Merge branch 'develop' into match-file-name
# Conflicts: # lib/pleroma/web/media_proxy/media_proxy_controller.ex
This commit is contained in:
commit
1d906ffa82
70 changed files with 1770 additions and 737 deletions
403
CC-BY-NC-ND-4.0
403
CC-BY-NC-ND-4.0
|
@ -1,403 +0,0 @@
|
|||
Attribution-NonCommercial-NoDerivatives 4.0 International
|
||||
|
||||
=======================================================================
|
||||
|
||||
Creative Commons Corporation ("Creative Commons") is not a law firm and
|
||||
does not provide legal services or legal advice. Distribution of
|
||||
Creative Commons public licenses does not create a lawyer-client or
|
||||
other relationship. Creative Commons makes its licenses and related
|
||||
information available on an "as-is" basis. Creative Commons gives no
|
||||
warranties regarding its licenses, any material licensed under their
|
||||
terms and conditions, or any related information. Creative Commons
|
||||
disclaims all liability for damages resulting from their use to the
|
||||
fullest extent possible.
|
||||
|
||||
Using Creative Commons Public Licenses
|
||||
|
||||
Creative Commons public licenses provide a standard set of terms and
|
||||
conditions that creators and other rights holders may use to share
|
||||
original works of authorship and other material subject to copyright
|
||||
and certain other rights specified in the public license below. The
|
||||
following considerations are for informational purposes only, are not
|
||||
exhaustive, and do not form part of our licenses.
|
||||
|
||||
Considerations for licensors: Our public licenses are
|
||||
intended for use by those authorized to give the public
|
||||
permission to use material in ways otherwise restricted by
|
||||
copyright and certain other rights. Our licenses are
|
||||
irrevocable. Licensors should read and understand the terms
|
||||
and conditions of the license they choose before applying it.
|
||||
Licensors should also secure all rights necessary before
|
||||
applying our licenses so that the public can reuse the
|
||||
material as expected. Licensors should clearly mark any
|
||||
material not subject to the license. This includes other CC-
|
||||
licensed material, or material used under an exception or
|
||||
limitation to copyright. More considerations for licensors:
|
||||
wiki.creativecommons.org/Considerations_for_licensors
|
||||
|
||||
Considerations for the public: By using one of our public
|
||||
licenses, a licensor grants the public permission to use the
|
||||
licensed material under specified terms and conditions. If
|
||||
the licensor's permission is not necessary for any reason--for
|
||||
example, because of any applicable exception or limitation to
|
||||
copyright--then that use is not regulated by the license. Our
|
||||
licenses grant only permissions under copyright and certain
|
||||
other rights that a licensor has authority to grant. Use of
|
||||
the licensed material may still be restricted for other
|
||||
reasons, including because others have copyright or other
|
||||
rights in the material. A licensor may make special requests,
|
||||
such as asking that all changes be marked or described.
|
||||
Although not required by our licenses, you are encouraged to
|
||||
respect those requests where reasonable. More considerations
|
||||
for the public:
|
||||
wiki.creativecommons.org/Considerations_for_licensees
|
||||
|
||||
=======================================================================
|
||||
|
||||
Creative Commons Attribution-NonCommercial-NoDerivatives 4.0
|
||||
International Public License
|
||||
|
||||
By exercising the Licensed Rights (defined below), You accept and agree
|
||||
to be bound by the terms and conditions of this Creative Commons
|
||||
Attribution-NonCommercial-NoDerivatives 4.0 International Public
|
||||
License ("Public License"). To the extent this Public License may be
|
||||
interpreted as a contract, You are granted the Licensed Rights in
|
||||
consideration of Your acceptance of these terms and conditions, and the
|
||||
Licensor grants You such rights in consideration of benefits the
|
||||
Licensor receives from making the Licensed Material available under
|
||||
these terms and conditions.
|
||||
|
||||
|
||||
Section 1 -- Definitions.
|
||||
|
||||
a. Adapted Material means material subject to Copyright and Similar
|
||||
Rights that is derived from or based upon the Licensed Material
|
||||
and in which the Licensed Material is translated, altered,
|
||||
arranged, transformed, or otherwise modified in a manner requiring
|
||||
permission under the Copyright and Similar Rights held by the
|
||||
Licensor. For purposes of this Public License, where the Licensed
|
||||
Material is a musical work, performance, or sound recording,
|
||||
Adapted Material is always produced where the Licensed Material is
|
||||
synched in timed relation with a moving image.
|
||||
|
||||
b. Copyright and Similar Rights means copyright and/or similar rights
|
||||
closely related to copyright including, without limitation,
|
||||
performance, broadcast, sound recording, and Sui Generis Database
|
||||
Rights, without regard to how the rights are labeled or
|
||||
categorized. For purposes of this Public License, the rights
|
||||
specified in Section 2(b)(1)-(2) are not Copyright and Similar
|
||||
Rights.
|
||||
|
||||
c. Effective Technological Measures means those measures that, in the
|
||||
absence of proper authority, may not be circumvented under laws
|
||||
fulfilling obligations under Article 11 of the WIPO Copyright
|
||||
Treaty adopted on December 20, 1996, and/or similar international
|
||||
agreements.
|
||||
|
||||
d. Exceptions and Limitations means fair use, fair dealing, and/or
|
||||
any other exception or limitation to Copyright and Similar Rights
|
||||
that applies to Your use of the Licensed Material.
|
||||
|
||||
e. Licensed Material means the artistic or literary work, database,
|
||||
or other material to which the Licensor applied this Public
|
||||
License.
|
||||
|
||||
f. Licensed Rights means the rights granted to You subject to the
|
||||
terms and conditions of this Public License, which are limited to
|
||||
all Copyright and Similar Rights that apply to Your use of the
|
||||
Licensed Material and that the Licensor has authority to license.
|
||||
|
||||
g. Licensor means the individual(s) or entity(ies) granting rights
|
||||
under this Public License.
|
||||
|
||||
h. NonCommercial means not primarily intended for or directed towards
|
||||
commercial advantage or monetary compensation. For purposes of
|
||||
this Public License, the exchange of the Licensed Material for
|
||||
other material subject to Copyright and Similar Rights by digital
|
||||
file-sharing or similar means is NonCommercial provided there is
|
||||
no payment of monetary compensation in connection with the
|
||||
exchange.
|
||||
|
||||
i. Share means to provide material to the public by any means or
|
||||
process that requires permission under the Licensed Rights, such
|
||||
as reproduction, public display, public performance, distribution,
|
||||
dissemination, communication, or importation, and to make material
|
||||
available to the public including in ways that members of the
|
||||
public may access the material from a place and at a time
|
||||
individually chosen by them.
|
||||
|
||||
j. Sui Generis Database Rights means rights other than copyright
|
||||
resulting from Directive 96/9/EC of the European Parliament and of
|
||||
the Council of 11 March 1996 on the legal protection of databases,
|
||||
as amended and/or succeeded, as well as other essentially
|
||||
equivalent rights anywhere in the world.
|
||||
|
||||
k. You means the individual or entity exercising the Licensed Rights
|
||||
under this Public License. Your has a corresponding meaning.
|
||||
|
||||
|
||||
Section 2 -- Scope.
|
||||
|
||||
a. License grant.
|
||||
|
||||
1. Subject to the terms and conditions of this Public License,
|
||||
the Licensor hereby grants You a worldwide, royalty-free,
|
||||
non-sublicensable, non-exclusive, irrevocable license to
|
||||
exercise the Licensed Rights in the Licensed Material to:
|
||||
|
||||
a. reproduce and Share the Licensed Material, in whole or
|
||||
in part, for NonCommercial purposes only; and
|
||||
|
||||
b. produce and reproduce, but not Share, Adapted Material
|
||||
for NonCommercial purposes only.
|
||||
|
||||
2. Exceptions and Limitations. For the avoidance of doubt, where
|
||||
Exceptions and Limitations apply to Your use, this Public
|
||||
License does not apply, and You do not need to comply with
|
||||
its terms and conditions.
|
||||
|
||||
3. Term. The term of this Public License is specified in Section
|
||||
6(a).
|
||||
|
||||
4. Media and formats; technical modifications allowed. The
|
||||
Licensor authorizes You to exercise the Licensed Rights in
|
||||
all media and formats whether now known or hereafter created,
|
||||
and to make technical modifications necessary to do so. The
|
||||
Licensor waives and/or agrees not to assert any right or
|
||||
authority to forbid You from making technical modifications
|
||||
necessary to exercise the Licensed Rights, including
|
||||
technical modifications necessary to circumvent Effective
|
||||
Technological Measures. For purposes of this Public License,
|
||||
simply making modifications authorized by this Section 2(a)
|
||||
(4) never produces Adapted Material.
|
||||
|
||||
5. Downstream recipients.
|
||||
|
||||
a. Offer from the Licensor -- Licensed Material. Every
|
||||
recipient of the Licensed Material automatically
|
||||
receives an offer from the Licensor to exercise the
|
||||
Licensed Rights under the terms and conditions of this
|
||||
Public License.
|
||||
|
||||
b. No downstream restrictions. You may not offer or impose
|
||||
any additional or different terms or conditions on, or
|
||||
apply any Effective Technological Measures to, the
|
||||
Licensed Material if doing so restricts exercise of the
|
||||
Licensed Rights by any recipient of the Licensed
|
||||
Material.
|
||||
|
||||
6. No endorsement. Nothing in this Public License constitutes or
|
||||
may be construed as permission to assert or imply that You
|
||||
are, or that Your use of the Licensed Material is, connected
|
||||
with, or sponsored, endorsed, or granted official status by,
|
||||
the Licensor or others designated to receive attribution as
|
||||
provided in Section 3(a)(1)(A)(i).
|
||||
|
||||
b. Other rights.
|
||||
|
||||
1. Moral rights, such as the right of integrity, are not
|
||||
licensed under this Public License, nor are publicity,
|
||||
privacy, and/or other similar personality rights; however, to
|
||||
the extent possible, the Licensor waives and/or agrees not to
|
||||
assert any such rights held by the Licensor to the limited
|
||||
extent necessary to allow You to exercise the Licensed
|
||||
Rights, but not otherwise.
|
||||
|
||||
2. Patent and trademark rights are not licensed under this
|
||||
Public License.
|
||||
|
||||
3. To the extent possible, the Licensor waives any right to
|
||||
collect royalties from You for the exercise of the Licensed
|
||||
Rights, whether directly or through a collecting society
|
||||
under any voluntary or waivable statutory or compulsory
|
||||
licensing scheme. In all other cases the Licensor expressly
|
||||
reserves any right to collect such royalties, including when
|
||||
the Licensed Material is used other than for NonCommercial
|
||||
purposes.
|
||||
|
||||
|
||||
Section 3 -- License Conditions.
|
||||
|
||||
Your exercise of the Licensed Rights is expressly made subject to the
|
||||
following conditions.
|
||||
|
||||
a. Attribution.
|
||||
|
||||
1. If You Share the Licensed Material, You must:
|
||||
|
||||
a. retain the following if it is supplied by the Licensor
|
||||
with the Licensed Material:
|
||||
|
||||
i. identification of the creator(s) of the Licensed
|
||||
Material and any others designated to receive
|
||||
attribution, in any reasonable manner requested by
|
||||
the Licensor (including by pseudonym if
|
||||
designated);
|
||||
|
||||
ii. a copyright notice;
|
||||
|
||||
iii. a notice that refers to this Public License;
|
||||
|
||||
iv. a notice that refers to the disclaimer of
|
||||
warranties;
|
||||
|
||||
v. a URI or hyperlink to the Licensed Material to the
|
||||
extent reasonably practicable;
|
||||
|
||||
b. indicate if You modified the Licensed Material and
|
||||
retain an indication of any previous modifications; and
|
||||
|
||||
c. indicate the Licensed Material is licensed under this
|
||||
Public License, and include the text of, or the URI or
|
||||
hyperlink to, this Public License.
|
||||
|
||||
For the avoidance of doubt, You do not have permission under
|
||||
this Public License to Share Adapted Material.
|
||||
|
||||
2. You may satisfy the conditions in Section 3(a)(1) in any
|
||||
reasonable manner based on the medium, means, and context in
|
||||
which You Share the Licensed Material. For example, it may be
|
||||
reasonable to satisfy the conditions by providing a URI or
|
||||
hyperlink to a resource that includes the required
|
||||
information.
|
||||
|
||||
3. If requested by the Licensor, You must remove any of the
|
||||
information required by Section 3(a)(1)(A) to the extent
|
||||
reasonably practicable.
|
||||
|
||||
|
||||
Section 4 -- Sui Generis Database Rights.
|
||||
|
||||
Where the Licensed Rights include Sui Generis Database Rights that
|
||||
apply to Your use of the Licensed Material:
|
||||
|
||||
a. for the avoidance of doubt, Section 2(a)(1) grants You the right
|
||||
to extract, reuse, reproduce, and Share all or a substantial
|
||||
portion of the contents of the database for NonCommercial purposes
|
||||
only and provided You do not Share Adapted Material;
|
||||
|
||||
b. if You include all or a substantial portion of the database
|
||||
contents in a database in which You have Sui Generis Database
|
||||
Rights, then the database in which You have Sui Generis Database
|
||||
Rights (but not its individual contents) is Adapted Material; and
|
||||
|
||||
c. You must comply with the conditions in Section 3(a) if You Share
|
||||
all or a substantial portion of the contents of the database.
|
||||
|
||||
For the avoidance of doubt, this Section 4 supplements and does not
|
||||
replace Your obligations under this Public License where the Licensed
|
||||
Rights include other Copyright and Similar Rights.
|
||||
|
||||
|
||||
Section 5 -- Disclaimer of Warranties and Limitation of Liability.
|
||||
|
||||
a. UNLESS OTHERWISE SEPARATELY UNDERTAKEN BY THE LICENSOR, TO THE
|
||||
EXTENT POSSIBLE, THE LICENSOR OFFERS THE LICENSED MATERIAL AS-IS
|
||||
AND AS-AVAILABLE, AND MAKES NO REPRESENTATIONS OR WARRANTIES OF
|
||||
ANY KIND CONCERNING THE LICENSED MATERIAL, WHETHER EXPRESS,
|
||||
IMPLIED, STATUTORY, OR OTHER. THIS INCLUDES, WITHOUT LIMITATION,
|
||||
WARRANTIES OF TITLE, MERCHANTABILITY, FITNESS FOR A PARTICULAR
|
||||
PURPOSE, NON-INFRINGEMENT, ABSENCE OF LATENT OR OTHER DEFECTS,
|
||||
ACCURACY, OR THE PRESENCE OR ABSENCE OF ERRORS, WHETHER OR NOT
|
||||
KNOWN OR DISCOVERABLE. WHERE DISCLAIMERS OF WARRANTIES ARE NOT
|
||||
ALLOWED IN FULL OR IN PART, THIS DISCLAIMER MAY NOT APPLY TO YOU.
|
||||
|
||||
b. TO THE EXTENT POSSIBLE, IN NO EVENT WILL THE LICENSOR BE LIABLE
|
||||
TO YOU ON ANY LEGAL THEORY (INCLUDING, WITHOUT LIMITATION,
|
||||
NEGLIGENCE) OR OTHERWISE FOR ANY DIRECT, SPECIAL, INDIRECT,
|
||||
INCIDENTAL, CONSEQUENTIAL, PUNITIVE, EXEMPLARY, OR OTHER LOSSES,
|
||||
COSTS, EXPENSES, OR DAMAGES ARISING OUT OF THIS PUBLIC LICENSE OR
|
||||
USE OF THE LICENSED MATERIAL, EVEN IF THE LICENSOR HAS BEEN
|
||||
ADVISED OF THE POSSIBILITY OF SUCH LOSSES, COSTS, EXPENSES, OR
|
||||
DAMAGES. WHERE A LIMITATION OF LIABILITY IS NOT ALLOWED IN FULL OR
|
||||
IN PART, THIS LIMITATION MAY NOT APPLY TO YOU.
|
||||
|
||||
c. The disclaimer of warranties and limitation of liability provided
|
||||
above shall be interpreted in a manner that, to the extent
|
||||
possible, most closely approximates an absolute disclaimer and
|
||||
waiver of all liability.
|
||||
|
||||
|
||||
Section 6 -- Term and Termination.
|
||||
|
||||
a. This Public License applies for the term of the Copyright and
|
||||
Similar Rights licensed here. However, if You fail to comply with
|
||||
this Public License, then Your rights under this Public License
|
||||
terminate automatically.
|
||||
|
||||
b. Where Your right to use the Licensed Material has terminated under
|
||||
Section 6(a), it reinstates:
|
||||
|
||||
1. automatically as of the date the violation is cured, provided
|
||||
it is cured within 30 days of Your discovery of the
|
||||
violation; or
|
||||
|
||||
2. upon express reinstatement by the Licensor.
|
||||
|
||||
For the avoidance of doubt, this Section 6(b) does not affect any
|
||||
right the Licensor may have to seek remedies for Your violations
|
||||
of this Public License.
|
||||
|
||||
c. For the avoidance of doubt, the Licensor may also offer the
|
||||
Licensed Material under separate terms or conditions or stop
|
||||
distributing the Licensed Material at any time; however, doing so
|
||||
will not terminate this Public License.
|
||||
|
||||
d. Sections 1, 5, 6, 7, and 8 survive termination of this Public
|
||||
License.
|
||||
|
||||
|
||||
Section 7 -- Other Terms and Conditions.
|
||||
|
||||
a. The Licensor shall not be bound by any additional or different
|
||||
terms or conditions communicated by You unless expressly agreed.
|
||||
|
||||
b. Any arrangements, understandings, or agreements regarding the
|
||||
Licensed Material not stated herein are separate from and
|
||||
independent of the terms and conditions of this Public License.
|
||||
|
||||
|
||||
Section 8 -- Interpretation.
|
||||
|
||||
a. For the avoidance of doubt, this Public License does not, and
|
||||
shall not be interpreted to, reduce, limit, restrict, or impose
|
||||
conditions on any use of the Licensed Material that could lawfully
|
||||
be made without permission under this Public License.
|
||||
|
||||
b. To the extent possible, if any provision of this Public License is
|
||||
deemed unenforceable, it shall be automatically reformed to the
|
||||
minimum extent necessary to make it enforceable. If the provision
|
||||
cannot be reformed, it shall be severed from this Public License
|
||||
without affecting the enforceability of the remaining terms and
|
||||
conditions.
|
||||
|
||||
c. No term or condition of this Public License will be waived and no
|
||||
failure to comply consented to unless expressly agreed to by the
|
||||
Licensor.
|
||||
|
||||
d. Nothing in this Public License constitutes or may be interpreted
|
||||
as a limitation upon, or waiver of, any privileges and immunities
|
||||
that apply to the Licensor or You, including from the legal
|
||||
processes of any jurisdiction or authority.
|
||||
|
||||
=======================================================================
|
||||
|
||||
Creative Commons is not a party to its public
|
||||
licenses. Notwithstanding, Creative Commons may elect to apply one of
|
||||
its public licenses to material it publishes and in those instances
|
||||
will be considered the “Licensor.” The text of the Creative Commons
|
||||
public licenses is dedicated to the public domain under the CC0 Public
|
||||
Domain Dedication. Except for the limited purpose of indicating that
|
||||
material is shared under a Creative Commons public license or as
|
||||
otherwise permitted by the Creative Commons policies published at
|
||||
creativecommons.org/policies, Creative Commons does not authorize the
|
||||
use of the trademark "Creative Commons" or any other trademark or logo
|
||||
of Creative Commons without its prior written consent including,
|
||||
without limitation, in connection with any unauthorized modifications
|
||||
to any of its public licenses or any other arrangements,
|
||||
understandings, or agreements concerning use of licensed material. For
|
||||
the avoidance of doubt, this paragraph does not form part of the
|
||||
public licenses.
|
||||
|
||||
Creative Commons may be contacted at creativecommons.org.
|
||||
|
17
CHANGELOG.md
17
CHANGELOG.md
|
@ -8,32 +8,45 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
|
|||
- **Breaking:** Configuration: A setting to explicitly disable the mailer was added, defaulting to true, if you are using a mailer add `config :pleroma, Pleroma.Emails.Mailer, enabled: true` to your config
|
||||
- Configuration: OpenGraph and TwitterCard providers enabled by default
|
||||
- Configuration: Filter.AnonymizeFilename added ability to retain file extension with custom text
|
||||
- Federation: Return 403 errors when trying to request pages from a user's follower/following collections if they have `hide_followers`/`hide_follows` set
|
||||
- NodeInfo: Return `skipThreadContainment` in `metadata` for the `skip_thread_containment` option
|
||||
- Mastodon API: Unsubscribe followers when they unfollow a user
|
||||
|
||||
### Fixed
|
||||
- Not being able to pin unlisted posts
|
||||
- Metadata rendering errors resulting in the entire page being inaccessible
|
||||
- Federation/MediaProxy not working with instances that have wrong certificate order
|
||||
- Mastodon API: Handling of search timeouts (`/api/v1/search` and `/api/v2/search`)
|
||||
- Mastodon API: Embedded relationships not being properly rendered in the Account entity of Status entity
|
||||
- Mastodon API: Add `account_id`, `type`, `offset`, and `limit` to search API (`/api/v1/search` and `/api/v2/search`)
|
||||
- ActivityPub C2S: follower/following collection pages being inaccessible even when authentifucated if `hide_followers`/ `hide_follows` was set
|
||||
|
||||
### Added
|
||||
- MRF: Support for priming the mediaproxy cache (`Pleroma.Web.ActivityPub.MRF.MediaProxyWarmingPolicy`)
|
||||
Configuration: `federation_incoming_replies_max_depth` option
|
||||
- MRF: Support for excluding specific domains from Transparency.
|
||||
- Configuration: `federation_incoming_replies_max_depth` option
|
||||
- Mastodon API: Support for the [`tagged` filter](https://github.com/tootsuite/mastodon/pull/9755) in [`GET /api/v1/accounts/:id/statuses`](https://docs.joinmastodon.org/api/rest/accounts/#get-api-v1-accounts-id-statuses)
|
||||
- Mastodon API, streaming: Add support for passing the token in the `Sec-WebSocket-Protocol` header
|
||||
- Mastodon API, extension: Ability to reset avatar, profile banner, and background
|
||||
- Mastodon API: Add support for categories for custom emojis by reusing the group feature. <https://github.com/tootsuite/mastodon/pull/11196>
|
||||
- Mastodon API: Add support for muting/unmuting notifications
|
||||
- Admin API: Return users' tags when querying reports
|
||||
- Admin API: Return avatar and display name when querying users
|
||||
- Admin API: Allow querying user by ID
|
||||
- Admin API: Added support for `tuples`.
|
||||
- Added synchronization of following/followers counters for external users
|
||||
- Configuration: `enabled` option for `Pleroma.Emails.Mailer`, defaulting to `false`.
|
||||
- Mastodon API: Add support for categories for custom emojis by reusing the group feature. <https://github.com/tootsuite/mastodon/pull/11196>
|
||||
- Configuration: Pleroma.Plugs.RateLimiter `bucket_name`, `params` options.
|
||||
- Addressable lists
|
||||
|
||||
### Changed
|
||||
- Configuration: Filter.AnonymizeFilename added ability to retain file extension with custom text
|
||||
- Admin API: changed json structure for saving config settings.
|
||||
- RichMedia: parsers and their order are configured in `rich_media` config.
|
||||
|
||||
## [1.0.1] - 2019-07-14
|
||||
### Security
|
||||
- OStatus: fix an object spoofing vulnerability.
