11-25 12:52:39 -06:00
Ivan Tashkinov
62993db499 Merge remote-tracking branch 'remotes/origin/develop' into auth-improvements 2020-11-25 21:48:18 +03:00
Ivan Tashkinov
12a5981cc3 Session token setting on token exchange. Auth-related refactoring. 2020-11-25 21:47:23 +03:00
Alexander Strizhakov
5eef4988bf
fix for elixir 1.11
load runtime configs in releases with config provider
2020-11-25 14:10:24 +03:00
lain
67b15cc033 Search: Save detected pg version in a persistent term. 2020-11-23 15:29:55 +01:00
lain
f9a4cf2097 Merge branch 'develop' of git.pleroma.social:pleroma/pleroma into websearch 2020-11-23 15:18:19 +01:00
Ivan Tashkinov
489b12cde4 Merge remote-tracking branch 'remotes/origin/develop' into auth-improvements 2020-11-21 19:47:46 +03:00
Ivan Tashkinov
ccc2cf0e87 Session-based OAuth auth fixes (token expiration check), refactoring, tweaks. 2020-11-21 19:47:25 +03:00
Alex Gleason
30ed7b502f
Merge remote-tracking branch 'upstream/develop' into registration-workflow 2020-11-21 10:23:53 -06:00
feld
ecd1ef8cb5 Merge branch 'fix/2302-report-duplicates' into 'develop'
Fix for forwarded reports

Closes #2303 and #2302

See merge request pleroma/pleroma!3146
2020-11-20 18:40:15 +00:00
lain
e4289792d2 Linting. 2020-11-20 16:38:05 +01:00
lain
9a1e5f5d48 Search: Change search method based on detected pg version 2020-11-20 16:26:43 +01:00
lain
a407e33c78 Application: Save postgres version in the environment 2020-11-20 16:26:22 +01:00
Alexander Strizhakov
0a5b22bc3b
start limiters in mix tasks 2020-11-20 11:37:01 +03:00
feld
79a509ee61 Merge branch '2301-users-search-discoverability-fix' into 'develop'
[#2301] Proper handling of User.is_discoverable

Closes #2301

See merge request pleroma/pleroma!3162
2020-11-19 20:33:52 +00:00
feld
cd1b4155d5 Merge branch 'oban-jobs-to-simple-tasks' into 'develop'
Moving some background jobs into simple tasks

Closes #1790

See merge request pleroma/pleroma!3129
2020-11-19 20:32:32 +00:00
Maksim Pechnikov
66f411fba0 added subject actor to moderation log 2020-11-19 22:13:45 +03:00
Ivan Tashkinov
b27d8f7437 Merge remote-tracking branch 'remotes/origin/develop' into 2301-users-search-discoverability-fix
# Conflicts:
#	CHANGELOG.md
2020-11-19 19:35:44 +03:00
lain
5e04f4156c Merge branch 'develop' of git.pleroma.social:pleroma/pleroma into websearch 2020-11-19 17:32:57 +01:00
Ivan Tashkinov
e164c37139 [#2301] Proper handling of User.is_discoverable: users appear in in-service search but are hidden from external services like search bots. 2020-11-19 19:30:02 +03:00
Haelwenn
c8d11c3064 Merge branch '2317-old-reset-tokens' into 'develop'
Resolve "Don't allow old password reset tokens"

