Commit graph

782 commits

Author SHA1 Message Date
FloatingGhost
bab1ab5b6c strip \r and \r from content-disposition filenames 2022-11-10 11:54:12 +00:00
floatingghost
cc6a076202 Include requested_by in relationship (#260)
Co-authored-by: FloatingGhost <hannah@coffee-and-dreams.uk>
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/260
2022-11-10 03:16:32 +00:00
FloatingGhost
479aacb1b6 Add fallback for reports that don't have attached activities 2022-11-08 11:01:47 +00:00
FloatingGhost
a0b8e3c842 Don't mess with the cache on metadata update 2022-11-08 10:39:01 +00:00
FloatingGhost
7bbaa8f8e0 automatically trim loading *. prefixes on domain blocks 2022-11-07 22:33:18 +00:00
floatingghost
31ad09010e Fix regex usage in MRF (#254)
fixes #235
fixes #228

Co-authored-by: FloatingGhost <hannah@coffee-and-dreams.uk>
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/254
2022-11-06 23:50:32 +00:00
floatingghost
b7e8ce2350 Scrape instance nodeinfo (#251)
Co-authored-by: FloatingGhost <hannah@coffee-and-dreams.uk>
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/251
2022-11-06 22:49:39 +00:00
Thomas Citharel
4d0a51221a
Fix typo in CSP Report-To header name
The header name was Report-To, not Reply-To.

In any case, that's now being changed to the Reporting-Endpoints HTTP
Response Header.
https://w3c.github.io/reporting/#header
https://github.com/w3c/reporting/issues/177

CanIUse says the Report-To header is still supported by current Chrome
and friends.
https://caniuse.com/mdn-http_headers_report-to

It doesn't have any data for the Reporting-Endpoints HTTP header, but
this article says Chrome 96 supports it.
https://web.dev/reporting-api/

(Even though that's come out one year ago, that's not compatible with
Network Error Logging which's still using the Report-To version of the
API)

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2022-11-04 15:02:13 +01:00
floatingghost
9038da01cc Merge pull request 'Push.Impl: support edits' (#244) from norm/akkoma:push-support-edits into develop
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/244
2022-11-01 15:14:08 +00:00
floatingghost
d5bbc3eeb2 Merge pull request 'fix flaky test filter_controller_test.exs:200' (#239) from ilja/akkoma:fix_flaky_filter_controller_test.exs_200 into develop
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/239
2022-11-01 14:42:43 +00:00
ilja
f1dfd76b98 Fix rate_limiter_test.exs test "it restricts based on config values" (#233)
Fixes one of the 'erratic' tests

It used a timer to sleep.
But time also goes on when doing other things, so depending on hardware, the timings could be off.
I slightly changed the tests so we still test what we functionally want.
Instead of waiting until the cache expires I now have a function to expire the test and use that.

That means we're not testing any more if the cache really expires after a certain amount of time,
but that's the responsability of the dependency imo, so shouldn't be a problem.

I also changed `Pleroma.Web.Endpoint, :http, :ip` in the tests to `127.0.0.1`
Currently it was set to 8.8.8.8, but I see no reason for that and, while I assume that no calls
are made to it, it may come over as weird or suspicious to people.

Co-authored-by: Ilja <ilja@ilja.space>
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/233
Co-authored-by: ilja <akkoma.dev@ilja.space>
Co-committed-by: ilja <akkoma.dev@ilja.space>
2022-11-01 14:25:54 +00:00
FloatingGhost
1bb8b76311 Fix tests in ldap registration 2022-11-01 14:21:35 +00:00
marcin mikołajczak
6486211064
Push.Impl: support edits
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
2022-10-28 01:20:19 -04:00
Ilja
a59d310982 fix flaky test filter_controller_test.exs:200 2022-10-23 13:07:02 +02:00
floatingghost
f36d14818d Unilateral remove from followers (#232)
from https://git.pleroma.social/pleroma/pleroma/-/merge_requests/3647/