|
||||
|
||||
## [1.0.0] - 2019-06-29
|
||||
### Security
|
||||
|
|
|
@ -194,6 +194,8 @@
|
|||
send_user_agent: true,
|
||||
adapter: [
|
||||
ssl_options: [
|
||||
# Workaround for remote server certificate chain issues
|
||||
partial_chain: &:hackney_connect.partial_chain/1,
|
||||
# We don't support TLS v1.3 yet
|
||||
versions: [:tlsv1, :"tlsv1.1", :"tlsv1.2"]
|
||||
]
|
||||
|
@ -238,6 +240,7 @@
|
|||
"text/bbcode"
|
||||
],
|
||||
mrf_transparency: true,
|
||||
mrf_transparency_exclusions: [],
|
||||
autofollowed_nicknames: [],
|
||||
max_pinned_statuses: 1,
|
||||
no_attachment_links: false,
|
||||
|
@ -336,7 +339,12 @@
|
|||
config :pleroma, :rich_media,
|
||||
enabled: true,
|
||||
ignore_hosts: [],
|
||||
ignore_tld: ["local", "localdomain", "lan"]
|
||||
ignore_tld: ["local", "localdomain", "lan"],
|
||||
parsers: [
|
||||
Pleroma.Web.RichMedia.Parsers.TwitterCard,
|
||||
Pleroma.Web.RichMedia.Parsers.OGP,
|
||||
Pleroma.Web.RichMedia.Parsers.OEmbed
|
||||
]
|
||||
|
||||
config :pleroma, :media_proxy,
|
||||
enabled: false,
|
||||
|
@ -519,7 +527,9 @@
|
|||
|
||||
config :pleroma, :rate_limit,
|
||||
search: [{1000, 10}, {1000, 30}],
|
||||
app_account_creation: {1_800_000, 25}
|
||||
app_account_creation: {1_800_000, 25},
|
||||
statuses_actions: {10_000, 15},
|
||||
status_id_action: {60_000, 3}
|
||||
|
||||
# Import environment specific config. This must remain at the bottom
|
||||
# of this file so it overrides the configuration defined above.
|
||||
|
|
|
@ -16,9 +16,11 @@ Adding the parameter `with_muted=true` to the timeline queries will also return
|
|||
|
||||
## Statuses
|
||||
|
||||
- `visibility`: has an additional possible value `list`
|
||||
|
||||
Has these additional fields under the `pleroma` object:
|
||||
|
||||
- `local`: true if the post was made on the local instance.
|
||||
- `local`: true if the post was made on the local instance
|
||||
- `conversation_id`: the ID of the conversation the status is associated with (if any)
|
||||
- `in_reply_to_account_acct`: the `acct` property of User entity for replied user (if any)
|
||||
- `content`: a map consisting of alternate representations of the `content` property with the key being it's mimetype. Currently the only alternate representation supported is `text/plain`
|
||||
|
@ -46,14 +48,6 @@ Has these additional fields under the `pleroma` object:
|
|||
- `settings_store`: A generic map of settings for frontends. Opaque to the backend. Only returned in `verify_credentials` and `update_credentials`
|
||||
- `chat_token`: The token needed for Pleroma chat. Only returned in `verify_credentials`
|
||||
|
||||
### Extensions for PleromaFE
|
||||
|
||||
These endpoints added for controlling PleromaFE features over the Mastodon API
|
||||
|
||||
- PATCH `/api/v1/accounts/update_avatar`: Set/clear user avatar image
|
||||
- PATCH `/api/v1/accounts/update_banner`: Set/clear user banner image
|
||||
- PATCH `/api/v1/accounts/update_background`: Set/clear user background image
|
||||
|
||||
### Source
|
||||
|
||||
Has these additional fields under the `pleroma` object:
|
||||
|
@ -80,6 +74,7 @@ Additional parameters can be added to the JSON body/Form data:
|
|||
- `preview`: boolean, if set to `true` the post won't be actually posted, but the status entitiy would still be rendered back. This could be useful for previewing rich text/custom emoji, for example.
|
||||
- `content_type`: string, contain the MIME type of the status, it is transformed into HTML by the backend. You can get the list of the supported MIME types with the nodeinfo endpoint.
|
||||
- `to`: A list of nicknames (like `lain@soykaf.club` or `lain` on the local server) that will be used to determine who is going to be addressed by this post. Using this will disable the implicit addressing by mentioned names in the `status` body, only the people in the `to` list will be addressed. The normal rules for for post visibility are not affected by this and will still apply.
|
||||
- `visibility`: string, besides standard MastoAPI values (`direct`, `private`, `unlisted` or `public`) it can be used to address a List by setting it to `list:LIST_ID`.
|
||||
|
||||
## PATCH `/api/v1/update_credentials`
|
||||
|
||||
|
|
|
@ -238,6 +238,13 @@ See [Admin-API](Admin-API.md)
|
|||
]
|
||||
```
|
||||
|
||||
## `/api/v1/pleroma/accounts/update_*`
|
||||
### Set and clear account avatar, banner, and background
|
||||
|
||||
- PATCH `/api/v1/pleroma/accounts/update_avatar`: Set/clear user avatar image
|
||||
- PATCH `/api/v1/pleroma/accounts/update_banner`: Set/clear user banner image
|
||||
- PATCH `/api/v1/pleroma/accounts/update_background`: Set/clear user background image
|
||||
|
||||
## `/api/v1/pleroma/mascot`
|
||||
### Gets user mascot image
|
||||
* Method `GET`
|
||||
|
|
|
@ -106,6 +106,7 @@ config :pleroma, Pleroma.Emails.Mailer,
|
|||
* `managed_config`: Whenether the config for pleroma-fe is configured in this config or in ``static/config.json``
|
||||
* `allowed_post_formats`: MIME-type list of formats allowed to be posted (transformed into HTML)
|
||||
* `mrf_transparency`: Make the content of your Message Rewrite Facility settings public (via nodeinfo).
|
||||
* `mrf_transparency_exclusions`: Exclude specific instance names from MRF transparency. The use of the exclusions feature will be disclosed in nodeinfo as a boolean value.
|
||||
* `scope_copy`: Copy the scope (private/unlisted/public) in replies to posts by default.
|
||||
* `subject_line_behavior`: Allows changing the default behaviour of subject lines in replies. Valid values:
|
||||
* "email": Copy and preprend re:, as in email.
|
||||
|
@ -424,6 +425,7 @@ This config contains two queues: `federator_incoming` and `federator_outgoing`.
|
|||
* `enabled`: if enabled the instance will parse metadata from attached links to generate link previews
|
||||
* `ignore_hosts`: list of hosts which will be ignored by the metadata parser. For example `["accounts.google.com", "xss.website"]`, defaults to `[]`.
|
||||
* `ignore_tld`: list TLDs (top-level domains) which will ignore for parse metadata. default is ["local", "localdomain", "lan"]
|
||||
* `parsers`: list of Rich Media parsers
|
||||
|
||||
## :fetch_initial_posts
|
||||
* `enabled`: if enabled, when a new user is federated with, fetch some of their latest posts
|
||||
|
@ -640,3 +642,10 @@ A keyword list of rate limiters where a key is a limiter name and value is the l
|
|||
It is also possible to have different limits for unauthenticated and authenticated users: the keyword value must be a list of two tuples where the first one is a config for unauthenticated users and the second one is for authenticated.
|
||||
|
||||
See [`Pleroma.Plugs.RateLimiter`](Pleroma.Plugs.RateLimiter.html) documentation for examples.
|
||||
|
||||
Supported rate limiters:
|
||||
|
||||
* `:search` for the search requests (account & status search etc.)
|
||||
* `:app_account_creation` for registering user accounts from the same IP address
|
||||
* `:statuses_actions` for create / delete / fav / unfav / reblog / unreblog actions on any statuses
|
||||
* `:status_id_action` for fav / unfav or reblog / unreblog actions on the same status by the same user
|
||||
|
|
|
@ -28,6 +28,14 @@ def run(["migrate_to_db"]) do
|
|||
|> Enum.reject(fn {k, _v} -> k in [Pleroma.Repo, :env] end)
|
||||
|> Enum.each(fn {k, v} ->
|
||||
key = to_string(k) |> String.replace("Elixir.", "")
|
||||
|
||||
key =
|
||||
if String.starts_with?(key, "Pleroma.") do
|
||||
key
|
||||
else
|
||||
":" <> key
|
||||
end
|
||||
|
||||
{:ok, _} = Config.update_or_create(%{group: "pleroma", key: key, value: v})
|
||||
Mix.shell().info("#{key} is migrated.")
|
||||
end)
|
||||
|
@ -53,17 +61,9 @@ def run(["migrate_from_db", env, delete?]) do
|
|||
|
||||
Repo.all(Config)
|
||||
|> Enum.each(fn config ->
|
||||
mark =
|
||||
if String.starts_with?(config.key, "Pleroma.") or
|
||||
String.starts_with?(config.key, "Ueberauth"),
|
||||
do: ",",
|
||||
else: ":"
|
||||
|
||||
IO.write(
|
||||
file,
|
||||
"config :#{config.group}, #{config.key}#{mark} #{
|
||||
inspect(Config.from_binary(config.value))
|
||||
}\r\n"
|
||||
"config :#{config.group}, #{config.key}, #{inspect(Config.from_binary(config.value))}\r\n\r\n"
|
||||
)
|
||||
|
||||
if delete? do
|
||||
|
|
|
@ -35,7 +35,7 @@ defp update_env(setting) do
|
|||
if String.starts_with?(setting.key, "Pleroma.") do
|
||||
"Elixir." <> setting.key
|
||||
else
|
||||
setting.key
|
||||
String.trim_leading(setting.key, ":")
|
||||
end
|
||||
|
||||
group = String.to_existing_atom(setting.group)
|
||||
|
|
|
@ -29,7 +29,7 @@ def new(opts \\ []) do
|
|||
|
||||
# fetch Hackney options
|
||||
#
|
||||
defp hackney_options(opts) do
|
||||
def hackney_options(opts) do
|
||||
options = Keyword.get(opts, :adapter, [])
|
||||
adapter_options = Pleroma.Config.get([:http, :adapter], [])
|
||||
proxy_url = Pleroma.Config.get([:http, :proxy_url], nil)
|
||||
|
|
|
@ -65,10 +65,7 @@ defp process_sni_options(options, url) do
|
|||
end
|
||||
|
||||
def process_request_options(options) do
|
||||
case Pleroma.Config.get([:http, :proxy_url]) do
|
||||
nil -> options
|
||||
proxy -> options ++ [proxy: proxy]
|
||||
end
|
||||
Keyword.merge(Pleroma.HTTP.Connection.hackney_options([]), options)
|
||||
end
|
||||
|
||||
@doc """
|
||||
|
|
|
@ -35,10 +35,12 @@ def generate_rsa_pem do
|
|||
end
|
||||
|
||||
def keys_from_pem(pem) do
|
||||
[private_key_code] = :public_key.pem_decode(pem)
|
||||
private_key = :public_key.pem_entry_decode(private_key_code)
|
||||
{:RSAPrivateKey, _, modulus, exponent, _, _, _, _, _, _, _} = private_key
|
||||
public_key = {:RSAPublicKey, modulus, exponent}
|
||||
{:ok, private_key, public_key}
|
||||
with [private_key_code] <- :public_key.pem_decode(pem),
|
||||
private_key <- :public_key.pem_entry_decode(private_key_code),
|
||||
{:RSAPrivateKey, _, modulus, exponent, _, _, _, _, _, _, _} <- private_key do
|
||||
{:ok, private_key, {:RSAPublicKey, modulus, exponent}}
|
||||
else
|
||||
error -> {:error, error}
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -16,6 +16,7 @@ defmodule Pleroma.List do
|
|||
belongs_to(:user, User, type: Pleroma.FlakeId)
|
||||
field(:title, :string)
|
||||
field(:following, {:array, :string}, default: [])
|
||||
field(:ap_id, :string)
|
||||
|
||||
timestamps()
|
||||
end
|
||||
|
@ -55,6 +56,10 @@ def get(id, %{id: user_id} = _user) do
|
|||
Repo.one(query)
|
||||
end
|
||||
|
||||
def get_by_ap_id(ap_id) do
|
||||
Repo.get_by(__MODULE__, ap_id: ap_id)
|
||||
end
|
||||
|
||||
def get_following(%Pleroma.List{following: following} = _list) do
|
||||
q =
|
||||
from(
|
||||
|
@ -105,7 +110,14 @@ def rename(%Pleroma.List{} = list, title) do
|
|||
|
||||
def create(title, %User{} = creator) do
|
||||
list = %Pleroma.List{user_id: creator.id, title: title}
|
||||
Repo.insert(list)
|
||||
|
||||
Repo.transaction(fn ->
|
||||
list = Repo.insert!(list)
|
||||
|
||||
list
|
||||
|> change(ap_id: "#{creator.ap_id}/lists/#{list.id}")
|
||||
|> Repo.update!()
|
||||
end)
|
||||
end
|
||||
|
||||
def follow(%Pleroma.List{following: following} = list, %User{} = followed) do
|
||||
|
@ -125,4 +137,19 @@ def update_follows(%Pleroma.List{} = list, attrs) do
|
|||
|> follow_changeset(attrs)
|
||||
|> Repo.update()
|
||||
end
|
||||
|
||||
def memberships(%User{follower_address: follower_address}) do
|
||||
Pleroma.List
|
||||
|> where([l], ^follower_address in l.following)
|
||||
|> select([l], l.ap_id)
|
||||
|> Repo.all()
|
||||
end
|
||||
|
||||
def memberships(_), do: []
|
||||
|
||||
def member?(%Pleroma.List{following: following}, %User{follower_address: follower_address}) do
|
||||
Enum.member?(following, follower_address)
|
||||
end
|
||||
|
||||
def member?(_, _), do: false
|
||||
end
|
||||
|
|
|
@ -11,7 +11,6 @@ defmodule Pleroma.Notification do
|
|||
alias Pleroma.Pagination
|
||||
alias Pleroma.Repo
|
||||
alias Pleroma.User
|
||||
alias Pleroma.Web.CommonAPI
|
||||
alias Pleroma.Web.CommonAPI.Utils
|
||||
alias Pleroma.Web.Push
|
||||
alias Pleroma.Web.Streamer
|
||||
|
@ -32,31 +31,47 @@ def changeset(%Notification{} = notification, attrs) do
|
|||
|> cast(attrs, [:seen])
|
||||
end
|
||||
|
||||
def for_user_query(user) do
|
||||
Notification
|
||||
|> where(user_id: ^user.id)
|
||||
|> where(
|
||||
[n, a],
|
||||
fragment(
|
||||
"? not in (SELECT ap_id FROM users WHERE info->'deactivated' @> 'true')",
|
||||
a.actor
|
||||
)
|
||||
)
|
||||
|> join(:inner, [n], activity in assoc(n, :activity))
|
||||
|> join(:left, [n, a], object in Object,
|
||||
on:
|
||||
def for_user_query(user, opts) do
|
||||
query =
|
||||
Notification
|
||||
|> where(user_id: ^user.id)
|
||||
|> where(
|
||||
[n, a],
|
||||
fragment(
|
||||
"(?->>'id') = COALESCE((? -> 'object'::text) ->> 'id'::text)",
|
||||
object.data,
|
||||
a.data
|
||||
"? not in (SELECT ap_id FROM users WHERE info->'deactivated' @> 'true')",
|
||||
a.actor
|
||||
)
|
||||
)
|
||||
|> preload([n, a, o], activity: {a, object: o})
|
||||
)
|
||||
|> join(:inner, [n], activity in assoc(n, :activity))
|
||||
|> join(:left, [n, a], object in Object,
|
||||
on:
|
||||
fragment(
|
||||
"(?->>'id') = COALESCE((? -> 'object'::text) ->> 'id'::text)",
|
||||
object.data,
|
||||
a.data
|
||||
)
|
||||
)
|
||||
|> preload([n, a, o], activity: {a, object: o})
|
||||
|
||||
if opts[:with_muted] do
|
||||
query
|
||||
else
|
||||
where(query, [n, a], a.actor not in ^user.info.muted_notifications)
|
||||
|> where([n, a], a.actor not in ^user.info.blocks)
|
||||
|> where(
|
||||
[n, a],
|
||||
fragment("substring(? from '.*://([^/]*)')", a.actor) not in ^user.info.domain_blocks
|
||||
)
|
||||
|> join(:left, [n, a], tm in Pleroma.ThreadMute,
|
||||
on: tm.user_id == ^user.id and tm.context == fragment("?->>'context'", a.data)
|
||||
)
|
||||
|> where([n, a, o, tm], is_nil(tm.id))
|
||||
end
|
||||
end
|
||||
|
||||
def for_user(user, opts \\ %{}) do
|
||||
user
|
||||
|> for_user_query()
|
||||
|> for_user_query(opts)
|
||||
|> Pagination.fetch_paginated(opts)
|
||||
end
|
||||
|
||||
|
@ -179,11 +194,10 @@ def get_notified_from_activity(
|
|||
|
||||
def get_notified_from_activity(_, _local_only), do: []
|
||||
|
||||
@spec skip?(Activity.t(), User.t()) :: boolean()
|
||||
def skip?(activity, user) do
|
||||
[
|
||||
:self,
|
||||
:blocked,
|
||||
:muted,
|
||||
:followers,
|
||||
:follows,
|
||||
:non_followers,
|
||||
|
@ -193,21 +207,11 @@ def skip?(activity, user) do
|
|||
|> Enum.any?(&skip?(&1, activity, user))
|
||||
end
|
||||
|
||||
@spec skip?(atom(), Activity.t(), User.t()) :: boolean()
|
||||
def skip?(:self, activity, user) do
|
||||
activity.data["actor"] == user.ap_id
|
||||
end
|
||||
|
||||
def skip?(:blocked, activity, user) do
|
||||
actor = activity.data["actor"]
|
||||
User.blocks?(user, %{ap_id: actor})
|
||||
end
|
||||
|
||||
def skip?(:muted, activity, user) do
|
||||
actor = activity.data["actor"]
|
||||
|
||||
User.mutes?(user, %{ap_id: actor}) or CommonAPI.thread_muted?(user, activity)
|
||||
end
|
||||
|
||||
def skip?(
|
||||
:followers,
|
||||
activity,
|
||||
|
|
|
@ -48,6 +48,9 @@ def contain_origin(id, %{"actor" => _actor} = params) do
|
|||
end
|
||||
end
|
||||
|
||||
def contain_origin(id, %{"attributedTo" => actor} = params),
|
||||
do: contain_origin(id, Map.put(params, "actor", actor))
|
||||
|
||||
def contain_origin_from_id(_id, %{"id" => nil}), do: :error
|
||||
|
||||
def contain_origin_from_id(id, %{"id" => other_id} = _params) do
|
||||
|
@ -60,4 +63,9 @@ def contain_origin_from_id(id, %{"id" => other_id} = _params) do
|
|||
:error
|
||||
end
|
||||
end
|
||||
|
||||
def contain_child(%{"object" => %{"id" => id, "attributedTo" => _} = object}),
|
||||
do: contain_origin(id, object)
|
||||
|
||||
def contain_child(_), do: :ok
|
||||
end
|
||||
|
|
|
@ -32,33 +32,39 @@ def fetch_object_from_id(id, options \\ []) do
|
|||
else
|
||||
Logger.info("Fetching #{id} via AP")
|
||||
|
||||
with {:ok, data} <- fetch_and_contain_remote_object_from_id(id),
|
||||
nil <- Object.normalize(data, false),
|
||||
with {:fetch, {:ok, data}} <- {:fetch, fetch_and_contain_remote_object_from_id(id)},
|
||||
{:normalize, nil} <- {:normalize, Object.normalize(data, false)},
|
||||
params <- %{
|
||||
"type" => "Create",
|
||||
"to" => data["to"],
|
||||
"cc" => data["cc"],
|
||||
# Should we seriously keep this attributedTo thing?
|
||||
"actor" => data["actor"] || data["attributedTo"],
|
||||
"object" => data
|
||||
},
|
||||
:ok <- Containment.contain_origin(id, params),
|
||||
{:containment, :ok} <- {:containment, Containment.contain_origin(id, params)},
|
||||
{:ok, activity} <- Transmogrifier.handle_incoming(params, options),
|
||||
{:object, _data, %Object{} = object} <-
|
||||
{:object, data, Object.normalize(activity, false)} do
|
||||
{:ok, object}
|
||||
else
|
||||
{:containment, _} ->
|
||||
{:error, "Object containment failed."}
|
||||
|
||||
{:error, {:reject, nil}} ->
|
||||
{:reject, nil}
|
||||
|
||||
{:object, data, nil} ->
|
||||
reinject_object(data)
|
||||
|
||||
object = %Object{} ->
|
||||
{:normalize, object = %Object{}} ->
|
||||
{:ok, object}
|
||||
|
||||
_e ->
|
||||
# Only fallback when receiving a fetch/normalization error with ActivityPub
|
||||
Logger.info("Couldn't get object via AP, trying out OStatus fetching...")
|
||||
|
||||
# FIXME: OStatus Object Containment?
|
||||
case OStatus.fetch_activity_from_url(id) do
|
||||
{:ok, [activity | _]} -> {:ok, Object.normalize(activity, false)}
|
||||
e -> e
|
||||
|
|
|
@ -31,12 +31,28 @@ defmodule Pleroma.Plugs.RateLimiter do
|
|||
|
||||
## Usage
|
||||
|
||||
AllowedSyntax:
|
||||
|
||||
plug(Pleroma.Plugs.RateLimiter, :limiter_name)
|
||||
plug(Pleroma.Plugs.RateLimiter, {:limiter_name, options})
|
||||
|
||||
Allowed options:
|
||||
|
||||
* `bucket_name` overrides bucket name (e.g. to have a separate limit for a set of actions)
|
||||
* `params` appends values of specified request params (e.g. ["id"]) to bucket name
|
||||
|
||||
Inside a controller:
|
||||
|
||||
plug(Pleroma.Plugs.RateLimiter, :one when action == :one)
|
||||
plug(Pleroma.Plugs.RateLimiter, :two when action in [:two, :three])
|
||||
|
||||
or inside a router pipiline:
|
||||
plug(
|
||||
Pleroma.Plugs.RateLimiter,
|
||||
{:status_id_action, bucket_name: "status_id_action:fav_unfav", params: ["id"]}
|
||||
when action in ~w(fav_status unfav_status)a
|
||||
)
|
||||
|
||||
or inside a router pipeline:
|
||||
|
||||
pipeline :api do
|
||||
...
|
||||
|
@ -49,33 +65,56 @@ defmodule Pleroma.Plugs.RateLimiter do
|
|||
|
||||
alias Pleroma.User
|
||||
|
||||
def init(limiter_name) do
|
||||
def init(limiter_name) when is_atom(limiter_name) do
|
||||
init({limiter_name, []})
|
||||
end
|
||||
|
||||
def init({limiter_name, opts}) do
|
||||
case Pleroma.Config.get([:rate_limit, limiter_name]) do
|
||||
nil -> nil
|
||||
config -> {limiter_name, config}
|
||||
config -> {limiter_name, config, opts}
|
||||
end
|
||||
end
|
||||
|
||||
# do not limit if there is no limiter configuration
|
||||
# Do not limit if there is no limiter configuration
|
||||
def call(conn, nil), do: conn
|
||||
|
||||
def call(conn, opts) do
|
||||
case check_rate(conn, opts) do
|
||||
{:ok, _count} -> conn
|
||||
{:error, _count} -> render_throttled_error(conn)
|
||||
def call(conn, settings) do
|
||||
case check_rate(conn, settings) do
|
||||
{:ok, _count} ->
|
||||
conn
|
||||
|
||||
{:error, _count} ->
|
||||
render_throttled_error(conn)
|
||||
end
|
||||
end
|
||||
|
||||
defp check_rate(%{assigns: %{user: %User{id: user_id}}}, {limiter_name, [_, {scale, limit}]}) do
|
||||
ExRated.check_rate("#{limiter_name}:#{user_id}", scale, limit)
|
||||
defp bucket_name(conn, limiter_name, opts) do
|
||||
bucket_name = opts[:bucket_name] || limiter_name
|
||||
|
||||
if params_names = opts[:params] do
|
||||
params_values = for p <- Enum.sort(params_names), do: conn.params[p]
|
||||
Enum.join([bucket_name] ++ params_values, ":")
|
||||
else
|
||||
bucket_name
|
||||
end
|
||||
end
|
||||
|
||||
defp check_rate(conn, {limiter_name, [{scale, limit} | _]}) do
|
||||
ExRated.check_rate("#{limiter_name}:#{ip(conn)}", scale, limit)
|
||||
defp check_rate(
|
||||
%{assigns: %{user: %User{id: user_id}}} = conn,
|
||||
{limiter_name, [_, {scale, limit}], opts}
|
||||
) do
|
||||
bucket_name = bucket_name(conn, limiter_name, opts)
|
||||
ExRated.check_rate("#{bucket_name}:#{user_id}", scale, limit)
|
||||
end
|
||||
|
||||
defp check_rate(conn, {limiter_name, {scale, limit}}) do
|
||||
check_rate(conn, {limiter_name, [{scale, limit}]})
|
||||
defp check_rate(conn, {limiter_name, [{scale, limit} | _], opts}) do
|
||||
bucket_name = bucket_name(conn, limiter_name, opts)
|
||||
ExRated.check_rate("#{bucket_name}:#{ip(conn)}", scale, limit)
|
||||
end
|
||||
|
||||
defp check_rate(conn, {limiter_name, {scale, limit}, opts}) do
|
||||
check_rate(conn, {limiter_name, [{scale, limit}, {scale, limit}], opts})
|
||||
end
|
||||
|
||||
def ip(%{remote_ip: remote_ip}) do
|
||||
|
|
|
@ -61,7 +61,7 @@ defmodule Pleroma.ReverseProxy do
|
|||
* `http`: options for [hackney](https://github.com/benoitc/hackney).
