From 91724d160acc39585c37742204c59b91e59df569 Mon Sep 17 00:00:00 2001 From: lain Date: Tue, 25 Dec 2018 20:09:27 +0100 Subject: [PATCH 1/4] Reserve a few user names These are all names that are used for domain.com/:route routes or projected to be. --- config/config.exs | 29 +++++++++++++++++++++++++++++ lib/pleroma/user.ex | 1 + test/user_test.exs | 14 ++++++++++++++ 3 files changed, 44 insertions(+) diff --git a/config/config.exs b/config/config.exs index 4b8762761..980c215c8 100644 --- a/config/config.exs +++ b/config/config.exs @@ -220,6 +220,35 @@ credentials: true, headers: ["Authorization", "Content-Type", "Idempotency-Key"] +config :pleroma, Pleroma.User, + restricted_nicknames: [ + "main", + "users", + "settings", + "objects", + "activities", + "web", + "registration", + "friend-requests", + "pleroma", + "api", + "tag", + "notice", + "status", + "user-search", + "ostatus_subscribe", + "oauth", + "push", + "relay", + "inbox", + ".well-known", + "nodeinfo", + "auth", + "proxy", + "dev", + "internal" + ] + # Import environment specific config. This must remain at the bottom # of this file so it overrides the configuration defined above. import_config "#{Mix.env()}.exs" diff --git a/lib/pleroma/user.ex b/lib/pleroma/user.ex index 1f930479d..33f5e43fc 100644 --- a/lib/pleroma/user.ex +++ b/lib/pleroma/user.ex @@ -197,6 +197,7 @@ def register_changeset(struct, params \\ %{}, opts \\ []) do |> validate_confirmation(:password) |> unique_constraint(:email) |> unique_constraint(:nickname) + |> validate_exclusion(:nickname, Pleroma.Config.get([Pleroma.User, :restricted_nicknames])) |> validate_format(:nickname, local_nickname_regex()) |> validate_format(:email, @email_regex) |> validate_length(:bio, max: 1000) diff --git a/test/user_test.exs b/test/user_test.exs index aab6473cf..8c7e1594b 100644 --- a/test/user_test.exs +++ b/test/user_test.exs @@ -153,6 +153,20 @@ test "it requires an email, name, nickname and password, bio is optional" do end) end + test "it restricts certain nicknames" do + [restricted_name | _] = Pleroma.Config.get([Pleroma.User, :restricted_nicknames]) + + assert is_bitstring(restricted_name) + + params = + @full_user_data + |> Map.put(:nickname, restricted_name) + + changeset = User.register_changeset(%User{}, params) + + refute changeset.valid? + end + test "it sets the password_hash, ap_id and following fields" do changeset = User.register_changeset(%User{}, @full_user_data) From 551d80cc0186424d2c1653f917749adea16d9963 Mon Sep 17 00:00:00 2001 From: lain Date: Wed, 26 Dec 2018 12:46:16 +0100 Subject: [PATCH 2/4] Expose restricted names in nodeinfo. --- lib/pleroma/web/nodeinfo/nodeinfo_controller.ex | 3 ++- test/web/node_info_test.exs | 11 +++++++++++ 2 files changed, 13 insertions(+), 1 deletion(-) diff --git a/lib/pleroma/web/nodeinfo/nodeinfo_controller.ex b/lib/pleroma/web/nodeinfo/nodeinfo_controller.ex index 1265d81c5..a992f75f6 100644 --- a/lib/pleroma/web/nodeinfo/nodeinfo_controller.ex +++ b/lib/pleroma/web/nodeinfo/nodeinfo_controller.ex @@ -138,7 +138,8 @@ def nodeinfo(conn, %{"version" => "2.0"}) do }, accountActivationRequired: Keyword.get(instance, :account_activation_required, false), invitesEnabled: Keyword.get(instance, :invites_enabled, false), - features: features + features: features, + restrictedNicknames: Pleroma.Config.get([Pleroma.User, :restricted_nicknames]) } } diff --git a/test/web/node_info_test.exs b/test/web/node_info_test.exs index 6769a4490..5981c70a7 100644 --- a/test/web/node_info_test.exs +++ b/test/web/node_info_test.exs @@ -19,6 +19,17 @@ test "nodeinfo shows staff accounts", %{conn: conn} do assert user.ap_id in result["metadata"]["staffAccounts"] end + test "nodeinfo shows restricted nicknames", %{conn: conn} do + conn = + conn + |> get("/nodeinfo/2.0.json") + + assert result = json_response(conn, 200) + + assert Pleroma.Config.get([Pleroma.User, :restricted_nicknames]) == + result["metadata"]["restrictedNicknames"] + end + test "returns 404 when federation is disabled", %{conn: conn} do instance = Application.get_env(:pleroma, :instance) From 8da2c45c279e33c75f283013f6dfc63231571bd3 Mon Sep 17 00:00:00 2001 From: lain Date: Wed, 26 Dec 2018 14:16:41 +0100 Subject: [PATCH 3/4] Add ~ to the list of restricted names. --- config/config.exs | 1 + 1 file changed, 1 insertion(+) diff --git a/config/config.exs b/config/config.exs index 980c215c8..bec24f9a0 100644 --- a/config/config.exs +++ b/config/config.exs @@ -222,6 +222,7 @@ config :pleroma, Pleroma.User, restricted_nicknames: [ + "~", "main", "users", "settings", From 1dd71026a1acd29e560f059d36f37ea70001bedb Mon Sep 17 00:00:00 2001 From: lain Date: Wed, 26 Dec 2018 14:51:51 +0100 Subject: [PATCH 4/4] Add 'about' to restricted list. And correct pleromaFE config. --- config/config.exs | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/config/config.exs b/config/config.exs index bec24f9a0..1983b31ab 100644 --- a/config/config.exs +++ b/config/config.exs @@ -137,8 +137,8 @@ logo_mask: true, logo_margin: "0.1em", background: "/static/aurora_borealis.jpg", - redirect_root_no_login: "/~/main/all", - redirect_root_login: "/~/main/friends", + redirect_root_no_login: "/main/all", + redirect_root_login: "/main/friends", show_instance_panel: true, scope_options_enabled: false, formatting_options_enabled: false, @@ -222,6 +222,7 @@ config :pleroma, Pleroma.User, restricted_nicknames: [ + "about", "~", "main", "users",