Co-authored-by: marcin mikołajczak <git@mkljczk.pl>
Co-authored-by: Tusooa Zhu <tusooa@kazv.moe>
Co-authored-by: FloatingGhost <hannah@coffee-and-dreams.uk>
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/232
2022-10-19 10:01:14 +00:00
FloatingGhost
03662501c3 Check that the signature matches the creator 2022-10-14 11:48:32 +01:00
floatingghost
c6e63aaf6b Backend settings sync (#226)
Co-authored-by: FloatingGhost <hannah@coffee-and-dreams.uk>
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/226
2022-10-06 16:22:15 +00:00
Norm
561e1f2470 Make backups require its own scope (#218)
Pulled from https://git.pleroma.social/pleroma/pleroma/-/merge_requests/3721.

This makes backups require its own scope (`read:backups`) instead of the `read:accounts` scope.

Co-authored-by: Tusooa Zhu <tusooa@kazv.moe>
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/218
Co-authored-by: Norm <normandy@biribiri.dev>
Co-committed-by: Norm <normandy@biribiri.dev>
2022-09-19 17:31:35 +00:00
Hélène
8683252fc5 Metadata/Utils: use summary as description if set
When generating OpenGraph and TwitterCard metadata for a post, the
summary field will be used first if it is set to generate the post
description.
2022-09-11 19:55:38 +01:00
Hélène
0b14f02ed2 User: generate private keys on user creation
This fixes a race condition bug where keys could be regenerated
post-federation, causing activities and HTTP signatures from an user to
be dropped due to key differences.
2022-09-11 19:54:37 +01:00
Hélène
e88f36f72b ObjectView: do not fetch an object for its ID
Non-Create/Listen activities had their associated object field
normalized and fetched, but only to use their `id` field, which is both
slow and redundant. This also failed on Undo activities, which delete
the associated object/activity in database.

Undo activities will now render properly and database loads should
improve ever so slightly.
2022-09-11 19:52:59 +01:00
Norm
a6d85003fe Remote interaction with posts (#198)
Grabbed from https://git.pleroma.social/pleroma/pleroma/-/merge_requests/3587

Co-authored-by: Tusooa Zhu <tusooa@kazv.moe>
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/198
Co-authored-by: Norm <normandy@biribiri.dev>
Co-committed-by: Norm <normandy@biribiri.dev>
2022-09-08 10:19:22 +00:00
floatingghost
2641dcdd15 Post editing (#202)
Rebased from #103

Co-authored-by: Tusooa Zhu <tusooa@kazv.moe>
Co-authored-by: FloatingGhost <hannah@coffee-and-dreams.uk>
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/202
2022-09-06 19:24:02 +00:00
FloatingGhost
6c80977b06 turn inlineQuotePolicy on by default 2022-09-05 17:22:33 +01:00
FloatingGhost
f6304cfd78 add extra tests for builder 2022-09-05 01:24:40 +01:00
floatingghost
1b826eea54 Allow reacting with remote emoji when they exist on the post (#200)
Co-authored-by: FloatingGhost <hannah@coffee-and-dreams.uk>
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/200
2022-09-04 23:31:41 +00:00
floatingghost
8e4de118c1 Don't persist local undone follow (#194)
same deal but backwards this time

Co-authored-by: FloatingGhost <hannah@coffee-and-dreams.uk>
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/194
2022-08-31 18:00:36 +00:00
floatingghost
decbca0c91 add seperate source and dest entries in language listing (#193)
Co-authored-by: FloatingGhost <hannah@coffee-and-dreams.uk>
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/193
2022-08-30 16:59:33 +00:00
floatingghost
df39cab9c1 Automatic status translation (#187)
Fixes #115

Co-authored-by: FloatingGhost <hannah@coffee-and-dreams.uk>
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/187
2022-08-29 19:42:22 +00:00
Tusooa Zhu
95e4018c1a Disconnect streaming sessions when token is revoked
Use Websockex to replace websocket_client