|
||||
|
||||
"""
|
||||
@default_hackney_options []
|
||||
@default_hackney_options [pool: :media]
|
||||
|
||||
@inline_content_types [
|
||||
"image/gif",
|
||||
|
@ -94,7 +94,8 @@ def call(_conn, _url, _opts \\ [])
|
|||
|
||||
def call(conn = %{method: method}, url, opts) when method in @methods do
|
||||
hackney_opts =
|
||||
@default_hackney_options
|
||||
Pleroma.HTTP.Connection.hackney_options([])
|
||||
|> Keyword.merge(@default_hackney_options)
|
||||
|> Keyword.merge(Keyword.get(opts, :http, []))
|
||||
|> HTTP.process_request_options()
|
||||
|
||||
|
|
|
@ -749,10 +749,13 @@ def get_recipients_from_activity(%Activity{recipients: to}) do
|
|||
|> Repo.all()
|
||||
end
|
||||
|
||||
def mute(muter, %User{ap_id: ap_id}) do
|
||||
@spec mute(User.t(), User.t(), boolean()) :: {:ok, User.t()} | {:error, String.t()}
|
||||
def mute(muter, %User{ap_id: ap_id}, notifications? \\ true) do
|
||||
info = muter.info
|
||||
|
||||
info_cng =
|
||||
muter.info
|
||||
|> User.Info.add_to_mutes(ap_id)
|
||||
User.Info.add_to_mutes(info, ap_id)
|
||||
|> User.Info.add_to_muted_notifications(info, ap_id, notifications?)
|
||||
|
||||
cng =
|
||||
change(muter)
|
||||
|
@ -762,9 +765,11 @@ def mute(muter, %User{ap_id: ap_id}) do
|
|||
end
|
||||
|
||||
def unmute(muter, %{ap_id: ap_id}) do
|
||||
info = muter.info
|
||||
|
||||
info_cng =
|
||||
muter.info
|
||||
|> User.Info.remove_from_mutes(ap_id)
|
||||
User.Info.remove_from_mutes(info, ap_id)
|
||||
|> User.Info.remove_from_muted_notifications(info, ap_id)
|
||||
|
||||
cng =
|
||||
change(muter)
|
||||
|
@ -860,6 +865,12 @@ def unblock(blocker, %{ap_id: ap_id}) do
|
|||
def mutes?(nil, _), do: false
|
||||
def mutes?(user, %{ap_id: ap_id}), do: Enum.member?(user.info.mutes, ap_id)
|
||||
|
||||
@spec muted_notifications?(User.t() | nil, User.t() | map()) :: boolean()
|
||||
def muted_notifications?(nil, _), do: false
|
||||
|
||||
def muted_notifications?(user, %{ap_id: ap_id}),
|
||||
do: Enum.member?(user.info.muted_notifications, ap_id)
|
||||
|
||||
def blocks?(%User{info: info} = _user, %{ap_id: ap_id}) do
|
||||
blocks = info.blocks
|
||||
domain_blocks = info.domain_blocks
|
||||
|
@ -1179,10 +1190,12 @@ def public_key_from_info(%{
|
|||
end
|
||||
|
||||
# OStatus Magic Key
|
||||
def public_key_from_info(%{magic_key: magic_key}) do
|
||||
def public_key_from_info(%{magic_key: magic_key}) when not is_nil(magic_key) do
|
||||
{:ok, Pleroma.Web.Salmon.decode_key(magic_key)}
|
||||
end
|
||||
|
||||
def public_key_from_info(_), do: {:error, "not found key"}
|
||||
|
||||
def get_public_key_for_ap_id(ap_id) do
|
||||
with {:ok, %User{} = user} <- get_or_fetch_by_ap_id(ap_id),
|
||||
{:ok, public_key} <- public_key_from_info(user.info) do
|
||||
|
@ -1368,23 +1381,16 @@ def get_mascot(%{info: %{mascot: mascot}}) when is_nil(mascot) do
|
|||
}
|
||||
end
|
||||
|
||||
def ensure_keys_present(user) do
|
||||
info = user.info
|
||||
|
||||
def ensure_keys_present(%User{info: info} = user) do
|
||||
if info.keys do
|
||||
{:ok, user}
|
||||
else
|
||||
{:ok, pem} = Keys.generate_rsa_pem()
|
||||
|
||||
info_cng =
|
||||
info
|
||||
|> User.Info.set_keys(pem)
|
||||
|
||||
cng =
|
||||
Ecto.Changeset.change(user)
|
||||
|> Ecto.Changeset.put_embed(:info, info_cng)
|
||||
|
||||
update_and_set_cache(cng)
|
||||
user
|
||||
|> Ecto.Changeset.change()
|
||||
|> Ecto.Changeset.put_embed(:info, User.Info.set_keys(info, pem))
|
||||
|> update_and_set_cache()
|
||||
end
|
||||
end
|
||||
|
||||
|
|
|
@ -24,6 +24,7 @@ defmodule Pleroma.User.Info do
|
|||
field(:domain_blocks, {:array, :string}, default: [])
|
||||
field(:mutes, {:array, :string}, default: [])
|
||||
field(:muted_reblogs, {:array, :string}, default: [])
|
||||
field(:muted_notifications, {:array, :string}, default: [])
|
||||
field(:subscribers, {:array, :string}, default: [])
|
||||
field(:deactivated, :boolean, default: false)
|
||||
field(:no_rich_text, :boolean, default: false)
|
||||
|
@ -120,6 +121,16 @@ def set_mutes(info, mutes) do
|
|||
|> validate_required([:mutes])
|
||||
end
|
||||
|
||||
@spec set_notification_mutes(Changeset.t(), [String.t()], boolean()) :: Changeset.t()
|
||||
def set_notification_mutes(changeset, muted_notifications, notifications?) do
|
||||
if notifications? do
|
||||
put_change(changeset, :muted_notifications, muted_notifications)
|
||||
|> validate_required([:muted_notifications])
|
||||
else
|
||||
changeset
|
||||
end
|
||||
end
|
||||
|
||||
def set_blocks(info, blocks) do
|
||||
params = %{blocks: blocks}
|
||||
|
||||
|
@ -136,14 +147,31 @@ def set_subscribers(info, subscribers) do
|
|||
|> validate_required([:subscribers])
|
||||
end
|
||||
|
||||
@spec add_to_mutes(Info.t(), String.t()) :: Changeset.t()
|
||||
def add_to_mutes(info, muted) do
|
||||
set_mutes(info, Enum.uniq([muted | info.mutes]))
|
||||
end
|
||||
|
||||
@spec add_to_muted_notifications(Changeset.t(), Info.t(), String.t(), boolean()) ::
|
||||
Changeset.t()
|
||||
def add_to_muted_notifications(changeset, info, muted, notifications?) do
|
||||
set_notification_mutes(
|
||||
changeset,
|
||||
Enum.uniq([muted | info.muted_notifications]),
|
||||
notifications?
|
||||
)
|
||||
end
|
||||
|
||||
@spec remove_from_mutes(Info.t(), String.t()) :: Changeset.t()
|
||||
def remove_from_mutes(info, muted) do
|
||||
set_mutes(info, List.delete(info.mutes, muted))
|
||||
end
|
||||
|
||||
@spec remove_from_muted_notifications(Changeset.t(), Info.t(), String.t()) :: Changeset.t()
|
||||
def remove_from_muted_notifications(changeset, info, muted) do
|
||||
set_notification_mutes(changeset, List.delete(info.muted_notifications, muted), true)
|
||||
end
|
||||
|
||||
def add_to_block(info, blocked) do
|
||||
set_blocks(info, Enum.uniq([blocked | info.blocks]))
|
||||
end
|
||||
|
|
|
@ -8,6 +8,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do
|
|||
alias Pleroma.Conversation
|
||||
alias Pleroma.Notification
|
||||
alias Pleroma.Object
|
||||
alias Pleroma.Object.Containment
|
||||
alias Pleroma.Object.Fetcher
|
||||
alias Pleroma.Pagination
|
||||
alias Pleroma.Repo
|
||||
|
@ -26,19 +27,16 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do
|
|||
# For Announce activities, we filter the recipients based on following status for any actors
|
||||
# that match actual users. See issue #164 for more information about why this is necessary.
|
||||
defp get_recipients(%{"type" => "Announce"} = data) do
|
||||
to = data["to"] || []
|
||||
cc = data["cc"] || []
|
||||
to = Map.get(data, "to", [])
|
||||
cc = Map.get(data, "cc", [])
|
||||
bcc = Map.get(data, "bcc", [])
|
||||
actor = User.get_cached_by_ap_id(data["actor"])
|
||||
|
||||
recipients =
|
||||
(to ++ cc)
|
||||
|> Enum.filter(fn recipient ->
|
||||
Enum.filter(Enum.concat([to, cc, bcc]), fn recipient ->
|
||||
case User.get_cached_by_ap_id(recipient) do
|
||||
nil ->
|
||||
true
|
||||
|
||||
user ->
|
||||
User.following?(user, actor)
|
||||
nil -> true
|
||||
user -> User.following?(user, actor)
|
||||
end
|
||||
end)
|
||||
|
||||
|
@ -46,17 +44,19 @@ defp get_recipients(%{"type" => "Announce"} = data) do
|
|||
end
|
||||
|
||||
defp get_recipients(%{"type" => "Create"} = data) do
|
||||
to = data["to"] || []
|
||||
cc = data["cc"] || []
|
||||
actor = data["actor"] || []
|
||||
recipients = (to ++ cc ++ [actor]) |> Enum.uniq()
|
||||
to = Map.get(data, "to", [])
|
||||
cc = Map.get(data, "cc", [])
|
||||
bcc = Map.get(data, "bcc", [])
|
||||
actor = Map.get(data, "actor", [])
|
||||
recipients = [to, cc, bcc, [actor]] |> Enum.concat() |> Enum.uniq()
|
||||
{recipients, to, cc}
|
||||
end
|
||||
|
||||
defp get_recipients(data) do
|
||||
to = data["to"] || []
|
||||
cc = data["cc"] || []
|
||||
recipients = to ++ cc
|
||||
to = Map.get(data, "to", [])
|
||||
cc = Map.get(data, "cc", [])
|
||||
bcc = Map.get(data, "bcc", [])
|
||||
recipients = Enum.concat([to, cc, bcc])
|
||||
{recipients, to, cc}
|
||||
end
|
||||
|
||||
|
@ -126,6 +126,7 @@ def insert(map, local \\ true, fake \\ false) when is_map(map) do
|
|||
{:ok, map} <- MRF.filter(map),
|
||||
{recipients, _, _} = get_recipients(map),
|
||||
{:fake, false, map, recipients} <- {:fake, fake, map, recipients},
|
||||
:ok <- Containment.contain_child(map),
|
||||
{:ok, map, object} <- insert_full_object(map) do
|
||||
{:ok, activity} =
|
||||
Repo.insert(%Activity{
|
||||
|
@ -896,13 +897,11 @@ defp maybe_order(query, %{order: :asc}) do
|
|||
defp maybe_order(query, _), do: query
|
||||
|
||||
def fetch_activities_query(recipients, opts \\ %{}) do
|
||||
base_query = from(activity in Activity)
|
||||
|
||||
config = %{
|
||||
skip_thread_containment: Config.get([:instance, :skip_thread_containment])
|
||||
}
|
||||
|
||||
base_query
|
||||
Activity
|
||||
|> maybe_preload_objects(opts)
|
||||
|> maybe_preload_bookmarks(opts)
|
||||
|> maybe_set_thread_muted_field(opts)
|
||||
|
@ -931,11 +930,31 @@ def fetch_activities_query(recipients, opts \\ %{}) do
|
|||
end
|
||||
|
||||
def fetch_activities(recipients, opts \\ %{}) do
|
||||
fetch_activities_query(recipients, opts)
|
||||
list_memberships = Pleroma.List.memberships(opts["user"])
|
||||
|
||||
fetch_activities_query(recipients ++ list_memberships, opts)
|
||||
|> Pagination.fetch_paginated(opts)
|
||||
|> Enum.reverse()
|
||||
|> maybe_update_cc(list_memberships, opts["user"])
|
||||
end
|
||||
|
||||
defp maybe_update_cc(activities, list_memberships, %User{ap_id: user_ap_id})
|
||||
when is_list(list_memberships) and length(list_memberships) > 0 do
|
||||
Enum.map(activities, fn
|
||||
%{data: %{"bcc" => bcc}} = activity when is_list(bcc) and length(bcc) > 0 ->
|
||||
if Enum.any?(bcc, &(&1 in list_memberships)) do
|
||||
update_in(activity.data["cc"], &[user_ap_id | &1])
|
||||
else
|
||||
activity
|
||||
end
|
||||
|
||||
activity ->
|
||||
activity
|
||||
end)
|
||||
end
|
||||
|
||||
defp maybe_update_cc(activities, _, _), do: activities
|
||||
|
||||
def fetch_activities_bounded_query(query, recipients, recipients_with_public) do
|
||||
from(activity in query,
|
||||
where:
|
||||
|
|
|
@ -103,43 +103,57 @@ def activity(conn, %{"uuid" => uuid}) do
|
|||
end
|
||||
end
|
||||
|
||||
def following(conn, %{"nickname" => nickname, "page" => page}) do
|
||||
def following(%{assigns: %{user: for_user}} = conn, %{"nickname" => nickname, "page" => page}) do
|
||||
with %User{} = user <- User.get_cached_by_nickname(nickname),
|
||||
{:ok, user} <- User.ensure_keys_present(user) do
|
||||
{user, for_user} <- ensure_user_keys_present_and_maybe_refresh_for_user(user, for_user),
|
||||
{:show_follows, true} <-
|
||||
{:show_follows, (for_user && for_user == user) || !user.info.hide_follows} do
|
||||
{page, _} = Integer.parse(page)
|
||||
|
||||
conn
|
||||
|> put_resp_header("content-type", "application/activity+json")
|
||||
|> json(UserView.render("following.json", %{user: user, page: page}))
|
||||
|> json(UserView.render("following.json", %{user: user, page: page, for: for_user}))
|
||||
else
|
||||
{:show_follows, _} ->
|
||||
conn
|
||||
|> put_resp_header("content-type", "application/activity+json")
|
||||
|> send_resp(403, "")
|
||||
end
|
||||
end
|
||||
|
||||
def following(conn, %{"nickname" => nickname}) do
|
||||
def following(%{assigns: %{user: for_user}} = conn, %{"nickname" => nickname}) do
|
||||
with %User{} = user <- User.get_cached_by_nickname(nickname),
|
||||
{:ok, user} <- User.ensure_keys_present(user) do
|
||||
{user, for_user} <- ensure_user_keys_present_and_maybe_refresh_for_user(user, for_user) do
|
||||
conn
|
||||
|> put_resp_header("content-type", "application/activity+json")
|
||||
|> json(UserView.render("following.json", %{user: user}))
|
||||
|> json(UserView.render("following.json", %{user: user, for: for_user}))
|
||||
end
|
||||
end
|
||||
|
||||
def followers(conn, %{"nickname" => nickname, "page" => page}) do
|
||||
def followers(%{assigns: %{user: for_user}} = conn, %{"nickname" => nickname, "page" => page}) do
|
||||
with %User{} = user <- User.get_cached_by_nickname(nickname),
|
||||
{:ok, user} <- User.ensure_keys_present(user) do
|
||||
{user, for_user} <- ensure_user_keys_present_and_maybe_refresh_for_user(user, for_user),
|
||||
{:show_followers, true} <-
|
||||
{:show_followers, (for_user && for_user == user) || !user.info.hide_followers} do
|
||||
{page, _} = Integer.parse(page)
|
||||
|
||||
conn
|
||||
|> put_resp_header("content-type", "application/activity+json")
|
||||
|> json(UserView.render("followers.json", %{user: user, page: page}))
|
||||
|> json(UserView.render("followers.json", %{user: user, page: page, for: for_user}))
|
||||
else
|
||||
{:show_followers, _} ->
|
||||
conn
|
||||
|> put_resp_header("content-type", "application/activity+json")
|
||||
|> send_resp(403, "")
|
||||
end
|
||||
end
|
||||
|
||||
def followers(conn, %{"nickname" => nickname}) do
|
||||
def followers(%{assigns: %{user: for_user}} = conn, %{"nickname" => nickname}) do
|
||||
with %User{} = user <- User.get_cached_by_nickname(nickname),
|
||||
{:ok, user} <- User.ensure_keys_present(user) do
|
||||
{user, for_user} <- ensure_user_keys_present_and_maybe_refresh_for_user(user, for_user) do
|
||||
conn
|
||||
|> put_resp_header("content-type", "application/activity+json")
|
||||
|> json(UserView.render("followers.json", %{user: user}))
|
||||
|> json(UserView.render("followers.json", %{user: user, for: for_user}))
|
||||
end
|
||||
end
|
||||
|
||||
|
@ -325,4 +339,17 @@ defp set_requester_reachable(%Plug.Conn{} = conn, _) do
|
|||
|
||||
conn
|
||||
end
|
||||
|
||||
defp ensure_user_keys_present_and_maybe_refresh_for_user(user, for_user) do
|
||||
{:ok, new_user} = User.ensure_keys_present(user)
|
||||
|
||||
for_user =
|
||||
if new_user != user and match?(%User{}, for_user) do
|
||||
User.get_cached_by_nickname(for_user.nickname)
|
||||
else
|
||||
for_user
|
||||
end
|
||||
|
||||
{new_user, for_user}
|
||||
end
|
||||
end
|
||||
|
|
|
@ -92,18 +92,68 @@ defp should_federate?(inbox, public) do
|
|||
end
|
||||
end
|
||||
|
||||
@doc """
|
||||
Publishes an activity to all relevant peers.
|
||||
"""
|
||||
def publish(%User{} = actor, %Activity{} = activity) do
|
||||
remote_followers =
|
||||
defp recipients(actor, activity) do
|
||||
followers =
|
||||
if actor.follower_address in activity.recipients do
|
||||
{:ok, followers} = User.get_followers(actor)
|
||||
followers |> Enum.filter(&(!&1.local))
|
||||
Enum.filter(followers, &(!&1.local))
|
||||
else
|
||||
[]
|
||||
end
|
||||
|
||||
Pleroma.Web.Salmon.remote_users(actor, activity) ++ followers
|
||||
end
|
||||
|
||||
defp get_cc_ap_ids(ap_id, recipients) do
|
||||
host = Map.get(URI.parse(ap_id), :host)
|
||||
|
||||
recipients
|
||||
|> Enum.filter(fn %User{ap_id: ap_id} -> Map.get(URI.parse(ap_id), :host) == host end)
|
||||
|> Enum.map(& &1.ap_id)
|
||||
end
|
||||
|
||||
@doc """
|
||||
Publishes an activity with BCC to all relevant peers.
|
||||
"""
|
||||
|
||||
def publish(actor, %{data: %{"bcc" => bcc}} = activity) when is_list(bcc) and bcc != [] do
|
||||
public = is_public?(activity)
|
||||
{:ok, data} = Transmogrifier.prepare_outgoing(activity.data)
|
||||
|
||||
recipients = recipients(actor, activity)
|
||||
|
||||
recipients
|
||||
|> Enum.filter(&User.ap_enabled?/1)
|
||||
|> Enum.map(fn %{info: %{source_data: data}} -> data["inbox"] end)
|
||||
|> Enum.filter(fn inbox -> should_federate?(inbox, public) end)
|
||||
|> Instances.filter_reachable()
|
||||
|> Enum.each(fn {inbox, unreachable_since} ->
|
||||
%User{ap_id: ap_id} =
|
||||
Enum.find(recipients, fn %{info: %{source_data: data}} -> data["inbox"] == inbox end)
|
||||
|
||||
# Get all the recipients on the same host and add them to cc. Otherwise it a remote
|
||||
# instance would only accept a first message for the first recipient and ignore the rest.
|
||||
cc = get_cc_ap_ids(ap_id, recipients)
|
||||
|
||||
json =
|
||||
data
|
||||
|> Map.put("cc", cc)
|
||||
|> Jason.encode!()
|
||||
|
||||
Pleroma.Web.Federator.Publisher.enqueue_one(__MODULE__, %{
|
||||
inbox: inbox,
|
||||
json: json,
|
||||
actor: actor,
|
||||
id: activity.data["id"],
|
||||
unreachable_since: unreachable_since
|
||||
})
|
||||
end)
|
||||
end
|
||||
|
||||
@doc """
|
||||
Publishes an activity to all relevant peers.