Closes #2317

See merge request pleroma/pleroma!3160
2020-11-19 16:22:14 +00:00
lain
8b90d62506 Search: Only skip ordering the rum index. 2020-11-19 16:29:31 +01:00
lain
a60242464e Search: Add option to search with the websearch function 2020-11-19 16:12:01 +01:00
Ivan Tashkinov
fcad3e716a [#2301] Quick fix: users with is_discoverable == false (default!) are included in search results. 2020-11-19 18:08:22 +03:00
Alexander Strizhakov
46dab37351
little fix 2020-11-19 15:29:26 +03:00
lain
5e2ba57327 Activity search: Fix order of results
Greatly speeds up the search for RUM.
2020-11-19 13:20:58 +01:00
lain
11e0d5f9ac Password Resets: Don't accept tokens above a certain age.
By default, one day
2020-11-19 12:27:06 +01:00
Alexander Strizhakov
8a8c154b4e
test fixes 2020-11-19 09:58:32 +03:00
Alexander Strizhakov
be0b874e1d
fix for mastodon forwarded reports 2020-11-19 09:53:14 +03:00
Alexander Strizhakov
e2bf6b1f7e
fix for forwarded reports 2020-11-19 09:53:13 +03:00
minibikini
6669ac5bf7 Merge branch 'develop' into 'hide-muted-reactions'
# Conflicts:
#   CHANGELOG.md
2020-11-18 20:22:40 +00:00
feld
a1056aace1 Merge branch 'fix/mix-task-user-delete_activities' into 'develop'
Fix mix pleroma.user delete_activities task

See merge request pleroma/pleroma!3156
2020-11-18 18:57:47 +00:00
lain
aae669d05e Merge branch 'fix/webpush-and-emojireact' into 'develop'
Push notifications: add pleroma:emoji_reaction, improve tests

Closes #2185

See merge request pleroma/pleroma!3141
2020-11-18 18:33:48 +00:00
lain
6b32e1de23 Merge branch 'frontend-admin-api' into 'develop'
Add an API to manage frontends

Closes #2238

See merge request pleroma/pleroma!3108
2020-11-18 17:51:57 +00:00
Maksim Pechnikov
9c5d1cb9ed fix tests 2020-11-18 09:58:51 +03:00
Maksim
25eb222bed Apply 1 suggestion(s) to 1 file(s) 2020-11-18 05:19:01 +00:00
Mark Felder
ccddedb504 Credo 2020-11-17 20:33:30 +00:00
Mark Felder
499faa82f6 Synchronize reaction notification text with PleromaFE's style 2020-11-17 20:22:24 +00:00
Mark Felder
5d0bc5e028 Support both pleroma:chat_mention and pleroma:emoji_reaction for /api/v1/push/subscription 2020-11-17 20:21:48 +00:00
Mark Felder
67a6abd071 Update OpenAPI spec/schema and test to verify support for pleroma:emoji_reaction subscriptions 2020-11-17 20:20:00 +00:00
Mark Felder
83ec2f1384 Allow subscribing for pleroma:emoji_reaction push notifications 2020-11-17 20:20:00 +00:00
Mark Felder
3ce11b830e Add capability for emoji reaction push notifications 2020-11-17 20:20:00 +00:00
lain
bb9650f3c2 FrontendController: Return error on installation error. 2020-11-17 16:43:07 +01:00
Mark Felder
97201f7e37 Need to start web_resp cache or mix task fails 2020-11-17 15:15:53 +00:00
feld
d33b9e7b33 Merge branch 'remove/fedsockets' into 'develop'
Remove FedSockets

See merge request pleroma/pleroma!3155
2020-11-17 14:58:33 +00:00
Egor Kislitsyn
f69fe36ebf
Merge branch 'develop' into frontend-admin-api 2020-11-17 18:34:04 +04:00
Egor Kislitsyn
79d2d3f609
Merge branch 'develop' into hide-muted-reactions 2020-11-17 18:29:52 +04:00
rinpatch
2c55f7d7cb Remove FedSockets
Current FedSocket implementation has a bunch of problems. It doesn't
have proper error handling (in case of an error the server just doesn't
respond until the connection is closed, while the client doesn't match
any error messages and just assumes there has been an error after 15s)
and the code is full of bad descisions (see: fetch registry which uses
uuids for no reason and waits for a response by recursively querying a
 ets table until the value changes, or double JSON encoding).