Test that server will disconnect websocket upon token revocation

Lint

Execute session disconnect in background

Refactor streamer test

allow multi-streams

rebase websocket change
2022-08-27 19:07:48 +01:00
floatingghost
772c209914 GTS: cherry-picks and collection usage (#186)
https://git.pleroma.social/pleroma/pleroma/-/merge_requests/3725?commit_id=61254111e59f02118cad15de49d1e0704c07030e

what is this, a yoink of a yoink? good times

Co-authored-by: Hélène <pleroma-dev@helene.moe>
Co-authored-by: FloatingGhost <hannah@coffee-and-dreams.uk>
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/186
2022-08-27 18:05:48 +00:00
FloatingGhost
85137f591f Add ability to obfuscate domains in MRF transparency 2022-08-27 11:57:57 +01:00
floatingghost
e4f2251e0f Add support for setting language in instance metadata (#183)
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/183
2022-08-25 16:11:21 +00:00
floatingghost
618cf7ff7f reuse valid oauth tokens (#182)
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/182
2022-08-25 14:37:51 +00:00
floatingghost
92ba2802fb generate-keys-at-registration-time (#181)
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/181
2022-08-24 14:36:33 +00:00
FloatingGhost
8d7b63a766 Revert "Fix oauth2 (for real) (#179)"
This reverts commit aa681d7e15.
2022-08-21 17:52:02 +01:00
floatingghost
aa681d7e15 Fix oauth2 (for real) (#179)
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/179
2022-08-21 16:24:37 +00:00
FloatingGhost
b0130bfa7b Revert "oauth2 fixes (#177)"
This reverts commit 429e2ac832.
2022-08-21 16:22:15 +01:00
floatingghost
d72f9e39d9 add visibility check on quote (#178)
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/178
2022-08-21 15:17:01 +00:00
floatingghost
429e2ac832 oauth2 fixes (#177)
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/177
2022-08-21 14:46:52 +00:00
floatingghost
e9f1897cfd parser MFM server-side (#172)
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/172
2022-08-18 03:14:48 +00:00
floatingghost
aaf78e2b52 only put linked mfm in source (#171)
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/171
2022-08-17 09:35:11 +00:00
floatingghost
11ec9daa5b API compatibility with fedibird, frontend config (#163)
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/163
2022-08-17 00:22:59 +00:00
FloatingGhost
967c325b0d fix tests 2022-08-11 19:21:43 +01:00
floatingghost
1245141779 treat rejections in MRF as a reject in federator (#155)
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/155
2022-08-08 15:47:57 +00:00
Hélène
b3e4d81362 StatusView: implement pleroma.context field
This field replaces the now deprecated conversation_id field, and now
exposes the ActivityPub object `context` directly via the MastoAPI
instead of relying on StatusNet-era data concepts.
2022-08-07 20:48:08 +01:00
Hélène
b9bb093600 StatusView: clear MSB on calculated conversation_id
This field seems to be a left-over from the StatusNet era.
If your application uses `pleroma.conversation_id`: this field is
deprecated.

It is currently stubbed instead by doing a CRC32 of the context, and
clearing the MSB to avoid overflow exceptions with signed integers on
the different clients using this field (Java/Kotlin code, mostly; see
Husky and probably other mobile clients.)

This should be removed in a future version of Pleroma. Pleroma-FE
currently depends on this field, as well.
2022-08-07 20:47:59 +01:00
floatingghost
62e179f446 make conversation-id deterministic (#154)
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/154
2022-08-06 20:59:15 +00:00
floatingghost
ec162b496b /notice signing checks on redirect (#150)
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/150
2022-08-05 19:31:32 +00:00
floatingghost
0ec3a11895 don't persist undo of follows (#149)
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/149
2022-08-05 13:28:56 +00:00
Hélène
c1e15ff6f8 Transmogrifier: fix reply context fixing
Incoming Pleroma replies to a Misskey thread were rejected due to a
broken context fix, which caused them to not be visible until a
non-Pleroma user interacted with the replies.