|
||||
"""
|
||||
def publish(%User{} = actor, %Activity{} = activity) do
|
||||
public = is_public?(activity)
|
||||
|
||||
if public && Config.get([:instance, :allow_relay]) do
|
||||
|
@ -114,7 +164,7 @@ def publish(%User{} = actor, %Activity{} = activity) do
|
|||
{:ok, data} = Transmogrifier.prepare_outgoing(activity.data)
|
||||
json = Jason.encode!(data)
|
||||
|
||||
(Pleroma.Web.Salmon.remote_users(activity) ++ remote_followers)
|
||||
recipients(actor, activity)
|
||||
|> Enum.filter(fn user -> User.ap_enabled?(user) end)
|
||||
|> Enum.map(fn %{info: %{source_data: data}} ->
|
||||
(is_map(data["endpoints"]) && Map.get(data["endpoints"], "sharedInbox")) || data["inbox"]
|
||||
|
|
|
@ -814,13 +814,16 @@ def prepare_object(object) do
|
|||
|
||||
def prepare_outgoing(%{"type" => "Create", "object" => object_id} = data) do
|
||||
object =
|
||||
Object.normalize(object_id).data
|
||||
object_id
|
||||
|> Object.normalize()
|
||||
|> Map.get(:data)
|
||||
|> prepare_object
|
||||
|
||||
data =
|
||||
data
|
||||
|> Map.put("object", object)
|
||||
|> Map.merge(Utils.make_json_ld_header())
|
||||
|> Map.delete("bcc")
|
||||
|
||||
{:ok, data}
|
||||
end
|
||||
|
|
|
@ -25,12 +25,8 @@ defmodule Pleroma.Web.ActivityPub.Utils do
|
|||
|
||||
# Some implementations send the actor URI as the actor field, others send the entire actor object,
|
||||
# so figure out what the actor's URI is based on what we have.
|
||||
def get_ap_id(object) do
|
||||
case object do
|
||||
%{"id" => id} -> id
|
||||
id -> id
|
||||
end
|
||||
end
|
||||
def get_ap_id(%{"id" => id} = _), do: id
|
||||
def get_ap_id(id), do: id
|
||||
|
||||
def normalize_params(params) do
|
||||
Map.put(params, "actor", get_ap_id(params["actor"]))
|
||||
|
|
|
@ -98,29 +98,31 @@ def render("user.json", %{user: user}) do
|
|||
|> Map.merge(Utils.make_json_ld_header())
|
||||
end
|
||||
|
||||
def render("following.json", %{user: user, page: page}) do
|
||||
def render("following.json", %{user: user, page: page} = opts) do
|
||||
showing = (opts[:for] && opts[:for] == user) || !user.info.hide_follows
|
||||
query = User.get_friends_query(user)
|
||||
query = from(user in query, select: [:ap_id])
|
||||
following = Repo.all(query)
|
||||
|
||||
total =
|
||||
if !user.info.hide_follows do
|
||||
if showing do
|
||||
length(following)
|
||||
else
|
||||
0
|
||||
end
|
||||
|
||||
collection(following, "#{user.ap_id}/following", page, !user.info.hide_follows, total)
|
||||
collection(following, "#{user.ap_id}/following", page, showing, total)
|
||||
|> Map.merge(Utils.make_json_ld_header())
|
||||
end
|
||||
|
||||
def render("following.json", %{user: user}) do
|
||||
def render("following.json", %{user: user} = opts) do
|
||||
showing = (opts[:for] && opts[:for] == user) || !user.info.hide_follows
|
||||
query = User.get_friends_query(user)
|
||||
query = from(user in query, select: [:ap_id])
|
||||
following = Repo.all(query)
|
||||
|
||||
total =
|
||||
if !user.info.hide_follows do
|
||||
if showing do
|
||||
length(following)
|
||||
else
|
||||
0
|
||||
|
@ -130,34 +132,43 @@ def render("following.json", %{user: user}) do
|
|||
"id" => "#{user.ap_id}/following",
|
||||
"type" => "OrderedCollection",
|
||||
"totalItems" => total,
|
||||
"first" => collection(following, "#{user.ap_id}/following", 1, !user.info.hide_follows)
|
||||
"first" =>
|
||||
if showing do
|
||||
collection(following, "#{user.ap_id}/following", 1, !user.info.hide_follows)
|
||||
else
|
||||
"#{user.ap_id}/following?page=1"
|
||||
end
|
||||
}
|
||||
|> Map.merge(Utils.make_json_ld_header())
|
||||
end
|
||||
|
||||
def render("followers.json", %{user: user, page: page}) do
|
||||
def render("followers.json", %{user: user, page: page} = opts) do
|
||||
showing = (opts[:for] && opts[:for] == user) || !user.info.hide_followers
|
||||
|
||||
query = User.get_followers_query(user)
|
||||
query = from(user in query, select: [:ap_id])
|
||||
followers = Repo.all(query)
|
||||
|
||||
total =
|
||||
if !user.info.hide_followers do
|
||||
if showing do
|
||||
length(followers)
|
||||
else
|
||||
0
|
||||
end
|
||||
|
||||
collection(followers, "#{user.ap_id}/followers", page, !user.info.hide_followers, total)
|
||||
collection(followers, "#{user.ap_id}/followers", page, showing, total)
|
||||
|> Map.merge(Utils.make_json_ld_header())
|
||||
end
|
||||
|
||||
def render("followers.json", %{user: user}) do
|
||||
def render("followers.json", %{user: user} = opts) do
|
||||
showing = (opts[:for] && opts[:for] == user) || !user.info.hide_followers
|
||||
|
||||
query = User.get_followers_query(user)
|
||||
query = from(user in query, select: [:ap_id])
|
||||
followers = Repo.all(query)
|
||||
|
||||
total =
|
||||
if !user.info.hide_followers do
|
||||
if showing do
|
||||
length(followers)
|
||||
else
|
||||
0
|
||||
|
@ -168,7 +179,11 @@ def render("followers.json", %{user: user}) do
|
|||
"type" => "OrderedCollection",
|
||||
"totalItems" => total,
|
||||
"first" =>
|
||||
collection(followers, "#{user.ap_id}/followers", 1, !user.info.hide_followers, total)
|
||||
if showing do
|
||||
collection(followers, "#{user.ap_id}/followers", 1, showing, total)
|
||||
else
|
||||
"#{user.ap_id}/followers?page=1"
|
||||
end
|
||||
}
|
||||
|> Map.merge(Utils.make_json_ld_header())
|
||||
end
|
||||
|
|
|
@ -34,6 +34,20 @@ def is_direct?(activity) do
|
|||
!is_public?(activity) && !is_private?(activity)
|
||||
end
|
||||
|
||||
def is_list?(%{data: %{"listMessage" => _}}), do: true
|
||||
def is_list?(_), do: false
|
||||
|
||||
def visible_for_user?(%{actor: ap_id}, %User{ap_id: ap_id}), do: true
|
||||
|
||||
def visible_for_user?(%{data: %{"listMessage" => list_ap_id}} = activity, %User{} = user) do
|
||||
user.ap_id in activity.data["to"] ||
|
||||
list_ap_id
|
||||
|> Pleroma.List.get_by_ap_id()
|
||||
|> Pleroma.List.member?(user)
|
||||
end
|
||||
|
||||
def visible_for_user?(%{data: %{"listMessage" => _}}, nil), do: false
|
||||
|
||||
def visible_for_user?(activity, nil) do
|
||||
is_public?(activity)
|
||||
end
|
||||
|
@ -73,6 +87,9 @@ def get_visibility(object) do
|
|||
object.data["directMessage"] == true ->
|
||||
"direct"
|
||||
|
||||
is_binary(object.data["listMessage"]) ->
|
||||
"list"
|
||||
|
||||
length(cc) > 0 ->
|
||||
"private"
|
||||
|
||||
|
|
|
@ -31,7 +31,8 @@ def follow(follower, followed) do
|
|||
|
||||
def unfollow(follower, unfollowed) do
|
||||
with {:ok, follower, _follow_activity} <- User.unfollow(follower, unfollowed),
|
||||
{:ok, _activity} <- ActivityPub.unfollow(follower, unfollowed) do
|
||||
{:ok, _activity} <- ActivityPub.unfollow(follower, unfollowed),
|
||||
{:ok, _unfollowed} <- User.unsubscribe(follower, unfollowed) do
|
||||
{:ok, follower}
|
||||
end
|
||||
end
|
||||
|
@ -175,6 +176,11 @@ def get_visibility(%{"visibility" => visibility}, in_reply_to)
|
|||
when visibility in ~w{public unlisted private direct},
|
||||
do: {visibility, get_replied_to_visibility(in_reply_to)}
|
||||
|
||||
def get_visibility(%{"visibility" => "list:" <> list_id}, in_reply_to) do
|
||||
visibility = {:list, String.to_integer(list_id)}
|
||||
{visibility, get_replied_to_visibility(in_reply_to)}
|
||||
end
|
||||
|
||||
def get_visibility(_, in_reply_to) when not is_nil(in_reply_to) do
|
||||
visibility = get_replied_to_visibility(in_reply_to)
|
||||
{visibility, visibility}
|
||||
|
@ -235,19 +241,18 @@ def post(user, %{"status" => status} = data) do
|
|||
"emoji",
|
||||
Map.merge(Formatter.get_emoji_map(full_payload), poll_emoji)
|
||||
) do
|
||||
res =
|
||||
ActivityPub.create(
|
||||
%{
|
||||
to: to,
|
||||
actor: user,
|
||||
context: context,
|
||||
object: object,
|
||||
additional: %{"cc" => cc, "directMessage" => visibility == "direct"}
|
||||
},
|
||||
Pleroma.Web.ControllerHelper.truthy_param?(data["preview"]) || false
|
||||
)
|
||||
preview? = Pleroma.Web.ControllerHelper.truthy_param?(data["preview"]) || false
|
||||
direct? = visibility == "direct"
|
||||
|
||||
res
|
||||
%{
|
||||
to: to,
|
||||
actor: user,
|
||||
context: context,
|
||||
object: object,
|
||||
additional: %{"cc" => cc, "directMessage" => direct?}
|
||||
}
|
||||
|> maybe_add_list_data(user, visibility)
|
||||
|> ActivityPub.create(preview?)
|
||||
else
|
||||
{:private_to_public, true} ->
|
||||
{:error, dgettext("errors", "The message visibility must be direct")}
|
||||
|
|
|
@ -100,12 +100,29 @@ def get_to_and_cc(_user, mentioned_users, inReplyTo, "direct") do
|
|||
end
|
||||
end
|
||||
|
||||
def get_to_and_cc(_user, mentions, _inReplyTo, {:list, _}), do: {mentions, []}
|
||||
|
||||
def get_addressed_users(_, to) when is_list(to) do
|
||||
User.get_ap_ids_by_nicknames(to)
|
||||
end
|
||||
|
||||
def get_addressed_users(mentioned_users, _), do: mentioned_users
|
||||
|
||||
def maybe_add_list_data(activity_params, user, {:list, list_id}) do
|
||||
case Pleroma.List.get(list_id, user) do
|
||||
%Pleroma.List{} = list ->
|
||||
activity_params
|
||||
|> put_in([:additional, "bcc"], [list.ap_id])
|
||||
|> put_in([:additional, "listMessage"], list.ap_id)
|
||||
|> put_in([:object, "listMessage"], list.ap_id)
|
||||
|
||||
_ ->
|
||||
activity_params
|
||||
end
|
||||
end
|
||||
|
||||
def maybe_add_list_data(activity_params, _, _), do: activity_params
|
||||
|
||||
def make_poll_data(%{"poll" => %{"options" => options, "expires_in" => expires_in}} = data)
|
||||
when is_list(options) do
|
||||
%{max_expiration: max_expiration, min_expiration: min_expiration} =
|
||||
|
|
|
@ -53,7 +53,7 @@ def get_notifications(user, params \\ %{}) do
|
|||
options = cast_params(params)
|
||||
|
||||
user
|
||||
|> Notification.for_user_query()
|
||||
|> Notification.for_user_query(options)
|
||||
|> restrict(:exclude_types, options)
|
||||
|> Pagination.fetch_paginated(params)
|
||||
end
|
||||
|
@ -67,7 +67,8 @@ def get_scheduled_activities(user, params \\ %{}) do
|
|||
defp cast_params(params) do
|
||||
param_types = %{
|
||||
exclude_types: {:array, :string},
|
||||
reblogs: :boolean
|
||||
reblogs: :boolean,
|
||||
with_muted: :boolean
|
||||
}
|
||||
|
||||
changeset = cast({%{}, param_types}, params, Map.keys(param_types))
|
||||
|
|
|
@ -15,6 +15,7 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIController do
|
|||
alias Pleroma.Notification
|
||||
alias Pleroma.Object
|
||||
alias Pleroma.Pagination
|
||||
alias Pleroma.Plugs.RateLimiter
|
||||
alias Pleroma.Repo
|
||||
alias Pleroma.ScheduledActivity
|
||||
alias Pleroma.Stats
|
||||
|
@ -46,8 +47,24 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIController do
|
|||
|
||||
require Logger
|
||||
|
||||
plug(Pleroma.Plugs.RateLimiter, :app_account_creation when action == :account_register)
|
||||
plug(Pleroma.Plugs.RateLimiter, :search when action in [:search, :search2, :account_search])
|
||||
@rate_limited_status_actions ~w(reblog_status unreblog_status fav_status unfav_status
|
||||
post_status delete_status)a
|
||||
|
||||
plug(
|
||||
RateLimiter,
|
||||
{:status_id_action, bucket_name: "status_id_action:reblog_unreblog", params: ["id"]}
|
||||
when action in ~w(reblog_status unreblog_status)a
|
||||
)
|
||||
|
||||
plug(
|
||||
RateLimiter,
|
||||
{:status_id_action, bucket_name: "status_id_action:fav_unfav", params: ["id"]}
|
||||
when action in ~w(fav_status unfav_status)a
|
||||
)
|
||||
|
||||
plug(RateLimiter, :statuses_actions when action in @rate_limited_status_actions)
|
||||
plug(RateLimiter, :app_account_creation when action == :account_register)
|
||||
plug(RateLimiter, :search when action in [:search, :search2, :account_search])
|
||||
|
||||
@local_mastodon_name "Mastodon-Local"
|
||||
|
||||
|
@ -1051,9 +1068,14 @@ def unfollow(%{assigns: %{user: follower}} = conn, %{"id" => id}) do
|
|||
end
|
||||
end
|
||||
|
||||
def mute(%{assigns: %{user: muter}} = conn, %{"id" => id}) do
|
||||
def mute(%{assigns: %{user: muter}} = conn, %{"id" => id} = params) do
|
||||
notifications =
|
||||
if Map.has_key?(params, "notifications"),
|
||||
do: params["notifications"] in [true, "True", "true", "1"],
|
||||
else: true
|
||||
|
||||
with %User{} = muted <- User.get_cached_by_id(id),
|
||||
{:ok, muter} <- User.mute(muter, muted) do
|
||||
{:ok, muter} <- User.mute(muter, muted, notifications) do
|
||||
conn
|
||||
|> put_view(AccountView)
|
||||
|> render("relationship.json", %{user: muter, target: muted})
|
||||
|
|
|
@ -52,7 +52,7 @@ def render("relationship.json", %{user: %User{} = user, target: %User{} = target
|
|||
followed_by: User.following?(target, user),
|
||||
blocking: User.blocks?(user, target),
|
||||
muting: User.mutes?(user, target),
|
||||
muting_notifications: false,
|
||||
muting_notifications: User.muted_notifications?(user, target),
|
||||
subscribing: User.subscribed_to?(user, target),
|
||||
requested: requested,
|
||||
domain_blocking: false,
|
||||
|
|
|
@ -3,68 +3,71 @@
|
|||
# SPDX-License-Identifier: AGPL-3.0-only
|
||||
|
||||
defmodule Pleroma.Web.MediaProxy do
|
||||
alias Pleroma.Config
|
||||
alias Pleroma.Web
|
||||
|
||||
@base64_opts [padding: false]
|
||||
|
||||
def url(nil), do: nil
|
||||
|
||||
def url(""), do: nil
|
||||
|
||||
def url(url) when is_nil(url) or url == "", do: nil
|
||||
def url("/" <> _ = url), do: url
|
||||
|
||||
def url(url) do
|
||||
if !enabled?() or local?(url) or whitelisted?(url) do
|
||||
if disabled?() or local?(url) or whitelisted?(url) do
|
||||
url
|
||||
else
|
||||
encode_url(url)
|
||||
end
|
||||
end
|
||||
|
||||
defp enabled?, do: Pleroma.Config.get([:media_proxy, :enabled], false)
|
||||
defp disabled?, do: !Config.get([:media_proxy, :enabled], false)
|
||||
|
||||
defp local?(url), do: String.starts_with?(url, Pleroma.Web.base_url())
|
||||
|
||||
defp whitelisted?(url) do
|
||||
%{host: domain} = URI.parse(url)
|
||||
|
||||
Enum.any?(Pleroma.Config.get([:media_proxy, :whitelist]), fn pattern ->
|
||||
Enum.any?(Config.get([:media_proxy, :whitelist]), fn pattern ->
|
||||
String.equivalent?(domain, pattern)
|
||||
end)
|
||||
end
|
||||
|
||||
def encode_url(url) do
|
||||
secret = Pleroma.Config.get([Pleroma.Web.Endpoint, :secret_key_base])
|
||||
base64 = Base.url_encode64(url, @base64_opts)
|
||||
sig = :crypto.hmac(:sha, secret, base64)
|
||||
sig64 = sig |> Base.url_encode64(@base64_opts)
|
||||
|
||||
sig64 =
|
||||
base64
|
||||
|> signed_url
|
||||
|> Base.url_encode64(@base64_opts)
|
||||
|
||||
build_url(sig64, base64, filename(url))
|
||||
end
|
||||
|
||||
def decode_url(sig, url) do
|
||||
secret = Pleroma.Config.get([Pleroma.Web.Endpoint, :secret_key_base])
|
||||
sig = Base.url_decode64!(sig, @base64_opts)
|
||||
local_sig = :crypto.hmac(:sha, secret, url)
|
||||
|
||||
if local_sig == sig do
|
||||
with {:ok, sig} <- Base.url_decode64(sig, @base64_opts),
|
||||
signature when signature == sig <- signed_url(url) do
|
||||
{:ok, Base.url_decode64!(url, @base64_opts)}
|
||||
else
|
||||
{:error, :invalid_signature}
|
||||
_ -> {:error, :invalid_signature}
|
||||
end
|
||||
end
|
||||
|
||||
defp signed_url(url) do
|
||||
:crypto.hmac(:sha, Config.get([Web.Endpoint, :secret_key_base]), url)
|
||||
end
|
||||
|
||||
def filename(url_or_path) do
|
||||
if path = URI.parse(url_or_path).path, do: Path.basename(path)
|
||||
end
|
||||
|
||||
def build_url(sig_base64, url_base64, filename \\ nil) do
|
||||
[
|
||||
Pleroma.Config.get([:media_proxy, :base_url], Pleroma.Web.base_url()),
|
||||
Pleroma.Config.get([:media_proxy, :base_url], Web.base_url()),
|
||||
"proxy",
|
||||
sig_base64,
|
||||
url_base64,
|
||||
filename
|
||||
]
|
||||
|> Enum.filter(fn value -> value end)
|
||||
|> Enum.filter(& &1)
|
||||
|> Path.join()
|
||||
end
|
||||
end
|
||||
|
|
|
@ -13,7 +13,7 @@ def remote(conn, %{"sig" => sig64, "url" => url64} = params) do
|
|||
with config <- Pleroma.Config.get([:media_proxy], []),
|
||||
true <- Keyword.get(config, :enabled, false),
|
||||
{:ok, url} <- MediaProxy.decode_url(sig64, url64),
|
||||
:ok <- filename_matches(Map.has_key?(params, "filename"), conn.request_path, url) do
|
||||
:ok <- filename_matches(params, conn.request_path, url) do
|
||||
ReverseProxy.call(conn, url, Keyword.get(config, :proxy_opts, @default_proxy_opts))
|
||||
else
|
||||
false ->
|
||||
|
@ -27,16 +27,18 @@ def remote(conn, %{"sig" => sig64, "url" => url64} = params) do
|
|||
end
|
||||
end
|
||||
|
||||
def filename_matches(has_filename, path, url) do
|
||||
filename = url |> MediaProxy.filename()
|
||||
def filename_matches(%{"filename" => _} = _, path, url) do
|
||||
filename = MediaProxy.filename(url)
|
||||
|
||||
if has_filename && filename && does_not_match(path, filename) do
|
||||
if filename && does_not_match(path, filename) do
|
||||
{:wrong_filename, filename}
|
||||
else
|
||||
:ok
|
||||
end
|
||||
end
|
||||
|
||||
def filename_matches(_, _, _), do: :ok
|
||||
|
||||
defp does_not_match(path, filename) do
|
||||
basename = Path.basename(path)
|
||||
basename != filename and URI.decode(basename) != filename and URI.encode(basename) != filename
|
|
@ -9,6 +9,7 @@ defmodule Pleroma.Web.Metadata.Providers.OpenGraph do
|
|||
alias Pleroma.Web.Metadata.Utils
|
||||
|
||||
@behaviour Provider
|
||||
@media_types ["image", "audio", "video"]
|
||||
|
||||
@impl Provider
|
||||
def build_tags(%{
|
||||
|
@ -81,26 +82,19 @@ defp build_attachments(%{data: %{"attachment" => attachments}}) do
|
|||
Enum.reduce(attachments, [], fn attachment, acc ->
|
||||
rendered_tags =
|
||||
Enum.reduce(attachment["url"], [], fn url, acc ->
|
||||
media_type =
|
||||
Enum.find(["image", "audio", "video"], fn media_type ->
|
||||
String.starts_with?(url["mediaType"], media_type)
|
||||
end)
|
||||
|
||||
# TODO: Add additional properties to objects when we have the data available.
|
||||
# Also, Whatsapp only wants JPEG or PNGs. It seems that if we add a second og:image
|
||||
# object when a Video or GIF is attached it will display that in Whatsapp Rich Preview.
|
||||
case media_type do
|
||||
case Utils.fetch_media_type(@media_types, url["mediaType"]) do
|
||||
"audio" ->
|
||||
[
|
||||
{:meta,
|
||||
[property: "og:" <> media_type, content: Utils.attachment_url(url["href"])], []}
|
||||
{:meta, [property: "og:audio", content: Utils.attachment_url(url["href"])], []}
|
||||
| acc
|
||||
]
|
||||
|
||||
"image" ->
|
||||
[
|
||||
{:meta,
|
||||
[property: "og:" <> media_type, content: Utils.attachment_url(url["href"])], []},
|
||||
{:meta, [property: "og:image", content: Utils.attachment_url(url["href"])], []},
|
||||
{:meta, [property: "og:image:width", content: 150], []},
|
||||
{:meta, [property: "og:image:height", content: 150], []}
|
||||
| acc
|
||||
|
@ -108,8 +102,7 @@ defp build_attachments(%{data: %{"attachment" => attachments}}) do
|
|||
|
||||
"video" ->
|
||||
[
|
||||
{:meta,
|
||||
[property: "og:" <> media_type, content: Utils.attachment_url(url["href"])], []}
|
||||
{:meta, [property: "og:video", content: Utils.attachment_url(url["href"])], []}
|
||||
| acc
|
||||
]
|
||||
|
||||
|
|
|
@ -1,4 +1,5 @@
|
|||
# Pleroma: A lightweight social networking server
|
||||
|
||||
# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
|
||||
# SPDX-License-Identifier: AGPL-3.0-only
|
||||
|
||||
|
@ -9,13 +10,10 @@ defmodule Pleroma.Web.Metadata.Providers.TwitterCard do
|
|||
alias Pleroma.Web.Metadata.Utils
|
||||
|
||||
@behaviour Provider
|
||||
@media_types ["image", "audio", "video"]
|
||||
|
||||
@impl Provider
|
||||
def build_tags(%{
|
||||
activity_id: id,
|
||||
object: object,
|
||||
user: user
|
||||
}) do
|
||||
def build_tags(%{activity_id: id, object: object, user: user}) do
|
||||
attachments = build_attachments(id, object)
|
||||
scrubbed_content = Utils.scrub_html_and_truncate(object)
|
||||
# Zero width space
|
||||
|
@ -27,21 +25,12 @@ def build_tags(%{
|
|||
end
|
||||
|
||||
[
|
||||
{:meta,
|
||||
[
|
||||
property: "twitter:title",
|
||||
content: Utils.user_name_string(user)
|
||||
], []},
|
||||
{:meta,
|
||||
[
|
||||
property: "twitter:description",
|
||||
content: content
|
||||
], []}
|
||||
title_tag(user),
|
||||
{:meta, [property: "twitter:description", content: content], []}
|
||||
] ++
|
||||
if attachments == [] or Metadata.activity_nsfw?(object) do
|
||||
[
|
||||
{:meta,
|
||||
[property: "twitter:image", content: Utils.attachment_url(User.avatar_url(user))], []},
|
||||
image_tag(user),
|
||||
{:meta, [property: "twitter:card", content: "summary_large_image"], []}
|
||||
]
|
||||
else
|
||||
|
@ -53,30 +42,28 @@ def build_tags(%{
|
|||
def build_tags(%{user: user}) do
|
||||
with truncated_bio = Utils.scrub_html_and_truncate(user.bio || "") do
|
||||
[
|
||||
{:meta,
|
||||
[
|
||||
property: "twitter:title",
|
||||
content: Utils.user_name_string(user)
|
||||
], []},
|
||||
title_tag(user),
|
||||
{:meta, [property: "twitter:description", content: truncated_bio], []},
|
||||
{:meta, [property: "twitter:image", content: Utils.attachment_url(User.avatar_url(user))],
|
||||
[]},
|
||||
image_tag(user),
|
||||
{:meta, [property: "twitter:card", content: "summary"], []}
|
||||
]
|
||||
end
|
||||
end
|
||||
|
||||
defp title_tag(user) do
|
||||
{:meta, [property: "twitter:title", content: Utils.user_name_string(user)], []}
|
||||
end
|
||||
|
||||
def image_tag(user) do
|
||||
{:meta, [property: "twitter:image", content: Utils.attachment_url(User.avatar_url(user))], []}
|
||||
end
|
||||
|
||||
defp build_attachments(id, %{data: %{"attachment" => attachments}}) do
|
||||
Enum.reduce(attachments, [], fn attachment, acc ->
|
||||
rendered_tags =
|
||||
Enum.reduce(attachment["url"], [], fn url, acc ->
|
||||
media_type =
|
||||
Enum.find(["image", "audio", "video"], fn media_type ->
|
||||
String.starts_with?(url["mediaType"], media_type)
|
||||
end)