Sometime ago I almost completed rewriting fedsockets from scrach to
adress these issues. However, while doing so, I realized that fedsockets
 are just too overkill for what they were trying to accomplish, which is
 reduce the overhead of federation by not signing every message.
This could be done without reimplementing failure states and endpoint
 logic we already have with HTTP by, for example, using TLS cert auth,
or switching to a more performant signature algorithm. I opened
https://git.pleroma.social/pleroma/pleroma/-/issues/2262 for further
discussion on alternatives to fedsockets.

From discussions I had with other Pleroma developers it seems like they
 would approve the descision to remove them as well,
therefore I am submitting this patch.
2020-11-17 17:28:30 +03:00
lain
fec1ed802e Merge branch 'develop' of git.pleroma.social:pleroma/pleroma into feature/local-only-scope 2020-11-17 15:01:38 +01:00
lain
81293e5aad ActivityPubController: Don't return local only objects 2020-11-17 13:11:39 +01:00
Mark Felder
b1466661eb Use absolute URLs to thumbnail and background in /api/v1/instance 2020-11-16 21:29:15 +00:00
Maksim Pechnikov
e4b202d905 added test 2020-11-16 22:23:28 +03:00
Egor Kislitsyn
fb41bd1a85 Hide reactions from muted and blocked users 2020-11-16 22:50:14 +04:00
Maksim Pechnikov
e1d25bad0c fix tests 2020-11-16 21:45:37 +03:00
Alex Gleason
9546c1444c
Merge remote-tracking branch 'upstream/develop' into registration-workflow 2020-11-14 19:48:47 -06:00
Haelwenn
28da36975d Merge branch 'bugfix/instance-gen_exiftool' into 'develop'
pleroma.instance: Fix Exiftool module name

See merge request pleroma/pleroma!3143
2020-11-14 21:43:07 +00:00
Haelwenn (lanodan) Monnier
e2f573d68b
pleroma.instance: Fix Exiftool module name 2020-11-14 22:31:01 +01:00
Maksim Pechnikov
36ec604521 added test 2020-11-14 08:30:22 +03:00
lain
0d149502fe Merge branch 'fixes_2034_reports_should_send_a_notification_to_admins' into 'develop'
fixes 2034 Make notifs view work for reports

Closes #2034

See merge request pleroma/pleroma!2912
2020-11-13 13:35:47 +00:00
Ilja
70e4b86250 Make notifs view work for reports
* These are the first small steps for issue 2034 "Reports should send a notification to admins".
* I added a new type of notification "pleroma:report" to the the database manually (a migration will need to be written later)
* I added the new type to the notification_controller
* I made the view return the notification. It doesn't include the report itself (yet)
2020-11-13 13:35:46 +00:00
Maksim Pechnikov
1830b6aae5 added error messages for posix error code 2020-11-13 15:21:59 +03:00
rinpatch
6ca709816f Fix object spoofing vulnerability in attachments
Validate the content-type of the response when fetching an object,
according to https://www.w3.org/TR/activitypub/#x3-2-retrieving-objects.

content-type headers had to be added to many mocks in order to support
this, some of this was done with a regex. While I did go over the
resulting files to check I didn't modify anything unrelated, there is a
 possibility I missed something.

Closes pleroma#1948
2020-11-12 15:25:33 +03:00
Haelwenn
99bc175f02 Merge branch 'title-injection-change' into 'develop'
Title injection change