This fix properly sets the post-fix object context to its parent Create
activity as well, if it was changed.
2022-08-04 12:57:48 +01:00
floatingghost
456c97fda9 Merge pull request 'remove unneeded function' (#143) from compile-fix into develop
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/143
2022-08-03 11:12:05 +00:00
FloatingGhost
359510eebc remove unneeded function 2022-08-03 11:50:48 +01:00
Tusooa Zhu
f08241c8ab
Allow users to create backups without providing email address
Ref: backup-without-email
2022-08-02 22:16:54 -04:00
floatingghost
c9600dbbbf local-only-fixed (#138)
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/138
2022-08-02 14:46:46 +00:00
floatingghost
ca000f8301 Merge mrf_simple-reject with quarantine (#137)
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/137
2022-08-02 14:19:24 +00:00
Joel Beckmeyer
e26388a01c Support reaching user@sub.domain.tld at user@domain.tld (#134)
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/134
Co-authored-by: Joel Beckmeyer <joel@beckmeyer.us>
Co-committed-by: Joel Beckmeyer <joel@beckmeyer.us>
2022-08-02 13:54:22 +00:00
floatingghost
c3eea8dc7d expose bubble instances via nodeinfo (#136)
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/136
2022-08-02 09:11:22 +00:00
floatingghost
19a27ff006 allow small/center tags in misskeymarkdown (#132)
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/132
2022-08-01 12:46:52 +00:00
Yukkuri
38659e5610 Use uppercase HTTP HEAD method for media preview proxy request (#128)
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/128
Co-authored-by: Yukkuri <iamtakingiteasy@eientei.org>
Co-committed-by: Yukkuri <iamtakingiteasy@eientei.org>
2022-07-30 21:58:14 +00:00
floatingghost
405406601f Fix emoji qualification (#124)
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/124
2022-07-28 12:02:36 +00:00
floatingghost
645f0390bc Prepare for ubuntu22 murdering openssl (#120)
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/120
2022-07-27 21:48:13 +00:00
floatingghost
a3501cab86 ensure quote fetching obeys max thread distance (#119)
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/119
2022-07-26 17:28:47 +00:00
FloatingGhost
0a55c37182 don't error out if the featured collection has a string ID 2022-07-26 15:08:35 +01:00
floatingghost
1f6deb0ef4 include local instance in bubble timeline (#117)
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/117
2022-07-26 12:22:49 +00:00
floatingghost
90c4785b89 remove public post quarantine exception (#114)
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/114
2022-07-26 11:09:13 +00:00
floatingghost
1419eee5df Quote posting (#113)
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/113
2022-07-25 16:30:06 +00:00
floatingghost
4c47992686 bugfix/follow-state (#104)
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/104
2022-07-23 18:58:45 +00:00
floatingghost
cb6e7359af add bubble timeline (#100)
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/100
2022-07-22 14:55:38 +00:00
floatingghost
0c542e58aa Remove instrumentors (#98)
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/98
2022-07-21 11:32:17 +00:00
FloatingGhost
0f132b802d purge chat and shout endpoints 2022-07-21 11:29:28 +01:00
floatingghost
07ea4d73e1 update mastofe paths (#95)
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/95
2022-07-20 20:13:50 +00:00
FloatingGhost
e35dced9c8 remove chat enabled feature 2022-07-20 15:46:41 +01:00
floatingghost
729f45ccd2 purge ldap authenticator (#92)
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/92
2022-07-20 12:49:13 +00:00
floatingghost
dc9f66749c remove all endpoints marked as deprecated (#91)
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/91
2022-07-20 12:00:58 +00:00
FloatingGhost
cf0ad02ea9 Remove scrobbling support 2022-07-19 15:07:45 +01:00
floatingghost
54ed8760ff Merge branch 'from/upstream-develop/tusooa/server-announcements' into 'develop' (#85)
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/85
2022-07-18 13:08:36 +00:00
floatingghost
5b4d77eaa7 maintenance: dependency upgrade (#81)
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/81
2022-07-18 00:56:35 +00:00
Tusooa Zhu
4c5bc3e9f7 Pass remote follow avatar into media proxy 2022-07-12 15:44:38 -04:00
floatingghost
8215434c65 also resolve @full@tags in mfm (#62)
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/62
2022-07-11 13:48:43 +00:00
floatingghost
ff6c8455fb [#58] ensure all users are linked in MFM content (#61)
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/61
2022-07-11 11:48:29 +00:00
floatingghost
5ad256f170 [#58] pre-link MFM content (#59)
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/59
2022-07-10 17:06:25 +00:00
floatingghost
82fa766ed7 Remove precompiled javascript (#55)
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/55
2022-07-08 13:03:18 +00:00
floatingghost
bc6bfe383f Add configurable theme color (#53)
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/53
2022-07-06 20:00:43 +00:00
sfr
058bf96798 implement Move activities (#45)
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/45
Co-authored-by: sfr <sol@solfisher.com>
Co-committed-by: sfr <sol@solfisher.com>
2022-07-04 16:29:39 +00:00
FloatingGhost
0a3a552696 Add support for a first reference in pinned objects 2022-07-03 17:25:20 +01:00
FloatingGhost
4da9a12bf8 Add test for friendica featured collection 2022-07-03 16:59:12 +01:00
floatingghost
a40bf8be5e Update eblurhash to a non-bugged version (#34)
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/34
2022-07-02 14:05:32 +00:00
floatingghost
3f7c64f30b Fix broken attachments from owncast (#31)
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/31
2022-07-01 11:14:55 +00:00
FloatingGhost
1ecdb19de5 Refactor ES on top of search behaviour 2022-06-30 16:28:31 +01:00
Hélène
8f140deb8f StealEmojiPolicy: fix String rejected_shortcodes
* rejected_shortcodes is defined as a list of strings in the
  configuration description. As such, database-based configuration was
  led to handle those settings as strings, and not as the actually
  expected type, Regex.
* This caused each message passing through this MRF, if a rejected
  shortcode was set and the emoji did not exist already on the instance,
  to fail federating, as an exception was raised, swiftly caught and
  mostly silenced.
* This commit fixes the issue by introducing new behavior: strings are
  now handled as perfect matches for an emoji shortcode (meaning that if
  the emoji-to-be-pulled's shortcode is in the blacklist, it will be
  rejected), while still supporting Regex types as before.
2022-06-29 20:47:45 +01:00
Ilja
661d0ba481 Also use actor_type to determine if an account is a bot in antiFollowbotPolicy 2022-06-29 20:47:44 +01:00
Tusooa Zhu
33d821256e Fix incorrect fallback when English is set to first language 2022-06-29 20:47:10 +01:00
Ilja
e3107fee98 Fix eratic test for POST /api/pleroma/admin/reports/:id/notes
It retrieved two ReportNotes and then checked one of them. But the order isn't guaranteed, while the test tested on the content of the first ReportNote.