|
||||
|
||||
# TODO: Add additional properties to objects when we have the data available.
|
||||
case media_type do
|
||||
case Utils.fetch_media_type(@media_types, url["mediaType"]) do
|
||||
"audio" ->
|
||||
[
|
||||
{:meta, [property: "twitter:card", content: "player"], []},
|
||||
|
|
|
@ -39,4 +39,11 @@ def user_name_string(user) do
|
|||
"(@#{user.nickname})"
|
||||
end
|
||||
end
|
||||
|
||||
@spec fetch_media_type(list(String.t()), String.t()) :: String.t() | nil
|
||||
def fetch_media_type(supported_types, media_type) do
|
||||
Enum.find(supported_types, fn support_type ->
|
||||
String.starts_with?(media_type, support_type)
|
||||
end)
|
||||
end
|
||||
end
|
||||
|
|
|
@ -34,8 +34,11 @@ def schemas(conn, _params) do
|
|||
def raw_nodeinfo do
|
||||
stats = Stats.get_stats()
|
||||
|
||||
exclusions = Config.get([:instance, :mrf_transparency_exclusions])
|
||||
|
||||
mrf_simple =
|
||||
Config.get(:mrf_simple)
|
||||
|> Enum.map(fn {k, v} -> {k, Enum.reject(v, fn v -> v in exclusions end)} end)
|
||||
|> Enum.into(%{})
|
||||
|
||||
# This horror is needed to convert regex sigils to strings
|
||||
|
@ -86,7 +89,8 @@ def raw_nodeinfo do
|
|||
mrf_simple: mrf_simple,
|
||||
mrf_keyword: mrf_keyword,
|
||||
mrf_user_allowlist: mrf_user_allowlist,
|
||||
quarantined_instances: quarantined
|
||||
quarantined_instances: quarantined,
|
||||
exclusions: length(exclusions) > 0
|
||||
}
|
||||
else
|
||||
%{}
|
||||
|
|
|
@ -3,12 +3,6 @@
|
|||
# SPDX-License-Identifier: AGPL-3.0-only
|
||||
|
||||
defmodule Pleroma.Web.RichMedia.Parser do
|
||||
@parsers [
|
||||
Pleroma.Web.RichMedia.Parsers.OGP,
|
||||
Pleroma.Web.RichMedia.Parsers.TwitterCard,
|
||||
Pleroma.Web.RichMedia.Parsers.OEmbed
|
||||
]
|
||||
|
||||
@hackney_options [
|
||||
pool: :media,
|
||||
recv_timeout: 2_000,
|
||||
|
@ -16,6 +10,10 @@ defmodule Pleroma.Web.RichMedia.Parser do
|
|||
with_body: true
|
||||
]
|
||||
|
||||
defp parsers do
|
||||
Pleroma.Config.get([:rich_media, :parsers])
|
||||
end
|
||||
|
||||
def parse(nil), do: {:error, "No URL provided"}
|
||||
|
||||
if Pleroma.Config.get(:env) == :test do
|
||||
|
@ -48,7 +46,7 @@ defp parse_url(url) do
|
|||
end
|
||||
|
||||
defp maybe_parse(html) do
|
||||
Enum.reduce_while(@parsers, %{}, fn parser, acc ->
|
||||
Enum.reduce_while(parsers(), %{}, fn parser, acc ->
|
||||
case parser.parse(html, acc) do
|
||||
{:ok, data} -> {:halt, data}
|
||||
{:error, _msg} -> {:cont, acc}
|
||||
|
|
|
@ -322,10 +322,6 @@ defmodule Pleroma.Web.Router do
|
|||
|
||||
patch("/accounts/update_credentials", MastodonAPIController, :update_credentials)
|
||||
|
||||
patch("/accounts/update_avatar", MastodonAPIController, :update_avatar)
|
||||
patch("/accounts/update_banner", MastodonAPIController, :update_banner)
|
||||
patch("/accounts/update_background", MastodonAPIController, :update_background)
|
||||
|
||||
post("/statuses", MastodonAPIController, :post_status)
|
||||
delete("/statuses/:id", MastodonAPIController, :delete_status)
|
||||
|
||||
|
@ -360,6 +356,10 @@ defmodule Pleroma.Web.Router do
|
|||
put("/filters/:id", MastodonAPIController, :update_filter)
|
||||
delete("/filters/:id", MastodonAPIController, :delete_filter)
|
||||
|
||||
patch("/pleroma/accounts/update_avatar", MastodonAPIController, :update_avatar)
|
||||
patch("/pleroma/accounts/update_banner", MastodonAPIController, :update_banner)
|
||||
patch("/pleroma/accounts/update_background", MastodonAPIController, :update_background)
|
||||
|
||||
get("/pleroma/mascot", MastodonAPIController, :get_mascot)
|
||||
put("/pleroma/mascot", MastodonAPIController, :set_mascot)
|
||||
|
||||
|
@ -623,8 +623,6 @@ defmodule Pleroma.Web.Router do
|
|||
# XXX: not really ostatus
|
||||
pipe_through(:ostatus)
|
||||
|
||||
get("/users/:nickname/followers", ActivityPubController, :followers)
|
||||
get("/users/:nickname/following", ActivityPubController, :following)
|
||||
get("/users/:nickname/outbox", ActivityPubController, :outbox)
|
||||
get("/objects/:uuid/likes", ActivityPubController, :object_likes)
|
||||
end
|
||||
|
@ -656,6 +654,12 @@ defmodule Pleroma.Web.Router do
|
|||
pipe_through(:oauth_write)
|
||||
post("/users/:nickname/outbox", ActivityPubController, :update_outbox)
|
||||
end
|
||||
|
||||
scope [] do
|
||||
pipe_through(:oauth_read_or_public)
|
||||
get("/users/:nickname/followers", ActivityPubController, :followers)
|
||||
get("/users/:nickname/following", ActivityPubController, :following)
|
||||
end
|
||||
end
|
||||
|
||||
scope "/relay", Pleroma.Web.ActivityPub do
|
||||
|
|
|
@ -123,11 +123,26 @@ def encode(private_key, doc) do
|
|||
{:ok, salmon}
|
||||
end
|
||||
|
||||
def remote_users(%{data: %{"to" => to} = data}) do
|
||||
to = to ++ (data["cc"] || [])
|
||||
def remote_users(%User{id: user_id}, %{data: %{"to" => to} = data}) do
|
||||
cc = Map.get(data, "cc", [])
|
||||
|
||||
to
|
||||
|> Enum.map(fn id -> User.get_cached_by_ap_id(id) end)
|
||||
bcc =
|
||||
data
|
||||
|> Map.get("bcc", [])
|
||||
|> Enum.reduce([], fn ap_id, bcc ->
|
||||
case Pleroma.List.get_by_ap_id(ap_id) do
|
||||
%Pleroma.List{user_id: ^user_id} = list ->
|
||||
{:ok, following} = Pleroma.List.get_following(list)
|
||||
bcc ++ Enum.map(following, & &1.ap_id)
|
||||
|
||||
_ ->
|
||||
bcc
|
||||
end
|
||||
end)
|
||||
|
||||
[to, cc, bcc]
|
||||
|> Enum.concat()
|
||||
|> Enum.map(&User.get_cached_by_ap_id/1)
|
||||
|> Enum.filter(fn user -> user && !user.local end)
|
||||
end
|
||||
|
||||
|
@ -191,7 +206,7 @@ def publish(%{info: %{keys: keys}} = user, %{data: %{"type" => type}} = activity
|
|||
{:ok, private, _} = Keys.keys_from_pem(keys)
|
||||
{:ok, feed} = encode(private, feed)
|
||||
|
||||
remote_users = remote_users(activity)
|
||||
remote_users = remote_users(user, activity)
|
||||
|
||||
salmon_urls = Enum.map(remote_users, & &1.info.salmon)
|
||||
reachable_urls_metadata = Instances.filter_reachable(salmon_urls)
|
||||
|
|
|
@ -192,6 +192,13 @@ def dm_timeline(%{assigns: %{user: user}} = conn, params) do
|
|||
end
|
||||
|
||||
def notifications(%{assigns: %{user: user}} = conn, params) do
|
||||
params =
|
||||
if Map.has_key?(params, "with_muted") do
|
||||
Map.put(params, :with_muted, params["with_muted"] in [true, "True", "true", "1"])
|
||||
else
|
||||
params
|
||||
end
|
||||
|
||||
notifications = Notification.for_user(user, params)
|
||||
|
||||
conn
|
||||
|
|
3
mix.exs
3
mix.exs
|
@ -14,7 +14,7 @@ def project do
|
|||
aliases: aliases(),
|
||||
deps: deps(),
|
||||
test_coverage: [tool: ExCoveralls],
|
||||
|
||||
preferred_cli_env: ["coveralls.html": :test],
|
||||
# Docs
|
||||
name: "Pleroma",
|
||||
homepage_url: "https://pleroma.social/",
|
||||
|
@ -95,6 +95,7 @@ defp oauth_deps do
|
|||
defp deps do
|
||||
[
|
||||
{:phoenix, "~> 1.4.8"},
|
||||
{:tzdata, "~> 1.0"},
|
||||
{:plug_cowboy, "~> 2.0"},
|
||||
{:phoenix_pubsub, "~> 1.1"},
|
||||
{:phoenix_ecto, "~> 4.0"},
|
||||
|
|
6
mix.lock
6
mix.lock
|
@ -6,7 +6,7 @@
|
|||
"benchee": {:hex, :benchee, "1.0.1", "66b211f9bfd84bd97e6d1beaddf8fc2312aaabe192f776e8931cb0c16f53a521", [:mix], [{:deep_merge, "~> 1.0", [hex: :deep_merge, repo: "hexpm", optional: false]}], "hexpm"},
|
||||
"bunt": {:hex, :bunt, "0.2.0", "951c6e801e8b1d2cbe58ebbd3e616a869061ddadcc4863d0a2182541acae9a38", [:mix], [], "hexpm"},
|
||||
"cachex": {:hex, :cachex, "3.0.2", "1351caa4e26e29f7d7ec1d29b53d6013f0447630bbf382b4fb5d5bad0209f203", [:mix], [{:eternal, "~> 1.2", [hex: :eternal, repo: "hexpm", optional: false]}, {:unsafe, "~> 1.0", [hex: :unsafe, repo: "hexpm", optional: false]}], "hexpm"},
|
||||
"calendar": {:hex, :calendar, "0.17.4", "22c5e8d98a4db9494396e5727108dffb820ee0d18fed4b0aa8ab76e4f5bc32f1", [:mix], [{:tzdata, "~> 0.5.8 or ~> 0.1.201603", [hex: :tzdata, repo: "hexpm", optional: false]}], "hexpm"},
|
||||
"calendar": {:hex, :calendar, "0.17.6", "ec291cb2e4ba499c2e8c0ef5f4ace974e2f9d02ae9e807e711a9b0c7850b9aee", [:mix], [{:tzdata, "~> 0.5.20 or ~> 0.1.201603 or ~> 1.0", [hex: :tzdata, repo: "hexpm", optional: false]}], "hexpm"},
|
||||
"certifi": {:hex, :certifi, "2.5.1", "867ce347f7c7d78563450a18a6a28a8090331e77fa02380b4a21962a65d36ee5", [:rebar3], [{:parse_trans, "~>3.3", [hex: :parse_trans, repo: "hexpm", optional: false]}], "hexpm"},
|
||||
"combine": {:hex, :combine, "0.10.0", "eff8224eeb56498a2af13011d142c5e7997a80c8f5b97c499f84c841032e429f", [:mix], [], "hexpm"},
|
||||
"comeonin": {:hex, :comeonin, "4.1.1", "c7304fc29b45b897b34142a91122bc72757bc0c295e9e824999d5179ffc08416", [:mix], [{:argon2_elixir, "~> 1.2", [hex: :argon2_elixir, repo: "hexpm", optional: true]}, {:bcrypt_elixir, "~> 0.12.1 or ~> 1.0", [hex: :bcrypt_elixir, repo: "hexpm", optional: true]}, {:pbkdf2_elixir, "~> 0.12", [hex: :pbkdf2_elixir, repo: "hexpm", optional: true]}], "hexpm"},
|
||||
|
@ -82,9 +82,9 @@
|
|||
"syslog": {:git, "https://github.com/Vagabond/erlang-syslog.git", "4a6c6f2c996483e86c1320e9553f91d337bcb6aa", [tag: "1.0.5"]},
|
||||
"telemetry": {:hex, :telemetry, "0.4.0", "8339bee3fa8b91cb84d14c2935f8ecf399ccd87301ad6da6b71c09553834b2ab", [:rebar3], [], "hexpm"},
|
||||
"tesla": {:hex, :tesla, "1.2.1", "864783cc27f71dd8c8969163704752476cec0f3a51eb3b06393b3971dc9733ff", [:mix], [{:exjsx, ">= 3.0.0", [hex: :exjsx, repo: "hexpm", optional: true]}, {:fuse, "~> 2.4", [hex: :fuse, repo: "hexpm", optional: true]}, {:hackney, "~> 1.6", [hex: :hackney, repo: "hexpm", optional: true]}, {:ibrowse, "~> 4.4.0", [hex: :ibrowse, repo: "hexpm", optional: true]}, {:jason, ">= 1.0.0", [hex: :jason, repo: "hexpm", optional: true]}, {:mime, "~> 1.0", [hex: :mime, repo: "hexpm", optional: false]}, {:poison, ">= 1.0.0", [hex: :poison, repo: "hexpm", optional: true]}], "hexpm"},
|
||||
"timex": {:hex, :timex, "3.5.0", "b0a23167da02d0fe4f1a4e104d1f929a00d348502b52432c05de875d0b9cffa5", [:mix], [{:combine, "~> 0.10", [hex: :combine, repo: "hexpm", optional: false]}, {:gettext, "~> 0.10", [hex: :gettext, repo: "hexpm", optional: false]}, {:tzdata, "~> 0.1.8 or ~> 0.5", [hex: :tzdata, repo: "hexpm", optional: false]}], "hexpm"},
|
||||
"timex": {:hex, :timex, "3.6.1", "efdf56d0e67a6b956cc57774353b0329c8ab7726766a11547e529357ffdc1d56", [:mix], [{:combine, "~> 0.10", [hex: :combine, repo: "hexpm", optional: false]}, {:gettext, "~> 0.10", [hex: :gettext, repo: "hexpm", optional: false]}, {:tzdata, "~> 0.1.8 or ~> 0.5 or ~> 1.0.0", [hex: :tzdata, repo: "hexpm", optional: false]}], "hexpm"},
|
||||
"trailing_format_plug": {:hex, :trailing_format_plug, "0.0.7", "64b877f912cf7273bed03379936df39894149e35137ac9509117e59866e10e45", [:mix], [{:plug, "> 0.12.0", [hex: :plug, repo: "hexpm", optional: false]}], "hexpm"},
|
||||
"tzdata": {:hex, :tzdata, "0.5.20", "304b9e98a02840fb32a43ec111ffbe517863c8566eb04a061f1c4dbb90b4d84c", [:mix], [{:hackney, "~> 1.0", [hex: :hackney, repo: "hexpm", optional: false]}], "hexpm"},
|
||||
"tzdata": {:hex, :tzdata, "1.0.1", "f6027a331af7d837471248e62733c6ebee86a72e57c613aa071ebb1f750fc71a", [:mix], [{:hackney, "~> 1.0", [hex: :hackney, repo: "hexpm", optional: false]}], "hexpm"},
|
||||
"ueberauth": {:hex, :ueberauth, "0.6.1", "9e90d3337dddf38b1ca2753aca9b1e53d8a52b890191cdc55240247c89230412", [:mix], [{:plug, "~> 1.5", [hex: :plug, repo: "hexpm", optional: false]}], "hexpm"},
|
||||
"unicode_util_compat": {:hex, :unicode_util_compat, "0.4.1", "d869e4c68901dd9531385bb0c8c40444ebf624e60b6962d95952775cac5e90cd", [:rebar3], [], "hexpm"},
|
||||
"unsafe": {:hex, :unsafe, "1.0.0", "7c21742cd05380c7875546b023481d3a26f52df8e5dfedcb9f958f322baae305", [:mix], [], "hexpm"},
|
||||
|
|
26
priv/repo/migrations/20190516112144_add_ap_id_to_lists.exs
Normal file
26
priv/repo/migrations/20190516112144_add_ap_id_to_lists.exs
Normal file
|
@ -0,0 +1,26 @@
|
|||
defmodule Pleroma.Repo.Migrations.AddApIdToLists do
|
||||
use Ecto.Migration
|
||||
|
||||
def up do
|
||||
alter table(:lists) do
|
||||
add(:ap_id, :string)
|
||||
end
|
||||
|
||||
execute("""
|
||||
UPDATE lists
|
||||
SET ap_id = u.ap_id || '/lists/' || lists.id
|
||||
FROM users AS u
|
||||
WHERE lists.user_id = u.id
|
||||
""")
|
||||
|
||||
create(unique_index(:lists, :ap_id))
|
||||
end
|
||||
|
||||
def down do
|
||||
drop(index(:lists, [:ap_id]))
|
||||
|
||||
alter table(:lists) do
|
||||
remove(:ap_id)
|
||||
end
|
||||
end
|
||||
end
|
|
@ -0,0 +1,24 @@
|
|||
defmodule Pleroma.Repo.Migrations.CopyMutedToMutedNotifications do
|
||||
use Ecto.Migration
|
||||
alias Pleroma.User
|
||||
|
||||
def change do
|
||||
query =
|
||||
User.Query.build(%{
|
||||
local: true,
|
||||
active: true,
|
||||
order_by: :id
|
||||
})
|
||||
|
||||
Pleroma.Repo.stream(query)
|
||||
|> Enum.each(fn
|
||||
%{info: %{mutes: mutes} = info} = user ->
|
||||
info_cng =
|
||||
Ecto.Changeset.cast(info, %{muted_notifications: mutes}, [:muted_notifications])
|
||||
|
||||
Ecto.Changeset.change(user)
|
||||
|> Ecto.Changeset.put_embed(:info, info_cng)
|
||||
|> Pleroma.Repo.update()
|
||||
end)
|
||||
end
|
||||
end
|
|
@ -20,6 +20,10 @@
|
|||
"sensitive": "as:sensitive",
|
||||
"litepub": "http://litepub.social/ns#",
|
||||
"directMessage": "litepub:directMessage",
|
||||
"listMessage": {
|
||||
"@id": "litepub:listMessage",
|
||||
"@type": "@id"
|
||||
},
|
||||
"oauthRegistrationEndpoint": {
|
||||
"@id": "litepub:oauthRegistrationEndpoint",
|
||||
"@type": "@id"
|
||||
|
|
|
@ -113,4 +113,30 @@ test "getting own lists a given user belongs to" do
|
|||
assert owned_list in lists_2
|
||||
refute not_owned_list in lists_2
|
||||
end
|
||||
|
||||
test "get by ap_id" do
|
||||
user = insert(:user)
|
||||
{:ok, list} = Pleroma.List.create("foo", user)
|
||||
assert Pleroma.List.get_by_ap_id(list.ap_id) == list
|
||||
end
|
||||
|
||||
test "memberships" do
|
||||
user = insert(:user)
|
||||
member = insert(:user)
|
||||
{:ok, list} = Pleroma.List.create("foo", user)
|
||||
{:ok, list} = Pleroma.List.follow(list, member)
|
||||
|
||||
assert Pleroma.List.memberships(member) == [list.ap_id]
|
||||
end
|
||||
|
||||
test "member?" do
|
||||
user = insert(:user)
|
||||
member = insert(:user)
|
||||
|
||||
{:ok, list} = Pleroma.List.create("foo", user)
|
||||
{:ok, list} = Pleroma.List.follow(list, member)
|
||||
|
||||
assert Pleroma.List.member?(list, member)
|
||||
refute Pleroma.List.member?(list, user)
|
||||
end
|
||||
end
|
||||
|
|
|
@ -74,26 +74,37 @@ test "it creates a notification for user and send to the 'user' and the 'user:no
|
|||
Task.await(task_user_notification)
|
||||
end
|
||||
|
||||
test "it doesn't create a notification for user if the user blocks the activity author" do
|
||||
test "it creates a notification for user if the user blocks the activity author" do
|
||||
activity = insert(:note_activity)
|
||||
author = User.get_cached_by_ap_id(activity.data["actor"])
|
||||
user = insert(:user)
|
||||
{:ok, user} = User.block(user, author)
|
||||
|
||||
refute Notification.create_notification(activity, user)
|
||||
assert Notification.create_notification(activity, user)
|
||||
end
|
||||
|
||||
test "it doesn't create a notificatin for the user if the user mutes the activity author" do
|
||||
test "it creates a notificatin for the user if the user mutes the activity author" do
|
||||
muter = insert(:user)
|
||||
muted = insert(:user)
|
||||
{:ok, _} = User.mute(muter, muted)
|
||||
muter = Repo.get(User, muter.id)
|
||||
{:ok, activity} = CommonAPI.post(muted, %{"status" => "Hi @#{muter.nickname}"})
|
||||
|
||||
refute Notification.create_notification(activity, muter)
|
||||
assert Notification.create_notification(activity, muter)
|
||||
end
|
||||
|
||||
test "it doesn't create a notification for an activity from a muted thread" do
|
||||
test "notification created if user is muted without notifications" do
|
||||
muter = insert(:user)
|
||||
muted = insert(:user)
|
||||
|
||||
{:ok, muter} = User.mute(muter, muted, false)
|
||||
|
||||
{:ok, activity} = CommonAPI.post(muted, %{"status" => "Hi @#{muter.nickname}"})
|
||||
|
||||
assert Notification.create_notification(activity, muter)
|
||||
end
|
||||
|
||||
test "it creates a notification for an activity from a muted thread" do
|
||||
muter = insert(:user)
|
||||
other_user = insert(:user)
|
||||
{:ok, activity} = CommonAPI.post(muter, %{"status" => "hey"})
|
||||
|
@ -105,7 +116,7 @@ test "it doesn't create a notification for an activity from a muted thread" do
|
|||
"in_reply_to_status_id" => activity.id
|
||||
})
|
||||
|
||||
refute Notification.create_notification(activity, muter)
|
||||
assert Notification.create_notification(activity, muter)
|
||||
end
|
||||
|
||||
test "it disables notifications from followers" do
|
||||
|
@ -532,4 +543,98 @@ test "replying to a deleted post without tagging does not generate a notificatio
|
|||
assert Enum.empty?(Notification.for_user(user))
|
||||
end
|
||||
end
|
||||
|
||||
describe "for_user" do
|
||||
test "it returns notifications for muted user without notifications" do
|
||||
user = insert(:user)
|
||||
muted = insert(:user)
|
||||
{:ok, user} = User.mute(user, muted, false)
|
||||
|
||||
{:ok, _activity} = TwitterAPI.create_status(muted, %{"status" => "hey @#{user.nickname}"})
|
||||
|
||||
assert length(Notification.for_user(user)) == 1
|
||||
end
|
||||
|
||||
test "it doesn't return notifications for muted user with notifications" do
|
||||
user = insert(:user)
|
||||
muted = insert(:user)
|
||||
{:ok, user} = User.mute(user, muted)
|
||||
|
||||
{:ok, _activity} = TwitterAPI.create_status(muted, %{"status" => "hey @#{user.nickname}"})
|
||||
|
||||
assert Notification.for_user(user) == []
|
||||
end
|
||||
|
||||
test "it doesn't return notifications for blocked user" do
|
||||
user = insert(:user)
|
||||
blocked = insert(:user)
|
||||
{:ok, user} = User.block(user, blocked)
|
||||
|
||||
{:ok, _activity} = TwitterAPI.create_status(blocked, %{"status" => "hey @#{user.nickname}"})
|
||||
|
||||
assert Notification.for_user(user) == []
|
||||
end
|
||||
|
||||
test "it doesn't return notificatitons for blocked domain" do
|
||||
user = insert(:user)
|
||||
blocked = insert(:user, ap_id: "http://some-domain.com")
|
||||
{:ok, user} = User.block_domain(user, "some-domain.com")
|
||||
|
||||
{:ok, _activity} = TwitterAPI.create_status(blocked, %{"status" => "hey @#{user.nickname}"})
|
||||
|
||||
assert Notification.for_user(user) == []
|
||||
end
|
||||
|
||||
test "it doesn't return notifications for muted thread" do
|
||||
user = insert(:user)
|
||||
another_user = insert(:user)
|
||||
|
||||
{:ok, activity} =
|
||||
TwitterAPI.create_status(another_user, %{"status" => "hey @#{user.nickname}"})
|
||||
|
||||
{:ok, _} = Pleroma.ThreadMute.add_mute(user.id, activity.data["context"])
|
||||
assert Notification.for_user(user) == []
|
||||
end
|
||||
|
||||
test "it returns notifications for muted user with notifications and with_muted parameter" do
|
||||
user = insert(:user)
|
||||
muted = insert(:user)
|
||||
{:ok, user} = User.mute(user, muted)
|
||||
|
||||
{:ok, _activity} = TwitterAPI.create_status(muted, %{"status" => "hey @#{user.nickname}"})
|
||||
|
||||
assert length(Notification.for_user(user, %{with_muted: true})) == 1
|
||||
end
|
||||
|
||||
test "it returns notifications for blocked user and with_muted parameter" do