See merge request pleroma/pleroma!3132
2020-11-12 08:50:26 +00:00
Mark Felder
2156de2fee Ingest blurhash field during transmogrification 2020-11-11 13:39:02 -06:00
Mark Felder
2254e5e595 Render blurhashes in Mastodon API 2020-11-11 12:51:13 -06:00
Mark Felder
6fd72e9e85 Ingest blurhash for attachments if they were federated 2020-11-11 12:27:51 -06:00
Egor Kislitsyn
d26a449396
Change endpoint path 2020-11-11 20:39:57 +04:00
Egor Kislitsyn
435bf1f945
Remove FrontendInstallerWorker 2020-11-11 20:12:35 +04:00
lain
631def2df2 RedirectController: Don't replace title, but inject into the meta 2020-11-11 17:10:59 +01:00
Egor Kislitsyn
08cbd655d1
Merge branch 'develop' into frontend-admin-api 2020-11-11 19:53:40 +04:00
Alexander Strizhakov
8da9f919f8
little changes for MRF config descriptions
- log level reduction, if policy doesn't implement config_description method
- docs in dev.md
2020-11-11 18:49:15 +03:00
Egor Kislitsyn
af3f00292c
Fix formatting 2020-11-11 19:12:46 +04:00
Egor Kislitsyn
0118ccb53c
Add local visibility 2020-11-11 18:54:01 +04:00
feld
3cd7ea693f Merge branch 'feature/2222-config-descriptions-for-custom-modules' into 'develop'
Config descriptions for custom MRF policies

Closes #2222

See merge request pleroma/pleroma!3128
2020-11-11 13:48:03 +00:00
Alexander Strizhakov
8d218ebaf5
Moving some background jobs into simple tasks
- fetching activity data
- attachment prefetching
- using limiter to prevent overload
2020-11-11 13:39:49 +03:00
Alexander Strizhakov
f97f24b067
making credo happy and test fix 2020-11-11 10:48:03 +03:00
Alexander Strizhakov
efc27f6464
fix for adminFE
- revert UserAllowPolicy description
- MRF descriptions order
2020-11-11 10:10:57 +03:00
Alexander Strizhakov
485697d96c
config descriptions for custom MRF policies 2020-11-10 19:20:14 +03:00
lain
88f6b61a5e Merge branch '2260-wrong-report-link' into 'develop'
Resolve "Wrong user link in Report email"

Closes #2260

See merge request pleroma/pleroma!3121
2020-11-10 11:04:19 +00:00
lain
d77fd6b3d0 Merge branch 'fix/html-title-load' into 'develop'
Fix title on load of Pleroma HTML, fixes #2281

Closes #2281

See merge request pleroma/pleroma!3125
2020-11-10 10:05:15 +00:00
Alexander Strizhakov
0c68b9ac13
escaping summary and other fields in xml templates 2020-11-10 10:46:57 +03:00
Sean King
e4a21084f0 Fix title on load of Pleroma HTML 2020-11-08 16:16:20 -07:00
rinpatch
cc45c69fff Remove release_env
While taking a final look at instance.gen before releasing I noticed
that the release_env task outputs messages in broken english. Upon
further inspection it seems to have even more severe issues which, in
my opinion, warrant it's at least temporary removal:
- We do not explain what it actually does, anywhere. Neither the task
 docs nor instance.gen, nor installation instructions.
- It does not respect FHS on OTP releases (uses /opt/pleroma/config even
 though we store the config in /etc/pleroma/config.exs).
- It doesn't work on OTP releases, which is the main reason it exists.
Neither systemd nor openrc service files for OTP include it.
- It is not mentioned in install guides other than the ones for Debian
and OTP releases.
2020-11-08 11:56:09 +03:00
lain
294628d981 Merge branch 'feature/expire-mutes' into 'develop'
Expiring mutes for users and activities

Closes #1817

See merge request pleroma/pleroma!2971
2020-11-05 12:44:16 +00:00
lain
6d850c46dc AdminEmail: Use AP id as user url. 2020-11-04 17:12:47 +01:00
lain
7bbc328d66 Merge branch 'develop' of git.pleroma.social:pleroma/pleroma into stats-genserver-fix 2020-11-04 16:52:30 +01:00
lain
dd2b3a8da9 Merge branch 'develop' of git.pleroma.social:pleroma/pleroma into feature/expire-mutes 2020-11-04 16:51:42 +01:00