I made the test on the content more generic
2022-06-29 20:47:10 +01:00
Tusooa Zhu
2df25e6666 Support fallbacking to other languages 2022-06-29 20:47:10 +01:00
Tusooa Zhu
fcfb5a4967 Lint 2022-06-29 20:47:10 +01:00
Tusooa Zhu
07bd35227a Support multiple locales from userLanguage cookie 2022-06-29 20:47:10 +01:00
Tusooa Zhu
fa95bc8725 Support multiple locales formally
elixir gettext current does not fully support fallback to another language [0].
But it might in the future. We adapt it so that all languages in Accept-Language
headers are received by Pleroma.Web.Gettext. User.languages is now a comma-separated
list.

[0]: https://github.com/elixir-gettext/gettext/issues/303
2022-06-29 20:47:10 +01:00
Tusooa Zhu
ff0bb3a3ac Add test for fallbacking to a general language 2022-06-29 20:47:10 +01:00
Tusooa Zhu
ef73f61b07 Fallback to a variant if the language in general is not supported
For an example, here, zh is not supported, but zh_Hans and zh_Hant
are. If the user asks for zh, we should choose a variant for them
instead of fallbacking to default.

Some browsers (e.g. Firefox) does not allow users to customize
their language codes. For example, there is no zh-Hans, but only
zh, zh-CN, zh-TW, zh-HK, etc. This provides a workaround for
those users suffering from bad design decisions.
2022-06-29 20:47:10 +01:00