|
||||
user = insert(:user)
|
||||
blocked = insert(:user)
|
||||
{:ok, user} = User.block(user, blocked)
|
||||
|
||||
{:ok, _activity} = TwitterAPI.create_status(blocked, %{"status" => "hey @#{user.nickname}"})
|
||||
|
||||
assert length(Notification.for_user(user, %{with_muted: true})) == 1
|
||||
end
|
||||
|
||||
test "it returns notificatitons for blocked domain and with_muted parameter" do
|
||||
user = insert(:user)
|
||||
blocked = insert(:user, ap_id: "http://some-domain.com")
|
||||
{:ok, user} = User.block_domain(user, "some-domain.com")
|
||||
|
||||
{:ok, _activity} = TwitterAPI.create_status(blocked, %{"status" => "hey @#{user.nickname}"})
|
||||
|
||||
assert length(Notification.for_user(user, %{with_muted: true})) == 1
|
||||
end
|
||||
|
||||
test "it returns notifications for muted thread with_muted parameter" do
|
||||
user = insert(:user)
|
||||
another_user = insert(:user)
|
||||
|
||||
{:ok, activity} =
|
||||
TwitterAPI.create_status(another_user, %{"status" => "hey @#{user.nickname}"})
|
||||
|
||||
{:ok, _} = Pleroma.ThreadMute.add_mute(user.id, activity.data["context"])
|
||||
assert length(Notification.for_user(user, %{with_muted: true})) == 1
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -68,4 +68,34 @@ test "users cannot be collided through fake direction spoofing attempts" do
|
|||
"[error] Could not decode user at fetch https://n1u.moe/users/rye, {:error, :error}"
|
||||
end
|
||||
end
|
||||
|
||||
describe "containment of children" do
|
||||
test "contain_child() catches spoofing attempts" do
|
||||
data = %{
|
||||
"id" => "http://example.com/whatever",
|
||||
"type" => "Create",
|
||||
"object" => %{
|
||||
"id" => "http://example.net/~alyssa/activities/1234",
|
||||
"attributedTo" => "http://example.org/~alyssa"
|
||||
},
|
||||
"actor" => "http://example.com/~bob"
|
||||
}
|
||||
|
||||
:error = Containment.contain_child(data)
|
||||
end
|
||||
|
||||
test "contain_child() allows correct origins" do
|
||||
data = %{
|
||||
"id" => "http://example.org/~alyssa/activities/5678",
|
||||
"type" => "Create",
|
||||
"object" => %{
|
||||
"id" => "http://example.org/~alyssa/activities/1234",
|
||||
"attributedTo" => "http://example.org/~alyssa"
|
||||
},
|
||||
"actor" => "http://example.org/~alyssa"
|
||||
}
|
||||
|
||||
:ok = Containment.contain_child(data)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -9,6 +9,7 @@ defmodule Pleroma.Object.FetcherTest do
|
|||
alias Pleroma.Object
|
||||
alias Pleroma.Object.Fetcher
|
||||
import Tesla.Mock
|
||||
import Mock
|
||||
|
||||
setup do
|
||||
mock(fn
|
||||
|
@ -26,16 +27,31 @@ defmodule Pleroma.Object.FetcherTest do
|
|||
end
|
||||
|
||||
describe "actor origin containment" do
|
||||
test "it rejects objects with a bogus origin" do
|
||||
test_with_mock "it rejects objects with a bogus origin",
|
||||
Pleroma.Web.OStatus,
|
||||
[:passthrough],
|
||||
[] do
|
||||
{:error, _} = Fetcher.fetch_object_from_id("https://info.pleroma.site/activity.json")
|
||||
|
||||
refute called(Pleroma.Web.OStatus.fetch_activity_from_url(:_))
|
||||
end
|
||||
|
||||
test "it rejects objects when attributedTo is wrong (variant 1)" do
|
||||
test_with_mock "it rejects objects when attributedTo is wrong (variant 1)",
|
||||
Pleroma.Web.OStatus,
|
||||
[:passthrough],
|
||||
[] do
|
||||
{:error, _} = Fetcher.fetch_object_from_id("https://info.pleroma.site/activity2.json")
|
||||
|
||||
refute called(Pleroma.Web.OStatus.fetch_activity_from_url(:_))
|
||||
end
|
||||
|
||||
test "it rejects objects when attributedTo is wrong (variant 2)" do
|
||||
test_with_mock "it rejects objects when attributedTo is wrong (variant 2)",
|
||||
Pleroma.Web.OStatus,
|
||||
[:passthrough],
|
||||
[] do
|
||||
{:error, _} = Fetcher.fetch_object_from_id("https://info.pleroma.site/activity3.json")
|
||||
|
||||
refute called(Pleroma.Web.OStatus.fetch_activity_from_url(:_))
|
||||
end
|
||||
end
|
||||
|
||||
|
|
|
@ -10,12 +10,13 @@ defmodule Pleroma.Plugs.RateLimiterTest do
|
|||
|
||||
import Pleroma.Factory
|
||||
|
||||
@limiter_name :testing
|
||||
# Note: each example must work with separate buckets in order to prevent concurrency issues
|
||||
|
||||
test "init/1" do
|
||||
Pleroma.Config.put([:rate_limit, @limiter_name], {1, 1})
|
||||
limiter_name = :test_init
|
||||
Pleroma.Config.put([:rate_limit, limiter_name], {1, 1})
|
||||
|
||||
assert {@limiter_name, {1, 1}} == RateLimiter.init(@limiter_name)
|
||||
assert {limiter_name, {1, 1}, []} == RateLimiter.init(limiter_name)
|
||||
assert nil == RateLimiter.init(:foo)
|
||||
end
|
||||
|
||||
|
@ -24,14 +25,15 @@ test "ip/1" do
|
|||
end
|
||||
|
||||
test "it restricts by opts" do
|
||||
limiter_name = :test_opts
|
||||
scale = 1000
|
||||
limit = 5
|
||||
|
||||
Pleroma.Config.put([:rate_limit, @limiter_name], {scale, limit})
|
||||
Pleroma.Config.put([:rate_limit, limiter_name], {scale, limit})
|
||||
|
||||
opts = RateLimiter.init(@limiter_name)
|
||||
opts = RateLimiter.init(limiter_name)
|
||||
conn = conn(:get, "/")
|
||||
bucket_name = "#{@limiter_name}:#{RateLimiter.ip(conn)}"
|
||||
bucket_name = "#{limiter_name}:#{RateLimiter.ip(conn)}"
|
||||
|
||||
conn = RateLimiter.call(conn, opts)
|
||||
assert {1, 4, _, _, _} = ExRated.inspect_bucket(bucket_name, scale, limit)
|
||||
|
@ -65,18 +67,78 @@ test "it restricts by opts" do
|
|||
refute conn.halted
|
||||
end
|
||||
|
||||
test "`bucket_name` option overrides default bucket name" do
|
||||
limiter_name = :test_bucket_name
|
||||
scale = 1000
|
||||
limit = 5
|
||||
|
||||
Pleroma.Config.put([:rate_limit, limiter_name], {scale, limit})
|
||||
base_bucket_name = "#{limiter_name}:group1"
|
||||
opts = RateLimiter.init({limiter_name, bucket_name: base_bucket_name})
|
||||
|
||||
conn = conn(:get, "/")
|
||||
default_bucket_name = "#{limiter_name}:#{RateLimiter.ip(conn)}"
|
||||
customized_bucket_name = "#{base_bucket_name}:#{RateLimiter.ip(conn)}"
|
||||
|
||||
RateLimiter.call(conn, opts)
|
||||
assert {1, 4, _, _, _} = ExRated.inspect_bucket(customized_bucket_name, scale, limit)
|
||||
assert {0, 5, _, _, _} = ExRated.inspect_bucket(default_bucket_name, scale, limit)
|
||||
end
|
||||
|
||||
test "`params` option appends specified params' values to bucket name" do
|
||||
limiter_name = :test_params
|
||||
scale = 1000
|
||||
limit = 5
|
||||
|
||||
Pleroma.Config.put([:rate_limit, limiter_name], {scale, limit})
|
||||
opts = RateLimiter.init({limiter_name, params: ["id"]})
|
||||
id = "1"
|
||||
|
||||
conn = conn(:get, "/?id=#{id}")
|
||||
conn = Plug.Conn.fetch_query_params(conn)
|
||||
|
||||
default_bucket_name = "#{limiter_name}:#{RateLimiter.ip(conn)}"
|
||||
parametrized_bucket_name = "#{limiter_name}:#{id}:#{RateLimiter.ip(conn)}"
|
||||
|
||||
RateLimiter.call(conn, opts)
|
||||
assert {1, 4, _, _, _} = ExRated.inspect_bucket(parametrized_bucket_name, scale, limit)
|
||||
assert {0, 5, _, _, _} = ExRated.inspect_bucket(default_bucket_name, scale, limit)
|
||||
end
|
||||
|
||||
test "it supports combination of options modifying bucket name" do
|
||||
limiter_name = :test_options_combo
|
||||
scale = 1000
|
||||
limit = 5
|
||||
|
||||
Pleroma.Config.put([:rate_limit, limiter_name], {scale, limit})
|
||||
base_bucket_name = "#{limiter_name}:group1"
|
||||
opts = RateLimiter.init({limiter_name, bucket_name: base_bucket_name, params: ["id"]})
|
||||
id = "100"
|
||||
|
||||
conn = conn(:get, "/?id=#{id}")
|
||||
conn = Plug.Conn.fetch_query_params(conn)
|
||||
|
||||
default_bucket_name = "#{limiter_name}:#{RateLimiter.ip(conn)}"
|
||||
parametrized_bucket_name = "#{base_bucket_name}:#{id}:#{RateLimiter.ip(conn)}"
|
||||
|
||||
RateLimiter.call(conn, opts)
|
||||
assert {1, 4, _, _, _} = ExRated.inspect_bucket(parametrized_bucket_name, scale, limit)
|
||||
assert {0, 5, _, _, _} = ExRated.inspect_bucket(default_bucket_name, scale, limit)
|
||||
end
|
||||
|
||||
test "optional limits for authenticated users" do
|
||||
limiter_name = :test_authenticated
|
||||
Ecto.Adapters.SQL.Sandbox.checkout(Pleroma.Repo)
|
||||
|
||||
scale = 1000
|
||||
limit = 5
|
||||
Pleroma.Config.put([:rate_limit, @limiter_name], [{1, 10}, {scale, limit}])
|
||||
Pleroma.Config.put([:rate_limit, limiter_name], [{1, 10}, {scale, limit}])
|
||||
|
||||
opts = RateLimiter.init(@limiter_name)
|
||||
opts = RateLimiter.init(limiter_name)
|
||||
|
||||
user = insert(:user)
|
||||
conn = conn(:get, "/") |> assign(:user, user)
|
||||
bucket_name = "#{@limiter_name}:#{user.id}"
|
||||
bucket_name = "#{limiter_name}:#{user.id}"
|
||||
|
||||
conn = RateLimiter.call(conn, opts)
|
||||
assert {1, 4, _, _, _} = ExRated.inspect_bucket(bucket_name, scale, limit)
|
||||
|
|
99
test/signature_test.exs
Normal file
99
test/signature_test.exs
Normal file
|
@ -0,0 +1,99 @@
|
|||
# Pleroma: A lightweight social networking server
|
||||
# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
|
||||
# SPDX-License-Identifier: AGPL-3.0-only
|
||||
|
||||
defmodule Pleroma.SignatureTest do
|
||||
use Pleroma.DataCase
|
||||
|
||||
import Pleroma.Factory
|
||||
import Tesla.Mock
|
||||
|
||||
alias Pleroma.Signature
|
||||
|
||||
setup do
|
||||
mock(fn env -> apply(HttpRequestMock, :request, [env]) end)
|
||||
:ok
|
||||
end
|
||||
|
||||
@private_key "-----BEGIN RSA PRIVATE KEY-----\nMIIEpQIBAAKCAQEA48qb4v6kqigZutO9Ot0wkp27GIF2LiVaADgxQORZozZR63jH\nTaoOrS3Xhngbgc8SSOhfXET3omzeCLqaLNfXnZ8OXmuhJfJSU6mPUvmZ9QdT332j\nfN/g3iWGhYMf/M9ftCKh96nvFVO/tMruzS9xx7tkrfJjehdxh/3LlJMMImPtwcD7\nkFXwyt1qZTAU6Si4oQAJxRDQXHp1ttLl3Ob829VM7IKkrVmY8TD+JSlV0jtVJPj6\n1J19ytKTx/7UaucYvb9HIiBpkuiy5n/irDqKLVf5QEdZoNCdojOZlKJmTLqHhzKP\n3E9TxsUjhrf4/EqegNc/j982RvOxeu4i40zMQwIDAQABAoIBAQDH5DXjfh21i7b4\ncXJuw0cqget617CDUhemdakTDs9yH+rHPZd3mbGDWuT0hVVuFe4vuGpmJ8c+61X0\nRvugOlBlavxK8xvYlsqTzAmPgKUPljyNtEzQ+gz0I+3mH2jkin2rL3D+SksZZgKm\nfiYMPIQWB2WUF04gB46DDb2mRVuymGHyBOQjIx3WC0KW2mzfoFUFRlZEF+Nt8Ilw\nT+g/u0aZ1IWoszbsVFOEdghgZET0HEarum0B2Je/ozcPYtwmU10iBANGMKdLqaP/\nj954BPunrUf6gmlnLZKIKklJj0advx0NA+cL79+zeVB3zexRYSA5o9q0WPhiuTwR\n/aedWHnBAoGBAP0sDWBAM1Y4TRAf8ZI9PcztwLyHPzfEIqzbObJJnx1icUMt7BWi\n+/RMOnhrlPGE1kMhOqSxvXYN3u+eSmWTqai2sSH5Hdw2EqnrISSTnwNUPINX7fHH\njEkgmXQ6ixE48SuBZnb4w1EjdB/BA6/sjL+FNhggOc87tizLTkMXmMtTAoGBAOZV\n+wPuAMBDBXmbmxCuDIjoVmgSlgeRunB1SA8RCPAFAiUo3+/zEgzW2Oz8kgI+xVwM\n33XkLKrWG1Orhpp6Hm57MjIc5MG+zF4/YRDpE/KNG9qU1tiz0UD5hOpIU9pP4bR/\ngxgPxZzvbk4h5BfHWLpjlk8UUpgk6uxqfti48c1RAoGBALBOKDZ6HwYRCSGMjUcg\n3NPEUi84JD8qmFc2B7Tv7h2he2ykIz9iFAGpwCIyETQsJKX1Ewi0OlNnD3RhEEAy\nl7jFGQ+mkzPSeCbadmcpYlgIJmf1KN/x7fDTAepeBpCEzfZVE80QKbxsaybd3Dp8\nCfwpwWUFtBxr4c7J+gNhAGe/AoGAPn8ZyqkrPv9wXtyfqFjxQbx4pWhVmNwrkBPi\nZ2Qh3q4dNOPwTvTO8vjghvzIyR8rAZzkjOJKVFgftgYWUZfM5gE7T2mTkBYq8W+U\n8LetF+S9qAM2gDnaDx0kuUTCq7t87DKk6URuQ/SbI0wCzYjjRD99KxvChVGPBHKo\n1DjqMuECgYEAgJGNm7/lJCS2wk81whfy/ttKGsEIkyhPFYQmdGzSYC5aDc2gp1R3\nxtOkYEvdjfaLfDGEa4UX8CHHF+w3t9u8hBtcdhMH6GYb9iv6z0VBTt4A/11HUR49\n3Z7TQ18Iyh3jAUCzFV9IJlLIExq5Y7P4B3ojWFBN607sDCt8BMPbDYs=\n-----END RSA PRIVATE KEY-----"
|
||||
|
||||
@public_key %{
|
||||
"id" => "https://mastodon.social/users/lambadalambda#main-key",
|
||||
"owner" => "https://mastodon.social/users/lambadalambda",
|
||||
"publicKeyPem" =>
|
||||
"-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw0P/Tq4gb4G/QVuMGbJo\nC/AfMNcv+m7NfrlOwkVzcU47jgESuYI4UtJayissCdBycHUnfVUd9qol+eznSODz\nCJhfJloqEIC+aSnuEPGA0POtWad6DU0E6/Ho5zQn5WAWUwbRQqowbrsm/GHo2+3v\neR5jGenwA6sYhINg/c3QQbksyV0uJ20Umyx88w8+TJuv53twOfmyDWuYNoQ3y5cc\nHKOZcLHxYOhvwg3PFaGfFHMFiNmF40dTXt9K96r7sbzc44iLD+VphbMPJEjkMuf8\nPGEFOBzy8pm3wJZw2v32RNW2VESwMYyqDzwHXGSq1a73cS7hEnc79gXlELsK04L9\nQQIDAQAB\n-----END PUBLIC KEY-----\n"
|
||||
}
|
||||
|
||||
@rsa_public_key {
|
||||
:RSAPublicKey,
|
||||
24_650_000_183_914_698_290_885_268_529_673_621_967_457_234_469_123_179_408_466_269_598_577_505_928_170_923_974_132_111_403_341_217_239_999_189_084_572_368_839_502_170_501_850_920_051_662_384_964_248_315_257_926_552_945_648_828_895_432_624_227_029_881_278_113_244_073_644_360_744_504_606_177_648_469_825_063_267_913_017_309_199_785_535_546_734_904_379_798_564_556_494_962_268_682_532_371_146_333_972_821_570_577_277_375_020_977_087_539_994_500_097_107_935_618_711_808_260_846_821_077_839_605_098_669_707_417_692_791_905_543_116_911_754_774_323_678_879_466_618_738_207_538_013_885_607_095_203_516_030_057_611_111_308_904_599_045_146_148_350_745_339_208_006_497_478_057_622_336_882_506_112_530_056_970_653_403_292_123_624_453_213_574_011_183_684_739_084_105_206_483_178_943_532_208_537_215_396_831_110_268_758_639_826_369_857,
|
||||
# credo:disable-for-previous-line Credo.Check.Readability.MaxLineLength
|
||||
65_537
|
||||
}
|
||||
|
||||
describe "fetch_public_key/1" do
|
||||
test "it returns key" do
|
||||
expected_result = {:ok, @rsa_public_key}
|
||||
|
||||
user = insert(:user, %{info: %{source_data: %{"publicKey" => @public_key}}})
|
||||
|
||||
assert Signature.fetch_public_key(%Plug.Conn{params: %{"actor" => user.ap_id}}) ==
|
||||
expected_result
|
||||
end
|
||||
|
||||
test "it returns error when not found user" do
|
||||
assert Signature.fetch_public_key(%Plug.Conn{params: %{"actor" => "test-ap_id"}}) ==
|
||||
{:error, :error}
|
||||
end
|
||||
|
||||
test "it returns error if public key is empty" do
|
||||
user = insert(:user, %{info: %{source_data: %{"publicKey" => %{}}}})
|
||||
|
||||
assert Signature.fetch_public_key(%Plug.Conn{params: %{"actor" => user.ap_id}}) ==
|
||||
{:error, :error}
|
||||
end
|
||||
end
|
||||
|
||||
describe "refetch_public_key/1" do
|
||||
test "it returns key" do
|
||||
ap_id = "https://mastodon.social/users/lambadalambda"
|
||||
|
||||
assert Signature.refetch_public_key(%Plug.Conn{params: %{"actor" => ap_id}}) ==
|
||||
{:ok, @rsa_public_key}
|
||||
end
|
||||
|
||||
test "it returns error when not found user" do
|
||||
assert Signature.refetch_public_key(%Plug.Conn{params: %{"actor" => "test-ap_id"}}) ==
|
||||
{:error, {:error, :ok}}
|
||||
end
|
||||
end
|
||||
|
||||
describe "sign/2" do
|
||||
test "it returns signature headers" do
|
||||
user =
|
||||
insert(:user, %{
|
||||
ap_id: "https://mastodon.social/users/lambadalambda",
|
||||
info: %{keys: @private_key}
|
||||
})
|
||||
|
||||
assert Signature.sign(
|
||||
user,
|
||||
%{
|
||||
host: "test.test",
|
||||
"content-length": 100
|
||||
}
|
||||
) ==
|
||||
"keyId=\"https://mastodon.social/users/lambadalambda#main-key\",algorithm=\"rsa-sha256\",headers=\"content-length host\",signature=\"sibUOoqsFfTDerquAkyprxzDjmJm6erYc42W5w1IyyxusWngSinq5ILTjaBxFvfarvc7ci1xAi+5gkBwtshRMWm7S+Uqix24Yg5EYafXRun9P25XVnYBEIH4XQ+wlnnzNIXQkU3PU9e6D8aajDZVp3hPJNeYt1gIPOA81bROI8/glzb1SAwQVGRbqUHHHKcwR8keiR/W2h7BwG3pVRy4JgnIZRSW7fQogKedDg02gzRXwUDFDk0pr2p3q6bUWHUXNV8cZIzlMK+v9NlyFbVYBTHctAR26GIAN6Hz0eV0mAQAePHDY1mXppbA8Gpp6hqaMuYfwifcXmcc+QFm4e+n3A==\""
|
||||
end
|
||||
|
||||
test "it returns error" do
|
||||
user =
|
||||
insert(:user, %{ap_id: "https://mastodon.social/users/lambadalambda", info: %{keys: ""}})
|
||||
|
||||
assert Signature.sign(
|
||||
user,
|
||||
%{host: "test.test", "content-length": 100}
|
||||
) == {:error, []}
|
||||
end
|
||||
end
|
||||
end
|
|
@ -879,6 +879,42 @@ def get(
|
|||
}}
|
||||
end
|
||||
|
||||
def get("https://info.pleroma.site/activity.json", _, _, Accept: "application/activity+json") do
|
||||
{:ok,
|
||||
%Tesla.Env{
|
||||
status: 200,
|
||||
body: File.read!("test/fixtures/tesla_mock/https__info.pleroma.site_activity.json")
|
||||
}}
|
||||
end
|
||||
|
||||
def get("https://info.pleroma.site/activity.json", _, _, _) do
|
||||
{:ok, %Tesla.Env{status: 404, body: ""}}
|
||||
end
|
||||
|
||||
def get("https://info.pleroma.site/activity2.json", _, _, Accept: "application/activity+json") do
|
||||
{:ok,
|
||||
%Tesla.Env{
|
||||
status: 200,
|
||||
body: File.read!("test/fixtures/tesla_mock/https__info.pleroma.site_activity2.json")
|
||||
}}
|
||||
end
|
||||
|
||||
def get("https://info.pleroma.site/activity2.json", _, _, _) do
|
||||
{:ok, %Tesla.Env{status: 404, body: ""}}
|
||||
end
|
||||
|
||||
def get("https://info.pleroma.site/activity3.json", _, _, Accept: "application/activity+json") do
|
||||
{:ok,
|
||||
%Tesla.Env{
|
||||
status: 200,
|
||||
body: File.read!("test/fixtures/tesla_mock/https__info.pleroma.site_activity3.json")
|
||||
}}
|
||||
end
|
||||
|
||||
def get("https://info.pleroma.site/activity3.json", _, _, _) do
|
||||
{:ok, %Tesla.Env{status: 404, body: ""}}
|
||||
end
|
||||
|
||||
def get(url, query, body, headers) do
|
||||
{:error,
|
||||
"Not implemented the mock response for get #{inspect(url)}, #{query}, #{inspect(body)}, #{
|
||||
|
|
|
@ -34,8 +34,8 @@ test "settings are migrated to db" do
|
|||
|
||||
Mix.Tasks.Pleroma.Config.run(["migrate_to_db"])
|
||||
|
||||
first_db = Config.get_by_params(%{group: "pleroma", key: "first_setting"})
|
||||
second_db = Config.get_by_params(%{group: "pleroma", key: "second_setting"})
|
||||
first_db = Config.get_by_params(%{group: "pleroma", key: ":first_setting"})
|
||||
second_db = Config.get_by_params(%{group: "pleroma", key: ":second_setting"})
|
||||
refute Config.get_by_params(%{group: "pleroma", key: "Pleroma.Repo"})
|
||||
|
||||
assert Config.from_binary(first_db.value) == [key: "value", key2: [Pleroma.Repo]]
|
||||
|
@ -45,13 +45,13 @@ test "settings are migrated to db" do
|
|||
test "settings are migrated to file and deleted from db", %{temp_file: temp_file} do
|
||||
Config.create(%{
|
||||
group: "pleroma",
|
||||
key: "setting_first",
|
||||
key: ":setting_first",
|
||||
value: [key: "value", key2: [Pleroma.Activity]]
|
||||
})
|
||||
|
||||
Config.create(%{
|
||||
group: "pleroma",
|
||||
key: "setting_second",
|
||||
key: ":setting_second",
|
||||
value: [key: "valu2", key2: [Pleroma.Repo]]
|
||||
})
|
||||
|
||||
|
@ -61,7 +61,7 @@ test "settings are migrated to file and deleted from db", %{temp_file: temp_file
|
|||
assert File.exists?(temp_file)
|
||||
{:ok, file} = File.read(temp_file)
|
||||
|
||||
assert file =~ "config :pleroma, setting_first:"
|
||||
assert file =~ "config :pleroma, setting_second:"
|
||||
assert file =~ "config :pleroma, :setting_first,"
|
||||
assert file =~ "config :pleroma, :setting_second,"
|
||||
end
|
||||
end
|
||||
|
|
|
@ -687,10 +687,12 @@ test "it mutes people" do
|
|||
muted_user = insert(:user)
|
||||
|
||||
refute User.mutes?(user, muted_user)
|
||||
refute User.muted_notifications?(user, muted_user)
|
||||
|
||||
{:ok, user} = User.mute(user, muted_user)
|
||||
|
||||
assert User.mutes?(user, muted_user)
|
||||
assert User.muted_notifications?(user, muted_user)
|
||||
end
|
||||
|
||||
test "it unmutes users" do
|
||||
|
@ -701,6 +703,20 @@ test "it unmutes users" do
|
|||
{:ok, user} = User.unmute(user, muted_user)
|
||||
|
||||
refute User.mutes?(user, muted_user)
|
||||
refute User.muted_notifications?(user, muted_user)
|
||||
end
|
||||
|
||||
test "it mutes user without notifications" do
|
||||
user = insert(:user)
|
||||
muted_user = insert(:user)
|
||||
|
||||
refute User.mutes?(user, muted_user)
|
||||
refute User.muted_notifications?(user, muted_user)
|
||||
|
||||
{:ok, user} = User.mute(user, muted_user, false)
|
||||
|
||||
assert User.mutes?(user, muted_user)
|
||||
