Commit graph

391 commits

Author SHA1 Message Date
Mike Verdone 3cb471ec06 Expose expires_at datetime in mastoAPI only for the activity actor
In the "pleroma" section of the MastoAPI for status activities you can
see an expires_at item that states when the activity will expire, or
nothing if the activity will not expire.

The expires_at date is only visible to the person who posted the
activity. This is the conservative approach in case some attacker
decides to write a logger for expiring posts. However, in the future of
OCAP, signed requests, and all that stuff, this attack might not be that
likely. Some other pleroma dev should remove the restriction in the code
at that time, if they're satisfied with the security implications of
doing so.
2019-07-24 14:47:22 +02:00
Mike Verdone 704960b3c1 Add support for activity expiration to common and Masto API
The "expires_at" parameter accepts an ISO8601-formatted date which
defines when the activity will expire.

At this point the API will not give you any feedback about if your post
will expire or not.
2019-07-24 14:45:14 +02:00
Mike Verdone 8ba7a151ad Cleanup: fix a comment 2019-07-24 13:14:52 +02:00
Ariadne Conill d3bdb8e704 rich media: parser: splice the given URL into the result 2019-07-23 23:51:29 +00:00
Sadposter c400565427 fix test names because i cannot type 2019-07-23 15:47:17 +01:00
Sadposter 299c0e965b actually reblog on the reblog test 2019-07-23 15:38:19 +01:00
Sadposter 7026018c8c Use correct URL for tests 2019-07-23 15:31:35 +01:00
Sadposter 452980652d Mix format 2019-07-23 15:13:05 +01:00
Sadposter fd1fa5a2ec add tests for unauthed reqs to liked/reblogged_by 2019-07-23 15:08:41 +01:00
Sadposter a5d6287ba8 Hide blocked users from interactions 2019-07-22 02:42:29 +00:00
Sergey Suprunenko 43a7cd27fe [tests] Mock :crypt.crypt/2 function in AuthenticationPlugTest 2019-07-20 13:07:51 +00:00
Eugenij 4bf2bb9cff Fix password reset for non-test env
Fixes `Plug.Conn.NotSentError` that causes a 5xx error in response
instead of 404 and 400.

Fixes pattern matching error caused by different response format
in test and non-test env: `Pleroma.Emails.Mailer.deliver_async` returns
:ok when PleromaJobQueue is enabled and `{:ok, _}` when it's disabled.
In tests, it's disabled.
2019-07-17 18:09:31 +00:00
Alexander Strizhakov 10f82c88b8 mastoapi password reset
added rate limit to password reset

configure rate limit in runtime
2019-07-16 21:44:50 +00:00
Eugenij 520ee6c591 Add pleroma.deactivated to the Account entity (Mastodon API) 2019-07-16 11:14:46 +00:00
Eugenij c4ca142e14 Add the blocked_by attribute to the relationship API (GET /api/v1/accounts/relationships) 2019-07-16 11:04:11 +00:00
rinpatch 996fd58ac4 Merge branch 'bugfix/poll-id-as-string' into 'develop'
Status View: Poll ids are strings.

See merge request pleroma/pleroma!1430
2019-07-16 06:06:22 +00:00
lain 7a24def473 Mastodon Controller: Fix tests. 2019-07-16 14:01:18 +09:00
lain 1ed24bcc76 Status View: Poll ids are strings.
All ids in mastodon are strings, in general.
2019-07-16 12:47:40 +09:00
Sergey Suprunenko b74300bc7a Add more tests for MastodonAPIController and CommonAPI 2019-07-15 19:47:23 +00:00
Egor Kislitsyn 64a946643e Merge remote-tracking branch 'pleroma/develop' into feature/addressable-lists 2019-07-15 14:11:54 +07:00
Egor Kislitsyn a87c313309 Support list visibility in StatusView 2019-07-15 14:00:29 +07:00
Alexander Strizhakov e7c39b7ac8 Feature/1072 muting notifications 2019-07-14 13:29:31 +00:00
Mark Felder 360e4cdaa2 Move these to pleroma namespace in Mastodon API 2019-07-12 11:25:58 -05:00
Eugenij 4198c3ac39 Extend Pleroma.Pagination to support offset-based pagination, use async/await to execute status and account search in parallel 2019-07-11 13:55:31 +00:00
Haelwenn (lanodan) Monnier 252e129b1e
MastoAPI: Add categories to custom emojis
Note: This isn’t in a release yet, can be seen in mastofe on the
rebase/glitch-soc branch.
2019-07-10 17:02:37 +02:00
Sergey Suprunenko ff55e3c16f Create mentions only for explicitly mentioned users 2019-07-10 13:29:50 +00:00
Maksim 008c55e4e9 add test for search_controller/ 100% coverage 2019-07-10 08:28:03 +00:00
Ivan Tashkinov 829e997223 [#878] Merge remote-tracking branch 'remotes/upstream/develop' into 878-activity-object-decoupling-in-tests
# Conflicts:
#	lib/pleroma/object.ex
#	test/web/activity_pub/transmogrifier_test.exs
#	test/web/ostatus/ostatus_test.exs
2019-07-09 21:46:16 +03:00
kaniini 1417627d07 Merge branch 'remove-avatar-header' into 'develop'
Ability to reset avatar, profile banner and backgroud