refute User.muted_notifications?(user, muted_user)
|
||||
end
|
||||
end
|
||||
|
||||
|
|
|
@ -12,6 +12,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do
|
|||
alias Pleroma.Web.ActivityPub.ObjectView
|
||||
alias Pleroma.Web.ActivityPub.UserView
|
||||
alias Pleroma.Web.ActivityPub.Utils
|
||||
alias Pleroma.Web.CommonAPI
|
||||
|
||||
setup_all do
|
||||
Tesla.Mock.mock_global(fn env -> apply(HttpRequestMock, :request, [env]) end)
|
||||
|
@ -551,7 +552,7 @@ test "it returns the followers in a collection", %{conn: conn} do
|
|||
assert result["first"]["orderedItems"] == [user.ap_id]
|
||||
end
|
||||
|
||||
test "it returns returns empty if the user has 'hide_followers' set", %{conn: conn} do
|
||||
test "it returns returns a uri if the user has 'hide_followers' set", %{conn: conn} do
|
||||
user = insert(:user)
|
||||
user_two = insert(:user, %{info: %{hide_followers: true}})
|
||||
User.follow(user, user_two)
|
||||
|
@ -561,8 +562,35 @@ test "it returns returns empty if the user has 'hide_followers' set", %{conn: co
|
|||
|> get("/users/#{user_two.nickname}/followers")
|
||||
|> json_response(200)
|
||||
|
||||
assert result["first"]["orderedItems"] == []
|
||||
assert result["totalItems"] == 0
|
||||
assert is_binary(result["first"])
|
||||
end
|
||||
|
||||
test "it returns a 403 error on pages, if the user has 'hide_followers' set and the request is not authenticated",
|
||||
%{conn: conn} do
|
||||
user = insert(:user, %{info: %{hide_followers: true}})
|
||||
|
||||
result =
|
||||
conn
|
||||
|> get("/users/#{user.nickname}/followers?page=1")
|
||||
|
||||
assert result.status == 403
|
||||
assert result.resp_body == ""
|
||||
end
|
||||
|
||||
test "it renders the page, if the user has 'hide_followers' set and the request is authenticated with the same user",
|
||||
%{conn: conn} do
|
||||
user = insert(:user, %{info: %{hide_followers: true}})
|
||||
other_user = insert(:user)
|
||||
{:ok, _other_user, user, _activity} = CommonAPI.follow(other_user, user)
|
||||
|
||||
result =
|
||||
conn
|
||||
|> assign(:user, user)
|
||||
|> get("/users/#{user.nickname}/followers?page=1")
|
||||
|> json_response(200)
|
||||
|
||||
assert result["totalItems"] == 1
|
||||
assert result["orderedItems"] == [other_user.ap_id]
|
||||
end
|
||||
|
||||
test "it works for more than 10 users", %{conn: conn} do
|
||||
|
@ -606,7 +634,7 @@ test "it returns the following in a collection", %{conn: conn} do
|
|||
assert result["first"]["orderedItems"] == [user_two.ap_id]
|
||||
end
|
||||
|
||||
test "it returns returns empty if the user has 'hide_follows' set", %{conn: conn} do
|
||||
test "it returns a uri if the user has 'hide_follows' set", %{conn: conn} do
|
||||
user = insert(:user, %{info: %{hide_follows: true}})
|
||||
user_two = insert(:user)
|
||||
User.follow(user, user_two)
|
||||
|
@ -616,8 +644,35 @@ test "it returns returns empty if the user has 'hide_follows' set", %{conn: conn
|
|||
|> get("/users/#{user.nickname}/following")
|
||||
|> json_response(200)
|
||||
|
||||
assert result["first"]["orderedItems"] == []
|
||||
assert result["totalItems"] == 0
|
||||
assert is_binary(result["first"])
|
||||
end
|
||||
|
||||
test "it returns a 403 error on pages, if the user has 'hide_follows' set and the request is not authenticated",
|
||||
%{conn: conn} do
|
||||
user = insert(:user, %{info: %{hide_follows: true}})
|
||||
|
||||
result =
|
||||
conn
|
||||
|> get("/users/#{user.nickname}/following?page=1")
|
||||
|
||||
assert result.status == 403
|
||||
assert result.resp_body == ""
|
||||
end
|
||||
|
||||
test "it renders the page, if the user has 'hide_follows' set and the request is authenticated with the same user",
|
||||
%{conn: conn} do
|
||||
user = insert(:user, %{info: %{hide_follows: true}})
|
||||
other_user = insert(:user)
|
||||
{:ok, user, _other_user, _activity} = CommonAPI.follow(user, other_user)
|
||||
|
||||
result =
|
||||
conn
|
||||
|> assign(:user, user)
|
||||
|> get("/users/#{user.nickname}/following?page=1")
|
||||
|> json_response(200)
|
||||
|
||||
assert result["totalItems"] == 1
|
||||
assert result["orderedItems"] == [other_user.ap_id]
|
||||
end
|
||||
|
||||
test "it works for more than 10 users", %{conn: conn} do
|
||||
|
|
|
@ -1190,6 +1190,21 @@ test "it can create a Flag activity" do
|
|||
end
|
||||
end
|
||||
|
||||
test "fetch_activities/2 returns activities addressed to a list " do
|
||||
user = insert(:user)
|
||||
member = insert(:user)
|
||||
{:ok, list} = Pleroma.List.create("foo", user)
|
||||
{:ok, list} = Pleroma.List.follow(list, member)
|
||||
|
||||
{:ok, activity} =
|
||||
CommonAPI.post(user, %{"status" => "foobar", "visibility" => "list:#{list.id}"})
|
||||
|
||||
activity = Repo.preload(activity, :bookmark)
|
||||
activity = %Activity{activity | thread_muted?: !!activity.thread_muted?}
|
||||
|
||||
assert ActivityPub.fetch_activities([], %{"user" => user}) == [activity]
|
||||
end
|
||||
|
||||
def data_uri do
|
||||
File.read!("test/fixtures/avatar_data_uri")
|
||||
end
|
||||
|
|
|
@ -416,6 +416,7 @@ test "it ensures that as:Public activities make it to their followers collection
|
|||
|> Map.put("attributedTo", user.ap_id)
|
||||
|> Map.put("to", ["https://www.w3.org/ns/activitystreams#Public"])
|
||||
|> Map.put("cc", [])
|
||||
|> Map.put("id", user.ap_id <> "/activities/12345678")
|
||||
|
||||
data = Map.put(data, "object", object)
|
||||
|
||||
|
@ -439,6 +440,7 @@ test "it ensures that address fields become lists" do
|
|||
|> Map.put("attributedTo", user.ap_id)
|
||||
|> Map.put("to", nil)
|
||||
|> Map.put("cc", nil)
|
||||
|> Map.put("id", user.ap_id <> "/activities/12345678")
|
||||
|
||||
data = Map.put(data, "object", object)
|
||||
|
||||
|
@ -1096,6 +1098,18 @@ test "the directMessage flag is present" do
|
|||
|
||||
assert modified["directMessage"] == true
|
||||
end
|
||||
|
||||
test "it strips BCC field" do
|
||||
user = insert(:user)
|
||||
{:ok, list} = Pleroma.List.create("foo", user)
|
||||
|
||||
{:ok, activity} =
|
||||
CommonAPI.post(user, %{"status" => "foobar", "visibility" => "list:#{list.id}"})
|
||||
|
||||
{:ok, modified} = Transmogrifier.prepare_outgoing(activity.data)
|
||||
|
||||
assert is_nil(modified["bcc"])
|
||||
end
|
||||
end
|
||||
|
||||
describe "user upgrade" do
|
||||
|
|
|
@ -8,6 +8,7 @@ defmodule Pleroma.Web.ActivityPub.UserViewTest do
|
|||
|
||||
alias Pleroma.User
|
||||
alias Pleroma.Web.ActivityPub.UserView
|
||||
alias Pleroma.Web.CommonAPI
|
||||
|
||||
test "Renders a user, including the public key" do
|
||||
user = insert(:user)
|
||||
|
@ -82,4 +83,28 @@ test "instance users do not expose oAuth endpoints" do
|
|||
refute result["endpoints"]["oauthTokenEndpoint"]
|
||||
end
|
||||
end
|
||||
|
||||
describe "followers" do
|
||||
test "sets totalItems to zero when followers are hidden" do
|
||||
user = insert(:user)
|
||||
other_user = insert(:user)
|
||||
{:ok, _other_user, user, _activity} = CommonAPI.follow(other_user, user)
|
||||
assert %{"totalItems" => 1} = UserView.render("followers.json", %{user: user})
|
||||
info = Map.put(user.info, :hide_followers, true)
|
||||
user = Map.put(user, :info, info)
|
||||
assert %{"totalItems" => 0} = UserView.render("followers.json", %{user: user})
|
||||
end
|
||||
end
|
||||
|
||||
describe "following" do
|
||||
test "sets totalItems to zero when follows are hidden" do
|
||||
user = insert(:user)
|
||||
other_user = insert(:user)
|
||||
{:ok, user, _other_user, _activity} = CommonAPI.follow(user, other_user)
|
||||
assert %{"totalItems" => 1} = UserView.render("following.json", %{user: user})
|
||||
info = Map.put(user.info, :hide_follows, true)
|
||||
user = Map.put(user, :info, info)
|
||||
assert %{"totalItems" => 0} = UserView.render("following.json", %{user: user})
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -16,6 +16,9 @@ defmodule Pleroma.Web.ActivityPub.VisibilityTest do
|
|||
following = insert(:user)
|
||||
unrelated = insert(:user)
|
||||
{:ok, following} = Pleroma.User.follow(following, user)
|
||||
{:ok, list} = Pleroma.List.create("foo", user)
|
||||
|
||||
Pleroma.List.follow(list, unrelated)
|
||||
|
||||
{:ok, public} =
|
||||
CommonAPI.post(user, %{"status" => "@#{mentioned.nickname}", "visibility" => "public"})
|
||||
|
@ -29,6 +32,12 @@ defmodule Pleroma.Web.ActivityPub.VisibilityTest do
|
|||
{:ok, unlisted} =
|
||||
CommonAPI.post(user, %{"status" => "@#{mentioned.nickname}", "visibility" => "unlisted"})
|
||||
|
||||
{:ok, list} =
|
||||
CommonAPI.post(user, %{
|
||||
"status" => "@#{mentioned.nickname}",
|
||||
"visibility" => "list:#{list.id}"
|
||||
})
|
||||
|
||||
%{
|
||||
public: public,
|
||||
private: private,
|
||||
|
@ -37,29 +46,65 @@ defmodule Pleroma.Web.ActivityPub.VisibilityTest do
|
|||
user: user,
|
||||
mentioned: mentioned,
|
||||
following: following,
|
||||
unrelated: unrelated
|
||||
unrelated: unrelated,
|
||||
list: list
|
||||
}
|
||||
end
|
||||
|
||||
test "is_direct?", %{public: public, private: private, direct: direct, unlisted: unlisted} do
|
||||
test "is_direct?", %{
|
||||
public: public,
|
||||
private: private,
|
||||
direct: direct,
|
||||
unlisted: unlisted,
|
||||
list: list
|
||||
} do
|
||||
assert Visibility.is_direct?(direct)
|
||||
refute Visibility.is_direct?(public)
|
||||
refute Visibility.is_direct?(private)
|
||||
refute Visibility.is_direct?(unlisted)
|
||||
assert Visibility.is_direct?(list)
|
||||
end
|
||||
|
||||
test "is_public?", %{public: public, private: private, direct: direct, unlisted: unlisted} do
|
||||
test "is_public?", %{
|
||||
public: public,
|
||||
private: private,
|
||||
direct: direct,
|
||||
unlisted: unlisted,
|
||||
list: list
|
||||
} do
|
||||
refute Visibility.is_public?(direct)
|
||||
assert Visibility.is_public?(public)
|
||||
refute Visibility.is_public?(private)
|
||||
assert Visibility.is_public?(unlisted)
|
||||
refute Visibility.is_public?(list)
|
||||
end
|
||||
|
||||
test "is_private?", %{public: public, private: private, direct: direct, unlisted: unlisted} do
|
||||
test "is_private?", %{
|
||||
public: public,
|
||||
private: private,
|
||||
direct: direct,
|
||||
unlisted: unlisted,
|
||||
list: list
|
||||
} do
|
||||
refute Visibility.is_private?(direct)
|
||||
refute Visibility.is_private?(public)
|
||||
assert Visibility.is_private?(private)
|
||||
refute Visibility.is_private?(unlisted)
|
||||
refute Visibility.is_private?(list)
|
||||
end
|
||||
|
||||
test "is_list?", %{
|
||||
public: public,
|
||||
private: private,
|
||||
direct: direct,
|
||||
unlisted: unlisted,
|
||||
list: list
|
||||
} do
|
||||
refute Visibility.is_list?(direct)
|
||||
refute Visibility.is_list?(public)
|
||||
refute Visibility.is_list?(private)
|
||||
refute Visibility.is_list?(unlisted)
|
||||
assert Visibility.is_list?(list)
|
||||
end
|
||||
|
||||
test "visible_for_user?", %{
|
||||
|
@ -70,7 +115,8 @@ test "visible_for_user?", %{
|
|||
user: user,
|
||||
mentioned: mentioned,
|
||||
following: following,
|
||||
unrelated: unrelated
|
||||
unrelated: unrelated,
|
||||
list: list
|
||||
} do
|
||||
# All visible to author
|
||||
|
||||
|
@ -78,6 +124,7 @@ test "visible_for_user?", %{
|
|||
assert Visibility.visible_for_user?(private, user)
|
||||
assert Visibility.visible_for_user?(unlisted, user)
|
||||
assert Visibility.visible_for_user?(direct, user)
|
||||
assert Visibility.visible_for_user?(list, user)
|
||||
|
||||
# All visible to a mentioned user
|
||||
|
||||
|
@ -85,6 +132,7 @@ test "visible_for_user?", %{
|
|||
assert Visibility.visible_for_user?(private, mentioned)
|
||||
assert Visibility.visible_for_user?(unlisted, mentioned)
|
||||
assert Visibility.visible_for_user?(direct, mentioned)
|
||||
assert Visibility.visible_for_user?(list, mentioned)
|
||||
|
||||
# DM not visible for just follower
|
||||
|
||||
|
@ -92,6 +140,7 @@ test "visible_for_user?", %{
|
|||
assert Visibility.visible_for_user?(private, following)
|
||||
assert Visibility.visible_for_user?(unlisted, following)
|
||||
refute Visibility.visible_for_user?(direct, following)
|
||||
refute Visibility.visible_for_user?(list, following)
|
||||
|
||||
# Public and unlisted visible for unrelated user
|
||||
|
||||
|
@ -99,6 +148,9 @@ test "visible_for_user?", %{
|
|||
assert Visibility.visible_for_user?(unlisted, unrelated)
|
||||
refute Visibility.visible_for_user?(private, unrelated)
|
||||
refute Visibility.visible_for_user?(direct, unrelated)
|
||||
|
||||
# Visible for a list member
|
||||
assert Visibility.visible_for_user?(list, unrelated)
|
||||
end
|
||||
|
||||
test "doesn't die when the user doesn't exist",
|
||||
|
@ -115,18 +167,24 @@ test "get_visibility", %{
|
|||
public: public,
|
||||
private: private,
|
||||
direct: direct,
|
||||
unlisted: unlisted
|
||||
unlisted: unlisted,
|
||||
list: list
|
||||
} do
|
||||
assert Visibility.get_visibility(public) == "public"
|
||||
assert Visibility.get_visibility(private) == "private"
|
||||
assert Visibility.get_visibility(direct) == "direct"
|
||||
assert Visibility.get_visibility(unlisted) == "unlisted"
|
||||
assert Visibility.get_visibility(list) == "list"
|
||||
end
|
||||
|
||||
test "get_visibility with directMessage flag" do
|
||||
assert Visibility.get_visibility(%{data: %{"directMessage" => true}}) == "direct"
|
||||
end
|
||||
|
||||
test "get_visibility with listMessage flag" do
|
||||
assert Visibility.get_visibility(%{data: %{"listMessage" => ""}}) == "list"
|
||||
end
|
||||
|
||||
describe "entire_thread_visible_for_user?/2" do
|
||||
test "returns false if not found activity", %{user: user} do
|
||||
refute Visibility.entire_thread_visible_for_user?(%Activity{}, user)
|
||||
|
|
|
@ -1720,7 +1720,7 @@ test "settings with nesting map", %{conn: conn} do
|
|||
configs: [
|
||||
%{
|
||||
"group" => "pleroma",
|
||||
"key" => "key1",
|
||||
"key" => ":key1",
|
||||
"value" => [
|
||||
%{"tuple" => [":key2", "some_val"]},
|
||||
%{
|
||||
|
@ -1750,7 +1750,7 @@ test "settings with nesting map", %{conn: conn} do
|
|||
"configs" => [
|
||||
%{
|
||||
"group" => "pleroma",
|
||||
"key" => "key1",
|
||||
"key" => ":key1",
|
||||
"value" => [
|
||||
%{"tuple" => [":key2", "some_val"]},
|
||||
%{
|
||||
|
@ -1782,7 +1782,7 @@ test "value as map", %{conn: conn} do
|
|||
configs: [
|
||||
%{
|
||||
"group" => "pleroma",
|
||||
"key" => "key1",
|
||||
"key" => ":key1",
|
||||
"value" => %{"key" => "some_val"}
|
||||
}
|
||||
]
|
||||
|
@ -1793,7 +1793,7 @@ test "value as map", %{conn: conn} do
|
|||
"configs" => [
|
||||
%{
|
||||
"group" => "pleroma",
|
||||
"key" => "key1",
|
||||
"key" => ":key1",
|
||||
"value" => %{"key" => "some_val"}
|
||||
}
|
||||
]
|
||||
|
@ -1862,6 +1862,45 @@ test "dispatch setting", %{conn: conn} do
|
|||
]
|
||||
}
|
||||
end
|
||||
|
||||
test "queues key as atom", %{conn: conn} do
|
||||
conn =
|
||||
post(conn, "/api/pleroma/admin/config", %{
|
||||
configs: [
|
||||
%{
|
||||
"group" => "pleroma_job_queue",
|
||||
"key" => ":queues",
|
||||
"value" => [
|
||||
%{"tuple" => [":federator_incoming", 50]},
|
||||
%{"tuple" => [":federator_outgoing", 50]},
|
||||
%{"tuple" => [":web_push", 50]},
|
||||
%{"tuple" => [":mailer", 10]},
|
||||
%{"tuple" => [":transmogrifier", 20]},
|
||||
%{"tuple" => [":scheduled_activities", 10]},
|
||||
%{"tuple" => [":background", 5]}
|
||||
]
|
||||
}
|
||||
]
|
||||
})
|
||||
|
||||
assert json_response(conn, 200) == %{
|
||||
"configs" => [
|
||||
%{
|
||||
"group" => "pleroma_job_queue",
|
||||
"key" => ":queues",
|
||||
"value" => [
|
||||
%{"tuple" => [":federator_incoming", 50]},
|
||||
%{"tuple" => [":federator_outgoing", 50]},
|
||||
%{"tuple" => [":web_push", 50]},
|
||||
%{"tuple" => [":mailer", 10]},
|
||||
%{"tuple" => [":transmogrifier", 20]},
|
||||
%{"tuple" => [":scheduled_activities", 10]},
|
||||
%{"tuple" => [":background", 5]}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
|
|
|
@ -129,6 +129,18 @@ test "it does not allow replies to direct messages that are not direct messages
|
|||
})
|
||||
end)
|
||||
end
|
||||
|
||||
test "it allows to address a list" do
|
||||
user = insert(:user)
|
||||
{:ok, list} = Pleroma.List.create("foo", user)
|
||||
|
||||
{:ok, activity} =
|
||||
CommonAPI.post(user, %{"status" => "foobar", "visibility" => "list:#{list.id}"})
|
||||
|
||||
assert activity.data["bcc"] == [list.ap_id]
|
||||
assert activity.recipients == [list.ap_id, user.ap_id]
|
||||
assert activity.data["listMessage"] == list.ap_id
|
||||
end
|
||||
end
|
||||
|
||||
describe "reactions" do
|
||||
|
@ -346,6 +358,20 @@ test "remove a reblog mute", %{muter: muter, muted: muted} do
|
|||
end
|
||||
end
|
||||
|
||||
describe "unfollow/2" do
|
||||
test "also unsubscribes a user" do
|
||||
[follower, followed] = insert_pair(:user)
|
||||
{:ok, follower, followed, _} = CommonAPI.follow(follower, followed)
|
||||
{:ok, followed} = User.subscribe(follower, followed)
|
||||
|
||||
assert User.subscribed_to?(follower, followed)
|
||||
|
||||
{:ok, follower} = CommonAPI.unfollow(follower, followed)
|
||||
|
||||
refute User.subscribed_to?(follower, followed)
|
||||
end
|
||||
end
|
||||
|
||||
describe "accept_follow_request/2" do
|
||||
test "after acceptance, it sets all existing pending follow request states to 'accept'" do
|
||||
user = insert(:user, info: %{locked: true})
|
||||
|
|
|
@ -593,7 +593,7 @@ test "user avatar can be set", %{conn: conn} do
|
|||
conn =
|
||||
conn
|
||||
|> assign(:user, user)
|
||||
|> patch("/api/v1/accounts/update_avatar", %{img: avatar_image})
|
||||
|> patch("/api/v1/pleroma/accounts/update_avatar", %{img: avatar_image})
|
||||
|
||||
user = refresh_record(user)
|
||||
|
||||
|
@ -618,7 +618,7 @@ test "user avatar can be reset", %{conn: conn} do
|
|||
conn =
|
||||
conn
|
||||
|> assign(:user, user)
|
||||
|> patch("/api/v1/accounts/update_avatar", %{img: ""})
|
||||
|> patch("/api/v1/pleroma/accounts/update_avatar", %{img: ""})
|
||||
|
||||
user = User.get_cached_by_id(user.id)
|
||||
|
||||
|
@ -633,7 +633,7 @@ test "can set profile banner", %{conn: conn} do
|
|||
conn =
|
||||
conn
|
||||
|> assign(:user, user)
|
||||
|> patch("/api/v1/accounts/update_banner", %{"banner" => @image})
|
||||
|> patch("/api/v1/pleroma/accounts/update_banner", %{"banner" => @image})
|
||||
|
||||
user = refresh_record(user)
|
||||
assert user.info.banner["type"] == "Image"
|
||||
|
@ -647,7 +647,7 @@ test "can reset profile banner", %{conn: conn} do
|
|||
conn =
|
||||
conn
|
||||
|> assign(:user, user)
|
||||
|> patch("/api/v1/accounts/update_banner", %{"banner" => ""})
|
||||
|> patch("/api/v1/pleroma/accounts/update_banner", %{"banner" => ""})
|
||||
|
||||
user = refresh_record(user)
|
||||
assert user.info.banner == %{}
|
||||
|
@ -661,7 +661,7 @@ test "background image can be set", %{conn: conn} do
|
|||
conn =
|
||||
conn
|
||||
|> assign(:user, user)
|
||||
|> patch("/api/v1/accounts/update_background", %{"img" => @image})
|
||||
|> patch("/api/v1/pleroma/accounts/update_background", %{"img" => @image})
|
||||
|
||||
user = refresh_record(user)
|
||||
assert user.info.background["type"] == "Image"
|
||||
|
@ -674,7 +674,7 @@ test "background image can be reset", %{conn: conn} do
|
|||
conn =
|
||||
conn
|
||||
|> assign(:user, user)
|
||||
|> patch("/api/v1/accounts/update_background", %{"img" => ""})
|
||||
|> patch("/api/v1/pleroma/accounts/update_background", %{"img" => ""})
|
||||
|
||||
user = refresh_record(user)
|
||||
assert user.info.background == %{}
|
||||
|
@ -1274,6 +1274,71 @@ test "destroy multiple", %{conn: conn} do
|
|||
result = json_response(conn_res, 200)
|
||||
assert [%{"id" => ^notification4_id}, %{"id" => ^notification3_id}] = result
|
||||
end
|
||||
|
||||
test "doesn't see notifications after muting user with notifications", %{conn: conn} do
|
||||
user = insert(:user)
|
||||
user2 = insert(:user)
|
||||
|
||||
{:ok, _, _, _} = CommonAPI.follow(user, user2)
|
||||
{:ok, _} = CommonAPI.post(user2, %{"status" => "hey @#{user.nickname}"})
|
||||
|
||||
conn = assign(conn, :user, user)
|
||||
|
||||
conn = get(conn, "/api/v1/notifications")
|
||||
|
||||
assert length(json_response(conn, 200)) == 1
|
||||
|
||||
{:ok, user} = User.mute(user, user2)
|
||||
|
||||
conn = assign(build_conn(), :user, user)
|
||||
conn = get(conn, "/api/v1/notifications")
|
||||
|
||||
assert json_response(conn, 200) == []
|
||||
end
|
||||
|
||||
test "see notifications after muting user without notifications", %{conn: conn} do
|
||||
user = insert(:user)
|
||||
user2 = insert(:user)
|
||||
|
||||
{:ok, _, _, _} = CommonAPI.follow(user, user2)
|
||||
{:ok, _} = CommonAPI.post(user2, %{"status" => "hey @#{user.nickname}"})
|
||||
|
||||
conn = assign(conn, :user, user)
|
||||
|
||||
conn = get(conn, "/api/v1/notifications")
|
||||
|
||||
assert length(json_response(conn, 200)) == 1
|
||||
|
||||
{:ok, user} = User.mute(user, user2, false)
|
||||
|
||||
conn = assign(build_conn(), :user, user)
|
||||
conn = get(conn, "/api/v1/notifications")
|
||||
|
||||
assert length(json_response(conn, 200)) == 1
|
||||
end
|
||||
|
||||
test "see notifications after muting user with notifications and with_muted parameter", %{
|
||||
conn: conn
|
||||
} do
|
||||
user = insert(:user)
|
||||
user2 = insert(:user)
|
||||
|
||||
{:ok, _, _, _} = CommonAPI.follow(user, user2)
|
||||
{:ok, _} = CommonAPI.post(user2, %{"status" => "hey @#{user.nickname}"})
|
||||
|
||||
conn = assign(conn, :user, user)
|
||||
|
||||
conn = get(conn, "/api/v1/notifications")
|
||||
|
||||
assert length(json_response(conn, 200)) == 1
|
||||
|
||||
{:ok, user} = User.mute(user, user2)
|
||||
|
||||
conn = assign(build_conn(), :user, user)
|
||||
conn = get(conn, "/api/v1/notifications", %{"with_muted" => "true"})
|
||||
|
||||
assert length(json_response(conn, 200)) == 1
|
||||
end
|
||||
end
|
||||
|
||||
describe "reblogging" do
|
||||
|
@ -2105,25 +2170,52 @@ test "following / unfollowing errors" do
|
|||
assert %{"error" => "Record not found"} = json_response(conn_res, 404)
|
||||
end
|
||||
|
||||
test "muting / unmuting a user", %{conn: conn} do
|
||||
user = insert(:user)
|
||||
other_user = insert(:user)
|
||||
describe "mute/unmute" do
|
||||
test "with notifications", %{conn: conn} do
|
||||
user = insert(:user)
|
||||
other_user = insert(:user)
|
||||
|
||||
conn =
|
||||
conn
|
||||
|> assign(:user, user)
|
||||
|> post("/api/v1/accounts/#{other_user.id}/mute")
|
||||
conn =
|
||||
conn
|
||||
|> assign(:user, user)
|
||||
|> post("/api/v1/accounts/#{other_user.id}/mute")
|
||||
|
||||
assert %{"id" => _id, "muting" => true} = json_response(conn, 200)
|
||||
response = json_response(conn, 200)
|
||||
|
||||
user = User.get_cached_by_id(user.id)
|
||||
assert %{"id" => _id, "muting" => true, "muting_notifications" => true} = response
|
||||
user = User.get_cached_by_id(user.id)
|
||||
|
||||
conn =
|
||||
build_conn()
|
||||
|> assign(:user, user)
|
||||
|> post("/api/v1/accounts/#{other_user.id}/unmute")
|
||||
conn =
|
||||
build_conn()
|
||||
|> assign(:user, user)
|
||||
|> post("/api/v1/accounts/#{other_user.id}/unmute")
|
||||
|
||||
assert %{"id" => _id, "muting" => false} = json_response(conn, 200)
|
||||
response = json_response(conn, 200)
|
||||
assert %{"id" => _id, "muting" => false, "muting_notifications" => false} = response
|
||||
end
|
||||
|
||||
test "without notifications", %{conn: conn} do
|
||||
user = insert(:user)
|
||||
other_user = insert(:user)
|
||||
|
||||
conn =
|
||||
conn
|
||||
|> assign(:user, user)
|
||||
|> post("/api/v1/accounts/#{other_user.id}/mute", %{"notifications" => "false"})
|
||||
|
||||
response = json_response(conn, 200)
|
||||
|
||||
assert %{"id" => _id, "muting" => true, "muting_notifications" => false} = response
|
||||
user = User.get_cached_by_id(user.id)
|
||||
|
||||
conn =
|
||||
build_conn()
|
||||
|> assign(:user, user)
|
||||
|> post("/api/v1/accounts/#{other_user.id}/unmute")
|
||||
|
||||
response = json_response(conn, 200)
|
||||
assert %{"id" => _id, "muting" => false, "muting_notifications" => false} = response
|
||||
end
|
||||
end
|
||||
|
||||
test "subscribing / unsubscribing to a user", %{conn: conn} do
|
||||
|
|
|
@ -541,4 +541,17 @@ test "embeds a relationship in the account in reposts" do
|
|||
assert result[:reblog][:account][:pleroma][:relationship] ==
|
||||
AccountView.render("relationship.json", %{user: user, target: user})
|
||||
end
|
||||
|
||||
test "visibility/list" do
|
||||
user = insert(:user)
|
||||
|
||||
{:ok, list} = Pleroma.List.create("foo", user)
|
||||
|
||||
{:ok, activity} =
|
||||
CommonAPI.post(user, %{"status" => "foobar", "visibility" => "list:#{list.id}"})
|
||||
|
||||
status = StatusView.render("status.json", activity: activity)
|
||||
|
||||
assert status.visibility == "list"
|
||||
end
|
||||
end
|
||||
|
|
73
test/web/media_proxy/media_proxy_controller_test.exs
Normal file
73
test/web/media_proxy/media_proxy_controller_test.exs
Normal file
|
@ -0,0 +1,73 @@
|
|||
# Pleroma: A lightweight social networking server
|
||||
# Copyright © 2017-2018 Pleroma Authors <https://pleroma.social/>
|
||||
# SPDX-License-Identifier: AGPL-3.0-only
|
||||
|
||||
defmodule Pleroma.Web.MediaProxy.MediaProxyControllerTest do
|
||||
use Pleroma.Web.ConnCase
|
||||
import Mock
|
||||
alias Pleroma.Config
|
||||
|
||||
setup do
|
||||
media_proxy_config = Config.get([:media_proxy]) || []
|
||||
on_exit(fn -> Config.put([:media_proxy], media_proxy_config) end)
|
||||
:ok
|
||||
end
|
||||
|
||||
test "it returns 404 when MediaProxy disabled", %{conn: conn} do
|
||||
Config.put([:media_proxy, :enabled], false)
|
||||
|
||||
assert %Plug.Conn{
|
||||
status: 404,
|
||||
resp_body: "Not Found"
|
||||
} = get(conn, "/proxy/hhgfh/eeeee")
|
||||
|
||||
assert %Plug.Conn{
|
||||
status: 404,
|
||||
resp_body: "Not Found"
|
||||
} = get(conn, "/proxy/hhgfh/eeee/fff")
|
||||
end
|
||||
|
||||
test "it returns 403 when signature invalidated", %{conn: conn} do
|
||||
Config.put([:media_proxy, :enabled], true)
|
||||
Config.put([Pleroma.Web.Endpoint, :secret_key_base], "00000000000")
|
||||
path = URI.parse(Pleroma.Web.MediaProxy.encode_url("https://google.fn")).path
|
||||
Config.put([Pleroma.Web.Endpoint, :secret_key_base], "000")
|
||||
|
||||
assert %Plug.Conn{
|
||||
status: 403,
|
||||
resp_body: "Forbidden"
|
||||
} = get(conn, path)
|
||||
|
||||
assert %Plug.Conn{
|
||||
status: 403,
|
||||
resp_body: "Forbidden"
|
||||
} = get(conn, "/proxy/hhgfh/eeee")
|
||||
|
||||
assert %Plug.Conn{
|
||||
status: 403,
|
||||
resp_body: "Forbidden"
|
||||
} = get(conn, "/proxy/hhgfh/eeee/fff")
|
||||
end
|
||||
|
||||
test "redirects on valid url when filename invalidated", %{conn: conn} do
|
||||
Config.put([:media_proxy, :enabled], true)
|
||||
Config.put([Pleroma.Web.Endpoint, :secret_key_base], "00000000000")
|
||||
url = Pleroma.Web.MediaProxy.encode_url("https://google.fn/test.png")
|
||||
invalid_url = String.replace(url, "test.png", "test-file.png")
|
||||
response = get(conn, invalid_url)
|
||||
html = "<html><body>You are being <a href=\"#{url}\">redirected</a>.</body></html>"
|
||||
assert response.status == 302
|
||||
assert response.resp_body == html
|
||||
end
|
||||
|
||||
test "it performs ReverseProxy.call when signature valid", %{conn: conn} do
|
||||
Config.put([:media_proxy, :enabled], true)
|
||||
Config.put([Pleroma.Web.Endpoint, :secret_key_base], "00000000000")
|
||||
url = Pleroma.Web.MediaProxy.encode_url("https://google.fn/test.png")
|
||||
|
||||
with_mock Pleroma.ReverseProxy,
|
||||
call: fn _conn, _url, _opts -> %Plug.Conn{status: :success} end do
|
||||
assert %Plug.Conn{status: :success} = get(conn, url)
|
||||
end
|
||||
end
|
||||
end
|
|
@ -2,7 +2,7 @@
|
|||
# Copyright © 2017-2018 Pleroma Authors <https://pleroma.social/>
|
||||
# SPDX-License-Identifier: AGPL-3.0-only
|
||||
|
||||
defmodule Pleroma.MediaProxyTest do
|
||||
defmodule Pleroma.Web.MediaProxyTest do
|
||||
use ExUnit.Case
|
||||
import Pleroma.Web.MediaProxy
|
||||
alias Pleroma.Web.MediaProxy.MediaProxyController
|
||||
|
@ -90,22 +90,28 @@ test "validates signature" do
|
|||
|
||||
test "filename_matches preserves the encoded or decoded path" do
|
||||
assert MediaProxyController.filename_matches(
|
||||
true,
|
||||
%{"filename" => "/Hello world.jpg"},
|
||||
"/Hello world.jpg",
|
||||
"http://pleroma.social/Hello world.jpg"
|
||||
) == :ok
|
||||
|
||||
assert MediaProxyController.filename_matches(
|
||||
true,
|
||||
%{"filename" => "/Hello%20world.jpg"},
|
||||
"/Hello%20world.jpg",
|
||||
"http://pleroma.social/Hello%20world.jpg"
|
||||
) == :ok
|
||||
|
||||
assert MediaProxyController.filename_matches(
|
||||
true,
|
||||
%{"filename" => "/my%2Flong%2Furl%2F2019%2F07%2FS.jpg"},
|
||||
"/my%2Flong%2Furl%2F2019%2F07%2FS.jpg",
|
||||
"http://pleroma.social/my%2Flong%2Furl%2F2019%2F07%2FS.jpg"
|
||||
) == :ok
|
||||
|
||||
assert MediaProxyController.filename_matches(
|
||||
%{"filename" => "/my%2Flong%2Furl%2F2019%2F07%2FS.jp"},
|
||||
"/my%2Flong%2Furl%2F2019%2F07%2FS.jp",
|
||||
"http://pleroma.social/my%2Flong%2Furl%2F2019%2F07%2FS.jpg"
|
||||
) == {:wrong_filename, "my%2Flong%2Furl%2F2019%2F07%2FS.jpg"}
|
||||
end
|
||||
|
||||
test "encoded url are tried to match for proxy as `conn.request_path` encodes the url" do
|
33
test/web/metadata/player_view_test.exs
Normal file
33
test/web/metadata/player_view_test.exs
Normal file
|
@ -0,0 +1,33 @@
|
|||
# Pleroma: A lightweight social networking server
|
||||
# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
|
||||
# SPDX-License-Identifier: AGPL-3.0-only
|
||||
|
||||
defmodule Pleroma.Web.Metadata.PlayerViewTest do
|
||||
use Pleroma.DataCase
|
||||
|
||||
alias Pleroma.Web.Metadata.PlayerView
|
||||
|
||||
test "it renders audio tag" do
|
||||
res =
|
||||
PlayerView.render(
|
||||
"player.html",
|
||||
%{"mediaType" => "audio", "href" => "test-href"}
|
||||
)
|
||||
|> Phoenix.HTML.safe_to_string()
|
||||
|
||||
assert res ==
|
||||
"<audio controls><source src=\"test-href\" type=\"audio\">Your browser does not support audio playback.</audio>"
|
||||
end
|
||||
|
||||
test "it renders videos tag" do
|
||||
res =
|
||||
PlayerView.render(
|
||||
"player.html",
|
||||
%{"mediaType" => "video", "href" => "test-href"}
|
||||
)
|
||||
|> Phoenix.HTML.safe_to_string()
|
||||
|
||||
assert res ==
|
||||
"<video controls loop><source src=\"test-href\" type=\"video\">Your browser does not support video playback.</video>"
|
||||
end
|
||||
end
|
123
test/web/metadata/twitter_card_test.exs
Normal file
123
test/web/metadata/twitter_card_test.exs
Normal file
|
@ -0,0 +1,123 @@
|
|||
# Pleroma: A lightweight social networking server
|
||||
# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
|
||||
# SPDX-License-Identifier: AGPL-3.0-only
|
||||
|
||||
defmodule Pleroma.Web.Metadata.Providers.TwitterCardTest do
|
||||
use Pleroma.DataCase
|
||||
import Pleroma.Factory
|
||||
|
||||
alias Pleroma.User
|
||||
alias Pleroma.Web.CommonAPI
|
||||
alias Pleroma.Web.Endpoint
|
||||
alias Pleroma.Web.Metadata.Providers.TwitterCard
|
||||
alias Pleroma.Web.Metadata.Utils
|
||||
alias Pleroma.Web.Router
|
||||
|
||||
test "it renders twitter card for user info" do
|
||||
user = insert(:user, name: "Jimmy Hendriks", bio: "born 19 March 1994")
|
||||
avatar_url = Utils.attachment_url(User.avatar_url(user))
|
||||
res = TwitterCard.build_tags(%{user: user})
|
||||
|
||||
assert res == [
|
||||
{:meta, [property: "twitter:title", content: Utils.user_name_string(user)], []},
|
||||
{:meta, [property: "twitter:description", content: "born 19 March 1994"], []},
|
||||
{:meta, [property: "twitter:image", content: avatar_url], []},
|
||||
{:meta, [property: "twitter:card", content: "summary"], []}
|
||||
]
|
||||
end
|
||||
|
||||
test "it does not render attachments if post is nsfw" do
|
||||
Pleroma.Config.put([Pleroma.Web.Metadata, :unfurl_nsfw], false)
|
||||
user = insert(:user, name: "Jimmy Hendriks", bio: "born 19 March 1994")
|
||||
{:ok, activity} = CommonAPI.post(user, %{"status" => "HI"})
|
||||
|
||||
note =
|
||||
insert(:note, %{
|
||||
data: %{
|
||||
"actor" => user.ap_id,
|
||||
"tag" => [],
|
||||
"id" => "https://pleroma.gov/objects/whatever",
|
||||
"content" => "pleroma in a nutshell",
|
||||
"sensitive" => true,
|
||||
"attachment" => [
|
||||
%{
|
||||
"url" => [%{"mediaType" => "image/png", "href" => "https://pleroma.gov/tenshi.png"}]
|
||||
},
|
||||
%{
|
||||
"url" => [
|
||||
%{
|
||||
"mediaType" => "application/octet-stream",
|
||||
"href" => "https://pleroma.gov/fqa/badapple.sfc"
|
||||
}
|
||||
]
|
||||
},
|
||||
%{
|
||||
"url" => [
|
||||
%{"mediaType" => "video/webm", "href" => "https://pleroma.gov/about/juche.webm"}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
})
|
||||
|
||||
result = TwitterCard.build_tags(%{object: note, user: user, activity_id: activity.id})
|
||||
|
||||
assert [
|
||||
{:meta, [property: "twitter:title", content: Utils.user_name_string(user)], []},
|
||||
{:meta, [property: "twitter:description", content: "“pleroma in a nutshell”"], []},
|
||||
{:meta, [property: "twitter:image", content: "http://localhost:4001/images/avi.png"],
|
||||
[]},
|
||||
{:meta, [property: "twitter:card", content: "summary_large_image"], []}
|
||||
] == result
|
||||
end
|
||||
|
||||
test "it renders supported types of attachments and skips unknown types" do
|
||||
user = insert(:user, name: "Jimmy Hendriks", bio: "born 19 March 1994")
|
||||
{:ok, activity} = CommonAPI.post(user, %{"status" => "HI"})
|
||||
|
||||
note =
|
||||
insert(:note, %{
|
||||
data: %{
|
||||
"actor" => user.ap_id,
|
||||
"tag" => [],
|
||||
"id" => "https://pleroma.gov/objects/whatever",
|
||||
"content" => "pleroma in a nutshell",
|
||||
"attachment" => [
|
||||
%{
|
||||
"url" => [%{"mediaType" => "image/png", "href" => "https://pleroma.gov/tenshi.png"}]
|
||||
},
|
||||
%{
|
||||
"url" => [
|
||||
%{
|
||||
"mediaType" => "application/octet-stream",
|
||||
"href" => "https://pleroma.gov/fqa/badapple.sfc"
|
||||
}
|
||||
]
|
||||
},
|
||||
%{
|
||||
"url" => [
|
||||
%{"mediaType" => "video/webm", "href" => "https://pleroma.gov/about/juche.webm"}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
})
|
||||
|
||||
result = TwitterCard.build_tags(%{object: note, user: user, activity_id: activity.id})
|
||||
|
||||
assert [
|
||||
{:meta, [property: "twitter:title", content: Utils.user_name_string(user)], []},
|
||||
{:meta, [property: "twitter:description", content: "“pleroma in a nutshell”"], []},
|
||||
{:meta, [property: "twitter:card", content: "summary_large_image"], []},
|
||||
{:meta, [property: "twitter:player", content: "https://pleroma.gov/tenshi.png"], []},
|
||||
{:meta, [property: "twitter:card", content: "player"], []},
|
||||
{:meta,
|
||||
[
|
||||
property: "twitter:player",
|
||||
content: Router.Helpers.o_status_url(Endpoint, :notice_player, activity.id)
|
||||
], []},
|
||||
{:meta, [property: "twitter:player:width", content: "480"], []},
|
||||
{:meta, [property: "twitter:player:height", content: "480"], []}
|
||||
] == result
|
||||
end
|
||||
end
|
|
@ -83,4 +83,47 @@ test "it returns the safe_dm_mentions feature if enabled", %{conn: conn} do
|
|||
|
||||
Pleroma.Config.put([:instance, :safe_dm_mentions], option)
|
||||
end
|
||||
|
||||
test "it shows MRF transparency data if enabled", %{conn: conn} do
|
||||
option = Pleroma.Config.get([:instance, :mrf_transparency])
|
||||
Pleroma.Config.put([:instance, :mrf_transparency], true)
|
||||
|
||||
simple_config = %{"reject" => ["example.com"]}
|
||||
Pleroma.Config.put(:mrf_simple, simple_config)
|
||||
|
||||
response =
|
||||
conn
|
||||
|> get("/nodeinfo/2.1.json")
|
||||
|> json_response(:ok)
|
||||
|
||||
assert response["metadata"]["federation"]["mrf_simple"] == simple_config
|
||||
|
||||
Pleroma.Config.put([:instance, :mrf_transparency], option)
|
||||
Pleroma.Config.put(:mrf_simple, %{})
|
||||
end
|
||||
|
||||
test "it performs exclusions from MRF transparency data if configured", %{conn: conn} do
|
||||
option = Pleroma.Config.get([:instance, :mrf_transparency])
|
||||
Pleroma.Config.put([:instance, :mrf_transparency], true)
|
||||
|
||||
exclusions = Pleroma.Config.get([:instance, :mrf_transparency_exclusions])
|
||||
Pleroma.Config.put([:instance, :mrf_transparency_exclusions], ["other.site"])
|
||||
|
||||
simple_config = %{"reject" => ["example.com", "other.site"]}
|
||||
expected_config = %{"reject" => ["example.com"]}
|
||||
|
||||
Pleroma.Config.put(:mrf_simple, simple_config)
|
||||
|
||||
response =
|
||||
conn
|
||||
|> get("/nodeinfo/2.1.json")
|
||||
|> json_response(:ok)
|
||||
|
||||
assert response["metadata"]["federation"]["mrf_simple"] == expected_config
|
||||
assert response["metadata"]["federation"]["exclusions"] == true
|
||||
|
||||
Pleroma.Config.put([:instance, :mrf_transparency], option)
|
||||
Pleroma.Config.put([:instance, :mrf_transparency_exclusions], exclusions)
|
||||
Pleroma.Config.put(:mrf_simple, %{})
|
||||
end
|
||||
end
|
||||
|
|
|
@ -521,6 +521,38 @@ test "with credentials", %{conn: conn, user: current_user} do
|
|||
for: current_user
|
||||
})
|
||||
end
|
||||
|
||||
test "muted user", %{conn: conn, user: current_user} do
|
||||
other_user = insert(:user)
|
||||
|
||||
{:ok, current_user} = User.mute(current_user, other_user)
|
||||
|
||||
{:ok, _activity} =
|
||||
ActivityBuilder.insert(%{"to" => [current_user.ap_id]}, %{user: other_user})
|
||||
|
||||
conn =
|
||||
conn
|
||||
|> with_credentials(current_user.nickname, "test")
|
||||
|> get("/api/qvitter/statuses/notifications.json")
|
||||
|
||||
assert json_response(conn, 200) == []
|
||||
end
|
||||
|
||||
test "muted user with with_muted parameter", %{conn: conn, user: current_user} do
|
||||
other_user = insert(:user)
|
||||
|
||||
{:ok, current_user} = User.mute(current_user, other_user)
|
||||
|
||||
{:ok, _activity} =
|
||||
ActivityBuilder.insert(%{"to" => [current_user.ap_id]}, %{user: other_user})
|
||||
|
||||
conn =
|
||||
conn
|
||||
|> with_credentials(current_user.nickname, "test")
|
||||
|> get("/api/qvitter/statuses/notifications.json", %{"with_muted" => "true"})
|
||||
|
||||
assert length(json_response(conn, 200)) == 1
|
||||
end
|
||||
end
|
||||
|
||||
describe "POST /api/qvitter/statuses/notifications/read" do
|
||||
|
|
Loading…
Reference in a new issue