See merge request pleroma/pleroma!1187
2019-07-09 17:51:41 +00:00
Ivan Tashkinov daff85a985 [#878] Refactored assumptions on embedded object presence in tests. Adjusted note factory to not embed object into activity. 2019-07-08 19:53:02 +03:00
rinpatch 72b88c82bc Mastodon API: Fix embedded relationships not being rendered inside of statuses 2019-07-08 12:07:08 +03:00
Eugenij 1f76740e10 Add hashtag filter to user statuses (GET /api/v1/accounts/:id/statuses) 2019-06-30 09:08:46 +00:00
Sergey Suprunenko d53fb55bb7 Return correct response when reply to a direct message is not direct itself 2019-06-26 10:59:27 +00:00
Maksim Pechnikov 4ad15ad2a9 add ignore hosts and TLDs for rich_media 2019-06-25 22:25:37 +03:00
Sachin Joshi a0c65bbd6c Merge branch 'develop' into 'remove-avatar-header'
# Conflicts:
#   CHANGELOG.md
2019-06-23 03:25:50 +00:00
rinpatch c7acca2abb Mastodon API: Sanitize display names
Closes #1000
2019-06-18 14:12:11 +03:00
lain a440cf856d Mastodon API: Return the token needed for the chat. 2019-06-15 10:59:35 +02:00
rinpatch 62ffc00a5d Merge branch 'feature/add-background-image-to-mastoapi' into 'develop'
AccountView: Add user background.

See merge request pleroma/pleroma!1280
2019-06-14 16:49:28 +00:00
Maksim ee4ed87fb4 [#948] /api/v1/account_search added optional parameters (limit, offset, following) 2019-06-14 11:39:57 +00:00
lain eac298083f MastodonAPI: Add a way to update the background image. 2019-06-14 11:19:22 +02:00
lain 5965efb216 AccountView: Add user background. 2019-06-13 19:08:05 +02:00
lain 63ab3c30eb Merge branch 'feature/rate-limiter' into 'develop'
Feature/Rate Limiter

Closes #943

See merge request pleroma/pleroma!1266
2019-06-11 11:32:01 +00:00
Egor Kislitsyn ad04d12de6 Replace MastodonAPIController.account_register/2 rate limiter 2019-06-11 16:06:03 +07:00
Sergey Suprunenko 365268d522 Add more tests for using media_proxy and whitelists 2019-06-10 11:34:11 +00:00
lain 7e9f7ea0c2 MastodonAPI: Add test for user search. 2019-06-06 16:16:22 +02:00
Egor Kislitsyn 5b04f07a1e Limit search for unauthenticated users to local users only 2019-06-05 16:51:04 +07:00
Maksim Pechnikov 4f2e359687 Merge branch 'develop' into issue/941 2019-06-04 09:49:08 +03:00
kaniini 9d2563a3de Merge branch 'generic-fe-settings' into 'develop'
Generic settings store for frontend user settings

See merge request pleroma/pleroma!1221
2019-06-04 05:43:43 +00:00
Maksim Pechnikov 64ada7f960 fix tests 2019-06-03 22:51:14 +03:00
Maksim Pechnikov f13d6c7f78 update api to set skip_thread_containment 2019-06-03 21:02:57 +03:00